Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 15/09/2014 Heure de l'examen: 14:57:28 Fichier journal: rapport.txt Administrateur: Oui Version: 2.00.2.1012 Base de données Malveillants: v2014.09.15.05 Base de données Rootkits: v2014.09.15.01 Licence: Gratuite Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Self-protection: Désactivé(e) Système d'exploitation: Windows XP Service Pack 3 Processeur: x86 Système de fichiers: NTFS Utilisateur: Paul Fossaert Type d'examen: Examen "Menaces" Résultat: Terminé Objets analysés: 293203 Temps écoulé: 14 min, 46 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Désactivé(e) Heuristics: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Clés du Registre: 0 (No malicious items detected) Valeurs du Registre: 0 (No malicious items detected) Données du Registre: 0 (No malicious items detected) Dossiers: 6 PUP.Optional.MindSpark.A, C:\Documents and Settings\Paul Fossaert\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb, Mis en quarantaine, [628f0edf91eac6709713a2382bd78c74], PUP.Optional.MindSpark.A, C:\Documents and Settings\Paul Fossaert\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\10.82.4.29886_0, Mis en quarantaine, [628f0edf91eac6709713a2382bd78c74], PUP.Optional.MindSpark.A, C:\Documents and Settings\Paul Fossaert\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\10.82.4.29886_0\common, Mis en quarantaine, [628f0edf91eac6709713a2382bd78c74], PUP.Optional.MindSpark.A, C:\Documents and Settings\Paul Fossaert\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\10.82.4.29886_0\common\components, Mis en quarantaine, [628f0edf91eac6709713a2382bd78c74], PUP.Optional.MindSpark.A, C:\Documents and Settings\Paul Fossaert\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\10.82.4.29886_0\common\components\embedhtml, Mis en quarantaine, [628f0edf91eac6709713a2382bd78c74], PUP.Optional.MindSpark.A, C:\Documents and Settings\Paul Fossaert\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\10.82.4.29886_0\common\components\embedhtml\html, Mis en quarantaine, [628f0edf91eac6709713a2382bd78c74], Fichiers: 3 PUP.Optional.MindSpark.A, C:\Documents and Settings\Paul Fossaert\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\10.82.4.29886_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, Mis en quarantaine, [628f0edf91eac6709713a2382bd78c74], PUP.Optional.Astromenda.A, C:\Documents and Settings\Paul Fossaert\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "startup_urls": [ "https://fr.yahoo.com/?fr=hp-avast&type=avastbcl", "http://www.mystart.com/?pr=vmn&id=mystarttb&v=5_3&ent=hp_4981&src=4981", "http://www.google.fr/?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0D91D54D-7812-4A4C-9CB1-6F54348C12E8&SSPV=", "http://www.awesomehp.com/?type=hp&ts=1392823280&from=tugs&uid=HitachiXHTS541680J9SA00_SB2204SGF3NKXEF3NKXEX", "http://start.mysearchdial.com/?f=1&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1QzutDtDtByBtD0EtAyC0AyEtAtDyD0DtD0AtN0D0Tzu0SzztByEtN1L2XzutBtFtCzztFzytFtDtN1L1CzutCyEtDtAtDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StDtDzyyCtDtDzzyBtGtAyC0D0FtG0D0CyCzytGzz0DtCtCtGyBtDtC0BtD0FtC0CtCtByB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyD0Azz0DyB0EyEtG0B0DzztAtG0DyE0CyCtG0B0C0CzztGtCtAyBtAyCzytB0AtDtCzy0D2Q&cr=332270729&ir=", "http://start.qone8.com/?type=hp&ts=1396590322&from=profr&uid=ST380021A_3HV0SCQK", "http://start.mysearchdial.com/?f=1&a=dnldstr_14_11_ch&cd=2XzuyEtN2Y1L1QzutDtDtC0BtAzztB0EyCtDyB0AtByE0AyEtN0D0Tzu0SzztDtDtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0FyB0ByE0D0E0EtGyBtBtC0FtGyE0DtD0EtG0FyC0FtAtGyCtCtAzz0AtD0C0CtD0E0Dzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtDzz0C0F0EtDyBtGyC0B0FzytGtDyDyEyEtGtA0AyDzztGtC0EzyyE0D0D0DyD0FtA0FyE2Q&cr=1956579663&ir=", "https://fr.yahoo.com/?fr=hp-avast&type=avastbcl", "http://www.sweet-page.com/?type=hp&ts=1403098201&from=adks&uid=HitachiXHTS541680J9SA00_SB2204SGF3NKXEF3NKXEX", "http://www.sweet-page.com/?type=hppp&ts=1403150953&from=adks&uid=HitachiXHTS541680J9SA00_SB2204SGF3NKXEF3NKXEX", "http://www.sweet-page.com/?type=hppp&ts=1403238789&from=adks&uid=HitachiXHTS541680J9SA00_SB2204SGF3NKXEF3NKXEX", "http://www.sweet-page.com/?type=hppp&ts=1403429219&from=adks&uid=HitachiXHTS541680J9SA00_SB2204SGF3NKXEF3NKXEX", "http://www.sweet-page.com/?type=hppp&ts=1403430140&from=adks&uid=HitachiXHTS541680J9SA00_SB2204SGF3NKXEF3NKXEX", "http://rocket-find.com/?f=7&a=rckt_dsites03_14_26_ch&cd=2XzuyEtN2Y1L1QzutDtDtByCtB0DzztBtBzytB0FtA0D0DzztN0D0Tzu0SzytDzytN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StA0ByB0F0BtBtD0CtG0FtAyCzytGzyyE0D0EtGyCyBzz0EtGtAzyyCyByC0EtD0AyBzztAyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0E0AyC0BzytCyDtG0FtB0CtDtG0Fzy0C0AtG0ByC0D0BtGyD0AyC0F0E0BtDtA0EtB0F0A2Q&cr=752687639&ir=", "http://astromenda.com/?f=7&a=ast_frmr_14_34_ie&cd=2XzuyEtN2Y1L1QzutDtDtByBtD0EtAyC0AyEtAtDyD0DtD0AtN0D0Tzu0SzyyCtAtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyBzyyEzztB0AtByBtGyE0A0C0AtG0Czz0D0CtG0A0F0E0BtGyE0FzzyDzyyB0FyD0B0FyE0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyD0Azz0DyB0EyEtG0B0DzztAtG0DyE0CyCtG0B0C0CzztGtCtAyBtAyCzytB0AtDtCzy0D2Q&cr=708245283&ir=", "http://astromenda.com/?f=7&a=ast_dsites_14_35_ie&cd=2XzuyEtN2Y1L1QzutDtDtByBtD0EtAyC0AyEtAtDtA0EtDzztN0D0Tzu0SzyyBtDtN1L2XzutAtFtDtFtCtDtFyEtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0E0FzztDtA0BtCtGyDyEzy0FtGyDtDtCyEtGzzzzzz0FtGyEtDtBtC0DtC0D0FyB0F0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EtDtCtBtDtBzztG0C0DyEzytGyE0B0ByDtGzy0FyCyCtGyCzzyD0C0Ezyzy0Dzz0ByDtD2Q&cr=1383785064&ir=", "http://fr.msn.com/?pc=UP97&ocid=UP97DHP", "https://fr.yahoo.com/?fr=hp-avast&type=avastbcl", "https://fr.yahoo.com?fr=hp-avast&type=avastbcl", "http://www.msn.com/?pc=AV01" ],), Remplacé,[866bed00c4b73cfae5eb76b95aab2fd1] PUP.Optional.Trovi.A, C:\Documents and Settings\Paul Fossaert\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "homepage": "http://www.trovi.com/?gd=&ctid=CT3329707&octid=EB_ORIGINAL_CTID&ISID=MC78AAE5E-0508-4967-B180-BBD6CD114602&SearchSource=55&CUI=&UM=6&UP=SP3300B6EB-3CCE-4DCA-BE69-B94A0A9B311B&SSPV=",), Remplacé,[51a0d31a7cff11251c85ff3142c3a957] Secteurs physiques: 0 (No malicious items detected) (end)