Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 10/11/2016
Heure de l'analyse: 00:51
Fichier journal: rappordMB.txt
Administrateur: Oui

Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.11.09.10
Base de données de rootkits: v2016.10.31.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Utilisateur

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 276942
Temps écoulé: 2 min, 48 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 1
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\WinSAP.dll, , [b6886e50a4f6ea4cd67bd9e6a360a15f], 

Clés du Registre: 18
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dcd3bf7ef653935ce318621b41e6bf6c, , [74ca4a74366496a09090ead0eb189d63], 
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, , [eb53aa141e7cfc3ad4c6139571908d73], 
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, , [8ab41f9f544658dee4b60a9e5ca5df21], 
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, , [91ad2c923c5e20163268bbed28d9c63a], 
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{785A775B-F381-48FA-B56D-37E227B4C8F6}, , [3b037945f0aa63d3d263bea63bc86c94], 
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ChelfNotify Task, , [5ee0d9e5f9a161d5aa8c105423e057a9], 
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\5DFER7OC, , [68d6d9e597033ef8bf945076d62dd52b], 
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\6JL4FYP9, , [4bf36856bdddb77fd380f5d105feeb15], 
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\AD94ISEJ, , [c27c0bb3356581b580d3b610ab589967], 
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\DCU1YH8D, , [d36bf0ced8c2ee48f162bc0a25de48b8], 
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\EA86BF9D, , [9aa4f5c93b5f2b0bc48f7a4ca85ba25e], 
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\H5KYK4WA, , [a995c5f9bae03bfba5ae6165f40f0ff1], 
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\IYR6WKCO, , [b08edde13961290d8bc820a63bc80bf5], 
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\KIMPDUH7, , [b48afac4b3e7cb6be271567033d0718f], 
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\O3O441NA, , [2e10437b55454aec8ac96c5a36cd19e7], 
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\TT64FIDL, , [e35bf3cbd7c346f0d2816660ea1958a8], 
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Archer, , [ed517c4217837bbb965b5a6b17ec3ec2], 
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinSAPSvc, , [c579dfdf6d2d74c29161dce97d86b54b], 

Valeurs du Registre: 11
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{785A775B-F381-48FA-B56D-37E227B4C8F6}|Path, \ChelfNotify Task, , [3b037945f0aa63d3d263bea63bc86c94]
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\5dfer7oc|Name, E:\The_Elder_Scrolls V Skyrim teamlightspace1\local64spl.dll, , [68d6d9e597033ef8bf945076d62dd52b]
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\6jl4fyp9|Name, E:\The_Elder_Scrolls V Skyrim teamlightspace\\local64spl.dll, , [4bf36856bdddb77fd380f5d105feeb15]
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\ad94isej|Name, E:\Need For Speed Underground\\local64spl.dll, , [c27c0bb3356581b580d3b610ab589967]
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\dcu1yh8d|Name, E:\GTA SA1\local64spl.dll, , [d36bf0ced8c2ee48f162bc0a25de48b8]
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\ea86bf9d|Name, C:\1\local64spl.dll, , [9aa4f5c93b5f2b0bc48f7a4ca85ba25e]
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\h5kyk4wa|Name, E:\SteamLibrary1\local64spl.dll, , [a995c5f9bae03bfba5ae6165f40f0ff1]
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\iyr6wkco|Name, C:\\local64spl.dll, , [b08edde13961290d8bc820a63bc80bf5]
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\kimpduh7|Name, E:\SteamLibrary\\local64spl.dll, , [b48afac4b3e7cb6be271567033d0718f]
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\o3o441na|Name, E:\GTA SA\\local64spl.dll, , [2e10437b55454aec8ac96c5a36cd19e7]
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\tt64fidl|Name, E:\Need For Speed Underground1\local64spl.dll, , [e35bf3cbd7c346f0d2816660ea1958a8]

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 3
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc, , [b6886e50a4f6ea4cd67bd9e6a360a15f], 
PUP.Optional.Elex, C:\Program Files (x86)\WinArcher, , [29152698e5b53ef8dd7909b6758e34cc], 
PUP.Optional.Elex, C:\ProgramData\ChelfNotify, , [44fa912d6f2b90a609f5d7dcbb48e31d], 

Fichiers: 24
Adware.Wajam.Generic, C:\Windows\System32\drivers\dcd3bf7ef653935ce318621b41e6bf6c.sys, , [74ca4a74366496a09090ead0eb189d63], 
Adware.LoadMoney, C:\Users\Utilisateur\AppData\Roaming\ZHP\Quarantine\ScriptWriter.exe, , [50eee0de4d4d4fe79ecede7040c35da3], 
PUP.Optional.Elex, C:\Program Files (x86)\Haitthumution\launcher_39.dll, , [45f90eb074262412ee5a3d8924df5ba5], 
Adware.Sasquor.SPL, C:\local64spl.dll, , [74ca2c9204962f0775dd53737e8556aa], 
PUP.Optional.Elex, C:\Windows\System32\Tasks\ChelfNotify Task, , [93abf7c7ebafae88de59b5afbd46c040], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\WinSAP.dll, , [b6886e50a4f6ea4cd67bd9e6a360a15f], 
PUP.Optional.Elex, C:\Program Files (x86)\WinArcher\Archer.dll, , [29152698e5b53ef8dd7909b6758e34cc], 
PUP.Optional.Elex.Generic, C:\local64spl.dll, , [3d015e60cfcbbc7a591aeeda58ab4bb5], 
PUP.Optional.Elex.Generic, C:\local64spl.dll.ini, , [e559c9f5f4a6a98d640f527650b321df], 
PUP.Optional.Elex, C:\ProgramData\ChelfNotify\9.3.6494.400.manifest, , [44fa912d6f2b90a609f5d7dcbb48e31d], 
PUP.Optional.Elex, C:\ProgramData\ChelfNotify\BrowserUpdate.exe, , [44fa912d6f2b90a609f5d7dcbb48e31d], 
PUP.Optional.Elex, C:\ProgramData\ChelfNotify\chrome_elf.dll, , [44fa912d6f2b90a609f5d7dcbb48e31d], 
PUP.Optional.Elex, C:\ProgramData\ChelfNotify\OLD_FILE1, , [44fa912d6f2b90a609f5d7dcbb48e31d], 
PUP.Optional.Elex, C:\ProgramData\ChelfNotify\OLD_FILE2, , [44fa912d6f2b90a609f5d7dcbb48e31d], 
PUP.Optional.Elex, C:\ProgramData\ChelfNotify\OLD_FILE3, , [44fa912d6f2b90a609f5d7dcbb48e31d], 
PUP.Optional.Trotux, C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\ejki0x1w.default\searchplugins\s197lswp.xml, , [ab93724ceab00b2bf041b18d18eb6f91], 
PUP.Optional.Trotux, C:\Users\Utilisateur\AppData\Roaming\Profiles\Digeatiraward.default\prefs.js, Bon : (), Mauvais : (user_pref("browser.newtab.url", "http://www.trotux.com/?z=ba66cff8f87f028de374b68gaz5m7b4qcoebao9bag&from=wsy1&uid=TS240GSSD220S_B1273189D22344000009&type=hp");), ,[013db905c2d876c0bb46b6d748bbef11]
PUP.Optional.Trotux, C:\Users\Utilisateur\AppData\Roaming\Profiles\Digeatiraward.default\prefs.js, Bon : (), Mauvais : (ateTime.experiments-update-timer", 1476810449);
user_pr), ,[91adab13c6d44aecac55b9d40bf88080]
PUP.Optional.Trotux, C:\Users\Utilisateur\AppData\Roaming\Profiles\Digeatiraward.default\prefs.js, Bon : (), Mauvais : (s file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manual ), ,[5ee02698a1f9290da45dccc1af54f50b]
PUP.Optional.Trotux, C:\Users\Utilisateur\AppData\Roaming\Profiles\Digeatiraward.default\prefs.js, Bon : (), Mauvais : (cation is running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manual change to preferences, you can visit the URL about:config
 */

user_pref("accessibil), ,[97a7cfef2b6fa0966c952568d23106fa]
PUP.Optional.Trotux, C:\Users\Utilisateur\AppData\Roaming\Profiles\Digeatiraward.default\prefs.js, Bon : (), Mauvais : (change to preferences, you can visit the URL about:config
 */

user_pref("accessibility.typeaheadfind", true);
user_pref("app.update.auto", false);
user_pref("app.update.cancelations", 1);
u), ,[8db156686c2ed46226db0e7f758e768a]
PUP.Optional.Trotux, C:\Users\Utilisateur\AppData\Roaming\Profiles\Digeatiraward.default\prefs.js, Bon : (), Mauvais : (the changes will be overwritten when the application ), ,[62dc96287c1eea4c837ec7c61ee50ef2]
PUP.Optional.Trotux, C:\Users\Utilisateur\AppData\Roaming\Profiles\Digeatiraward.default\prefs.js, Bon : (), Mauvais : (ypeaheadfind", true);
user_pref("app.update.auto", false);
user_pref("app.update.cancelations", 1);
user_pref("app.update.enabled", false);
user_pref("app.update.), ,[be80922c0298b87e7a876c21e41fb34d]
PUP.Optional.Trotux, C:\Users\Utilisateur\AppData\Roaming\Profiles\Digeatiraward.default\searchplugins\s197lswp.xml, , [f04ec8f6059593a304faeba1fe05d729], 

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)