Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 17/06/2022
Durée d'analyse: 09:41
Fichier journal: e0081484-ee10-11ec-ba1d-40b0767b8891.json

-Informations du logiciel-
Version: 4.5.10.200
Version de composants: 1.0.1702
Version de pack de mise à jour: 1.0.56210
Licence: Essai

-Informations système-
Système d'exploitation: Windows 11 (Build 22000.739)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Ylan\utente

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 364080
Menaces détectées: 71
Menaces mises en quarantaine: 71
Temps écoulé: 4 min, 31 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 24
PUP.Optional.MarketScore, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{d08d9f98-1c78-4704-87e6-368b0023d831}, En quarantaine, 3184, 171225, , , , , ,
PUP.Optional.ByteFence, HKLM\SOFTWARE\CLASSES\*\SHELL\ByteFence File Scan, En quarantaine, 1059, 391313, 1.0.56210, , ame, , ,
Adware.SpecialSearchOffer, HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\SOFTWARE\SProvide, En quarantaine, 500, 840940, 1.0.56210, , ame, , ,
PUP.Optional.ByteFence, HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELL\ByteFence Folder Scan, En quarantaine, 1059, 823186, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\SAntivirus, En quarantaine, 634, 783948, 1.0.56210, , ame, , ,
PUP.Optional.ByteFence, HKLM\SOFTWARE\WOW6432NODE\ByteFence, En quarantaine, 1059, 388723, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\SAntivirus, En quarantaine, 634, 783949, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\SAntivirusProduct, En quarantaine, 634, 783951, 1.0.56210, , ame, , ,
Adware.SpecialSearchOffer, HKLM\SOFTWARE\WOW6432NODE\SProvide, En quarantaine, 500, 840938, 1.0.56210, , ame, , ,
PUP.Optional.SearchManager, HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, En quarantaine, 429, 440037, 1.0.56210, , ame, , ,
PUP.Optional.ByteFence, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\ByteFenceService, En quarantaine, 1059, 389039, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\WINDOWS\SAntivirus, En quarantaine, 634, 783948, 1.0.56210, , ame, , ,
PUP.Optional.InstallCore, HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\SOFTWARE\CSASTATS\ic, En quarantaine, 491, 586068, 1.0.56210, , ame, , ,
PUP.Optional.WinYahoo, HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}, En quarantaine, 221, 254682, 1.0.56210, , ame, , ,
PUP.Optional.ByteFence, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ByteFence, En quarantaine, 1059, 388725, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SAntivirus, En quarantaine, 634, 783950, 1.0.56210, , ame, , ,
PUP.Optional.ByteFence, HKLM\SOFTWARE\ByteFence, En quarantaine, 1059, 388723, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, HKLM\SOFTWARE\SAntivirus, En quarantaine, 634, 783949, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, HKLM\SOFTWARE\SegOption, En quarantaine, 634, 757809, 1.0.56210, , ame, , ,
Adware.SpecialSearchOffer, HKLM\SOFTWARE\SProvide, En quarantaine, 500, 840938, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAntivirusIC, En quarantaine, 634, 783952, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAntivirusSvc, En quarantaine, 634, 783954, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SAntivirusService_RASAPI32, En quarantaine, 634, 783947, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SAntivirusService_RASMANCS, En quarantaine, 634, 783947, 1.0.56210, , ame, , ,

Valeur du registre: 5
PUP.Optional.WinYahoo, HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, En quarantaine, 221, 254682, 1.0.56210, , ame, , ,
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{3203E39F-C164-452D-86CA-FD0B7A487B95}, En quarantaine, 1452, 257573, 1.0.56210, , ame, , ,
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A7B23A85-9F2E-493B-B272-315AE97FFD0B}, En quarantaine, 1452, 257573, 1.0.56210, , ame, , ,
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{353D1486-1451-4FF0-B451-93B956C56DC0}, En quarantaine, 1452, 257573, 1.0.56210, , ame, , ,
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{10617556-B1DF-442C-8702-94EC3F99166B}, En quarantaine, 1452, 257573, 1.0.56210, , ame, , ,

Données du registre: 0
(Aucun élément malveillant détecté)

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 11
PUP.Optional.MarketScore, C:\PROGRAM FILES (X86)\RELEVANTKNOWLEDGE, En quarantaine, 3184, 171225, 1.0.56210, , ame, , ,
PUP.Optional.MarketScore, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\RELEVANTKNOWLEDGE, En quarantaine, 3184, 171863, 1.0.56210, , ame, , ,
PUP.Optional.ByteFence, C:\ProgramData\ByteFence\RTOP, En quarantaine, 1059, 388718, , , , , ,
PUP.Optional.ByteFence, C:\PROGRAMDATA\BYTEFENCE, En quarantaine, 1059, 388718, 1.0.56210, , ame, , ,
PUP.Optional.ByteFence, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ByteFence Anti-Malware, En quarantaine, 1059, 823168, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, C:\PROGRAMDATA\SANTIVIRUS, En quarantaine, 634, 783940, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SANTIVIRUS, En quarantaine, 634, 788609, 1.0.56210, , ame, , ,
PUP.Optional.Segurazo, C:\USERS\UTENTE\APPDATA\ROAMING\SANTIVIRUSCLIENT, En quarantaine, 634, 788610, 1.0.56210, , ame, , ,
Adware.SpecialSearchOffer, C:\PROGRAMDATA\SPROVIDE, En quarantaine, 500, 840937, 1.0.56210, , ame, , ,
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HowToRemove, En quarantaine, 949, 542290, , , , , ,
PUP.Optional.WinYahoo.TskLnk, C:\USERS\UTENTE\APPDATA\LOCAL\{76D1408D-5279-2C35-3FE1-09DD1B89F545}, En quarantaine, 949, 542290, 1.0.56210, , ame, , ,

Fichier: 31
PUP.Optional.MarketScore, C:\Program Files (x86)\RelevantKnowledge\rlls.dll, En quarantaine, 3184, 171225, , , , , F4143418A5B84E77F5C0EAD60D516B73, 1562A13D9F7B91228BB458DAFEB5B00023F801D579765AA0AD7FA8417B3AFF34
PUP.Optional.MarketScore, C:\Program Files (x86)\RelevantKnowledge\rlls64.dll, En quarantaine, 3184, 171225, , , , , B7BAD8F457B22EF0411116EC131AE1E7, 838177CF1FA80B1105A8BC0E879094DE8240C4ADD7DCCB7DF604F09D617ADBF8
PUP.Optional.MarketScore, C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe, En quarantaine, 3184, 171225, , , , , 21BE3F3F0092A126B3A24D637FDDDB92, F6987C97175C247300CFB7CB088827C3DD1EDF8A3EA8C8C87359B877375F077F
PUP.Optional.MarketScore, C:\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe, En quarantaine, 3184, 171225, , , , , 83800DEE551769B732AAD39CBA537FD0, 6AF2CA85AC18BAFCE147A204F056F97EDA4ABFFEE3B54107CA5B2E73CCE8C0C9
PUP.Optional.MarketScore, C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe, En quarantaine, 3184, 171225, , , , , 7DCB1D4916BDC76DDD4AB87856300ED7, 58A12C3687AA6E56F79F3E5F6A5BD639465B99631D99B2ED5DE14601F48958E0
PUP.Optional.MarketScore, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\RelevantKnowledge.lnk, En quarantaine, 3184, 171863, , , , , B3A3BAB81A931E6CADAFC9CCAEC1406E, 062429E011C1896BF7BB8BEC2A7036436FB10B6A5E17AADEA5068AF6B3148943
PUP.Optional.SearchManager, C:\USERS\UTENTE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, En quarantaine, 429, 453138, 1.0.56210, , ame, , B71E63F4753AB65E53B535352E77EAAD, 935C8D5163AFFD639E795CD72798C7D4B4CD37F9FEA838E590E0667A87B7E4B8
PUP.Optional.ByteFence, C:\ProgramData\ByteFence\RTOP\hosts_backup, En quarantaine, 1059, 388718, , , , , A4ECA8014112A13122660B77E6F9ECA2, D311A04D648B6A745F75A8D55D063343BBB8758DFCF0AFFE1DDA9B7617DD4BC6
PUP.Optional.ByteFence, C:\ProgramData\ByteFence\RTOP\uclogfile.bin, En quarantaine, 1059, 388718, , , , , ,
PUP.Optional.RelevantKnowledge, C:\WINDOWS\SYSTEM32\RLLS64.DLL, En quarantaine, 1452, 296186, 1.0.56210, 6116EEDFF0BE87BDE19A557A, dds, 01819024, B7BAD8F457B22EF0411116EC131AE1E7, 838177CF1FA80B1105A8BC0E879094DE8240C4ADD7DCCB7DF604F09D617ADBF8
PUP.Optional.RelevantKnowledge, C:\WINDOWS\SYSWOW64\RLLS.DLL, En quarantaine, 1452, 296186, 1.0.56210, F5BC149DD7FE49F54BECFAA0, dds, 01819024, F4143418A5B84E77F5C0EAD60D516B73, 1562A13D9F7B91228BB458DAFEB5B00023F801D579765AA0AD7FA8417B3AFF34
PUP.Optional.WinYahoo.TskLnk, C:\USERS\UTENTE\APPDATA\LOCAL\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HOWTOREMOVE\HOWTOREMOVE.HTML, En quarantaine, 949, 542290, 1.0.56210, , ame, , 92A56BD431B8EC678C73844C916017CA, 47BFA64B49B9ABF0C2DCA4F400E0137E1C29211CE6ED4196EDE1560149D13FF2
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HowToRemove\chromium-min.jpg, En quarantaine, 949, 542290, , , , , 63BC75E5CF5CBA301C0A333A493C1E6C, AECF7E9F8EA60035CF8E255B99ADDBC4739C357BC9773273B682B06073AE2BBC
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HowToRemove\control panel-min-min.JPG, En quarantaine, 949, 542290, , , , , D3317C08A7FD5C68AF7607B56365D7EF, E0DF11EDFC606871F3FA3E825D0A346D895CF2246372E1919F3F6B6F823855EA
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HowToRemove\down.png, En quarantaine, 949, 542290, , , , , BD28C167E200A3B28D65FAD11067F767, 782AEE35F1473A0818E85C7888276AB1A92A2C6650420A6914C11D4A87017959
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HowToRemove\ff menu.JPG, En quarantaine, 949, 542290, , , , , 0ACF64A62398FD3E28C0F776E080E02E, A7E228427AFE421EE317EECF714464E5ED346B2032C98F4076B01EB61D92F11F
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HowToRemove\ff search engine-min.png, En quarantaine, 949, 542290, , , , , 98167327578F423AD62775F9C0DA1C08, 95E4B167F0173DB00F6BCDDE9864CC2E5DDED171506F8AB8E7B9F7863D913680
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HowToRemove\hp-min ff.png, En quarantaine, 949, 542290, , , , , AFE6FD269F10B4FB4055028CE2E0F70C, F0403DEBED00E906EE26EFE1463A63347D5B7CD6EB60BB38AE0E3C3460F71693
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HowToRemove\hp-min ie.png, En quarantaine, 949, 542290, , , , , C76F780F7CDEDA6D63A72E00719EAE53, 0A53A6F7C61B73B40061A401ED4C5D1E520C1D1DEC270617C5C25C8EE64A95C6
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HowToRemove\search engine.gif, En quarantaine, 949, 542290, , , , , D2665D24334093AFB3D3E64E22346AC4, E5CA26785BDB836C3C234A67E991BF1C70D4E87CAA75EC43747619E64DECAA57
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HowToRemove\setup pages.gif, En quarantaine, 949, 542290, , , , , D8957AB88B51AC3D91DB06AC96369BE4, 6BB5388E49AAB90AB7C85A736EAABDEB9A78CDCCA4D7A4138B00DBC1C657C8D5
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HowToRemove\sp-min.png, En quarantaine, 949, 542290, , , , , C4A8846B0AAC9BEF78F6A001514ECFF5, 4E9A05BDB43137235913F0BBB1F21C35DF34E62D33F2A4F4FC9C0F15FA1346E3
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HowToRemove\start-min.jpg, En quarantaine, 949, 542290, , , , , 7A52610FBA6935C9ACF2A2F38CA86F6A, 677001B0CFD9F6C824E422C5EBBC5C042ABB0CF156990064DD3170CF6F3379C8
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\HowToRemove\up.png, En quarantaine, 949, 542290, , , , , 45B1D3F523A38E29419DC26AE6BDD253, 892E25F7363B1C4EFA5FFACD5F4CDADD01833F49EF5CEF335676D84DA871EBA0
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\disafi, En quarantaine, 949, 542290, , , , , F85D4858A793852D4DC712F12C260462, A6036CC99F3AAB52CBCCBD79DD145BDC4581974C827064670112819B87FF93EE
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\nanetoc, En quarantaine, 949, 542290, , , , , 85034DFE96D84977BA4B7206FA681D7B, 81BFBA87C8613DE5FDA34BE131AAC28A34D7749B18AB3BB7AE9D28B933EF8A87
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\uninst.exe, En quarantaine, 949, 542290, , , , , 4ED777A5428F68EFA0A9D84FEB06D056, 59EE7AA430827FED2DCE7D0765AA95560094D864A811AB3611E30EA1B2CB4293
PUP.Optional.WinYahoo.TskLnk, C:\Users\utente\AppData\Local\{76D1408D-5279-2C35-3FE1-09DD1B89F545}\uninstp.dat, En quarantaine, 949, 542290, , , , , 9F339EBCF913F8EE8DFBD71B76416CBD, D15F9A2D56E686D1F2C0694DDC42B9B68EE40C71102CD3CD13E23329EA8E7B6D
PUP.Optional.PushNotifications.Generic, C:\USERS\UTENTE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Remplacé, 182, 838845, 1.0.56210, , ame, , B519E464A69965F6286B6AACE76BF4D1, 5532E7BC377D48F1139741E101CDFC7FFE9347345520025E51AB51A492740B0A
PUP.Optional.WinYahoo, C:\USERS\UTENTE\APPDATA\LOCAL\MICROSOFT\EDGE\USER DATA\Default\Web Data, Remplacé, 221, 454794, 1.0.56210, , ame, , A28AE97013182C12DD80999F9E6E9F96, CED665848C7D77009C5756D9FB374ABE23847DC5208DA381C9B8235C4E06C661
PUP.Optional.PushNotifications, C:\USERS\UTENTE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Remplacé, 184, 799829, 1.0.56210, , ame, , B519E464A69965F6286B6AACE76BF4D1, 5532E7BC377D48F1139741E101CDFC7FFE9347345520025E51AB51A492740B0A

Secteur physique: 0
(Aucun élément malveillant détecté)

WMI: 0
(Aucun élément malveillant détecté)


(end)