Rapport MBAM version 2 (Pierre13) fait le 09/10/2014 à 19:09:52 [mbam-log] header : date : 2014/10/09 17:25:59 +0200 logfile : mbam-log-2014-10-09 (17-25-40).xml isadmin : yes [engine] version : 2.00.2.1012 malware-database : v2014.10.09.06 rootkit-database : v2014.10.08.01 license : free file-protection : disabled web-protection : disabled self-protection : disabled [system] osversion : Windows XP Service Pack 3 arch : x86 username : Administrateur filesys : NTFS [summary] type : custom result : completed objects : 718241 time : 4692 processes : 0 modules : 0 keys : 4 values : 2 datas : 0 folders : 2 files : 68 sectors : 0 [options] memory : enabled startup : enabled filesystem : enabled archives : enabled rootkits : enabled deeprootkit : disabled heuristics : enabled pup : enabled pum : enabled [items] key/path : HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dednnpigldgdbpgcdpfppmlcnnbjciel vendor : PUP.Optional.Generalcrawler.A action : success hash : 8cbcdd350e6e95a19eed651afb099b65 key/path : HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd vendor : PUP.Optional.Incredibar.A action : success hash : 8dbbfa18552758de7118c96d13f032ce key/path : HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\lpmkgpnbiojfaoklbkpfneikocaobfai vendor : PUP.Optional.MediaFinder.A action : success hash : 3e0a2de5f4888ea84e3e9ae5689c639d key/path : HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pgmfkblbflahhponhjmkcnpjinenhlnc vendor : PUP.Optional.CrossRider.A action : success hash : 65e3fa18720af541144bd56c9d663bc5 value/path : HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{336D0C35-8A85-403a-B9D2-65C292C39087} valuename/vendor : PUP.Optional.StartPage.A action : success valuedata/hash : e761a56da7d540f69bba237528da659b value/path : HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS valuename : {336D0C35-8A85-403A-B9D2-65C292C39087} vendor : PUP.Optional.StartPage.A action : success valuedata : C:\Program Files\Protector by IB\Firefox hash : e761a56da7d540f69bba237528da659b folder/path : C:\Documents and Settings\_ocster_backup_\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_pgmfkblbflahhponhjmkcnpjinenhlnc_0 vendor : PUP.Optional.CrossRider.A action : success hash : bd8b9b776913a0963c425d94dc263fc1 folder/path : C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_pgmfkblbflahhponhjmkcnpjinenhlnc_0 vendor : PUP.Optional.CrossRider.A action : success hash : 64e4888aff7d94a2a7d7fef36b979967 file/path : C:\Documents and Settings\Administrateur\Application Data\ZHP\Quarantine\wisecare365_pro_v2.20.172_with_keygen_(a.q).exe.VIR vendor : PUP.Optional.OneClickDownloader.A action : success hash : e8606aa8631920163b2cbe670cf5d729 file/path : C:\Documents and Settings\Administrateur\Bureau\Transfert_CléAudi_8GO_Sept2012\Mes_Logiciels_DLoadés\Winrar_34_64_KeyMakeFile.zip vendor : PUP.RiskwareTool.CK action : success hash : 0543a0721666af87386332d3837f24dc file/path : C:\Documents and Settings\Administrateur\Bureau\Mes_Logiciels_DLoadés\Winrar_34_64_KeyMakeFile.zip vendor : PUP.RiskwareTool.CK action : success hash : a1a71ef4b8c4f83eabf028ddd23015eb file/path : C:\Documents and Settings\Administrateur\Bureau\TOUT_LE_BUREAU\Ecrans__VEILLE\Dream_Aquarium_Screensaver_v1.214.rar vendor : Backdoor.IRCBot.OLGen action : success hash : 0a3e51c11c60201679c97328da27c43c file/path : C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\004\t\00\00000000 vendor : PUP.Optional.OneClickDownloader.A action : success hash : 3c0cd83a7c009d992e39dd48e71ae61a file/path : C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\005\t\00\00000000 vendor : PUP.Optional.OneClickDownloader.A action : success hash : 4cfc3fd399e33501a4c3a77e9071c23e file/path : C:\Documents and Settings\Administrateur\Mes documents\Mes vidéos\ESET NOD32 ANTIVIRUS 7 CRACK (32 64 BIT) THADOGG\TNod_activator\TNod_activator\TNod activator.exe vendor : Trojan.Agent.CK action : success hash : 0e3ad63cd4a89a9cfdffe4454bbad12f file/path : C:\Documents and Settings\Administrateur\Mes documents\Transfert_Clé_8GO\Winrar_34_64_KeyMakeFile.zip vendor : PUP.RiskwareTool.CK action : success hash : 50f89b776c1057df3c5f788d857d8080 file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\Le_testament_du_Dr_Mabuse (1).exe vendor : PUP.Optional.OneClickDownloader.A action : success hash : 0642070b314baa8c78efcd581ce555ab file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\El_testamento_del_Dr._Mabuse_(1933)_[HDRip-AC3-XviD][Castellano].exe vendor : PUP.Optional.OneClickDownloader.A action : success hash : 8bbd9280562650e66afd200542bfd42c file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\Windows Doctor.exe vendor : PUP.Optional.Solimba action : success hash : 44047e947efe56e003a0ecd317ea1ee2 file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\Wise_Care_365_Pro_v2.20 (1).exe vendor : PUP.Optional.OneClickDownloader.A action : success hash : 1e2af31f027a8caa1f48ad78728fed13 file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\Wise_Care_365_Pro_v2.20.exe vendor : PUP.Optional.OneClickDownloader.A action : success hash : 0741cb47d5a740f6b8afd74e00017a86 file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\installer_pc_tools_firewall_plus_7_0_0_123_French.exe vendor : PUP.Optional.Vittalia action : success hash : 4404050d7efe4beb2c6656665aa7ea16 file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\torrent.exe vendor : PUP.Optional.OneClickDownloader.A action : success hash : c38548ca3a4281b583e4210414ed46ba file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\téléchargement gratuit de spyware doctor__3515_i1335815076_il772852.exe vendor : PUP.Optional.Amonetize action : success hash : 4dfbd9390478f4420e0b82389b66ad53 file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\Programs\FLV_Media_Player.exe vendor : PUP.Optional.Firseria action : success hash : 68e067ab027ab086bf5577c9b15452ae file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\Programs\le-testament-du-dr-mabuse.exe vendor : PUP.Optional.OutBrowse action : success hash : 2424c949b7c58ea8d6b09a29b24f966a file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\Programs\Setup__3038_i1338439709_il1329776.exe vendor : PUP.Optional.Amonetize action : success hash : e662ee24483480b6a5740dad659c629e file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\Programs\Setup__3038_i1338444384_il1330578.exe vendor : PUP.Optional.Amonetize action : success hash : be8a987ab0cc6fc7c3560ab036cb54ac file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\Programs\Setup__3039_i1338441697_il1330137.exe vendor : PUP.Optional.Amonetize action : success hash : 3d0b4fc3b1cbfa3c5bbead0deb166a96 file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\Programs\Setup__3515_i1338439041_il1329693.exe vendor : PUP.Optional.Amonetize action : success hash : ee5a69a9681443f3db3e09b127da7987 file/path : C:\Documents and Settings\Administrateur\Mes documents\Downloads\Programs\Driver Magician 3 8 Final With Downloader__3687_i735926209_il1242115.exe vendor : PUP.Optional.Monetizer action : success hash : c682d240dd9fe84ea1ca47547091837d file/path : C:\AdsFix\Quarantine\C\Documents and Settings\Administrateur\Local Settings\Application Data\temp\QK65Loading.EXE.AdsFix vendor : PUP.Optional.Vittalia action : success hash : ca7e3ed4f08c1c1a27d5d6d0679ad030 file/path : C:\AdwCleaner\Quarantine\C\Documents and Settings\Administrateur\Application Data\VOPackage\VOPackage.exe.vir vendor : PUP.Optional.VOPackage.Gen action : success hash : 68e062b03f3dfc3a4b5c18b5946dcf31 file/path : C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\IePluginServices\PluginService.exe.vir vendor : PUP.Optional.IePluginService.A action : success hash : d078b260196352e43d6c8ddc728f1ce4 file/path : C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\WindowsMangerProtect\ProtectWindowsManager.exe.vir vendor : PUP.Optional.WindowsProtectManger.A action : success hash : b197da38e3995bdb8de2e3d28879d030 file/path : C:\AdwCleaner\Quarantine\C\Program Files\SupTab\DpInterface32.dll.vir vendor : PUP.Optional.Skytech.A action : success hash : d573f51d007c7abc79b57821e41df30d file/path : C:\AdwCleaner\Quarantine\C\Program Files\SupTab\DpInterface64.dll.vir vendor : PUP.Optional.Skytech.A action : success hash : 60e842d02953c86eff2f940514ed50b0 file/path : C:\AdwCleaner\Quarantine\C\Program Files\SupTab\RSHP.exe.vir vendor : PUP.Optional.IEPluginService.A action : success hash : 43050210cbb12d09f75da8d415ec0000 file/path : C:\AdwCleaner\Quarantine\C\Program Files\SupTab\SearchProtect32.dll.vir vendor : PUP.Optional.Skytech.A action : success hash : 9aaed240fc8067cf4de1e5b4996817e9 file/path : C:\AdwCleaner\Quarantine\C\Program Files\SupTab\SearchProtect64.dll.vir vendor : PUP.Optional.Skytech.A action : success hash : ed5b977bee8e0531f5394851eb16f60a file/path : C:\AdwCleaner\Quarantine\C\Program Files\SupTab\SupIePluginServiceUpdate.exe.vir vendor : PUP.Optional.IePluginService.A action : success hash : 75d3b9590379d4629f0aa1c8877a40c0 file/path : C:\AdwCleaner\Quarantine\C\Program Files\SupTab\SupTab.dll.vir vendor : PUP.Optional.SupTab.A action : success hash : fa4e0a08a9d371c5236193a242beaa56 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\88ef00fb-f21d-464d-8bc2-6a24676a8fa9.exe.vir vendor : PUP.Optional.TornTV.A action : success hash : 9bad33dfe399b97d863c6ae0a95c6b95 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\dd8ff792-9bfb-4e8f-a02a-d6cb5110c134-11.exe.vir vendor : PUP.Optional.CrossRider.A action : success hash : 9fa969a9b0ccd462115da4b1bc4417e9 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\dd8ff792-9bfb-4e8f-a02a-d6cb5110c134-2.exe.vir vendor : PUP.Optional.TornTV.A action : success hash : 90b8b26029532511853d450560a505fb file/path : C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\dd8ff792-9bfb-4e8f-a02a-d6cb5110c134-3.exe.vir vendor : PUP.Optional.CrossRider.A action : success hash : 6fd9e230dca00a2cea8496bf87799d63 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\dd8ff792-9bfb-4e8f-a02a-d6cb5110c134-4.exe.vir vendor : PUP.Optional.CrossRider.A action : success hash : 3c0ce1314d2ff442145b1b3a2fd1b749 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\dd8ff792-9bfb-4e8f-a02a-d6cb5110c134-5.exe.vir vendor : PUP.Optional.TornTV.A action : success hash : 51f75ab86c109f972999ce7c18ed53ad file/path : C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\dd8ff792-9bfb-4e8f-a02a-d6cb5110c134-6.exe.vir vendor : PUP.Optional.TornTV.A action : success hash : 9aae947e5a22290de5dd400a0401fa06 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\dd8ff792-9bfb-4e8f-a02a-d6cb5110c134-7.exe.vir vendor : PUP.Optional.TornTV.A action : success hash : a8a03dd50775bf776260cd7d95705ca4 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\TheTorntv V10-bg.exe.vir vendor : PUP.Optional.TornTV.A action : success hash : 7ace7c960d6fc274c2002f1b21e460a0 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\TheTorntv V10-bho.dll.vir vendor : PUP.Optional.TornTV.A action : success hash : a6a2fa18c7b53ff7239f4ffbc73eb749 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\TheTorntv V10-buttonutil.exe.vir vendor : PUP.Optional.TornTV.A action : success hash : 76d29e74d7a57db9fbc751f9e520db25 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\TheTorntv V10-codedownloader.exe.vir vendor : PUP.Optional.TornTV.A action : success hash : d276b85a3844da5ccef485c5f80dea16 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\utils.exe.vir vendor : PUP.Optional.CrossRider action : success hash : 9cac48cadba103334299311a857b17e9 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TotalPlus01-3.1V26.09\dc25c7b9-5557-43b3-ba7f-c3724f9d3afa-5.exe.vir vendor : PUP.Optional.TotalPlus.A action : success hash : 70d8b0623f3dd16513344a794ab747b9 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TotalPlus01-3.1V26.09\dc25c7b9-5557-43b3-ba7f-c3724f9d3afa-11.exe.vir vendor : PUP.Optional.TotalPlus.A action : success hash : 77d1c151a2da36004205e7dce41d1fe1 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TotalPlus01-3.1V26.09\dc25c7b9-5557-43b3-ba7f-c3724f9d3afa-2.exe.vir vendor : PUP.Optional.TotalPlus.A action : success hash : 054357bb5c20f54172d5ab18e51c5ea2 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TotalPlus01-3.1V26.09\dc25c7b9-5557-43b3-ba7f-c3724f9d3afa-3.exe.vir vendor : PUP.Optional.TotalPlus.A action : success hash : d4749f734f2d47ef96b1e1e24ab7b34d file/path : C:\AdwCleaner\Quarantine\C\Program Files\TotalPlus01-3.1V26.09\dc25c7b9-5557-43b3-ba7f-c3724f9d3afa-4.exe.vir vendor : PUP.Optional.TotalPlus.A action : success hash : f2562ee4b1cb9d99e76009bacc354eb2 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TotalPlus01-3.1V26.09\dc25c7b9-5557-43b3-ba7f-c3724f9d3afa-6.exe.vir vendor : PUP.Optional.TotalPlus.A action : success hash : b395c1513e3ea096fc4bf6cd3fc28a76 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TotalPlus01-3.1V26.09\dc25c7b9-5557-43b3-ba7f-c3724f9d3afa-7.exe.vir vendor : PUP.Optional.TotalPlus.A action : success hash : 7fc96da51c606ccaac9b14afea17c739 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TotalPlus01-3.1V26.09\df5c6d0f-da41-44d9-9781-c6d6f0fca371.exe.vir vendor : PUP.Optional.TotalPlus.A action : success hash : bd8b72a009732f07c87ff1d2d928b050 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TotalPlus01-3.1V26.09\TotalPlus01-3.1V26.09-bg.exe.vir vendor : PUP.Optional.TotalPlus.A action : success hash : 51f715fd67151a1ca4a3b310c63b8779 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TotalPlus01-3.1V26.09\TotalPlus01-3.1V26.09-bho.dll.vir vendor : PUP.Optional.TotalPlus.A action : success hash : 3f092ce6c2ba2e085ceba41f61a009f7 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TotalPlus01-3.1V26.09\TotalPlus01-3.1V26.09-codedownloader.exe.vir vendor : PUP.Optional.TotalPlus.A action : success hash : 3d0b3bd773091d192621b211e31e7f81 file/path : C:\AdwCleaner\Quarantine\C\Program Files\TotalPlus01-3.1V26.09\utils.exe.vir vendor : PUP.Optional.CrossRider.A action : success hash : 8cbcb16180fc88ae2e0bfc507e828c74 file/path : C:\Shortcut_Module\Quarantine\C\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\m2dLq5c8_178\m2dLq5c8.S_M vendor : PUP.Optional.Downloader action : success hash : 47015fb389f3b284a016ababbe42b947 file/path : C:\Shortcut_Module\Quarantine\C\Documents and Settings\Administrateur\Mes documents\Downloads\Programs\Certificat_De_Conformité_Fiat_Gratuit_downloader.exe.S_M vendor : PUP.Optional.Downloader action : success hash : c682ba58ea92e94da6b2e8e57a87ab55 file/path : C:\Shortcut_Module\Quarantine\C\Program Files\Vid-Saver\Uninstall.exe.S_M vendor : PUP.Optional.VidSaver.A action : success hash : de6aa66c512bf6408b69531ff9084ab6 file/path : C:\Shortcut_Module\Quarantine\C\Program Files\Vid-Saver\Vid-Saver.exe.S_M vendor : PUP.Optional.VidSaver.A action : success hash : 54f4987a4c3023139d574f23649dd030 file/path : C:\Documents and Settings\_ocster_backup_\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pgmfkblbflahhponhjmkcnpjinenhlnc_0.localstorage vendor : PUP.Optional.CrossRider.A action : success hash : e95f30e2b4c84ee85a1e8baaca391ce4 file/path : C:\Documents and Settings\_ocster_backup_\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_pgmfkblbflahhponhjmkcnpjinenhlnc_0\1 vendor : PUP.Optional.CrossRider.A action : success hash : bd8b9b776913a0963c425d94dc263fc1 file/path : C:\Documents and Settings\_ocster_backup_\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_pgmfkblbflahhponhjmkcnpjinenhlnc_0\2 vendor : PUP.Optional.CrossRider.A action : success hash : bd8b9b776913a0963c425d94dc263fc1 file/path : C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_pgmfkblbflahhponhjmkcnpjinenhlnc_0\1 vendor : PUP.Optional.CrossRider.A action : success hash : 64e4888aff7d94a2a7d7fef36b979967 file/path : C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_pgmfkblbflahhponhjmkcnpjinenhlnc_0\2 vendor : PUP.Optional.CrossRider.A action : success hash : 64e4888aff7d94a2a7d7fef36b979967 Fin du rapport. Le rapport est sur le bureau (rapport_mbam.txt)