Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 23/05/2017
Heure de l'analyse: 19:47
Fichier journal: rapport malware.txt
Administrateur: Oui

-Informations du logiciel-
Version: 3.1.2.1733
Version de composants: 1.0.122
Version de pack de mise à jour: 1.0.2005
Licence: Essai

-Informations système-
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: PC-BRUNO\benoist

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 483197
Menaces détectées: 73
Menaces mises en quarantaine: 73
Temps écoulé: 15 min, 54 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 27
PUP.Optional.Vosteran, HKLM\SOFTWARE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, En quarantaine, [7930], [160319],1.0.2005
PUP.Optional.Vosteran, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, En quarantaine, [7930], [160319],1.0.2005
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, En quarantaine, [7930], [160319],1.0.2005
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, En quarantaine, [270], [169264],1.0.2005
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, En quarantaine, [270], [169264],1.0.2005
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, En quarantaine, [270], [169264],1.0.2005
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, En quarantaine, [270], [169264],1.0.2005
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, En quarantaine, [270], [169264],1.0.2005
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, En quarantaine, [270], [169264],1.0.2005
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, En quarantaine, [270], [169264],1.0.2005
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, En quarantaine, [270], [169264],1.0.2005
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, En quarantaine, [270], [169264],1.0.2005
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, En quarantaine, [270], [169264],1.0.2005
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, En quarantaine, [270], [169264],1.0.2005
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, En quarantaine, [270], [169264],1.0.2005
Backdoor.RemoteAdmin, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SVCHOST.EXE, En quarantaine, [1737], [399169],1.0.2005
Backdoor.RemoteAdmin, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SVCHOST.EXE, En quarantaine, [1737], [399169],1.0.2005
PUP.Optional.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En quarantaine, [100], [-1],0.0.0
PUP.Optional.MultiPlug, HKU\S-1-5-21-1604632423-3518742078-1237216025-1001_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, En quarantaine, [270], [247117],1.0.2005
PUP.Optional.MultiPlug, HKU\S-1-5-21-1604632423-3518742078-1237216025-500_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, En quarantaine, [270], [247117],1.0.2005
PUP.Optional.MultiPlug, HKU\S-1-5-21-1604632423-3518742078-1237216025-1001_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, En quarantaine, [270], [247117],1.0.2005
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update AdvanceElite, En quarantaine, [52], [253949],1.0.2005
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Util AdvanceElite, En quarantaine, [52], [253949],1.0.2005
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En quarantaine, [15411], [252393],1.0.2005
PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, En quarantaine, [2615], [243667],1.0.2005
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\vosteran.exe, En quarantaine, [7930], [244633],1.0.2005
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En quarantaine, [15411], [252393],1.0.2005

Valeur du registre: 7
PUP.Optional.Wajam, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [100], [-1],0.0.0
PUP.Optional.Wajam, HKU\S-1-5-21-1604632423-3518742078-1237216025-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [100], [-1],0.0.0
PUP.Optional.Wajam, HKU\S-1-5-21-1604632423-3518742078-1237216025-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [100], [-1],0.0.0
PUP.Optional.Wajam, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [100], [-1],0.0.0
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, En quarantaine, [15411], [252393],1.0.2005
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|APPPATH, En quarantaine, [7930], [232752],1.0.2005
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, En quarantaine, [15411], [252393],1.0.2005

Données du registre: 0
(Aucun élément malveillant détecté)

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 5
PUP.Optional.NoMoreAds, C:\PROGRAMDATA\NoMore Ads, En quarantaine, [12257], [178693],1.0.2005
PUP.Optional.TakeSave, C:\PROGRAMDATA\takesave, En quarantaine, [12505], [179998],1.0.2005
PUP.Optional.MultiPlug.Gen, C:\PROGRAMDATA\6709993040227741097, En quarantaine, [7048], [234616],1.0.2005
PUP.Optional.MultiPlug, C:\PROGRAMDATA\BEDHLGMNNFAKGJJMNGADFJDAOECIMKIC, En quarantaine, [270], [233502],1.0.2005
PUP.Optional.Browsers, C:\USERS\BENOIST\APPDATA\ROAMING\SPI, En quarantaine, [3039], [372176],1.0.2005

Fichier: 34
PUP.Optional.NoMoreAds, C:\ProgramData\NoMore Ads\NoMore Ads.exe, En quarantaine, [12257], [178693],1.0.2005
PUP.Optional.TakeSave, C:\ProgramData\takesave\2ETETWc5IoCaDF.dat, En quarantaine, [12505], [179998],1.0.2005
PUP.Optional.TakeSave, C:\ProgramData\takesave\2ETETWc5IoCaDF.tlb, En quarantaine, [12505], [179998],1.0.2005
PUP.Optional.MultiPlug.Gen, C:\PROGRAMDATA\6709993040227741097\5FD9088430F752D0D5150F2C97E65793.INI, En quarantaine, [7048], [234616],1.0.2005
PUP.Optional.MultiPlug.Gen, C:\ProgramData\6709993040227741097\18ddebc21b1899ced5150f2c97e65793.ini, En quarantaine, [7048], [234616],1.0.2005
PUP.Optional.MultiPlug.Gen, C:\ProgramData\6709993040227741097\4ff6e7b3db4d05d4d5150f2c97e65793.ini, En quarantaine, [7048], [234616],1.0.2005
PUP.Optional.MultiPlug.Gen, C:\ProgramData\6709993040227741097\7507b1760d291bcbd5150f2c97e65793.ini, En quarantaine, [7048], [234616],1.0.2005
PUP.Optional.MultiPlug.Gen, C:\ProgramData\6709993040227741097\cd5b15e575e1c3d0d5150f2c97e65793.ini, En quarantaine, [7048], [234616],1.0.2005
PUP.Optional.MultiPlug, C:\PROGRAMDATA\BEDHLGMNNFAKGJJMNGADFJDAOECIMKIC\LSDB.JS, En quarantaine, [270], [233502],1.0.2005
PUP.Optional.MultiPlug, C:\ProgramData\bedhlgmnnfakgjjmngadfjdaoecimkic\background.html, En quarantaine, [270], [233502],1.0.2005
PUP.Optional.MultiPlug, C:\ProgramData\bedhlgmnnfakgjjmngadfjdaoecimkic\content.js, En quarantaine, [270], [233502],1.0.2005
PUP.Optional.MultiPlug, C:\ProgramData\bedhlgmnnfakgjjmngadfjdaoecimkic\e1S.js, En quarantaine, [270], [233502],1.0.2005
PUP.Optional.MultiPlug, C:\ProgramData\bedhlgmnnfakgjjmngadfjdaoecimkic\manifest.json, En quarantaine, [270], [233502],1.0.2005
Trojan.Downloader, C:\PROGRAMDATA\TW1326371109.EXE, En quarantaine, [67], [394063],1.0.2005
PUP.Optional.Browsers.Generic, C:\USERS\BENOIST\APPDATA\ROAMING\BROWSERS\EXE.EROLPXEI.BAT, En quarantaine, [2191], [357611],1.0.2005
PUP.Optional.Browsers.Generic, C:\Users\benoist\AppData\Roaming\Browsers\asusvibelauncher.bat.exe, En quarantaine, [2191], [357611],1.0.2005
PUP.Optional.Browsers.Generic, C:\Users\benoist\AppData\Roaming\Browsers\exe.emorhc.bat, En quarantaine, [2191], [357611],1.0.2005
PUP.Optional.Browsers.Generic, C:\Users\benoist\AppData\Roaming\Browsers\exe.rehcnualebivsusa.bat, En quarantaine, [2191], [357611],1.0.2005
PUP.Optional.Browsers, C:\USERS\BENOIST\APPDATA\ROAMING\SPI\FF.ICO, En quarantaine, [3039], [372176],1.0.2005
PUP.Optional.Browsers, C:\Users\benoist\AppData\Roaming\SPI\amig.ico, En quarantaine, [3039], [372176],1.0.2005
PUP.Optional.Browsers, C:\Users\benoist\AppData\Roaming\SPI\ch.ico, En quarantaine, [3039], [372176],1.0.2005
PUP.Optional.Browsers, C:\Users\benoist\AppData\Roaming\SPI\ie.ico, En quarantaine, [3039], [372176],1.0.2005
PUP.Optional.Browsers, C:\Users\benoist\AppData\Roaming\SPI\kom.ico, En quarantaine, [3039], [372176],1.0.2005
PUP.Optional.Browsers, C:\Users\benoist\AppData\Roaming\SPI\op.ico, En quarantaine, [3039], [372176],1.0.2005
PUP.Optional.Browsers, C:\Users\benoist\AppData\Roaming\SPI\op12.ico, En quarantaine, [3039], [372176],1.0.2005
PUP.Optional.Browsers, C:\Users\benoist\AppData\Roaming\SPI\ya.ico, En quarantaine, [3039], [372176],1.0.2005
Backdoor.RemoteAdmin, C:\USERS\BENOIST\APPDATA\ROAMING\SYSTEM32\SVCHOST.EXE, En quarantaine, [1737], [399169],1.0.2005
Backdoor.RemoteAdmin, C:\USERS\BENOIST\APPDATA\LOCAL\TEMP\AA6F.TMP.EXE, En quarantaine, [1737], [399169],1.0.2005
PUP.Optional.AppTrailers, C:\USERS\BENOIST\APPDATA\LOCAL\TEMP\APPTRAILERS.9.1.10AMT.EXE, En quarantaine, [853], [338239],1.0.2005
PUP.Optional.Wajam, C:\USERS\BENOIST\APPDATA\LOCAL\TEMP\WAJAM_INSTALL.EXE, En quarantaine, [100], [244651],1.0.2005
Trojan.Downloader, C:\USERS\BENOIST\APPDATA\LOCAL\TEMP\MSCLEAN.EXE, En quarantaine, [67], [394063],1.0.2005
Trojan.Downloader, C:\USERS\PUBLIC\WINLOGON.EXE, En quarantaine, [67], [206821],1.0.2005
Rootkit.ADS, C:\USERS\BENOIST\APPDATA\LOCAL:INIT, En quarantaine, [13390], [234283],1.0.2005
Trojan.Agent, C:\SYSTEM32\SVCHOST.EXE, En quarantaine, [24], [215744],1.0.2005

Secteur physique: 0
(Aucun élément malveillant détecté)


(end)