Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 21/02/2018
Heure de l'analyse: 22:40
Fichier journal: ce72dc0a-174f-11e8-8d65-e89a8ff8aa50.json
Administrateur: Non

-Informations du logiciel-
Version: 3.3.1.2183
Version de composants: 1.0.262
Version de pack de mise à jour: 1.0.4036
Licence: Gratuit

-Informations système-
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Christiane-PC\Mon compte

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 332862
Menaces détectées: 51
Menaces mises en quarantaine: 51
Temps écoulé: 8 min, 46 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 15
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Powered datar, En quarantaine, [57], [308969],1.0.4036
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3B1DA38B-7EEC-48AD-96B5-078BD9B79F35}, En quarantaine, [57], [308969],1.0.4036
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{3B1DA38B-7EEC-48AD-96B5-078BD9B79F35}, En quarantaine, [57], [308969],1.0.4036
PUP.Optional.WinYahoo.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Powered datar, En quarantaine, [483], [-1],0.0.0
PUP.Optional.WinYahoo.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B1DA38B-7EEC-48AD-96B5-078BD9B79F35}, En quarantaine, [483], [-1],0.0.0
PUP.Optional.WinYahoo.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B1DA38B-7EEC-48AD-96B5-078BD9B79F35}, En quarantaine, [483], [-1],0.0.0
PUP.Optional.WinYahoo, HKU\S-1-5-21-1667121263-4263940445-3353855160-1286\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [57], [182757],1.0.4036
PUP.Optional.WinYahoo, HKU\S-1-5-21-1667121263-4263940445-3353855160-1000\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [57], [182757],1.0.4036
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [57], [182757],1.0.4036
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [57], [182757],1.0.4036
PUP.Optional.WinYahoo, HKU\S-1-5-21-1667121263-4263940445-3353855160-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En quarantaine, [57], [182757],1.0.4036
PUP.Optional.WinYahoo, HKU\S-1-5-21-1667121263-4263940445-3353855160-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F23AB71-4AC6-41F2-A955-EA576E553146}, En quarantaine, [57], [182758],1.0.4036
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F23AB71-4AC6-41F2-A955-EA576E553146}, En quarantaine, [57], [182758],1.0.4036
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}, En quarantaine, [57], [182758],1.0.4036
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{97CF7F0F-C74F-AE8F-76CF-DE0FA64F0D8F}, En quarantaine, [57], [302717],1.0.4036

Valeur du registre: 4
PUP.Optional.WinYahoo, HKU\S-1-5-21-1667121263-4263940445-3353855160-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En quarantaine, [57], [182757],1.0.4036
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En quarantaine, [57], [182758],1.0.4036
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, En quarantaine, [57], [182758],1.0.4036
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3B1DA38B-7EEC-48AD-96B5-078BD9B79F35}|PATH, En quarantaine, [57], [308967],1.0.4036

Données du registre: 3
PUP.Optional.WinYahoo, HKU\S-1-5-21-1667121263-4263940445-3353855160-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Remplacé, [57], [293459],1.0.4036
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Remplacé, [57], [293461],1.0.4036
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Remplacé, [57], [293461],1.0.4036

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 3
PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\{4A188F7B-C05A-05BD-469C-9BFFDCDE1031}, En quarantaine, [483], [453921],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HowToRemove, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\USERS\MON COMPTE\APPDATA\LOCAL\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}, En quarantaine, [57], [302717],1.0.4036

Fichier: 26
PUP.Optional.WinYahoo, C:\WINDOWS\TASKS\Yahoo! Powered datar.job, En quarantaine, [57], [308966],1.0.4036
PUP.Optional.WinYahoo, C:\WINDOWS\SYSTEM32\TASKS\Yahoo! Powered datar, En quarantaine, [57], [308969],1.0.4036
PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\{4A188F7B-C05A-05BD-469C-9BFFDCDE1031}\ladi.txt, En quarantaine, [483], [453921],1.0.4036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{4A188F7B-C05A-05BD-469C-9BFFDCDE1031}\hdat1, En quarantaine, [483], [453921],1.0.4036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{4A188F7B-C05A-05BD-469C-9BFFDCDE1031}\hdat2, En quarantaine, [483], [453921],1.0.4036
PUP.Optional.WinYahoo.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\Yahoo! Powered datar, En quarantaine, [483], [-1],0.0.0
PUP.Optional.WinYahoo, C:\USERS\CHRISTIANE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XP7Y20IA.DEFAULT\PREFS.JS, Remplacé, [57], [303324],1.0.4036
PUP.Optional.WinYahoo, C:\USERS\MON COMPTE\APPDATA\LOCAL\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HOWTOREMOVE\HOWTOREMOVE.HTML, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HowToRemove\chromium-min.jpg, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HowToRemove\control panel-min-min.JPG, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HowToRemove\down.png, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HowToRemove\ff menu.JPG, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HowToRemove\ff search engine-min.png, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HowToRemove\hp-min ff.png, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HowToRemove\hp-min ie.png, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HowToRemove\search engine.gif, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HowToRemove\setup pages.gif, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HowToRemove\sp-min.png, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HowToRemove\start-min.jpg, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\HowToRemove\up.png, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\cimedicat, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\nacaroci, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\uninst.exe, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.WinYahoo, C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE}\uninstp.dat, En quarantaine, [57], [302717],1.0.4036
PUP.Optional.InstallCore, C:\$RECYCLE.BIN\S-1-5-21-1667121263-4263940445-3353855160-1003\$RXSSPNY.EXE, En quarantaine, [2], [472720],1.0.4036
PUP.Optional.ByteFence, C:\USERS\CHRISTIANE\APPDATA\LOCAL\TEMP\TMPSEC8192684\BYTEFENCE-INSTALLER-3.18.0.0.EXE, En quarantaine, [585], [389016],1.0.4036

Secteur physique: 0
(Aucun élément malveillant détecté)


(end)