Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 03/11/2018
Heure de l'analyse: 19:48
Fichier journal: 1716cf04-df99-11e8-8cc8-dc0ea1ba5bbf.json

-Informations du logiciel-
Version: 3.6.1.2711
Version de composants: 1.0.482
Version de pack de mise à jour: 1.0.7681
Licence: Essai

-Informations système-
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: PC-Romain\Romain

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 254008
Menaces détectées: 44
Menaces mises en quarantaine: 44
Temps écoulé: 5 min, 6 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 10
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, En quarantaine, [69], [169264],1.0.7681
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, En quarantaine, [69], [169264],1.0.7681
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, En quarantaine, [69], [169264],1.0.7681
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, En quarantaine, [69], [169264],1.0.7681
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, En quarantaine, [69], [169264],1.0.7681
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, En quarantaine, [69], [169264],1.0.7681
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, En quarantaine, [69], [169264],1.0.7681
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, En quarantaine, [69], [169264],1.0.7681
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, En quarantaine, [69], [169264],1.0.7681
PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-3727906638-1823552192-502375355-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, En quarantaine, [1431], [169670],1.0.7681

Valeur du registre: 5
PUP.Optional.SpeedBrowser, HKU\S-1-5-18\SOFTWARE\CLIENTS\STARTMENUINTERNET|, En quarantaine, [2633], [252749],1.0.7681
PUP.Optional.SpeedBrowser, HKLM\SOFTWARE\WOW6432NODE\REGISTEREDAPPLICATIONS|SPEED BROWSER, En quarantaine, [2633], [252755],1.0.7681
PUP.Optional.SpeedBrowser, HKLM\SOFTWARE\REGISTEREDAPPLICATIONS|SPEED BROWSER, En quarantaine, [2633], [252755],1.0.7681
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En quarantaine, [1431], [-1],0.0.0
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En quarantaine, [1431], [-1],0.0.0

Données du registre: 0
(Aucun élément malveillant détecté)

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 4
PUP.Optional.PullUpdate, C:\PROGRAMDATA\RADIO, En quarantaine, [426], [242108],1.0.7681
Adware.CrossAd.Generic, C:\Users\Romain\AppData\Local\Balance Comp\Component, En quarantaine, [1946], [443244],1.0.7681
Adware.CrossAd.Generic, C:\Users\Romain\AppData\Local\Balance Comp\Bin, En quarantaine, [1946], [443244],1.0.7681
Adware.CrossAd.Generic, C:\USERS\ROMAIN\APPDATA\LOCAL\BALANCE COMP, En quarantaine, [1946], [443244],1.0.7681

Fichier: 25
PUP.Optional.PullUpdate, C:\PROGRAMDATA\RADIO\PROMPT.EXE.CONFIG, En quarantaine, [426], [242108],1.0.7681
PUP.Optional.SpeedBrowser, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\SPEED BROWSER.LNK, En quarantaine, [2633], [252748],1.0.7681
Adware.CrossAd.Generic, C:\USERS\ROMAIN\APPDATA\LOCAL\BALANCE COMP\COMPONENT\CONFIG.JSON, En quarantaine, [1946], [443244],1.0.7681
Adware.CrossAd.Generic, C:\Users\Romain\AppData\Local\Balance Comp\Bin\c.dat, En quarantaine, [1946], [443244],1.0.7681
Adware.CrossAd.Generic, C:\Users\Romain\AppData\Local\Balance Comp\Component\hello.js, En quarantaine, [1946], [443244],1.0.7681
Adware.CrossAd.Generic, C:\Users\Romain\AppData\Local\Balance Comp\Component\manifest.json, En quarantaine, [1946], [443244],1.0.7681
Adware.CrossAd.Generic, C:\Users\Romain\AppData\Local\Balance Comp\Component\scriptTagContext.js, En quarantaine, [1946], [443244],1.0.7681
Adware.CrossAd.Generic, C:\Users\Romain\AppData\Local\Balance Comp\Component\tmp_bg.js, En quarantaine, [1946], [443244],1.0.7681
Adware.CrossAd.Generic, C:\Users\Romain\AppData\Local\Balance Comp\Component\uconfig.json, En quarantaine, [1946], [443244],1.0.7681
Adware.PullUpdate, C:\PROGRAMDATA\WEALNEOFIU\1.0.1.0\MREAILUX.EXE, En quarantaine, [3264], [75619],1.0.7681
PUP.Optional.SearchProtect, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSMBC40.EXE, En quarantaine, [2020], [112609],1.0.7681
PUP.Optional.Conduit, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSTF3A5.EXE, En quarantaine, [217], [76406],1.0.7681
PUP.Optional.Conduit, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSI7949.EXE, En quarantaine, [217], [76406],1.0.7681
PUP.Optional.Conduit, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSR18D1.EXE, En quarantaine, [217], [76406],1.0.7681
PUP.Optional.SearchProtect, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSYAF36.EXE, En quarantaine, [2020], [112609],1.0.7681
PUP.Optional.Conduit, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSN68A5.EXE, En quarantaine, [217], [76406],1.0.7681
PUP.Optional.SearchProtect, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSX3C78.EXE, En quarantaine, [2020], [112609],1.0.7681
PUP.Optional.SearchProtect, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSMFD27.EXE, En quarantaine, [2020], [112609],1.0.7681
PUP.Optional.Conduit, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSW51EB.EXE, En quarantaine, [217], [76406],1.0.7681
PUP.Optional.SearchProtect, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSDD962.EXE, En quarantaine, [2020], [112609],1.0.7681
PUP.Optional.Conduit, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSO7CF1.EXE, En quarantaine, [217], [76406],1.0.7681
PUP.Optional.SearchProtect, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSXB30D.EXE, En quarantaine, [2020], [112609],1.0.7681
PUP.Optional.Conduit, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSI96D7.EXE, En quarantaine, [217], [76406],1.0.7681
PUP.Optional.Conduit, C:\USERS\ROMAIN\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\NSS35E2.EXE, En quarantaine, [217], [76406],1.0.7681
Adware.SaMon, C:\WINDOWS\SYSWOW64\WEBSTEROIDS.B324755F3F87.DLL, En quarantaine, [12852], [47784],1.0.7681

Secteur physique: 0
(Aucun élément malveillant détecté)

WMI: 0
(Aucun élément malveillant détecté)


(end)