Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 15/05/2019
Heure de l'analyse: 21:36
Fichier journal: be5abdba-7748-11e9-80f0-0492260b2a9c.json

-Informations du logiciel-
Version: 3.7.1.2839
Version de composants: 1.0.586
Version de pack de mise à jour: 1.0.10616
Licence: Gratuit

-Informations système-
Système d'exploitation: Windows 10 (Build 17134.765)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: LAPTOP-PDPOV2E6\laeti

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 284787
Menaces détectées: 58
Menaces mises en quarantaine: 58
Temps écoulé: 1 min, 41 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 15
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, En quarantaine, [2076], [476595],1.0.10616
PUP.Optional.SearchManager, HKU\S-1-5-21-3578135917-2762751503-1931994671-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, En quarantaine, [2076], [476595],1.0.10616
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, En quarantaine, [2076], [476595],1.0.10616
PUP.Optional.SecuredSearch, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PDPCPCEOFKOPEGFFCDNFFEENBFDLDOCK, En quarantaine, [233], [586076],1.0.10616
PUP.Optional.SecuredSearch, HKU\S-1-5-21-3578135917-2762751503-1931994671-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PDPCPCEOFKOPEGFFCDNFFEENBFDLDOCK, En quarantaine, [233], [586076],1.0.10616
PUP.Optional.SecuredSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pdpcpceofkopegffcdnffeenbfdldock, En quarantaine, [233], [586076],1.0.10616
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, En quarantaine, [2076], [183362],1.0.10616
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, En quarantaine, [2076], [183362],1.0.10616
PUP.Optional.SearchManager, HKU\S-1-5-21-3578135917-2762751503-1931994671-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, En quarantaine, [2076], [183362],1.0.10616
PUP.Optional.WinYahoo, HKU\S-1-5-21-3578135917-2762751503-1931994671-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [236], [254683],1.0.10616
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [236], [254683],1.0.10616
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En quarantaine, [236], [254683],1.0.10616
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F23AB71-4AC6-41F2-A955-EA576E553146}, En quarantaine, [236], [182757],1.0.10616
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F23AB71-4AC6-41F2-A955-EA576E553146}, En quarantaine, [236], [182757],1.0.10616
PUP.Optional.WinYahoo, HKU\S-1-5-21-3578135917-2762751503-1931994671-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}, En quarantaine, [236], [182757],1.0.10616

Valeur du registre: 8
PUP.Optional.WinYahoo, HKU\S-1-5-21-3578135917-2762751503-1931994671-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, En quarantaine, [236], [311488],1.0.10616
PUP.Optional.SearchManager, HKU\S-1-5-21-3578135917-2762751503-1931994671-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, En quarantaine, [2076], [476595],1.0.10616
PUP.Optional.SecuredSearch, HKU\S-1-5-21-3578135917-2762751503-1931994671-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|PDPCPCEOFKOPEGFFCDNFFEENBFDLDOCK, En quarantaine, [233], [586076],1.0.10616
PUP.Optional.SearchManager, HKU\S-1-5-21-3578135917-2762751503-1931994671-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, En quarantaine, [2076], [183362],1.0.10616
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En quarantaine, [236], [254683],1.0.10616
PUP.Optional.WinYahoo, HKU\S-1-5-21-3578135917-2762751503-1931994671-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En quarantaine, [236], [254682],1.0.10616
PUP.Optional.WinYahoo, HKU\S-1-5-21-3578135917-2762751503-1931994671-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, En quarantaine, [236], [182757],1.0.10616
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En quarantaine, [236], [254683],1.0.10616

Données du registre: 0
(Aucun élément malveillant détecté)

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 2
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HowToRemove, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\USERS\LAETI\APPDATA\LOCAL\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}, En quarantaine, [792], [542290],1.0.10616

Fichier: 33
PUP.Optional.SearchManager, C:\USERS\LAETI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, En quarantaine, [2076], [453138],1.0.10616
PUP.Optional.SearchModule, C:\USERS\LAETI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\LOCAL STORAGE\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage, En quarantaine, [276], [453492],1.0.10616
PUP.Optional.SearchManager, C:\USERS\LAETI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [2076], [476595],1.0.10616
PUP.Optional.SecuredSearch, C:\USERS\LAETI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [233], [586076],1.0.10616
PUP.Optional.SearchManager, C:\USERS\LAETI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [2076], [183362],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\USERS\LAETI\APPDATA\LOCAL\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HOWTOREMOVE\HOWTOREMOVE.HTML, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HowToRemove\chromium-min.jpg, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HowToRemove\control panel-min-min.JPG, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HowToRemove\down.png, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HowToRemove\ff menu.JPG, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HowToRemove\ff search engine-min.png, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HowToRemove\hp-min ff.png, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HowToRemove\hp-min ie.png, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HowToRemove\search engine.gif, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HowToRemove\setup pages.gif, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HowToRemove\sp-min.png, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HowToRemove\start-min.jpg, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\HowToRemove\up.png, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\lasefana, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\sinatefit, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\uninst.exe, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.WinYahoo.TskLnk, C:\Users\laeti\AppData\Local\{7E9E48C2-5A36-247A-37AE-019213C6FD0A}\uninstp.dat, En quarantaine, [792], [542290],1.0.10616
PUP.Optional.InstallCore.Generic, C:\USERS\LAETI\APPDATA\ROAMING\.MINECRAFT\VERSIONS\FORGE-1.13.1 (1).EXE, En quarantaine, [559], [512151],1.0.10616
PUP.Optional.WinZipRegistryOptimizer.TskLnk, C:\76550D89-B674-458A-9D4D-66E2762AD241.EXE, En quarantaine, [15098], [545775],1.0.10616
PUP.Optional.InstallCore.Generic, C:\USERS\LAETI\DOWNLOADS\FORGE-INSTALLER.EXE, En quarantaine, [559], [512151],1.0.10616
PUP.Optional.InstallCore.Generic, C:\USERS\LAETI\DOWNLOADS\FORGE-1.14.EXE, En quarantaine, [559], [512151],1.0.10616
PUP.Optional.InstallCore.Generic, C:\USERS\LAETI\DOWNLOADS\FTBBEYOND-1.11.0-1.10.2.ZIP, En quarantaine, [559], [512151],1.0.10616
PUP.Optional.InstallCore.Generic, C:\USERS\LAETI\DOWNLOADS\FORGE-1.13.1.EXE, En quarantaine, [559], [512151],1.0.10616
PUP.Optional.SearchManager.BITSRST, C:\USERS\LAETI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [266], [626729],1.0.10616
PUP.Optional.SearchManager.BITSRST, C:\USERS\LAETI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [266], [628563],1.0.10616
PUP.Optional.SearchManager.BITSRST, C:\USERS\LAETI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [266], [626729],1.0.10616
PUP.Optional.SecuredSearch, C:\USERS\LAETI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [233], [551753],1.0.10616
Adware.SearchEngineHijack, C:\USERS\LAETI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [366], [462944],1.0.10616

Secteur physique: 0
(Aucun élément malveillant détecté)

WMI: 0
(Aucun élément malveillant détecté)


(end)