Malwarebytes
www.malwarebytes.com

-DÃ©tails du journal-
Date de l'analyse: 11/01/2018
Heure de l'analyse: 11:27
Fichier journal: fa1721f6-f6b9-11e7-bf7e-9c5c8e002910.json
Administrateur: Oui

-Informations du logiciel-
Version: 3.3.1.2183
Version de composants: 1.0.262
Version de pack de mise Ã  jour: 1.0.3673
Licence: Essai

-Informations systÃ¨me-
SystÃ¨me d'exploitation: Windows 10 (Build 16299.192)
Processeur: x64
SystÃ¨me de fichiers: NTFS
Utilisateur: POSTE1\Poste1

-RÃ©sumÃ© de l'analyse-
Type d'analyse: Analyse des menaces
RÃ©sultat: TerminÃ©
Objets analysÃ©s: 338554
Menaces dÃ©tectÃ©es: 47
Menaces mises en quarantaine: 47
Temps Ã©coulÃ©: 2 min, 27 s

-Options d'analyse-
MÃ©moire: ActivÃ©
DÃ©marrage: ActivÃ©
SystÃ¨me de fichiers: ActivÃ©
Archives: ActivÃ©
Rootkits: DÃ©sactivÃ©
Heuristique: ActivÃ©
PUP: DÃ©tection
PUM: DÃ©tection

-DÃ©tails de l'analyse-
Processus: 0
(Aucun Ã©lÃ©ment malveillant dÃ©tectÃ©)

Module: 0
(Aucun Ã©lÃ©ment malveillant dÃ©tectÃ©)

ClÃ© du registre: 7
PUP.Optional.InstallCore, HKU\S-1-5-21-1798859406-1279963121-1027737568-1001\SOFTWARE\csastats, Supprimer au redÃ©marrage, [2], [260986],1.0.3673
PUP.Optional.Spigot, HKU\S-1-5-21-1798859406-1279963121-1027737568-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{4477E629-75AA-42B7-83EA-FA47A5B4F536}, Supprimer au redÃ©marrage, [604], [243431],1.0.3673
PUP.Optional.ProductSetup, HKU\S-1-5-21-1798859406-1279963121-1027737568-1001\SOFTWARE\PRODUCTSETUP, Supprimer au redÃ©marrage, [13066], [242047],1.0.3673
PUP.Optional.WinYahoo, HKU\S-1-5-21-1798859406-1279963121-1027737568-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Supprimer au redÃ©marrage, [57], [182758],1.0.3673
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Supprimer au redÃ©marrage, [57], [182758],1.0.3673
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Supprimer au redÃ©marrage, [57], [182758],1.0.3673
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{CC0524C5-9C85-F545-2D05-85C5FD855645}, Supprimer au redÃ©marrage, [57], [302717],1.0.3673

Valeur du registre: 6
PUP.Optional.Spigot, HKU\S-1-5-21-1798859406-1279963121-1027737568-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{4477E629-75AA-42B7-83EA-FA47A5B4F536}|URL, Supprimer au redÃ©marrage, [604], [243431],1.0.3673
PUP.Optional.ProductSetup, HKU\S-1-5-21-1798859406-1279963121-1027737568-1001\SOFTWARE\PRODUCTSETUP|TB, Supprimer au redÃ©marrage, [13066], [242047],1.0.3673
PUP.Optional.NotChromeRun, HKU\S-1-5-21-1798859406-1279963121-1027737568-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CHROMIUM, Supprimer au redÃ©marrage, [1344], [391151],1.0.3673
PUP.Optional.NotChromeRun, HKU\S-1-5-21-1798859406-1279963121-1027737568-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GOOGLECHROMEAUTOLAUNCH_BF1BA17C041C5ADD38A339832B82094E, Supprimer au redÃ©marrage, [1344], [241243],1.0.3673
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Supprimer au redÃ©marrage, [57], [182758],1.0.3673
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Supprimer au redÃ©marrage, [57], [182758],1.0.3673

DonnÃ©es du registre: 1
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Remplacer au redÃ©marrage, [57], [293461],1.0.3673

Flux de donnÃ©es: 0
(Aucun Ã©lÃ©ment malveillant dÃ©tectÃ©)

Dossier: 4
PUP.Optional.BrowserSecurity, C:\Users\Poste1\AppData\Roaming\Mozilla\Firefox\Profiles\8642aciw.default\jetpack\firefox@browser-security.de\simple-storage, Supprimer au redÃ©marrage, [1145], [347817],1.0.3673
PUP.Optional.BrowserSecurity, C:\USERS\POSTE1\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8642ACIW.DEFAULT\JETPACK\FIREFOX@BROWSER-SECURITY.DE, Supprimer au redÃ©marrage, [1145], [347817],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HowToRemove, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\USERS\POSTE1\APPDATA\LOCAL\{78904ECC-5C38-2274-31A0-079C15C8FB04}, Supprimer au redÃ©marrage, [57], [302717],1.0.3673

Fichier: 29
PUP.Optional.WinYahoo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\HOWTOREMOVE.HTML.LNK, Supprimer au redÃ©marrage, [57], [254335],1.0.3673
PUP.Optional.Spigot, C:\USERS\POSTE1\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8642ACIW.DEFAULT\PREFS.JS, RemplacÃ©, [604], [301667],1.0.3673
PUP.Optional.WinYahoo, C:\USERS\POSTE1\APPDATA\LOCAL\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HOWTOREMOVE\HOWTOREMOVE.HTML, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HowToRemove\chromium-min.jpg, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HowToRemove\control panel-min-min.JPG, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HowToRemove\down.png, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HowToRemove\ff menu.JPG, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HowToRemove\ff search engine-min.png, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HowToRemove\hp-min ff.png, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HowToRemove\hp-min ie.png, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HowToRemove\search engine.gif, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HowToRemove\setup pages.gif, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HowToRemove\sp-min.png, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HowToRemove\start-min.jpg, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\HowToRemove\up.png, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\bapi_chmm.dat, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\bapi_ff.dat, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\bapi_ie.dat, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\dade, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\fora, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\install.log, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\lira, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\lita.cfg, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\rite.dat, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\Sqlite3.dll, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\tase, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\uninst.dat, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\uninst.exe, Supprimer au redÃ©marrage, [57], [302717],1.0.3673
PUP.Optional.WinYahoo, C:\Users\Poste1\AppData\Local\{78904ECC-5C38-2274-31A0-079C15C8FB04}\uninstp.dat, Supprimer au redÃ©marrage, [57], [302717],1.0.3673

Secteur physique: 0
(Aucun Ã©lÃ©ment malveillant dÃ©tectÃ©)


(end)