Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 14/09/2014 Heure de l'examen: 20:04:33 Fichier journal: mbam_log.txt Administrateur: Oui Version: 2.00.2.1012 Base de données Malveillants: v2014.09.14.06 Base de données Rootkits: v2014.09.13.01 Licence: Gratuite Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Self-protection: Désactivé(e) Système d'exploitation: Windows XP Service Pack 3 Processeur: x86 Système de fichiers: NTFS Utilisateur: Administrateur Type d'examen: Examen "Menaces" Résultat: Terminé Objets analysés: 287080 Temps écoulé: 11 min, 2 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Désactivé(e) Heuristics: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Clés du Registre: 3 PUP.Optional.Snapdo.T, HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, Mis en quarantaine, [05894ba2d0abc37324c7f3cdbf43a45c], PUP.Optional.Snapdo.T, HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, Mis en quarantaine, [05894ba2d0abc37324c7f3cdbf43a45c], PUP.Optional.Wajam.A, HKLM\SOFTWARE\MICROSOFT\ESENT\PROCESS\WajamInternetEnhancer, Mis en quarantaine, [bbd39a531a61a98d8d2878f258ac619f], Valeurs du Registre: 1 PUP.Optional.SearchCertified.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI, http://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1401737036828&tguid=80415-23890-1401737036828-00EEF7DB27AC6A59A472E04662A1064C&q=%s, Mis en quarantaine, [107e26c793e877bfe2613bd645be5da3] Données du Registre: 0 (No malicious items detected) Dossiers: 2 PUP.Optional.AmazonBrowserBar.A, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam, Mis en quarantaine, [d2bc5c91b4c7ff3722861ec8bc460000], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], Fichiers: 39 PUP.Optional.InstallCore, C:\Documents and Settings\Administrateur\Mes documents\Downloads\ccsetup417.exe, Mis en quarantaine, [8fff3fae1f5cae88dc26925a6d971fe1], PUP.Optional.Bandoo, C:\Documents and Settings\Administrateur\Mes documents\Downloads\jZipSetup-r379-n-bc.exe, Mis en quarantaine, [3856b835bac1bd7925026d7eaa5a4eb2], PUP.Optional.Outbrowse, C:\Documents and Settings\Administrateur\Mes documents\Downloads\setup.exe, Mis en quarantaine, [e2aca647c5b6af8745b76e38a55cee12], PUP.Optional.InstallCore, C:\Documents and Settings\Administrateur\Mes documents\Downloads\FlvPlayerSetup.exe, Mis en quarantaine, [f69828c5512a81b508a85e9153b1fd03], PUP.Optional.QuickStart.A, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage, Mis en quarantaine, [c1cd41ac4a31a78f30ad91d59b695ea2], PUP.Optional.AmazonBrowserBar.A, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\000003.log, Mis en quarantaine, [d2bc5c91b4c7ff3722861ec8bc460000], PUP.Optional.AmazonBrowserBar.A, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\CURRENT, Mis en quarantaine, [d2bc5c91b4c7ff3722861ec8bc460000], PUP.Optional.AmazonBrowserBar.A, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\LOCK, Mis en quarantaine, [d2bc5c91b4c7ff3722861ec8bc460000], PUP.Optional.AmazonBrowserBar.A, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\LOG, Mis en quarantaine, [d2bc5c91b4c7ff3722861ec8bc460000], PUP.Optional.AmazonBrowserBar.A, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\MANIFEST-000002, Mis en quarantaine, [d2bc5c91b4c7ff3722861ec8bc460000], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\0c990770059e9944cd226a611cb01929, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\12827ac5940ed2b0e56cea6e93763e6c, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\1f98626fd75d098cbbbf134ab8fb1860, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\2b9967fc5df442d326053c15a3a31808, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\4318e77fedd342aa65b86652af5be78e, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\4607ac77462c8ab3a0441fd4defc1de0, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\4b8c31735c850c573bd6acff9c091765, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\59fe2dcd5140b346f4f007d43b4fe833, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\68dff1af7b0834716285f3ba83f7239b, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\76619ba043e3bc5b0c01c334528b0d9e, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\77d87debb5cc26b7b9d2d34a0367a98c, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\7b0447bd3542ddb5d051559c0271a1d3, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\7c163af162793819310a278751b0a02f, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\7f8053b502d4bee5a41960aedc2b23a5, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\836a82612a811bf04ea7c3fcbebf55c3, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\89b4c67965980fd11818aa6480b90244, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\9bc188728746ec6f53f5d0434852d3d7, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\9c9b4b993ca19f4786934698e4abad8f, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\abb3b8b3368d6d70ab9da841c5e39324, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\b7bcac9291c90c770794bf6aa9416a93, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\c2cab0442647df902c7ef85b702e84ed, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\d24805035598aa826e010a9f9446643a, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\d37a42e9ffda4c50daef8aa3cfbdfe95, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\d5c6c6d4b2270e3c3bbadd7349067340, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\d64dda566d16e370a72e69cf8efc1a7b, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\d99dd73dcb45ab4d7b6e12670c965543, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\df197ba6b628f60d5f7d00d19a9a2f7a, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], PUP.Optional.ExcitingApps.A, C:\Documents and Settings\Administrateur\Application Data\{5682CA62-1A80-40AE-82A0-B67833CE75FF}\e49ab323701e97732c2a085ac0f75e55, Mis en quarantaine, [1c7230bde398cd699b54915ae71bf50b], Hijack.Host, C:\WINDOWS\system32\drivers\etc\hosts, Bon: (), Mauvais: (#54.204.28.26 ajakpekbmnkgnjbpajgkdhimcbeoocam), Remplacé,[c2ccea03eb9084b2579bb876d82d1be5] Secteurs physiques: 0 (No malicious items detected) (end)