Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 21/09/2019
Heure de l'analyse: 12:49
Fichier journal: 829770b4-dc5d-11e9-a4ee-50465d309410.json

-Informations du logiciel-
Version: 3.8.3.2965
Version de composants: 1.0.625
Version de pack de mise à jour: 1.0.12587
Licence: Gratuit

-Informations système-
Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: DIDIER\Didier

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 454044
Menaces détectées: 63
Menaces mises en quarantaine: 63
Temps écoulé: 38 min, 25 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 17
PUP.Optional.PCVARK, HKLM\SOFTWARE\ZHJpdmVyZGV0YWlscy5jb20=, En quarantaine, [475], [706567],1.0.12587
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\segurazoclient_RASAPI32, En quarantaine, [1532], [709099],1.0.12587
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\segurazoclient_RASMANCS, En quarantaine, [1532], [709099],1.0.12587
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SegurazoService_RASAPI32, En quarantaine, [1532], [709099],1.0.12587
PUP.Optional.DriverPack, HKU\S-1-5-21-2731385879-58174941-3277747152-1002\SOFTWARE\DRPSU, En quarantaine, [572], [472301],1.0.12587
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SegurazoService_RASMANCS, En quarantaine, [1532], [709099],1.0.12587
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SegurazoUninstaller_RASAPI32, En quarantaine, [1532], [709099],1.0.12587
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SegurazoUninstaller_RASMANCS, En quarantaine, [1532], [709099],1.0.12587
PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SegurazoSvc, En quarantaine, [1532], [713771],1.0.12587
PUP.Optional.DriverPack, HKU\S-1-5-21-2731385879-58174941-3277747152-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\drp.su, En quarantaine, [572], [472299],1.0.12587
PUP.Optional.GoodGame, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Goodgame Empire0, En quarantaine, [3895], [597957],1.0.12587
PUP.Optional.GoodGame, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Goodgame Empire1, En quarantaine, [3895], [597957],1.0.12587
PUP.Optional.GoodGame, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Goodgame Empire2, En quarantaine, [3895], [597957],1.0.12587
PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\Segurazo, En quarantaine, [1532], [730655],1.0.12587
PUP.Optional.WebDiscoverBrowser, HKU\S-1-5-18\SOFTWARE\WebDiscoverBrowser, En quarantaine, [1675], [253912],1.0.12587
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU, En quarantaine, [572], [472300],1.0.12587
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\WINDOWS\Segurazo, En quarantaine, [1532], [730655],1.0.12587

Valeur du registre: 4
PUP.Optional.DriverPack, HKU\S-1-5-21-2731385879-58174941-3277747152-1002\SOFTWARE\DRPSU|CLIENTID, En quarantaine, [572], [472301],1.0.12587
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU|CLIENTID, En quarantaine, [572], [472300],1.0.12587
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-2731385879-58174941-3277747152-1002\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|nahhmpbckpgdidfnmfkfgiflpjijilce, En quarantaine, [270], [626729],1.0.12587
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-2731385879-58174941-3277747152-1002\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|pilplloabdedfmialnfchjomjmpjcoej, En quarantaine, [270], [626729],1.0.12587

Données du registre: 0
(Aucun élément malveillant détecté)

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 1
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\SEGURAZOCLIENT, En quarantaine, [1532], [709094],1.0.12587

Fichier: 41
PUP.Optional.PCVARK.Generic, C:\USERS\DIDIER\APPDATA\ROAMING\ACC.TXT, En quarantaine, [763], [421587],1.0.12587
PUP.Optional.Segurazo, C:\Users\Didier\AppData\Roaming\segurazoclient\segurazoclientConfig.xml, En quarantaine, [1532], [709094],1.0.12587
PUP.Optional.DriverPack, C:\USERS\DIDIER\APPDATA\ROAMING\DRPSU\ALICE\NODE.DLL, En quarantaine, [572], [542228],1.0.12587
PUP.Optional.DriverPack, C:\USERS\DIDIER\APPDATA\ROAMING\DRPSU\ALICE\CLOUD.EXE, En quarantaine, [572], [542228],1.0.12587
PUP.Optional.DriverPack, C:\USERS\DIDIER\APPDATA\ROAMING\DRPSU\ALICE\LIBGLESV2.DLL, En quarantaine, [572], [542228],1.0.12587
PUP.Optional.DriverPack, C:\USERS\DIDIER\APPDATA\ROAMING\DRPSU\ALICE\NW_ELF.DLL, En quarantaine, [572], [542228],1.0.12587
PUP.Optional.DriverPack, C:\USERS\DIDIER\APPDATA\ROAMING\DRPSU\ALICE\LIBEGL.DLL, En quarantaine, [572], [542228],1.0.12587
PUP.Optional.DriverPack, C:\USERS\DIDIER\APPDATA\ROAMING\DRPSU\ALICE\FFMPEG.DLL, En quarantaine, [572], [542228],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZO.DIR\SEGURAZOENGINE.DLL, En quarantaine, [1532], [714174],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZO.DIR\SEGURAZOKD.SYS, En quarantaine, [1532], [709102],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZO.DIR\SEGURAZOSHELL64_V10149.DLL, En quarantaine, [1532], [709102],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZO.DIR\SEGURAZOIC.EXE, En quarantaine, [1532], [714543],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZO.DIR\SEGURAZOTOOLS.DLL, En quarantaine, [1532], [709102],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZO.DIR\SEGURAZOSHELL86_V10149.DLL, En quarantaine, [1532], [709102],1.0.12587
PUP.Optional.DriverUpdater.TskLnk, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\DRIVER UPDATER\APTDU.EXE, En quarantaine, [12660], [474617],1.0.12587
PUP.Optional.AdvancedSystemRepair, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\ASR_BLUE_INSTALLER_M7_FR.EXE, En quarantaine, [485], [708572],1.0.12587
PUP.Optional.AdvancedSystemRepair, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\ASR_BLUE_INSTALLER_7GA-INAPP-1G (1).EXE, En quarantaine, [485], [724287],1.0.12587
PUP.Optional.WinTonic, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\WINTONIC.EXE, En quarantaine, [681], [672009],1.0.12587
PUP.Optional.WinTonic, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\WNTSETUP[1].EXE, En quarantaine, [681], [672009],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZOSHELL64_V10149.DLL, En quarantaine, [1532], [709102],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZOENGINE.DLL, En quarantaine, [1532], [714174],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZOSERVICE.EXE, En quarantaine, [1532], [709102],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZO.DIR\SEGURAZOSERVICE.EXE, En quarantaine, [1532], [709102],1.0.12587
PUP.Optional.WinTonic, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\WINTONIC (1).EXE, En quarantaine, [681], [672009],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZOCLIENT.EXE, En quarantaine, [1532], [709102],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZOTOOLS.DLL, En quarantaine, [1532], [709102],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZO.DIR\SEGURAZOCLIENT.EXE, En quarantaine, [1532], [709102],1.0.12587
PUP.Optional.Segurazo, C:\USERS\DIDIER\APPDATA\ROAMING\ZHP\QUARANTINE\SEGURAZOSHELL86_V10149.DLL, En quarantaine, [1532], [709102],1.0.12587
PUP.Optional.InstallCore.Generic, C:\USERS\DIDIER\DOWNLOADS\BLUESTACKS_2695588044.EXE, En quarantaine, [574], [512142],1.0.12587
PUP.Optional.DriverReviver, C:\USERS\DIDIER\DOWNLOADS\DRIVERREVIVERSETUP_PPC.EXE, En quarantaine, [4225], [462815],1.0.12587
PUP.Optional.DriverPack, C:\USERS\DIDIER\DOWNLOADS\DRIVERPACK-17-ONLINE_1920024730.1568729499.EXE, En quarantaine, [572], [714326],1.0.12587
PUP.Optional.BundleInstaller, C:\USERS\DIDIER\DOWNLOADS\MICROSOFT-OFFICE-PUBLISHER-2013_3572498345.EXE, En quarantaine, [467], [543666],1.0.12587
PUP.Optional.BundleInstaller, C:\USERS\DIDIER\DOWNLOADS\MICROSOFT-OFFICE-PUBLISHER-2013_2896665971.EXE, En quarantaine, [467], [543666],1.0.12587
PUP.Optional.BundleInstaller, C:\USERS\DIDIER\DOWNLOADS\OUTLOOK DUPLICATE ITEMS REMOVER – ODIR_0291284708.EXE, En quarantaine, [467], [543673],1.0.12587
PUP.Optional.DriverUpdate, C:\WINDOWS\INSTALLER\11823F18.MSI, En quarantaine, [2960], [533640],1.0.12587
PUP.Optional.SearchManager.BITSRST, C:\USERS\DIDIER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [270], [626729],1.0.12587
PUP.Optional.SearchManager.BITSRST, C:\USERS\DIDIER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Remplacé, [270], [626729],1.0.12587
PUP.Optional.SearchManager.BITSRST, C:\USERS\DIDIER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [270], [626729],1.0.12587
PUP.Optional.SearchManager.BITSRST, C:\USERS\DIDIER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Remplacé, [270], [626729],1.0.12587
PUP.Optional.SearchManager.BITSRST, C:\USERS\DIDIER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [270], [626729],1.0.12587
PUP.Optional.SearchManager.BITSRST, C:\USERS\DIDIER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [270], [628563],1.0.12587

Secteur physique: 0
(Aucun élément malveillant détecté)

WMI: 0
(Aucun élément malveillant détecté)


(end)