cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 11/07/2015
Heure de l'analyse: 12:15
Fichier journal: journal anti-malwaire.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.07.11.01
Base de données de rootkits: v2015.07.10.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Hatimy

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 357145
Temps écoulé: 30 min, 43 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 1
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\TxCZMobRPg\JxenhNOS.exe, 2328, Supprimer au redémarrage, [8fee04dce5a5270feb8a5c1b4bb67f81]

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 13
PUP.Optional.BreakingNewsAlert.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\JxenhNOS, En quarantaine, [8fee04dce5a5270feb8a5c1b4bb67f81],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En quarantaine, [add01ac64446dd5939d3543ae91b7987],
PUP.Optional.Infonaut.A, HKLM\SOFTWARE\WOW6432NODE\Infonaut_1.10.0.14, En quarantaine, [94e9b42c05850c2a673344bf33d0ab55],
PUP.Optional.SuperClick.A, HKLM\SOFTWARE\WOW6432NODE\SuperClick_1.10.0.16, En quarantaine, [d1ac87597a10aa8c6c4bd9b27292d729],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, En quarantaine, [2a53419fe3a746f048453cc6d231aa56],
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gmsd_fr_652_is1, En quarantaine, [8bf2538df19983b37b2925f1c43f2ad6],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{caa89563}, En quarantaine, [e697a23ea3e7a78f4e13e4a88e761be5],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En quarantaine, [a7d67a6604860a2c48c4f89645bf43bd],
PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, En quarantaine, [0d70736dd8b286b070d65c332ed6bd43],
PUP.Optional.Vitruvian.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\INSVC_1.10.0.14, En quarantaine, [3746657bafdb65d1cbb15535b84c936d],
PUP.Optional.Coupoon.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\coupoon, En quarantaine, [6e0f6c748bff4fe7203f7e0703016c94],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, En quarantaine, [b4c95f81f397fb3b9d29b9cfde26a45c],
PUP.Optional.Iminent.A, HKU\S-1-5-21-2654224801-3958602632-1462074351-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, En quarantaine, [e499736df7932610bcdf3ffa6e9551af],

Valeurs du registre: 7
PUP.Optional.3DBubbleSound.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|3D BubbleSound, "C:\Program Files\BubbleSound\3D BubbleSound.exe", En quarantaine, [8eef5b855b2faf87d734ec1507fcbf41]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [add01ac64446dd5939d3543ae91b7987]
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_fr_614, En quarantaine, [fb8214cc83075fd70e9936e063a036ca],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [a7d67a6604860a2c48c4f89645bf43bd]
PUP.Optional.Vitruvian.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\insvc_1.10.0.14|ImagePath, "C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe", En quarantaine, [3746657bafdb65d1cbb15535b84c936d]
PUP.Optional.CrossBrowse.C, HKU\S-1-5-21-2654224801-3958602632-1462074351-1000\SOFTWARE\CLIENTS\STARTMENUINTERNET, Crossbrowse, En quarantaine, [f687b12f4545ff37c301a6e217ed8878]
PUP.Optional.CrossBrowse.A, HKU\S-1-5-21-2654224801-3958602632-1462074351-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GoogleChromeAutoLaunch_F02D1E74C16E970822F4802949A6A0B3, "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window, En quarantaine, [98e56977068466d0b195f998db29956b]

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 11
PUP.Optional.MultiPlug.Gen, C:\Users\Hatimy\AppData\Roaming\CA81EE40-1433785817-11DD-8A71-F0BF9759A0AF, En quarantaine, [3f3e0cd405854ee8ade8acd9b0549967],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc, En quarantaine, [f984d0107c0ee84e44e0fa93fa0a629e],
PUP.Optional.OptimizerPro.A, C:\Users\Hatimy\Documents\Optimizer Pro, En quarantaine, [4b3227b9eaa044f2436b24690cf85da3],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ejremejo\1.0.1.0, En quarantaine, [b0cd09d73f4b3ef8c329aae85aaa5fa1],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ejremejo, En quarantaine, [b0cd09d73f4b3ef8c329aae85aaa5fa1],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ejremejo\1.0.4.1, En quarantaine, [b0cd09d73f4b3ef8c329aae85aaa5fa1],
PUP.Optional.PullUpdate.A, C:\ProgramData\Radio, En quarantaine, [6914657bdfabbd79b6c493002ada817f],
PUP.Optional.GlobalUpdate.A, C:\Users\Hatimy\AppData\Local\Temp\comh.192409, En quarantaine, [c7b67e62c3c7a492571bb52cd72bef11],
PUP.Optional.GlobalUpdate.A, C:\Users\Hatimy\AppData\Local\Temp\comh.392783, En quarantaine, [ee8ff7e95337d16594de4d9440c21be5],
PUP.Optional.PullUpdate.A, C:\ProgramData\TxCZMobRPg\dat, Supprimer au redémarrage, [077637a91e6c8ea874ab7be77b8a8080],
PUP.Optional.PullUpdate.A, C:\ProgramData\TxCZMobRPg, Supprimer au redémarrage, [077637a91e6c8ea874ab7be77b8a8080],

Fichiers: 76
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\TxCZMobRPg\JxenhNOS.exe, Supprimer au redémarrage, [8fee04dce5a5270feb8a5c1b4bb67f81],
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\TxCZMobRPg\dat\epuHhNI.exe, Supprimer au redémarrage, [ee8fa43c0882b680aacb88ef1ce5f60a],
PUP.Optional.PullUpdate.A, C:\ProgramData\TxCZMobRPg\dat\GkygKm.dll, Supprimer au redémarrage, [037a4c949feb2115e1ead9869075f60a],
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\TxCZMobRPg\dat\QuCULB.exe, Supprimer au redémarrage, [b6c708d88bff63d38ee7de9924dd9967],
PUP.Optional.ZombieInvasion.A, C:\ProgramData\TxCZMobRPg\dat\QWpZytNDjWX.dll, Supprimer au redémarrage, [99e4a13fd5b51620ffbf67a7c63fad53],
PUP.Optional.ConvertAd, C:\Users\Hatimy\AppData\Roaming\CA81EE40-1433785817-11DD-8A71-F0BF9759A0AF\vnstDE0B.tmp, En quarantaine, [ff7edc043456c571d4a5ae06ac55fa06],
PUP.Optional.Crossrider, C:\Program Files (x86)\643e9da9-c325-4279-abc0-e0f128533bf5\6565b999-48e8-40a8-a8f0-c6b0d752a65b.dll, En quarantaine, [0a735090a0eadc5ad6aaa309bf4226da],
PUP.Optional.Crossrider, C:\Program Files (x86)\77ebe355-3463-4075-b9cf-e44cb8773e5c\5057182e-4412-4be5-a92d-e8377800151a.dll, En quarantaine, [a8d59050a0ea43f3562aa20afb062cd4],
PUP.Optional.Crossrider, C:\Program Files (x86)\77ebe355-3463-4075-b9cf-e44cb8773e5c\643e9da9-c325-4279-abc0-e0f128533bf5.dll, En quarantaine, [88f5e0007614082e4838951744bd52ae],
PUP.Optional.Crossrider, C:\Program Files (x86)\77ebe355-3463-4075-b9cf-e44cb8773e5c\77ebe355-3463-4075-b9cf-e44cb8773e5c.dll, En quarantaine, [3f3ea13f7c0e1125a1df2c80837ef60a],
PUP.Optional.CrossBrowse, C:\Users\Hatimy\AppData\Local\Temp\8653.exe, En quarantaine, [8cf104dcd7b3d561583cafec3cc5ad53],
PUP.Optional.CrossRider.A, C:\Users\Hatimy\AppData\Local\Temp\8755.exe, En quarantaine, [86f79749b0da61d509ca8bcde223dd23],
PUP.Optional.InstallCore.A, C:\Users\Hatimy\AppData\Local\Temp\ICReinstall_nse2035.tmp, En quarantaine, [4e2f5090dbaf31051e36911c5aa748b8],
PUP.Optional.CrossBrowse, C:\Users\Hatimy\AppData\Local\Temp\2605.exe, En quarantaine, [116cbe22fa90181e9ff5e2b92bd618e8],
PUP.Optional.CrossRider.A, C:\Users\Hatimy\AppData\Local\Temp\4787.exe, En quarantaine, [e19cfee29feb4cea09ca73e542c3728e],
PUP.optional.OptimizerPro.A, C:\Users\Hatimy\AppData\Local\Temp\optprosetup.exe, En quarantaine, [bbc2e2fe6e1c79bdf4369d206998916f],
PUP.Optional.CrossBrowse, C:\Users\Hatimy\AppData\Local\Temp\162.exe, En quarantaine, [4d30ca16c1c936002c681586d62bb34d],
PUP.Optional.BundleInstaller.A, C:\Users\Hatimy\AppData\Local\Temp\setup_648.exe, En quarantaine, [bdc0944cec9e7db9d72b96caad588d73],
PUP.Optional.SweetIM, C:\Users\Hatimy\AppData\Local\Temp\Shortcut_SweetImSetup.exe, En quarantaine, [3c415888206a81b5fefa70e1cc39d729],
PUP.Optional.CrossBrowse, C:\Users\Hatimy\AppData\Local\Temp\9402.exe, En quarantaine, [8eef746c2169dd59167e9704f60bfa06],
PUP.Optional.InstallCore.A, C:\Users\Hatimy\AppData\Local\Temp\nse2035.tmp, En quarantaine, [5528647c008adb5b43114b62d62b8878],
PUP.Optional.CheckOffer, C:\Users\Hatimy\AppData\Local\Temp\nsh7BDE.tmp, En quarantaine, [ff7e855b395123131986208550b1a060],
PUP.Optional.SweetIM, C:\Users\Hatimy\AppData\Local\Temp\mgsqlite3.7z, En quarantaine, [85f8cf1125659f979a5ee66b2bda34cc],
PUP.Optional.SweetIM, C:\Users\Hatimy\AppData\Local\Temp\mgsqlite3.dll, En quarantaine, [205dc818513987afb246331ee91cf010],
PUP.Optional.Iminent, C:\Users\Hatimy\AppData\Local\Temp\RarSFX0\MetroInstallerAPP.exe, En quarantaine, [9ce1726e1476a096959a2bbb966ae51b],
PUP.Optional.FaceMoods.A, C:\Users\Hatimy\AppData\Local\Temp\{C0DC3843-3FC8-4E30-BD9D-0BC29FDAC349}\{920A0367-4B8E-4455-BC9C-F322D138BD8F}\facemoods.exe, En quarantaine, [92ebe7f95d2d59dd4781a49bda26f30d],
PUP.Optional.CheckOffer, C:\Users\Hatimy\AppData\Local\Temp\nsdED3C.tmp\nsCBHTML5.dll, En quarantaine, [df9e3fa11b6f3402613e1c898b76c838],
PUP.Optional.CheckOffer, C:\Users\Hatimy\AppData\Local\Temp\nshA006.tmp\nsCBHTML5.dll, En quarantaine, [28551bc5cdbd59dd8f10941145bc7d83],
PUP.Optional.ModGoog, C:\Users\Hatimy\AppData\Local\Temp\comh.192409\globalupdateBroker.exe, En quarantaine, [aad3da069af00c2a7c83b5d93fc2d42c],
PUP.Optional.ModGoog, C:\Users\Hatimy\AppData\Local\Temp\comh.192409\globalupdateOnDemand.exe, En quarantaine, [572640a0fa9005317c835836e31eea16],
PUP.Optional.ModGoog, C:\Users\Hatimy\AppData\Local\Temp\comh.192409\goopdate.dll, En quarantaine, [eb92f1ef503acf675ca3bad453ae43bd],
PUP.Optional.ModGoog, C:\Users\Hatimy\AppData\Local\Temp\comh.192409\goopdateres_en.dll, En quarantaine, [84f9f8e89eecf83ec23de2ac02ff38c8],
PUP.Optional.ModGoog, C:\Users\Hatimy\AppData\Local\Temp\comh.192409\psmachine.dll, En quarantaine, [cab37070c5c5b4828a757618a65b37c9],
PUP.Optional.ModGoog, C:\Users\Hatimy\AppData\Local\Temp\comh.192409\psuser.dll, En quarantaine, [0776b32df29872c4a35c216d7b869e62],
PUP.Optional.ModGoog, C:\Users\Hatimy\AppData\Local\Temp\comh.392783\globalupdateBroker.exe, En quarantaine, [720b8d537416ee4841bef29cb24fdd23],
PUP.Optional.ModGoog, C:\Users\Hatimy\AppData\Local\Temp\comh.392783\globalupdateOnDemand.exe, En quarantaine, [7805d60a4743ac8a3bc4c5c9b849e21e],
PUP.Optional.ModGoog, C:\Users\Hatimy\AppData\Local\Temp\comh.392783\goopdate.dll, En quarantaine, [94e9dc043654f244857a365837ca28d8],
PUP.Optional.ModGoog, C:\Users\Hatimy\AppData\Local\Temp\comh.392783\goopdateres_en.dll, En quarantaine, [92ebbb25fe8c65d19d623e50d52c16ea],
PUP.Optional.ModGoog, C:\Users\Hatimy\AppData\Local\Temp\comh.392783\psmachine.dll, En quarantaine, [ff7eb42cafdbe452827d0b83bf4233cd],
PUP.Optional.ModGoog, C:\Users\Hatimy\AppData\Local\Temp\comh.392783\psuser.dll, En quarantaine, [4e2f09d7ef9b86b0e916f49a1fe202fe],
PUP.Optional.PCSpeedUp.A, C:\Windows\Temp\scs_setup_1.0.18.0.exe, En quarantaine, [b4c9538d226879bdebfc5c4ffb06dd23],
PUP.Optional.SweetIM, C:\Users\Hatimy\Downloads\SweetImSetup.exe, En quarantaine, [c7b6e4fcf9914de947b1ec65e81da45c],
PUP.Optional.Bundle, C:\Users\Hatimy\Downloads\PDFWriterSetup.exe, En quarantaine, [4d30b0300f7b4bebe62c71890cf45ca4],
PUP.Optional.SweetIM, C:\Windows\Installer\2b42ccf7.msi, En quarantaine, [a6d703ddbbcfda5cb7415ef307fe07f9],
PUP.Optional.SweetIM, C:\Windows\Installer\2b42ccfd.msi, En quarantaine, [6d10a43c8efcd264b1475af7877e3ac6],
PUP.Optional.Vitruvian.A, C:\Users\Hatimy\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001, En quarantaine, [6b12a53b4644191d962b126c70943cc4],
PUP.Optional.Vitruvian.A, C:\Users\Hatimy\AppData\Local\Temp\vitruvian-installer-install-v0003, En quarantaine, [611cfae6800af1453e836e10d232d828],
PUP.Optional.Vitruvian.A, C:\Users\Hatimy\AppData\Local\Temp\vitruvian-installer-processes-v0002, En quarantaine, [512c8858e5a54de9556c5d21e12322de],
PUP.Optional.Vitruvian.A, C:\Users\Hatimy\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001, En quarantaine, [ff7e548cec9e80b66e53ee901ce87a86],
PUP.Optional.MultiPlug.Gen, C:\Users\Hatimy\AppData\Roaming\CA81EE40-1433785817-11DD-8A71-F0BF9759A0AF\hnsy5713.tmp, En quarantaine, [3f3e0cd405854ee8ade8acd9b0549967],
PUP.Optional.MultiPlug.Gen, C:\Users\Hatimy\AppData\Roaming\CA81EE40-1433785817-11DD-8A71-F0BF9759A0AF\Number of results, En quarantaine, [3f3e0cd405854ee8ade8acd9b0549967],
PUP.Optional.MultiPlug.Gen, C:\Users\Hatimy\AppData\Roaming\CA81EE40-1433785817-11DD-8A71-F0BF9759A0AF\Uninstall.exe, En quarantaine, [3f3e0cd405854ee8ade8acd9b0549967],
PUP.Optional.Multiplug.A, C:\Windows\System32\Tasks\Bidaily Synchronize Task[3c32], En quarantaine, [c9b44b955c2ed165daf48efd6b9927d9],
PUP.Optional.Multiplug.A, C:\Windows\Tasks\Bidaily Synchronize Task[3c32].job, En quarantaine, [4736cd13424850e66f60810a9d67a55b],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\debug.log, En quarantaine, [f984d0107c0ee84e44e0fa93fa0a629e],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\17AF54B9, En quarantaine, [f984d0107c0ee84e44e0fa93fa0a629e],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\4DEDA591, En quarantaine, [f984d0107c0ee84e44e0fa93fa0a629e],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\6C8E155, En quarantaine, [f984d0107c0ee84e44e0fa93fa0a629e],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\7F24D2EF, En quarantaine, [f984d0107c0ee84e44e0fa93fa0a629e],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\9721B0CB, En quarantaine, [f984d0107c0ee84e44e0fa93fa0a629e],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\99E1F920, En quarantaine, [f984d0107c0ee84e44e0fa93fa0a629e],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\AA012CZ, En quarantaine, [f984d0107c0ee84e44e0fa93fa0a629e],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\C78F0747, En quarantaine, [f984d0107c0ee84e44e0fa93fa0a629e],
PUP.Optional.OptimizerPro.A, C:\Users\Hatimy\Documents\Optimizer Pro\CookiesException.txt, En quarantaine, [4b3227b9eaa044f2436b24690cf85da3],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ejremejo\1.0.1.0\bocrooak.exe.config, En quarantaine, [b0cd09d73f4b3ef8c329aae85aaa5fa1],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ejremejo\1.0.1.0\sqlite3.dll, En quarantaine, [b0cd09d73f4b3ef8c329aae85aaa5fa1],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ejremejo\dat.dat, En quarantaine, [b0cd09d73f4b3ef8c329aae85aaa5fa1],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ejremejo\1.0.4.1\bocrooak.exe.config, En quarantaine, [b0cd09d73f4b3ef8c329aae85aaa5fa1],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ejremejo\1.0.4.1\sqlite3.dll, En quarantaine, [b0cd09d73f4b3ef8c329aae85aaa5fa1],
PUP.Optional.PullUpdate.A, C:\ProgramData\Radio\prompt.exe.config, En quarantaine, [6914657bdfabbd79b6c493002ada817f],
PUP.Optional.GlobalUpdate.A, C:\Users\Hatimy\AppData\Local\Temp\comh.192409\globalupdateHelper.msi, En quarantaine, [c7b67e62c3c7a492571bb52cd72bef11],
PUP.Optional.GlobalUpdate.A, C:\Users\Hatimy\AppData\Local\Temp\comh.392783\globalupdateHelper.msi, En quarantaine, [ee8ff7e95337d16594de4d9440c21be5],
PUP.Optional.PullUpdate.A, C:\ProgramData\TxCZMobRPg\dat\epuHhNI.exe.config, Supprimer au redémarrage, [077637a91e6c8ea874ab7be77b8a8080],
PUP.Optional.PullUpdate.A, C:\ProgramData\TxCZMobRPg\dat\QuCULB.exe.config, Supprimer au redémarrage, [077637a91e6c8ea874ab7be77b8a8080],
PUP.Optional.PullUpdate.A, C:\ProgramData\TxCZMobRPg\info.dat, Supprimer au redémarrage, [077637a91e6c8ea874ab7be77b8a8080],
PUP.Optional.PullUpdate.A, C:\ProgramData\TxCZMobRPg\JxenhNOS.dat, Supprimer au redémarrage, [077637a91e6c8ea874ab7be77b8a8080],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité