Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 02/03/2017
Heure de l'analyse: 23:29
Fichier journal: MBAM.txt
Administrateur: Oui

-Informations du logiciel-
Version: 3.0.6.1469
Version de composants: 1.0.75
Version de pack de mise à jour: 1.0.1408
Licence: Gratuit

-Informations système-
Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Lysanova\Lisa

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 455274
Temps écoulé: 31 min, 34 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 12
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\TYPELIB\{63C4AC80-F164-466B-85E8-B444B02D9A09}, En quarantaine, [71], [160068],1.0.1408
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\INTERFACE\{463AB33C-BE3A-45F3-A63F-23603A2D3498}, En quarantaine, [71], [160068],1.0.1408
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{463AB33C-BE3A-45F3-A63F-23603A2D3498}, En quarantaine, [71], [160068],1.0.1408
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{463AB33C-BE3A-45F3-A63F-23603A2D3498}, En quarantaine, [71], [160068],1.0.1408
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{63C4AC80-F164-466B-85E8-B444B02D9A09}, En quarantaine, [71], [160068],1.0.1408
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{63C4AC80-F164-466B-85E8-B444B02D9A09}, En quarantaine, [71], [160068],1.0.1408
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A5BFD1D3-18B6-4FC3-B3F9-262AE3552DBE}, En quarantaine, [71], [160068],1.0.1408
PUP.Optional.Yontoo, HKU\S-1-5-21-2751028067-3957659525-2020027720-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A5BFD1D3-18B6-4FC3-B3F9-262AE3552DBE}, En quarantaine, [71], [160068],1.0.1408
PUP.Optional.Yontoo, HKU\S-1-5-21-2751028067-3957659525-2020027720-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A5BFD1D3-18B6-4FC3-B3F9-262AE3552DBE}, En quarantaine, [71], [160068],1.0.1408
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{a5bfd1d3-18b6-4fc3-b3f9-262ae3552dbe}, En quarantaine, [71], [160068],1.0.1408
PUP.Optional.Yontoo, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, En quarantaine, [71], [-1],0.0.0
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, En quarantaine, [71], [-1],0.0.0

Valeur du registre: 0
(Aucun élément malveillant détecté)

Données du registre: 0
(Aucun élément malveillant détecté)

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 6
PUP.Optional.RelevantKnowledge, C:\Users\Lisa\AppData\Local\Chromium\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3_0, En quarantaine, [1477], [180833],1.0.1408
PUP.Optional.RelevantKnowledge, C:\USERS\LISA\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\EXTENSIONS\MKNDCBHCGPHCFKKDDANAKJIEPEKNBGLE, En quarantaine, [1477], [180833],1.0.1408
PUP.Optional.DesktopTool, C:\USERS\PUBLIC\DOCUMENTS\BAIDU\COMMON\I18N\IPCSUPDATECACHE\DesktopToolMini_global__5_, En quarantaine, [15145], [182058],1.0.1408
PUP.Optional.Pakilan, C:\Users\Lisa\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.0.2_0\_metadata, En quarantaine, [15347], [301950],1.0.1408
PUP.Optional.Pakilan, C:\Users\Lisa\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.0.2_0, En quarantaine, [15347], [301950],1.0.1408
PUP.Optional.Pakilan, C:\USERS\LISA\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\EXTENSIONS\LJIBKIGJCCBEGNBEOJKOAFEJPOIACHEJ, En quarantaine, [15347], [301950],1.0.1408

Fichier: 30
PUP.Optional.Yontoo, C:\PROGRAMDATA\NTUSER.POL, Échec de la suppression, [71], [-1],0.0.0
PUP.Optional.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, En quarantaine, [71], [-1],0.0.0
PUP.Optional.SofTonic, C:\USERS\LISA\APPDATA\ROAMING\ZHP\QUARANTINE\SOFTONICDOWNLOADER_POUR_BLUETOOTH-DRIVER-INSTALLER.EXE, En quarantaine, [4189], [8262],1.0.1408
PUP.Optional.BrowseFox, C:\USERS\LISA\APPDATA\ROAMING\ZHP\QUARANTINE\{F40CC14B-0F67-44B4-A17E-03E43DF8E712}GW64.SYS, En quarantaine, [2087], [299543],1.0.1408
PUP.Optional.SofTonic, C:\USERS\LISA\APPDATA\ROAMING\ZHP\QUARANTINE\SOFTONICDOWNLOADER_POUR_AVIRA-FREE-ANTIVIRUS-2013.EXE, En quarantaine, [4189], [76195],1.0.1408
PUP.Optional.ChinAd, C:\USERS\LISA\APPDATA\ROAMING\ZHP\QUARANTINE\INSTALLHELPER.EXE, En quarantaine, [710], [91554],1.0.1408
PUP.Optional.Yontoo, C:\USERS\LISA\APPDATA\LOCAL\TEMP\{589BAF47-7E13-4DFB-A81F-88FEAC47FF9D}.DLL, En quarantaine, [71], [92845],1.0.1408
PUP.Optional.Yontoo, C:\USERS\LISA\APPDATA\LOCAL\TEMP\{54829F3F-3BCA-481D-B1DC-AF7B0DD3DC98}.DLL, En quarantaine, [71], [92845],1.0.1408
PUP.Optional.InstallCore, C:\USERS\LISA\APPDATA\LOCAL\TEMP\ICREINSTALL_SIGMAPLOT.EXE, En quarantaine, [8], [312237],1.0.1408
PUP.Optional.InstallCore, C:\USERS\LISA\APPDATA\LOCAL\TEMP\UNINSTALLER.EXE.1068694968, En quarantaine, [8], [76743],1.0.1408
PUP.Optional.Yontoo, C:\USERS\LISA\APPDATA\LOCAL\TEMP\{53642826-3468-4E74-877D-FD192120285A}.DLL, En quarantaine, [71], [92845],1.0.1408
PUP.Optional.InstallCore, C:\USERS\LISA\APPDATA\LOCAL\TEMP\TEMP1_SPSS.ZIP\SPSS.EXE, En quarantaine, [8], [301065],1.0.1408
PUP.Optional.InstallCore, C:\USERS\LISA\DOWNLOADS\SIGMAPLOT.EXE, En quarantaine, [8], [312237],1.0.1408
PUP.Optional.Somoto, C:\USERS\LISA\DOWNLOADS\7ZIP-ASFEG6C.EXE, En quarantaine, [456], [297618],1.0.1408
PUP.Optional.Palikan, C:\USERS\LISA\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\PALIKAN.ICO, En quarantaine, [2047], [255721],1.0.1408
PUP.Optional.RelevantKnowledge, C:\Users\Lisa\AppData\Local\Chromium\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3_0\background.js, En quarantaine, [1477], [180833],1.0.1408
PUP.Optional.RelevantKnowledge, C:\Users\Lisa\AppData\Local\Chromium\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3_0\contentscript.js, En quarantaine, [1477], [180833],1.0.1408
PUP.Optional.RelevantKnowledge, C:\Users\Lisa\AppData\Local\Chromium\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3_0\manifest.json, En quarantaine, [1477], [180833],1.0.1408
PUP.Optional.eShopComp, C:\USERS\LISA\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\LOCAL STORAGE\http_pstatic.eshopcomp.com_0.localstorage, En quarantaine, [18180], [256007],1.0.1408
PUP.Optional.eShopComp, C:\USERS\LISA\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\LOCAL STORAGE\http_pstatic.eshopcomp.com_0.localstorage-journal, En quarantaine, [18180], [256007],1.0.1408
PUP.Optional.HDApp, C:\USERS\LISA\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\LOCAL STORAGE\https_hdapp1008-a.akamaihd.net_0.localstorage, En quarantaine, [18204], [256893],1.0.1408
PUP.Optional.HDApp, C:\USERS\LISA\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\LOCAL STORAGE\https_hdapp1008-a.akamaihd.net_0.localstorage-journal, En quarantaine, [18204], [256893],1.0.1408
PUP.Optional.Pakilan, C:\USERS\LISA\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\EXTENSIONS\LJIBKIGJCCBEGNBEOJKOAFEJPOIACHEJ\0.0.2_0\MANIFEST.JSON, En quarantaine, [15347], [301950],1.0.1408
PUP.Optional.Pakilan, C:\Users\Lisa\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.0.2_0\_metadata\verified_contents.json, En quarantaine, [15347], [301950],1.0.1408
PUP.Optional.Pakilan, C:\Users\Lisa\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.0.2_0\content_script.js, En quarantaine, [15347], [301950],1.0.1408
PUP.Optional.Pakilan, C:\Users\Lisa\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.0.2_0\Icon128.png, En quarantaine, [15347], [301950],1.0.1408
PUP.Optional.Pakilan, C:\Users\Lisa\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.0.2_0\Icon16.png, En quarantaine, [15347], [301950],1.0.1408
PUP.Optional.Pakilan, C:\Users\Lisa\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.0.2_0\Icon48.png, En quarantaine, [15347], [301950],1.0.1408
PUP.Optional.Pakilan, C:\Users\Lisa\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.0.2_0\newtab.html, En quarantaine, [15347], [301950],1.0.1408
PUP.Optional.Pakilan, C:\Users\Lisa\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej\0.0.2_0\newtab.js, En quarantaine, [15347], [301950],1.0.1408

Secteur physique: 0
(Aucun élément malveillant détecté)


(end)