Malwarebytes
www.malwarebytes.com


Date de l'analyse: 11/01/2018
Heure de l'analyse: 01:12
Fichier journal: 20bc4a8a-f664-11e7-9348-2c4d543a0934.json
Administrateur: Oui

-Informations du logiciel-
Version: 3.3.1.2183
Version de composants: 1.0.262

Licence: Gratuit



Processeur: x64

Utilisateur: DESKTOP-BJUFHE2\corentin


Type d'analyse: Analyse des menaces



Menaces mises en quarantaine: 62


-Options d'analyse-










Processus: 0


Module: 0



Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Sak10536114k10536114, En quarantaine, [7978], [397781],1.0.3670
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{43A8FBF9-E126-4925-95CC-9961DBFB969F}, En quarantaine, [7978], [397781],1.0.3670
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{43A8FBF9-E126-4925-95CC-9961DBFB969F}, En quarantaine, [7978], [397781],1.0.3670
Adware.DotDo.DotPrx, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En quarantaine, [7978], [-1],0.0.0
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Sa1053611410536114, En quarantaine, [7978], [409999],1.0.3670
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0BA236EB-1945-473D-9089-E3CB9EB54AFC}, En quarantaine, [7978], [409999],1.0.3670
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{0BA236EB-1945-473D-9089-E3CB9EB54AFC}, En quarantaine, [7978], [409999],1.0.3670
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Sa1919402119194021, En quarantaine, [7978], [409999],1.0.3670
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A0659321-F0AE-4F58-937A-A7C35397595A}, En quarantaine, [7978], [409999],1.0.3670
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{A0659321-F0AE-4F58-937A-A7C35397595A}, En quarantaine, [7978], [409999],1.0.3670
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Sa3210951132109511, En quarantaine, [7978], [409999],1.0.3670
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D4CA131F-09F8-4039-9901-F3E2AC1383B9}, En quarantaine, [7978], [409999],1.0.3670
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D4CA131F-09F8-4039-9901-F3E2AC1383B9}, En quarantaine, [7978], [409999],1.0.3670
Adware.DotDo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Sa10536114105361141053611410536114, En quarantaine, [397], [476088],1.0.3670
Adware.DotDo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{346260E4-B6A5-4523-AFC7-FD57B38EE5BC}, En quarantaine, [397], [476088],1.0.3670
Adware.DotDo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{346260E4-B6A5-4523-AFC7-FD57B38EE5BC}, En quarantaine, [397], [476088],1.0.3670
Adware.DotDo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Sa19194021191940211919402119194021, En quarantaine, [397], [476088],1.0.3670
Adware.DotDo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2343F073-E842-45CE-8BAC-E879C2281F95}, En quarantaine, [397], [476088],1.0.3670
Adware.DotDo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{2343F073-E842-45CE-8BAC-E879C2281F95}, En quarantaine, [397], [476088],1.0.3670
Adware.DotDo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Sa32109511321095113210951132109511, En quarantaine, [397], [476088],1.0.3670
Adware.DotDo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1F61B2E7-FECC-4321-99DE-76CB62C97E29}, En quarantaine, [397], [476088],1.0.3670
Adware.DotDo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{1F61B2E7-FECC-4321-99DE-76CB62C97E29}, En quarantaine, [397], [476088],1.0.3670
Adware.DNSUnlocker.TskLnk, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bxGgpMVIX0uq Updater, En quarantaine, [2052], [477318],1.0.3670

Valeur du registre: 12
Adware.DotDo.DotPrx, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [7978], [-1],0.0.0
Adware.DotDo.DotPrx, HKU\S-1-5-21-2494373456-523166486-3588513167-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [7978], [-1],0.0.0
Adware.DotDo.DotPrx, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [7978], [-1],0.0.0
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0BA236EB-1945-473D-9089-E3CB9EB54AFC}|PATH, En quarantaine, [7978], [409657],1.0.3670
Adware.DotDo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1F61B2E7-FECC-4321-99DE-76CB62C97E29}|PATH, En quarantaine, [397], [476086],1.0.3670
Adware.DotDo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2343F073-E842-45CE-8BAC-E879C2281F95}|PATH, En quarantaine, [397], [476086],1.0.3670
Adware.DotDo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{346260E4-B6A5-4523-AFC7-FD57B38EE5BC}|PATH, En quarantaine, [397], [476086],1.0.3670
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{43A8FBF9-E126-4925-95CC-9961DBFB969F}|PATH, En quarantaine, [7978], [397783],1.0.3670
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A0659321-F0AE-4F58-937A-A7C35397595A}|PATH, En quarantaine, [7978], [409657],1.0.3670
Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D4CA131F-09F8-4039-9901-F3E2AC1383B9}|PATH, En quarantaine, [7978], [409657],1.0.3670
Adware.DNSUnlocker.TskLnk, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bxGgpMVIX0uq Updater|IMAGEPATH, En quarantaine, [2052], [477318],1.0.3670




















Dossier: 1
PUP.Optional.BundleInstaller, C:\USERS\COREN\APPDATA\LOCAL\TEMP\222886187, En quarantaine, [19], [463480],1.0.3670

Fichier: 14
Adware.DotDo.DotPrx, C:\WINDOWS\SYSTEM32\TASKS\Sak10536114k10536114, En quarantaine, [7978], [397781],1.0.3670
Adware.DotDo.DotPrx, C:\WINDOWS\SYSTEM32\TASKS\Sa1053611410536114, En quarantaine, [7978], [409999],1.0.3670
Adware.DotDo.DotPrx, C:\WINDOWS\SYSTEM32\TASKS\Sa1919402119194021, En quarantaine, [7978], [409999],1.0.3670
Adware.DotDo.DotPrx, C:\WINDOWS\SYSTEM32\TASKS\Sa3210951132109511, En quarantaine, [7978], [409999],1.0.3670
Adware.DotDo, C:\WINDOWS\SYSTEM32\TASKS\Sa10536114105361141053611410536114, En quarantaine, [397], [476088],1.0.3670
Adware.DotDo, C:\WINDOWS\SYSTEM32\TASKS\Sa19194021191940211919402119194021, En quarantaine, [397], [476088],1.0.3670
Adware.DotDo, C:\WINDOWS\SYSTEM32\TASKS\Sa32109511321095113210951132109511, En quarantaine, [397], [476088],1.0.3670
PUP.Optional.BundleInstaller, C:\USERS\COREN\APPDATA\LOCAL\TEMP\222886187\ic-0.0855c33a2c933c.exe, En quarantaine, [19], [463480],1.0.3670
PUP.Optional.BundleInstaller, C:\Users\coren\AppData\Local\Temp\222886187\dlreport, En quarantaine, [19], [463480],1.0.3670
PUP.Optional.BundleInstaller, C:\Users\coren\AppData\Local\Temp\222886187\ic-0.280c31663e75.exe, En quarantaine, [19], [463480],1.0.3670
PUP.Optional.BundleInstaller, C:\Users\coren\AppData\Local\Temp\222886187\kms.exe, En quarantaine, [19], [463480],1.0.3670
PUP.Optional.BundleInstaller, C:\Users\coren\AppData\Local\Temp\222886187\lKuZTbqncOl.exe, En quarantaine, [19], [463480],1.0.3670
RiskWare.GameHack, C:\PROGRAM FILES\OVERCOOKED\STEAM_API.DLL, En quarantaine, [424], [305544],1.0.3670
Adware.Adposhel, C:\USERS\COREN\APPDATA\LOCAL\TEMP\IS-COBLB.TMP\BWPAH.DLL, En quarantaine, [163], [425937],1.0.3670

Secteur physique: 0



(end)