Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 05/09/2014 Heure de l'examen: 19:20:21 Fichier journal: Malwarebytes journal.txt Administrateur: Oui Version: 2.00.2.1012 Base de données Malveillants: v2014.09.05.06 Base de données Rootkits: v2014.08.21.01 Licence: Gratuite Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Self-protection: Désactivé(e) Système d'exploitation: Windows 8.1 Processeur: x64 Système de fichiers: NTFS Utilisateur: Slyr Type d'examen: Examen "Menaces" Résultat: Terminé Objets analysés: 368244 Temps écoulé: 20 min, 34 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Désactivé(e) Heuristics: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 1 PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\updateClearThink.exe, 536, Supprimé-au-redémarrage, [51b99e4c38431125e2f34b62eb16728e] Modules: 0 (No malicious items detected) Clés du Registre: 10 PUP.Optional.ClearThink.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update ClearThink, Mis en quarantaine, [51b99e4c38431125e2f34b62eb16728e], PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7e6d4e3e-fc66-4036-9799-ce5c625c4c56}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848], PUP.Optional.ClearThink.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{06e035f9-c6b3-4ae7-a839-ba68791f5499}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848], PUP.Optional.ClearThink.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D8972B0D-B0FB-4158-A567-365283693AD6}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848], PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D8972B0D-B0FB-4158-A567-365283693AD6}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848], PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{06e035f9-c6b3-4ae7-a839-ba68791f5499}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848], PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7E6D4E3E-FC66-4036-9799-CE5C625C4C56}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848], PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\ClearThink, Mis en quarantaine, [090136b4a8d3ea4c0893c49b867ea957], PUP.Optional.ClearThink.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util ClearThink, Mis en quarantaine, [40ca856592e9af877e205807f50fa35d], PUP.Optional.ClearThink.A, HKU\S-1-5-21-817256076-2237896415-224119137-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ClearThink, Supprimé-au-redémarrage, [49c17773d5a696a05a4262fd06fe9e62], Valeurs du Registre: 0 (No malicious items detected) Données du Registre: 0 (No malicious items detected) Dossiers: 0 (No malicious items detected) Fichiers: 13 PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\updateClearThink.exe, Supprimé-au-redémarrage, [51b99e4c38431125e2f34b62eb16728e], Trojan.Patched, C:\Program Files (x86)\Metro Last Light\steam_api.dll, Mis en quarantaine, [fa109951c6b5cc6a01e3cd8ae22009f7], PUP.Optional.SearchHijacker.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RJXRBZ1.exe, Mis en quarantaine, [d733ffeb1a61aa8c3a7a1a92d62bfa06], PUP.Optional.ClearThink.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RKKOV1I.zip, Mis en quarantaine, [64a6d01a98e3e05609cc5c51b05134cc], PUP.Optional.ClearThink.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$R8331LV.dll, Mis en quarantaine, [0a009a5067144aecac28f3ba45bc31cf], PUP.Optional.Sanbreel.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RFESQO4\ClearThink.BrowserAdapterS.dll, Mis en quarantaine, [8882e208cbb0a78fee02494a8978768a], PUP.Optional.Sanbreel.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RFESQO4\ClearThink.FeSvc.dll, Mis en quarantaine, [b159e307de9dde5844225a462cd58080], PUP.Optional.Sanbreel.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RFESQO4\ClearThink.PurBrowseG.dll, Mis en quarantaine, [7d8d01e9e79490a6c859f590fb0648b8], PUP.Optional.SearchProtect.A, C:\Users\Slyr\AppData\Local\Temp\utt5570.tmp.exe, Mis en quarantaine, [ec1e03e7403b8babadd03e5133cef40c], PUP.Optional.OneClickDownloader.A, C:\Users\Slyr\Downloads\Pounding_The_Pledges_XXX_DVDRip_XviD-Pr0nStarS.exe, Mis en quarantaine, [ce3c6387433888aeba96869a7b86827e], PUP.Optional.OpenCandy, C:\Users\Slyr\Downloads\DAEMONToolsUltra240-0280.exe, Mis en quarantaine, [9476b436bbc02f075cbec94cda2b7987], PUP.Optional.SweetPage.A, C:\Users\Slyr\AppData\Local\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "homepage": "http://www.sweet-page.com/?type=hp&ts=1409601068&from=cor&uid=WDCXWD10JPVX-22JC3T0_WD-WX51AB33792737927",), Remplacé,[cf3b72788eed6dc9d43d1211897c738d] PUP.Optional.SweetPage.A, C:\Users\Slyr\AppData\Local\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "startup_urls": [ "http://www.sweet-page.com/?type=hp&ts=1409601068&from=cor&uid=WDCXWD10JPVX-22JC3T0_WD-WX51AB33792737927" ],), Remplacé,[ae5c4c9ee09bf44274a0180bcc39ce32] Secteurs physiques: 0 (No malicious items detected) (end)