Malwarebytes Anti-Malware www.malwarebytes.org Date de l'analyse: 01/08/2016 Heure de l'analyse: 20:34 Fichier journal: Rapport.txt Administrateur: Oui Version: 2.2.1.1043 Base de données de programmes malveillants: v2016.08.01.10 Base de données de rootkits: v2016.05.27.01 Licence: Gratuit Protection contre les programmes malveillants: Désactivé Protection contre les sites Web malveillants: Désactivé Autoprotection: Désactivé Système d'exploitation: Windows 10 Processeur: x64 Système de fichiers: NTFS Utilisateur: Samiez Cyril Type d'analyse: Analyse des menaces Résultat: Terminé Objets analysés: 419104 Temps écoulé: 55 min, 42 s Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Activé Rootkits: Activé Heuristique: Activé PUP: Activé PUM: Activé Processus: 0 (Aucun élément malveillant détecté) Modules: 0 (Aucun élément malveillant détecté) Clés du Registre: 12 Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\Adobe After Effects CC 2015 Full Version.DynamicNS, , [836b360f0595c86e97fd880e9270a65a], Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Adobe After Effects CC 2015 Full Version.DynamicNS, , [3db175d023773cfa890b60363ec406fa], Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Adobe After Effects CC 2015 Full Version.DynamicNS, , [3db175d023773cfa890b60363ec406fa], PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9EEF86C5-E245-4378-A8C1-A30C86DB4EDE}, , [6787e065851562d4c60b7b445ba9a35d], PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B6FF6E60-1536-4A1F-9C91-18440746F732}, , [08e67dc873273ef886312e86699bf30d], PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\b2929b72a96a471893ecaa9c51368bae, , [628cc085326891a5e1f219a6ca3aed13], PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Chejoghbitacult Builder, , [7a7469dc524833034b6f991b3aca758b], PUP.Optional.Trotux, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, , [707e6ed776248bab0de14a7f3dc52ed2], PUP.Optional.BrowserAir, HKU\S-1-5-21-690169796-3575036064-1958111112-1001\SOFTWARE\CLIENTS\STARTMENUINTERNET\BrowserAir.GJ45E4HMZYHQHT35YS4NL4EOJ4, , [e9059da89efc3006be08fbc80cf7b44c], PUP.Optional.Wajam, HKU\S-1-5-21-690169796-3575036064-1958111112-500\SOFTWARE\WajIEnhance, , [856991b4b0ea3204f156c9f2649f1ae6], PUP.Optional.IDSCProduct, HKU\S-1-5-21-690169796-3575036064-1958111112-500\SOFTWARE\MICROSOFT\IDSC, , [519d3d08bbdf96a08957f00a877cc838], PUP.Optional.BrowserAir, HKU\S-1-5-21-690169796-3575036064-1958111112-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\BrowserAir.exe, , [1fcffe4729711f17674f587b53b0f40c], Valeurs du Registre: 10 PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9EEF86C5-E245-4378-A8C1-A30C86DB4EDE}|Path, \b2929b72a96a471893ecaa9c51368bae, , [6787e065851562d4c60b7b445ba9a35d] PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B6FF6E60-1536-4A1F-9C91-18440746F732}|Path, \Chejoghbitacult Builder, , [08e67dc873273ef886312e86699bf30d] PUP.Optional.Trotux, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.trotux.com/?z=015ad90b276b1e010e1769cgdz5qat4z6q4g3g1z0z&from=isr&uid=HGSTXHTS541010A9E680_JD100ADM0436DK0436DKX&type=hp&mode=ffsengext, , [707e6ed776248bab0de14a7f3dc52ed2] PUP.Optional.Trotux, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.trotux.com/?z=015ad90b276b1e010e1769cgdz5qat4z6q4g3g1z0z&from=isr&uid=HGSTXHTS541010A9E680_JD100ADM0436DK0436DKX&type=hp&mode=ffsengext, , [20ce1f261f7b6ec86886b019f30f4bb5] PUP.Optional.Trotux, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.trotux.com/search/?q={searchTerms}&z=015ad90b276b1e010e1769cgdz5qat4z6q4g3g1z0z&from=isr&uid=HGSTXHTS541010A9E680_JD100ADM0436DK0436DKX&type=sp, , [836bd96c4654f54126c8a6231ce637c9] PUP.Optional.Trotux, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.trotux.com/search/?&z=015ad90b276b1e010e1769cgdz5qat4z6q4g3g1z0z&from=isr&uid=HGSTXHTS541010A9E680_JD100ADM0436DK0436DKX&type=sp&q=, , [f8f6291cf8a279bd41ada6233cc6c23e] Adware.EoRezo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|sun5, , [dd115ce95941a195054a38bb50b323dd], PUP.Optional.BrowserAir, HKU\S-1-5-21-690169796-3575036064-1958111112-1001\SOFTWARE\REGISTEREDAPPLICATIONS|BrowserAir.GJ45E4HMZYHQHT35YS4NL4EOJ4, Software\Clients\StartMenuInternet\BrowserAir.GJ45E4HMZYHQHT35YS4NL4EOJ4\Capabilities, , [3db1ea5b3b5f92a433c30fe18a79b14f] PUP.Optional.IDSCProduct, HKU\S-1-5-21-690169796-3575036064-1958111112-500\SOFTWARE\MICROSOFT\IDSC|partner, , , [519d3d08bbdf96a08957f00a877cc838] PUP.Optional.DeskBar, HKU\S-1-5-21-690169796-3575036064-1958111112-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|DeskBar.exe, 8888, , [599579cc83175adce6a824be05fe1ae6] Données du Registre: 0 (Aucun élément malveillant détecté) Dossiers: 3 PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\a407a34045e68bad4136bd12d30d2063, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\947347a35f81ddadc62c06b248b11df2, , [c925281da0faa88e867a767faf546d93], Fichiers: 31 PUP.Optional.Magicbit, C:\Users\Cyril Samiez\AppData\Roaming\ZHP\Quarantine\SaveFromNetHelper-Web-094cd16f45-[323].exe, , [ffef73d22773a29432a83a61dc2548b8], PUP.Optional.Magicbit, C:\Users\Cyril Samiez\AppData\Roaming\ZHP\Quarantine\SaveFromNetHelper-Web-92b7e04271-[323].exe, , [ab438abb8713f73f49910c8f41c018e8], PUP.Optional.Magicbit, C:\Users\Cyril Samiez\AppData\Roaming\ZHP\Quarantine\SaveFromNetHelper-Web-dd27ae3541.exe, , [cb237bca0793e05621b9f9a2f90817e9], PUP.Optional.Magicbit, C:\Users\Cyril Samiez\AppData\Roaming\ZHP\Quarantine\UmmyVD-Web-Loader-[133].exe, , [648af64f178383b3d20822799f624db3], PUP.Optional.Magicbit, C:\Users\Cyril Samiez\AppData\Roaming\ZHP\Quarantine\UmmyVD-Web-Loader.exe, , [2fbf3b0af6a480b6eaf0cad144bd22de], PUP.Optional.Elex, C:\Users\Cyril Samiez\AppData\Roaming\ZHP\Quarantine\Aralatainatumisy.DIR\qks.exe, , [b53958edc9d13cfa063e71793fc20cf4], PUP.Optional.Elex, C:\Users\Cyril Samiez\AppData\Roaming\ZHP\Quarantine\qksee.DIR\qksee\myuser.exe, , [da140441c7d3be7877cd16d4b34e3ec2], Trojan.FakeNSI.ED, C:\Program Files\24a506280a457037c56e692e5a996b7f\57c3eb8c74f3f795a85d363b06a83dc5.exe, , [787673d2f5a592a4947c26e26e9327d9], RiskWare.GameHack, C:\Users\Cyril Samiez\Downloads\dl-savefix.zip, , [f0fef451f6a4e6505eea812736ce956b], Trojan.FakeNSI.ED, C:\Windows\57c3eb8c74f3f795a85d363b06a83dc5.exe, , [6e80b095abef70c6e22ed830728f7f81], RiskWare.GameHack, C:\Users\Cyril Samiez\Desktop\Jeux\Dying Light\steam_api64.dll, , [806ec67f4159c17570d8d0d85ca823dd], RiskWare.GameHack, C:\Users\Cyril Samiez\Desktop\Jeux\Dying Light\IGG-DyLig\steam_api64.dll, , [06e8c085c1d951e57ace2f791ee6837d], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\a407a34045e68bad4136bd12d30d2063\1879f674b2f92f3eb8e5a0134cdbd569.ico, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\a407a34045e68bad4136bd12d30d2063\6de584ca538263b4eb8aa7ea9f9c78bc.ico, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\a407a34045e68bad4136bd12d30d2063\f9e1f42b79b7d89bbcb00a03cbbbf57a.ico, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\0396552dad5cb0e777824bbd658a3e42, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\065fa81c7b9860deca91c24fc966e5d2.exe, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\1879f674b2f92f3eb8e5a0134cdbd569.ico, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\314c1256abb0c98b7ce00039dd3ae2a3, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\40df80596cd1f81cd9a24957bdf76b8d.exe, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\57c3eb8c74f3f795a85d363b06a83dc5.exe, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\5a2b0ce5ec2a43b32106946c76693503.exe, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\6939a9e390a78e61cf65c8c7b8d43a91.exe, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\766342422cb6cd07af1fff94e66650ec.exe, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\a042f3230d3a83ecad895c4b4718952b.cfg, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\a042f3230d3a83ecad895c4b4718952b.inf, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\a042f3230d3a83ecad895c4b4718952b.sys, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\ffcf4650dafbdb11ffaf45ef2bf5e4c1.exe, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\947347a35f81ddadc62c06b248b11df2\lxgdqc.dll, , [c925281da0faa88e867a767faf546d93], PUP.Optional.Wajam.Gen, C:\Program Files\24a506280a457037c56e692e5a996b7f\947347a35f81ddadc62c06b248b11df2\owkxxl.dll, , [c925281da0faa88e867a767faf546d93], PUP.Optional.GsearchFinder, C:\Users\Cyril Samiez\AppData\Roaming\Profiles\herzupystufaleqersicult\extensions\@90B817C8-8A5C-413B-9DDD-B2C61ED6E79A.xpi, , [826c2f16aeecde58724d50adbb488779], Secteurs physiques: 0 (Aucun élément malveillant détecté) (end)