Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 20/02/2016
Heure de l'analyse: 15:29
Fichier journal: Scam Mbam.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.02.20.01
Base de données de rootkits: v2016.02.17.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: papou974

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 357335
Temps écoulé: 37 min, 53 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 31
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\62a01ee3-a9a4-4424-89fa-d461b315a360-1, Supprimer au redémarrage, [b33e94ce3e5b83b348a243a07390bc44], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\62a01ee3-a9a4-4424-89fa-d461b315a360-2, Supprimer au redémarrage, [21d00b57f6a33006b03ad70c20e3768a], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\62a01ee3-a9a4-4424-89fa-d461b315a360-3, Supprimer au redémarrage, [5a97df83e0b99a9c92588d56778c0af6], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\62a01ee3-a9a4-4424-89fa-d461b315a360-4, Supprimer au redémarrage, [16dbb2b09900b6809654657e1ce7b54b], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\62a01ee3-a9a4-4424-89fa-d461b315a360-5, Supprimer au redémarrage, [22cfb8aabcdd89ad65852bb825dea35d], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\62a01ee3-a9a4-4424-89fa-d461b315a360-6, Supprimer au redémarrage, [34bd243e7e1b7bbbf3f722c10003ec14], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\62a01ee3-a9a4-4424-89fa-d461b315a360-7, Supprimer au redémarrage, [d819a8ba5049de58f3f72cb76f947888], 
PUP.Optional.HQVideoPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\HQ-Video-Profession-1.3-chromeinstaller, Supprimer au redémarrage, [ca271052257437ffb7abd11e56ad42be], 
PUP.Optional.HQVideoPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\HQ-Video-Profession-1.3-codedownloader, Supprimer au redémarrage, [01f04e149ffa003681e1e70872915aa6], 
PUP.Optional.HQVideoPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\HQ-Video-Profession-1.3-enabler, Supprimer au redémarrage, [549d372be5b488ae0f53dc136e95db25], 
PUP.Optional.HQVideoPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\HQ-Video-Profession-1.3-firefoxinstaller, Supprimer au redémarrage, [6190baa89702a98dfb6745aa8d76768a], 
PUP.Optional.HQVideoPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\HQ-Video-Profession-1.3-updater, Supprimer au redémarrage, [a44d5210fe9b1b1b1a488d621ae96e92], 
PUP.Optional.MediaPlayer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MediaPlayerEnhance-chromeinstaller, Supprimer au redémarrage, [529f9bc7f5a4a98d29b9965fe221ec14], 
PUP.Optional.MediaPlayer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MediaPlayerEnhance-codedownloader, Supprimer au redémarrage, [c22fd1910792f24428ba25d0669d26da], 
PUP.Optional.MediaPlayer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MediaPlayerEnhance-enabler, Supprimer au redémarrage, [42aff1710e8b3bfb1fc3876ebf443bc5], 
PUP.Optional.MediaPlayer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MediaPlayerEnhance-firefoxinstaller, Supprimer au redémarrage, [826f134fdfba71c53fa3d71eae550df3], 
PUP.Optional.MediaPlayer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MediaPlayerEnhance-updater, Supprimer au redémarrage, [40b1cf932e6b12245c86f2039a6936ca], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Media_Play_AIR+-chromeinstaller, Supprimer au redémarrage, [23cec79be0b995a136d218e5c240b44c], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Media_Play_AIR+-codedownloader, Supprimer au redémarrage, [51a00b5759400036e0281fdea55dc040], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Media_Play_AIR+-enabler, Supprimer au redémarrage, [ce2309596f2a1a1cec1c05f8c63c758b], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Media_Play_AIR+-firefoxinstaller, Supprimer au redémarrage, [71809bc77326072f0404f00d4cb63bc5], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Media_Play_AIR+-updater, Supprimer au redémarrage, [8f622e340396b1859a6ea85554ae9070], 
PUP.Optional.TornTV, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Torntv V9.0-chromeinstaller, Supprimer au redémarrage, [45ac7fe3801954e2de46cd4229dbf907], 
PUP.Optional.TornTV, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Torntv V9.0-codedownloader, Supprimer au redémarrage, [4ca5b8aac0d9e650061e0b049371d42c], 
PUP.Optional.TornTV, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Torntv V9.0-enabler, Supprimer au redémarrage, [b0415f037f1ae94d0123d33cc73dc040], 
PUP.Optional.TornTV, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Torntv V9.0-firefoxinstaller, Supprimer au redémarrage, [3ab73929e8b1c076ca5a8788fa0ac53b], 
PUP.Optional.TornTV, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Torntv V9.0-updater, Supprimer au redémarrage, [b33e1c46504938fe72b24ec1937140c0], 
PUP.Optional.GoPhoto, HKU\S-1-5-21-53910989-417494996-1717965872-1000\SOFTWARE\COOL MIRAGE LTD\gophotoit, En quarantaine, [c9286af8c7d2bc7a2aa330bcdb2808f8], 
PUP.Optional.Komodia, HKU\S-1-5-21-53910989-417494996-1717965872-1000\SOFTWARE\INSTALLPATH\STATUS, En quarantaine, [ac45ce941b7e290d4abdbb9f0400da26], 
PUP.Optional.CrossRider, HKU\S-1-5-21-53910989-417494996-1717965872-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD61804C-3360-404E-99E9-E1F0FA7AF894}, En quarantaine, [51a04c165346c96d6167598a976cb34d], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-53910989-417494996-1717965872-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CHCT2504091, En quarantaine, [5b96b8aa1782ca6c0ae7537aa65ddb25], 

Valeurs du Registre: 2
PUP.Optional.Komodia, HKU\S-1-5-21-53910989-417494996-1717965872-1000\SOFTWARE\INSTALLPATH\STATUS|FlowsurfCB, Y, En quarantaine, [ac45ce941b7e290d4abdbb9f0400da26]
PUP.Optional.CrossRider, HKU\S-1-5-21-53910989-417494996-1717965872-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ad61804c-3360-404e-99e9-e1f0fa7af894}|AppName, HQ-Video-Profession-1.3-codedownloader.exe, En quarantaine, [51a04c165346c96d6167598a976cb34d]

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 11
PUP.Optional.CoolMirage, C:\Users\papou974\AppData\Roaming\Cool Mirage Ltd, En quarantaine, [15dc6101edacdb5ba5211cc34ab9748c], 
PUP.Optional.CoolMirage, C:\Users\papou974\AppData\Roaming\Cool Mirage Ltd\1.8.29.5, En quarantaine, [15dc6101edacdb5ba5211cc34ab9748c], 
PUP.Optional.CoolMirage, C:\Users\papou974\AppData\Roaming\Cool Mirage Ltd\gophotoit, En quarantaine, [15dc6101edacdb5ba5211cc34ab9748c], 
PUP.Optional.CoolMirage, C:\Users\papou974\AppData\Roaming\Cool Mirage Ltd\gophotoit\1.8.29.5, En quarantaine, [15dc6101edacdb5ba5211cc34ab9748c], 
PUP.Optional.GenesisOffers, C:\Users\papou974\AppData\Local\Genesis_05302225, En quarantaine, [a44d3f23049542f41d3ae5ddbf4313ed], 
PUP.Optional.Conduit, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojpijjmpahflnipadmlpgbjmagmjchkk, En quarantaine, [f2ff3f233663999d23129934748e52ae], 
PUP.Optional.CrossRider, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lekgiimbfodefdaoofhlckefjbgpeilo, En quarantaine, [00f1174b6d2c6ec8933e1fb44ab808f8], 
PUP.Optional.CrossRider, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna, En quarantaine, [7879e082bbdefe388a54daf937cb50b0], 
PUP.Optional.GoPhoto, C:\Users\papou974\AppData\LocalLow\Cool Mirage Ltd\gophotoit, En quarantaine, [37baafb3564311256cefb82121e1f10f], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 

Fichiers: 21
PUP.Optional.SoftPulse, C:\Users\papou974\Downloads\Setup (1).zip, En quarantaine, [3cb5085adbbe85b1681c540aea17867a], 
PUP.Optional.SoftPulse, C:\Users\papou974\Downloads\Setup (2).zip, En quarantaine, [bc35e77b4e4bf54194dc294f728f16ea], 
PUP.Optional.SoftPulse, C:\Users\papou974\Downloads\Setup (3).zip, En quarantaine, [18d94c16efaa1125a6ca5028fb064ab6], 
PUP.Optional.SoftPulse, C:\Users\papou974\Downloads\Setup.zip, En quarantaine, [708177eb3861dd59473d5608847d0cf4], 
Adware.GibMedia, C:\Users\papou974\AppData\Roaming\Icones\icones_pa.ico, En quarantaine, [06ebc1a1aeebb5817949181ce71cf20e], 
PUP.Optional.CoolMirage, C:\Users\papou974\AppData\Roaming\Cool Mirage Ltd\sqlite3.dll, En quarantaine, [15dc6101edacdb5ba5211cc34ab9748c], 
PUP.Optional.CoolMirage, C:\Users\papou974\AppData\Roaming\Cool Mirage Ltd\gophotoit\1.8.29.5\gophotoit.crx, En quarantaine, [15dc6101edacdb5ba5211cc34ab9748c], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\appCntrl.js, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\bg.html, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\bg.js, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\bg_.html, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\chr.js, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\ct.js, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\CTB.dll, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\dpk.js, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\hprtkMsg.htm, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\hprtkMsg.js, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\json2.min.js, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\logo.png, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\manifest.json, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 
PUP.Optional.GoPhotoIt, C:\Users\papou974\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp\1.0_1\pref.json, En quarantaine, [6b867ee4574287afa0bf3d9cae54fb05], 

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)