Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 14/02/2021
Durée d'analyse: 17:07
Fichier journal: c3efad96-6ede-11eb-96b2-c03fd5934560.json

-Informations du logiciel-
Version: 4.3.0.98
Version de composants: 1.0.1173
Version de pack de mise à jour: 1.0.37125
Licence: Essai

-Informations système-
Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: PC-Candalh\florence CANDALH

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 369135
Menaces détectées: 61
Menaces mises en quarantaine: 61
Temps écoulé: 11 min, 6 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 14
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, En quarantaine, 7965, 327193, 1.0.37125, , ame, , ,
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, En quarantaine, 7965, 327193, 1.0.37125, , ame, , ,
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3451928539-3764313262-2575019290-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{78658AD4-E77B-11E4-8295-C03FD5934560}, En quarantaine, 5393, 239111, 1.0.37125, , ame, , ,
PUP.Optional.ShieldAppsPPS, HKU\S-1-5-21-3451928539-3764313262-2575019290-1002\SOFTWARE\PCPrivacyShield2018Validity, En quarantaine, 9289, 442014, 1.0.37125, , ame, , ,
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, En quarantaine, 7965, 327193, 1.0.37125, , ame, , ,
PUP.Optional.Reimage, HKU\S-1-5-21-3451928539-3764313262-2575019290-1002\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., En quarantaine, 7965, 327203, 1.0.37125, , ame, , ,
PUP.Optional.Linkey.AppFlsh, HKU\S-1-5-21-3451928539-3764313262-2575019290-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, En quarantaine, 5239, 254237, 1.0.37125, , ame, , ,
PUP.Optional.RegCleanPro, HKU\S-1-5-21-3451928539-3764313262-2575019290-1002\SOFTWARE\REG\Clean, En quarantaine, 146, 347493, 1.0.37125, , ame, , ,
PUP.Optional.CleanMyPC, HKLM\SOFTWARE\WOW6432NODE\REG\Clean, En quarantaine, 8231, 348488, 1.0.37125, , ame, , ,
Adware.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\winzipersvc, En quarantaine, 8137, 385015, 1.0.37125, , ame, , ,
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, En quarantaine, 7965, 332494, , , , , ,
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, En quarantaine, 7965, 332494, , , , , ,
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, En quarantaine, 7965, 332494, 1.0.37125, , ame, , ,
PUP.Optional.Reimage, HKU\S-1-5-21-3451928539-3764313262-2575019290-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, En quarantaine, 7965, 327205, 1.0.37125, , ame, , ,

Valeur du registre: 6
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3451928539-3764313262-2575019290-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{78658AD4-E77B-11E4-8295-C03FD5934560}|FAVICONURL, En quarantaine, 5393, 239111, 1.0.37125, , ame, , ,
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3451928539-3764313262-2575019290-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{78658AD4-E77B-11E4-8295-C03FD5934560}|FAVICONURLFALLBACK, En quarantaine, 5393, 239111, 1.0.37125, , ame, , ,
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3451928539-3764313262-2575019290-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{78658AD4-E77B-11E4-8295-C03FD5934560}|TOPRESULTURL, En quarantaine, 5393, 239111, 1.0.37125, , ame, , ,
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3451928539-3764313262-2575019290-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{78658AD4-E77B-11E4-8295-C03FD5934560}|URL, En quarantaine, 5393, 239111, 1.0.37125, , ame, , ,
PUP.Optional.Linkey.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En quarantaine, 5239, -1, 0.0.0, , action, , ,
PUP.Optional.Linkey.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En quarantaine, 5239, -1, 0.0.0, , action, , ,

Données du registre: 0
(Aucun élément malveillant détecté)

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 3
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\net_search, En quarantaine, 1734, 238151, , , , , ,
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin, En quarantaine, 1734, 238151, , , , , ,
PUP.Optional.Everything, C:\USERS\FLORENCE CANDALH\APPDATA\EVERYTHING, En quarantaine, 1734, 238151, 1.0.37125, , ame, , ,

Fichier: 38
PUP.Optional.Everything, C:\USERS\FLORENCE CANDALH\APPDATA\EVERYTHING\CONFIG.INI, En quarantaine, 1734, 238151, 1.0.37125, , ame, , 076455D472E5463FCB29BF6E7F85A62A, A0953248E447340FC479CCF4BF731BD8FE28856FA4146E47086CF208FEC8B8CE
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\net_search\bing.png, En quarantaine, 1734, 238151, , , , , C9E9BE522FD2F1363E30B9E537A74F15, 1053B989FC62341F179492BD0722758E50687DF06E680DB69C34E1F45261DB06
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\net_search\google.png, En quarantaine, 1734, 238151, , , , , E6C9E26D4E0E12D9ED53DA482A21E56A, D715632DD6E4A0B3BCF3FAA559F528CADB3838929825B2ADE2D23BB76CC3C168
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\net_search\parseSearchEngineHtml.js, En quarantaine, 1734, 238151, , , , , 25B05F47FA150655F9D34C5C47F064ED, 4BAAC2A8E8FDE6E64E8BA10BB0AE7A6533024E9B217FE94B2F2DC9D14A730A4C
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\net_search\search_config.ini, En quarantaine, 1734, 238151, , , , , 2A79BEE63CF20EF5FE2197C88370ED7F, 6689AF5F20700AF953013A166CB5148C6EBA7050D560A41E957D50F9BE1F9203
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\net_search\yahoo.png, En quarantaine, 1734, 238151, , , , , C3A6F7AAEF223082E19115012EB52AE5, EA469E4571EE6CE68901609879A8E2A7880574100A65015F70407FA0BE74DECA
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\bing.png, En quarantaine, 1734, 238151, , , , , C9E9BE522FD2F1363E30B9E537A74F15, 1053B989FC62341F179492BD0722758E50687DF06E680DB69C34E1F45261DB06
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\caret.png, En quarantaine, 1734, 238151, , , , , 534E31615C49650EA50F51CB142C0A4B, 4F06317AE2F39A5ED73EF16A7F3E702CB0D9837EB408D0E51F607A785AAD2444
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\FileListItem.xml, En quarantaine, 1734, 238151, , , , , 0E400C819AAC7B25F8E7865E763D1DF8, CA637F58182BEF7988C6365361885CA40C0B583495E490F8BECE605011E3371C
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\FileListItem_bing.xml, En quarantaine, 1734, 238151, , , , , 212F414E3C33F6B60166FB351B742168, 337B89A1E843679CC972D6AC8B0CB86613CD85E1474E7B4CACEC26C1A8DB95C9
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\FileListItem_google.xml, En quarantaine, 1734, 238151, , , , , C434CF28D413C8D11F68E263FD352F62, F59F282A2F6A489697FB524F38714BDA77A51608E5BCE3BEFD62812048DA177C
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\frame.png, En quarantaine, 1734, 238151, , , , , FCD3646675E574F88B57EC354ADDBB84, C507B04F155D66C7298D447D355C65F730E48C04E7FC57086FB65D34E827F62E
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\frame2.png, En quarantaine, 1734, 238151, , , , , 89420BCC59E954DB9F17D543693A2B1F, 759904E75A3A059B99502DA4A731DA30D305303027D054689F33393422DE9307
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\FreeFinderView.xml, En quarantaine, 1734, 238151, , , , , 632C8C94A3D8F5A39FAFCAE5534FFC4A, 2CE1A205343C7E17AC4666B12C27D6EA2B49BC13D94FE5B9B5092A0A2A8CAD26
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\google.png, En quarantaine, 1734, 238151, , , , , E6C9E26D4E0E12D9ED53DA482A21E56A, D715632DD6E4A0B3BCF3FAA559F528CADB3838929825B2ADE2D23BB76CC3C168
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\guide.png, En quarantaine, 1734, 238151, , , , , A135D69D73B1D781822BC301385DC8F8, 85B3E9F92EFE0E5F92495FC31055E2E6B49707EB37742FDC08B5E3476B84AD6C
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\icon_search.png, En quarantaine, 1734, 238151, , , , , 245FCC92CDF8A8B755E48A8A0AF770EB, 47D7C25EB0945415ACD75F20191B928978CD7F5CAADB104A287033A7F0C1C823
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\mainpanel.png, En quarantaine, 1734, 238151, , , , , 1D172603105FA8C90463049C29B06271, 8BF3B0CFC27E673FD2C483D34357F4EFB14896AA0EC9EC8CB3DB894E64498BBB
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\MainPannel.xml, En quarantaine, 1734, 238151, , , , , FDF760F64A1689DA0B8D7054E9360CEF, 329F307078B8B8B2374EEA7115D29E2893E7DA31E2A4D8F354AFDF47ACF989A0
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\search_content_list.png, En quarantaine, 1734, 238151, , , , , 81715BB72802B30743C4B9AE50809B56, 26C203ED4AE81EB0AFB8B3890D5DF68E2D9998420E84F9FA65490F1696F95C98
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\WndMask.xml, En quarantaine, 1734, 238151, , , , , 65FE1C5B4E3C7B582BF4DDB1FB84C8C3, D9216CA93B7772F66FF98CC7FC72BF542A0EE23298F2806105DBD45322E34918
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\skin\yahoo.png, En quarantaine, 1734, 238151, , , , , C3A6F7AAEF223082E19115012EB52AE5, EA469E4571EE6CE68901609879A8E2A7880574100A65015F70407FA0BE74DECA
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\DataIO.dll, En quarantaine, 1734, 238151, , , , , 44CC12AB5FAD83F1FC577625F6AF0B46, A9D26F6FE7FCC5B8F6102062E5DE04EB782780E814B39D3F28BDE3126572D3EA
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\Everything.db, En quarantaine, 1734, 238151, , , , , D64081F487D1178009839C48DDEA02CB, 564EBBB0194B90717D6CAA6AFA690EC6CF06ACA70D0AE28C670C053AC163C6BC
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\Everything.exe, En quarantaine, 1734, 238151, , , , , 9535D5F164DD60F48EC377AE1C11CF21, 5AD94809235E740F79FABBEBB37ECA1D0101967F34DC180433E0EA2A837D970C
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\Everything.ini, En quarantaine, 1734, 238151, , , , , 870030E482782B15045C7B920212D452, A9D0082C3859940AFF0B3DFA69A0A836EEDA0141F557D2CA8214DBC72F9B3236
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\Everything32.dll, En quarantaine, 1734, 238151, , , , , D78D16BF5D2B44A8E74D642440B6CBC0, C821BB37942361FCADD4101E37179205971C997A8A71CDDE62042516EDB2ED61
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\EverythingLoadHook.exe, En quarantaine, 1734, 238151, , , , , 9EADF066BE297498F1B13BD5DF5D8C5F, FB0119C9F5FD6A4E33D4B8E461AE1021FD1B4FA117B4CF0345DB9688851DDD3A
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\EverythingLoadHookx64.exe, En quarantaine, 1734, 238151, , , , , 27A1563C6588B0BFFD101F3371D7C959, 727727671D5F5AD0B1A4AB4C06B046034CB4F95ACDB372E7FE653D25D6674471
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\helper.dll, En quarantaine, 1734, 238151, , , , , C504BF8B15979EE3F9927D9DDCF4EC4C, 89CE6FF4E11F62496FD73DA476A8D01DD7FF713BA3A81D5182BCBC3012B21AFD
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\hookdll.dll, En quarantaine, 1734, 238151, , , , , C4E82B2C151D7585683D32F581B971B2, CE80E9B446E0FB3761BE53751099DBF79BD582C0A0C6F6878673ACBFADCFF189
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\hookdllx64.dll, En quarantaine, 1734, 238151, , , , , E53244061B10BFD027F2A6C21EFD4682, E19F4023ECA59B1910C1910D18E6E5698D7F585E242498FB31689C2FE180E4AB
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\IO.dll, En quarantaine, 1734, 238151, , , , , 0D927EDCFC59210E621E6F7DCCF6A981, FD41C12AD031D5A7772959D1BCFCDB1EB4DEB64128CE8A0173A153E3770BE18F
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\Patch.dll, En quarantaine, 1734, 238151, , , , , BB9DA120967773F8EE7348D1EE5F4FB9, 871B73FA79C5778D8CA721BC71FF2222DE7C1B600BF6FBD338C22A38975D2634
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\SearchHand.dll, En quarantaine, 1734, 238151, , , , , 915A28362A9765CFD8F40724B23BC754, 4A8E99105AB76B14E84E8174CF26B1A2DE100ADBA9C2C7E4D9FE4026D0BC34D5
PUP.Optional.Everything, C:\Users\florence CANDALH\AppData\Everything\uninst.exe, En quarantaine, 1734, 238151, , , , , 6507DEF32EBABC26FA5DF9DC465FB649, FEE88DC1EF4EC79A8ED27D82DBBA40B13554CD8229A4E0AC30B651070E81B72C
PUP.Optional.HomePageHelper, C:\USERS\RCAND_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z6L84GFW.DEFAULT\PREFS.JS, Remplacé, 5393, 303140, 1.0.37125, , ame, , 6F6EAF104B6472CF3ABC528FF8692E8F, DD545632334E6D195E1328DB8ED01B460318A676C6E72630A89C9908F0277879
PUP.Optional.Solvusoft, C:\USERS\FLORENCE CANDALH\DOWNLOADS\SETUP_DRIVERDOC_2018.EXE, En quarantaine, 3088, 331663, 1.0.37125, , ame, , ED17E4D75CDE674FB2093C7D03ED9FB1, 875A627637A7562A5A21425A30C65459E355CE05578623B38A8C573A45E60A0C

Secteur physique: 0
(Aucun élément malveillant détecté)

WMI: 0
(Aucun élément malveillant détecté)


(end)