Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 02/06/2015 Heure de l'examen: 12:18:55 Fichier journal: MBAM (premier scan).txt Administrateur: Oui Version: 2.01.6.1022 Base de données Malveillants: v2015.06.02.02 Base de données Rootkits: v2015.05.31.01 Licence: Gratuit Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Auto-protection: Désactivé(e) Système d'exploitation: Windows 8.1 Processeur: x64 Système de fichiers: NTFS Utilisateur: mathieu-PC Type d'examen: Examen "Menaces" Résultat: Terminé Objets analysés: 362068 Temps écoulé: 6 min, 48 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Activé(e) Heuristique: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 1 PUP.Optional.MultiPlug, C:\ProgramData\{efd61602-a127-85d6-efd6-61602a12580a}\The mask - klaxon.exe, 8000, Supprimé-au-redémarrage, [29c1199c7d0dce6808bcdd75689a45bb] Modules: 1 PUP.Optional.IncludeSystem.A, C:\Program Files (x86)\IncludeSystem\IncludeSystem.dll, Supprimé-au-redémarrage, [856507aefe8c8ea85c1431c00cf7ff01], Clés du Registre: 6 PUP.Optional.MultiPlug, HKU\S-1-5-21-3254724929-3590355740-4157387667-1001_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, Mis en quarantaine, [91595c5981099a9cd0f4ada5e51d7090], PUP.Optional.MultiPlug, HKU\S-1-5-21-3254724929-3590355740-4157387667-1001_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, Mis en quarantaine, [91595c5981099a9cd0f4ada5e51d7090], PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Mis en quarantaine, [d01a4f66276381b50bde7c03c144f30d], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{7254d244}, Mis en quarantaine, [89616d4832588aacf347740aa75eab55], PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Mis en quarantaine, [7e6c8b2a16749b9b06e3dea115f0fc04], PUP.Optional.IncludeSystem.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\7254d244, Mis en quarantaine, [e00a02b394f669cdda973cb546bdc63a], Valeurs du Registre: 2 PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Mis en quarantaine, [d01a4f66276381b50bde7c03c144f30d] PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Mis en quarantaine, [7e6c8b2a16749b9b06e3dea115f0fc04] Données du Registre: 0 (Aucun élément malicieux détecté) Dossiers: 5 PUP.Optional.IncludeSystem.A, C:\Program Files (x86)\IncludeSystem, Supprimé-au-redémarrage, [856507aefe8c8ea85c1431c00cf7ff01], PUP.Optional.MultiPlug.A, C:\Users\mathieu-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkadjnjjgcjdhpcjhoplojnicjgeajah\122, Mis en quarantaine, [a743e8cd2e5cd4629ac3265172933dc3], PUP.Optional.MultiPlug.A, C:\Users\mathieu-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkadjnjjgcjdhpcjhoplojnicjgeajah, Mis en quarantaine, [a743e8cd2e5cd4629ac3265172933dc3], PUP.Optional.EnjoyCoupon.A, C:\Program Files (x86)\EnJoyCouppon, Mis en quarantaine, [cc1e7540464466d0608d92e5828348b8], PUP.Optional.ShopDrop.A, C:\Program Files (x86)\ShopDirop, Mis en quarantaine, [32b8d1e498f2999db9797ff9768fe31d], Fichiers: 30 PUP.Optional.MultiPlug, C:\ProgramData\{efd61602-a127-85d6-efd6-61602a12580a}\The mask - klaxon.exe, Supprimé-au-redémarrage, [29c1199c7d0dce6808bcdd75689a45bb], PUP.Optional.Multiplug.A, C:\Program Files (x86)\CeHeapMe\CeHeapMe.exe, Mis en quarantaine, [2bbf4372deacce684d62c57107fbcb35], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\EnJoyCouppon\tS0gW7d4f2YofO.dll, Mis en quarantaine, [3fabd8ddb0da01356495095c8979ca36], PUP.Optional.Multiplug.A, C:\Program Files (x86)\EnJoyCouppon\tS0gW7d4f2YofO.exe, Mis en quarantaine, [4c9e3b7a256553e3733ce155b74b50b0], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\EnJoyCouppon\tS0gW7d4f2YofO.x64.dll, Mis en quarantaine, [579312a30981c472a851e382c73b5fa1], PUP.Optional.Multiplug.A, C:\Program Files (x86)\Facebook Chat Platinum\Facebook Chat Platinum.exe, Mis en quarantaine, [6b7f2f86c8c28babfab585b18979e11f], PUP.Optional.Multiplug.A, C:\Program Files (x86)\RegualariDealis\RegualariDealis.exe, Mis en quarantaine, [f7f33b7a4f3b78bed1debe782fd3c43c], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\ShopDirop\D7vGRsbkODzsWc.dll, Mis en quarantaine, [5892bafb3159b87e0feaec79936f50b0], PUP.Optional.Multiplug.A, C:\Program Files (x86)\ShopDirop\D7vGRsbkODzsWc.exe, Mis en quarantaine, [d614edc88802b581842bfc3aac5619e7], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\ShopDirop\D7vGRsbkODzsWc.x64.dll, Mis en quarantaine, [c2286451bcce57df897074f1dc266d93], PUP.Optional.MultiPlug, C:\Users\mathieu-PC\AppData\Local\Temp\E790.exe, Mis en quarantaine, [91595c5981099a9cd0f4ada5e51d7090], Trojan.SProtector, C:\Users\mathieu-PC\AppData\Local\Temp\__tmp_204e2bcc, Mis en quarantaine, [6c7e6a4b0d7d78beb947371c9b67ba46], PUP.Optional.Multiplug.A, C:\Users\mathieu-PC\AppData\Local\Temp\MJYDKH.tmp\Search YouTube.exe, Mis en quarantaine, [c2287342bfcb68cecee11b1b1ee49d63], PUP.Optional.Multiplug.A, C:\Users\mathieu-PC\AppData\Local\Temp\VJPSFF.tmp\tWU6DrSBIfgma5.exe, Mis en quarantaine, [4b9fc2f33e4cef47f1bebb7b09f927d9], PUP.Optional.MultiPlug, C:\Users\mathieu-PC\AppData\Local\Temp\6630\temp\E790.exe, Mis en quarantaine, [4f9b4f66404a6ec8794b55fdd42e6799], PUP.Optional.MultiPlug, C:\Users\mathieu-PC\Downloads\The mask - klaxon.exe, Mis en quarantaine, [aa402590b1d90333c8fcb1a1887a8c74], PUP.Optional.IncludeSystem.A, C:\Program Files (x86)\IncludeSystem\IncludeSystem.dll, Supprimé-au-redémarrage, [856507aefe8c8ea85c1431c00cf7ff01], PUP.Optional.ShoppingGate.A, C:\Users\mathieu-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage, Mis en quarantaine, [be2ca0150c7ee35382f0f32a2ada3bc5], PUP.Optional.ShoppingGate.A, C:\Users\mathieu-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal, Mis en quarantaine, [74763184305ad165b4be3ae3eb19af51], PUP.Optional.MultiPlug.A, C:\Users\mathieu-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkadjnjjgcjdhpcjhoplojnicjgeajah\122\lsdb.js, Mis en quarantaine, [a743e8cd2e5cd4629ac3265172933dc3], PUP.Optional.MultiPlug.A, C:\Users\mathieu-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkadjnjjgcjdhpcjhoplojnicjgeajah\122\background.html, Mis en quarantaine, [a743e8cd2e5cd4629ac3265172933dc3], PUP.Optional.MultiPlug.A, C:\Users\mathieu-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkadjnjjgcjdhpcjhoplojnicjgeajah\122\bdKxOh8.js, Mis en quarantaine, [a743e8cd2e5cd4629ac3265172933dc3], PUP.Optional.MultiPlug.A, C:\Users\mathieu-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkadjnjjgcjdhpcjhoplojnicjgeajah\122\content.js, Mis en quarantaine, [a743e8cd2e5cd4629ac3265172933dc3], PUP.Optional.MultiPlug.A, C:\Users\mathieu-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkadjnjjgcjdhpcjhoplojnicjgeajah\122\manifest.json, Mis en quarantaine, [a743e8cd2e5cd4629ac3265172933dc3], PUP.Optional.EnjoyCoupon.A, C:\Program Files (x86)\EnJoyCouppon\tS0gW7d4f2YofO.tlb, Mis en quarantaine, [cc1e7540464466d0608d92e5828348b8], PUP.Optional.EnjoyCoupon.A, C:\Program Files (x86)\EnJoyCouppon\tS0gW7d4f2YofO.dat, Mis en quarantaine, [cc1e7540464466d0608d92e5828348b8], PUP.Optional.ShopDrop.A, C:\Program Files (x86)\ShopDirop\D7vGRsbkODzsWc.tlb, Mis en quarantaine, [32b8d1e498f2999db9797ff9768fe31d], PUP.Optional.ShopDrop.A, C:\Program Files (x86)\ShopDirop\D7vGRsbkODzsWc.dat, Mis en quarantaine, [32b8d1e498f2999db9797ff9768fe31d], PUP.Optional.Multiplug.A, C:\Windows\System32\Tasks\Bidaily Synchronize Task, Mis en quarantaine, [4c9ee2d38cfe38fe0d977c012fd6f10f], PUP.Optional.Multiplug.A, C:\Windows\Tasks\Bidaily Synchronize Task.job, Mis en quarantaine, [fceecaeb048655e1dfc695e8679eda26], Secteurs physiques: 0 (Aucun élément malicieux détecté) (end)