Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 09/01/2018
Heure de l'analyse: 20:49
Fichier journal: 8c44cfb6-f57e-11e7-8f88-0019bb4bc3d8.json
Administrateur: Oui

-Informations du logiciel-
Version: 3.3.1.2183
Version de composants: 1.0.262
Version de pack de mise à jour: 1.0.3659
Licence: Essai

-Informations système-
Système d'exploitation: Windows XP Service Pack 3
Processeur: x86
Système de fichiers: NTFS
Utilisateur: EDITION_ULTRA\Administrateur

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 160645
Menaces détectées: 55
Menaces mises en quarantaine: 55
Temps écoulé: 13 min, 2 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 0
(Aucun élément malveillant détecté)

Valeur du registre: 5
Hijack.ControlPanelStyle, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|FORCECLASSICCONTROLPANEL, En quarantaine, [12171], [209236],1.0.3659
Hijack.ControlPanelStyle, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|FORCECLASSICCONTROLPANEL, En quarantaine, [12171], [209236],1.0.3659
Hijack.ControlPanelStyle, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|FORCECLASSICCONTROLPANEL, En quarantaine, [12171], [209236],1.0.3659
PUM.Optional.LowRiskFileTypes, HKU\S-1-5-21-583907252-1788223648-682003330-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ASSOCIATIONS|LOWRISKFILETYPES, En quarantaine, [13556], [251589],1.0.3659
Hijack.ControlPanelStyle, HKU\S-1-5-21-583907252-1788223648-682003330-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|FORCECLASSICCONTROLPANEL, En quarantaine, [12171], [209236],1.0.3659

Données du registre: 9
PUM.Optional.DisableShowHelp, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|START_SHOWHELP, Remplacé, [14450], [293313],1.0.3659
PUM.Optional.NoSMHelp, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NOSMHELP, Remplacé, [14469], [293358],1.0.3659
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UPDATESDISABLENOTIFY, Remplacé, [14443], [293296],1.0.3659
PUM.Optional.DisableShowHelp, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|START_SHOWHELP, Remplacé, [14450], [293313],1.0.3659
PUM.Optional.NoSMHelp, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NOSMHELP, Remplacé, [14469], [293358],1.0.3659
PUM.Optional.DisableShowHelp, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|START_SHOWHELP, Remplacé, [14450], [293313],1.0.3659
PUM.Optional.NoSMHelp, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NOSMHELP, Remplacé, [14469], [293358],1.0.3659
PUM.Optional.DisableShowHelp, HKU\S-1-5-21-583907252-1788223648-682003330-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|START_SHOWHELP, Remplacé, [14450], [293313],1.0.3659
PUM.Optional.NoSMHelp, HKU\S-1-5-21-583907252-1788223648-682003330-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NOSMHELP, Remplacé, [14469], [293358],1.0.3659

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 8
PUP.Optional.BlpSearch.Generic, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhaffdpaiepancalmjdliimagfomfklk, En quarantaine, [8632], [443081],1.0.3659
PUP.Optional.BlpSearch.Generic, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhaffdpaiepancalmjdliimagfomfklk\1.0.0.3011_0\_metadata, En quarantaine, [8632], [443081],1.0.3659
PUP.Optional.BlpSearch.Generic, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhaffdpaiepancalmjdliimagfomfklk\1.0.0.3011_0\icons, En quarantaine, [8632], [443081],1.0.3659
PUP.Optional.BlpSearch.Generic, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhaffdpaiepancalmjdliimagfomfklk\1.0.0.3011_0\js, En quarantaine, [8632], [443081],1.0.3659
PUP.Optional.BlpSearch.Generic, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BHAFFDPAIEPANCALMJDLIIMAGFOMFKLK\1.0.0.3011_0, En quarantaine, [8632], [443081],1.0.3659
PUP.Optional.SearchEngineHijack, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\olhflbnlneeemapgalfnlhggccahkdnp\1.0.0_0\_metadata, En quarantaine, [1596], [466018],1.0.3659
PUP.Optional.SearchEngineHijack, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\olhflbnlneeemapgalfnlhggccahkdnp\1.0.0_0, En quarantaine, [1596], [466018],1.0.3659
PUP.Optional.SearchEngineHijack, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\OLHFLBNLNEEEMAPGALFNLHGGCCAHKDNP, En quarantaine, [1596], [466018],1.0.3659

Fichier: 33
PUP.Optional.MySearch.Generic, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_gettvstreamnow.dl.mysearch.com_0.localstorage, En quarantaine, [8550], [443096],1.0.3659
PUP.Optional.MySearch.Generic, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_gettvstreamnow.dl.mysearch.com_0.localstorage-journal, En quarantaine, [8550], [443096],1.0.3659
PUP.Optional.MySearch.Generic, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_screenaddict.dl.mysearch.com_0.localstorage, En quarantaine, [8550], [443096],1.0.3659
PUP.Optional.MySearch.Generic, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_screenaddict.dl.mysearch.com_0.localstorage-journal, En quarantaine, [8550], [443096],1.0.3659
PUP.Optional.MySearch.Generic, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_tvhero.dl.mysearch.com_0.localstorage, En quarantaine, [8550], [443096],1.0.3659
PUP.Optional.MySearch.Generic, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_tvhero.dl.mysearch.com_0.localstorage-journal, En quarantaine, [8550], [443096],1.0.3659
PUP.Optional.OnClickAds, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_onclickads.net_0.localstorage, En quarantaine, [8623], [443429],1.0.3659
PUP.Optional.OnClickAds, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_onclickads.net_0.localstorage-journal, En quarantaine, [8623], [443429],1.0.3659
PUP.Optional.NewTabTV, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.newtabtvsearch.com_0.localstorage, En quarantaine, [2312], [359410],1.0.3659
PUP.Optional.NewTabTV, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.newtabtvsearch.com_0.localstorage-journal, En quarantaine, [2312], [359410],1.0.3659
PUP.Optional.NewTabTV, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_fr.newtabtv.com_0.localstorage, En quarantaine, [2312], [359416],1.0.3659
PUP.Optional.NewTabTV, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_fr.newtabtv.com_0.localstorage-journal, En quarantaine, [2312], [359416],1.0.3659
PUP.Optional.MindSpark.Generic, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_packagetracer.dl.myway.com_0.localstorage, En quarantaine, [1408], [443124],1.0.3659
PUP.Optional.MindSpark.Generic, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_packagetracer.dl.myway.com_0.localstorage-journal, En quarantaine, [1408], [443124],1.0.3659
PUP.Optional.TradeAdExchange, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_www.tradeadexchange.com_0.localstorage, En quarantaine, [8602], [443491],1.0.3659
PUP.Optional.TradeAdExchange, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_www.tradeadexchange.com_0.localstorage-journal, En quarantaine, [8602], [443491],1.0.3659
PUP.Optional.BlpSearch.Generic, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [8632], [443081],1.0.3659
PUP.Optional.BlpSearch.Generic, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\Preferences, Remplacé, [8632], [443081],1.0.3659
PUP.Optional.BlpSearch.Generic, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [8632], [443081],1.0.3659
PUP.Optional.BlpSearch.Generic, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BHAFFDPAIEPANCALMJDLIIMAGFOMFKLK\1.0.0.3011_0\JS\BRAND.JS, En quarantaine, [8632], [443081],1.0.3659
PUP.Optional.BlpSearch.Generic, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhaffdpaiepancalmjdliimagfomfklk\1.0.0.3011_0\icons\checker.gif, En quarantaine, [8632], [443081],1.0.3659
PUP.Optional.BlpSearch.Generic, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhaffdpaiepancalmjdliimagfomfklk\1.0.0.3011_0\icons\icon-128.png, En quarantaine, [8632], [443081],1.0.3659
PUP.Optional.BlpSearch.Generic, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhaffdpaiepancalmjdliimagfomfklk\1.0.0.3011_0\js\background.js, En quarantaine, [8632], [443081],1.0.3659
PUP.Optional.BlpSearch.Generic, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhaffdpaiepancalmjdliimagfomfklk\1.0.0.3011_0\_metadata\verified_contents.json, En quarantaine, [8632], [443081],1.0.3659
PUP.Optional.BlpSearch.Generic, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhaffdpaiepancalmjdliimagfomfklk\1.0.0.3011_0\manifest.json, En quarantaine, [8632], [443081],1.0.3659
PUP.Optional.SearchEngineHijack, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [1596], [466018],1.0.3659
PUP.Optional.SearchEngineHijack, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\Preferences, Remplacé, [1596], [466018],1.0.3659
PUP.Optional.SearchEngineHijack, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [1596], [466018],1.0.3659
PUP.Optional.SearchEngineHijack, C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\OLHFLBNLNEEEMAPGALFNLHGGCCAHKDNP\1.0.0_0\MANIFEST.JSON, En quarantaine, [1596], [466018],1.0.3659
PUP.Optional.SearchEngineHijack, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\olhflbnlneeemapgalfnlhggccahkdnp\1.0.0_0\_metadata\computed_hashes.json, En quarantaine, [1596], [466018],1.0.3659
PUP.Optional.SearchEngineHijack, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\olhflbnlneeemapgalfnlhggccahkdnp\1.0.0_0\_metadata\verified_contents.json, En quarantaine, [1596], [466018],1.0.3659
PUP.Optional.SearchEngineHijack, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\olhflbnlneeemapgalfnlhggccahkdnp\1.0.0_0\background.js, En quarantaine, [1596], [466018],1.0.3659
PUP.Optional.SearchEngineHijack, C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\olhflbnlneeemapgalfnlhggccahkdnp\1.0.0_0\icon128.png, En quarantaine, [1596], [466018],1.0.3659

Secteur physique: 0
(Aucun élément malveillant détecté)


(end)