Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'analyse: 05/11/2016
Heure de l'analyse: 20:50
Fichier journal: Malware analyse.txt
Administrateur: Oui
Version: 2.2.1.1043
Base de donn¨¦es de programmes malveillants: v2016.11.05.09
Base de donn¨¦es de rootkits: v2016.10.31.01
Licence: Gratuit
Protection contre les programmes malveillants: D¨¦sactiv¨¦
Protection contre les sites Web malveillants: D¨¦sactiv¨¦
Autoprotection: D¨¦sactiv¨¦
Syst¨¨me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst¨¨me de fichiers: NTFS
Utilisateur: hp
Type d'analyse: Analyse des menaces
R¨¦sultat: Termin¨¦
Objets analys¨¦s: 518359
Temps ¨¦coul¨¦: 56 min, 49 s
M¨¦moire: Activ¨¦
D¨¦marrage: Activ¨¦
Syst¨¨me de fichiers: Activ¨¦
Archives: Activ¨¦
Rootkits: D¨¦sactiv¨¦
Heuristique: Activ¨¦
PUP: Activ¨¦
PUM: Activ¨¦
Processus: 0
(Aucun ¨¦l¨¦ment malveillant d¨¦tect¨¦)
Modules: 0
(Aucun ¨¦l¨¦ment malveillant d¨¦tect¨¦)
Cl¨¦s du Registre: 34
Rootkit.Necurs.GO, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\tsnethlpx64, Supprimer au red¨¦marrage, [832ac5f7148676c03baea02d5ea2bb45],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\APPID\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4}, En quarantaine, [b8f5f3c9e8b256e080887b022ad89e62],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{1DD31B76-C57E-49BA-94BC-BF53F0C82CD4}, En quarantaine, [b8f5f3c9e8b256e080887b022ad89e62],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{1DD31B76-C57E-49BA-94BC-BF53F0C82CD4}, En quarantaine, [b8f5f3c9e8b256e080887b022ad89e62],
PUP.Optional.Xunlei.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{004B0726-A010-4abf-8556-FCDB7F1FCA1E}, En quarantaine, [515c219b27733204cbad870f8979649c],
PUP.Optional.Xunlei.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}, En quarantaine, [515c219b27733204cbad870f8979649c],
PUP.Optional.Xunlei.BHO, HKU\S-1-5-21-1592242826-1200034856-1619733032-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}, En quarantaine, [515c219b27733204cbad870f8979649c],
PUP.Optional.Xunlei.BHO, HKU\S-1-5-21-1592242826-1200034856-1619733032-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}, En quarantaine, [515c219b27733204cbad870f8979649c],
PUP.Optional.WebSteroids, HKLM\SOFTWARE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, En quarantaine, [a805d7e50c8ea98db204d1c216ec50b0],
PUP.Optional.DynConIE, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, En quarantaine, [426bbffd8b0f082e4539d0bf05fd20e0],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027}, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\ASBarBroker.BDBroker.1, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\ASBarBroker.BDBroker, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ASBarBroker.BDBroker, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\WOW6432NODE\ASBarBroker.BDBroker, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ASBarBroker.BDBroker.1, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\WOW6432NODE\ASBarBroker.BDBroker.1, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027}, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Bandoo.AppFlsh, HKU\S-1-5-21-1592242826-1200034856-1619733032-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}, En quarantaine, [7637605ce1b9d4621e14dfb7d72b5da3],
PUP.Optional.ValueApps, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F63AAEDC-3602-49EF-AA45-262380A98980}, En quarantaine, [3974a814aaf08caad9a1c7cc8979da26],
PUP.Optional.ValueApps, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F63AAEDC-3602-49EF-AA45-262380A98980}, En quarantaine, [3974a814aaf08caad9a1c7cc8979da26],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11CC93E4-0BE6-4f8f-82AA-D577FB955B05}, En quarantaine, [e7c6a71569318da95ea9b9c453af946c],
Adware.BDSearch, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{E5D5D4A1-17F0-41D7-B1C6-0979F91E6F46}, En quarantaine, [e1cc0fadafeb61d5a06f2659976b19e7],
Adware.Sogou, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{FDAEAB93-6DC0-4A63-81C6-95C88ED36F6A}, En quarantaine, [7e2f2498c1d95dd9ce07b0d1d230dc24],
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IEXPLORE.EXE, En quarantaine, [ffae2f8d0f8b0a2c267ff6fe53b11ee2],
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IEXPLORE.EXE, En quarantaine, [ffae2f8d0f8b0a2c267ff6fe53b11ee2],
Trojan.Agent, HKLM\SOFTWARE\CLASSES\thunder, En quarantaine, [f3ba4d6f574390a6b420fe2fe023cb35],
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\thunder, En quarantaine, [b6f76d4fff9b9e98eee65bd2d231da26],
PUP.Optional.Gameo, HKU\S-1-5-21-1592242826-1200034856-1619733032-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\76A44D75_0, En quarantaine, [85280fadc2d84ee8a27ad7fc2cd69769],
Trojan.Agent, HKU\S-1-5-21-1592242826-1200034856-1619733032-1000_Classes\thunder, En quarantaine, [f2bbfcc0b0ea3204cd0780adb64d649c],
PUP.Optional.ASK, HKU\S-1-5-21-1592242826-1200034856-1619733032-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FA28606-DE77-4029-AF96-B231E3B8F827}, En quarantaine, [9b1211ab0b8f54e2d6c86a6437cb6c94],
PUP.Optional.iFunBox, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\iFunBox 2014_is1, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7AAD4D76-1C02-42C5-9253-14655539BD57}, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{7AAD4D76-1C02-42C5-9253-14655539BD57}, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
Valeurs du Registre: 8
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\UNKNOWN\SHELL\OPENAS\COMMAND|Advanced System Protector.bak, C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL En quarantaine, [bbf279439109c076349107eded17a45c], %5
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\UNKNOWN\SHELL\OPENDLG\COMMAND|Advanced System Protector.bak, C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL En quarantaine, [08a55369b2e8fc3afdcb5a9ac53f7b85], %5
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\UNKNOWN\SHELL\OPENAS\COMMAND|Advanced System Protector.bak, C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL En quarantaine, [05a8c2fac8d2b086cff60ee6fa0af10f], %5
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\UNKNOWN\SHELL\OPENDLG\COMMAND|Advanced System Protector.bak, C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL En quarantaine, [a7062e8e435794a2a127cc28bd47e51b], %5
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\UNKNOWN\SHELL\OPENAS\COMMAND|Advanced System Protector.bak, C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL En quarantaine, [17968d2ff0aa38fe764f649070947888], %5
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\UNKNOWN\SHELL\OPENDLG\COMMAND|Advanced System Protector.bak, C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL En quarantaine, [9617209c6634b77f11b7fef6bb49ad53], %5
PUP.Optional.Gameo, HKU\S-1-5-21-1592242826-1200034856-1619733032-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\76a44d75_0, {0.0.0.00000000}.{0cadc5bf-c29e-431d-b780-f95f0d58b418}|\Device\HarddiskVolume2\Users\hp\AppData\Roaming\Gameo\gameo.exe%b{00000000-0000-0000-0000-000000000000}, En quarantaine, [85280fadc2d84ee8a27ad7fc2cd69769]
PUP.Optional.ASK, HKU\S-1-5-21-1592242826-1200034856-1619733032-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF, En quarantaine, [9b1211ab0b8f54e2d6c86a6437cb6c94]
Donn¨¦es du Registre: 0
(Aucun ¨¦l¨¦ment malveillant d¨¦tect¨¦)
Dossiers: 5
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\links, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.MoviesToolBar, C:\Users\Guiying\AppData\LocalLow\ilividmoviestoolbar181, En quarantaine, [4865c5f7ebaf56e03ab3dcdc1de5e11f],
Fichiers: 58
Rootkit.Necurs.GO, C:\Program Files (x86)\QQPCMgr\12.0.18066.222\TsNetHlpX64.sys, Supprimer au red¨¦marrage, [832ac5f7148676c03baea02d5ea2bb45],
PUP.Optional.Funshion, C:\Users\hp\AppData\Roaming\CloudMedia\JadeHe.dat, En quarantaine, [fdb0b00c7b1fcc6a29d5f85755ac5fa1],
PUP.Optional.StartPage, C:\Users\hp\AppData\Roaming\DSTEMPD\_kyhz05_s.exe, En quarantaine, [8825d9e3d3c763d3a0bfc49bf01024dc],
PUP.Optional.Kread, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Kommun.dll, En quarantaine, [b1fcf5c71387ef4799c6ad3549b77b85],
PUP.Optional.Bundler, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\LibDownloadManagement.dll, En quarantaine, [e9c4912bdfbbba7cf0c95ffaee1326da],
Trojan.Chad.TT, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\QQPetKernelBeta13Build001.EXE, En quarantaine, [307de1db5c3e171f6ec15c46a858d828],
PUP.Optional.Bandoo, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\dtuser.exe, En quarantaine, [6f3eceee1c7e092d4239f69c28dc08f8],
PUP.Optional.SpeedingUpMyPC, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Optimizer Pro\OptProHelper.dll, En quarantaine, [802d11ab05957bbbc2aba7690ef7aa56],
PUP.Optional.OptimizerPro, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Optimizer Pro\OptProSmartScan.exe, En quarantaine, [1994e1db1b7f1e187f770d9ee719db25],
PUP.Optional.SpeedingUpMyPC, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Optimizer Pro\unins000.exe, En quarantaine, [3f6e526ad4c61a1c7bf211fffa0bd927],
PUP.Optional.PullUpdate, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Websteroids\Uninstall.exe, En quarantaine, [931a8735cfcb3cfa705eef868c7539c7],
PUP.Optional.CreativeIslandMedia, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Websteroids\IE\common.dll, En quarantaine, [4c616f4d5b3fe353c2ac4680d42c9f61],
PUP.Optional.Bandoo, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Movies Toolbar\Datamngr\setmgrc1.cfg, En quarantaine, [decf49730a90df575544395ee61ebd43],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\AdvancedSystemProtector.exe, En quarantaine, [01ac9824dcbec571a04e23d06e9609f7],
PUP.Optional.SysTweak, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\AppResource.dll, En quarantaine, [7f2e0ab2732779bd11957183a75db24e],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\AspManager.exe, En quarantaine, [05a82d8f0892ae8826c88370cb392bd5],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\filetypehelper.exe, En quarantaine, [6f3e9c20b0ea4de99a54df1458acf10f],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\scandll.dll, En quarantaine, [8924cdef9802280e15d98c67f50f7e82],
PUP.Optional.SysTweak, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\SSDPTstub.exe, En quarantaine, [ecc12a922d6d0e28dcfe049ffb06e41c],
PUP.Optional.SysTweak, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\unins000.exe, En quarantaine, [1994ba02e4b6bd79dc08319021e0758b],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\Troubleshooter\asp-fixer.com, En quarantaine, [9d10536953473501a7fe1ed69b697b85],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\Troubleshooter\asp-fixer.exe, En quarantaine, [d5d89b21d3c706305f46e4109272da26],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\Troubleshooter\asp-fixer.pif, En quarantaine, [f8b5bb017e1cf4420d98955f36ce34cc],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\Troubleshooter\asp-fixer.scr, En quarantaine, [96170ab20f8b072feabbb04457adec14],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\Troubleshooter\firefox.com, En quarantaine, [a20bffbdd0cacd6933724fa5c53f3dc3],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\Troubleshooter\iexplore.exe, En quarantaine, [ffae2f8d0f8b0a2c267ff6fe53b11ee2],
PUP.Optional.InternetUpdater, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\InternetUpdater\InternetUpdaterService.exe, En quarantaine, [16978d2fd6c4f83e908b52da33ce9b65],
PUP.Optional.Norpalla, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Norpalla\NorpallaUninstall.exe, En quarantaine, [436a5765b3e76fc79334200140c050b0],
PUP.Optional.SysTweak, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RegClean Pro\RegCleanPro.exe, En quarantaine, [a40912aa108a5dd9b57a8f2e04fd837d],
PUP.Optional.SysTweak, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RegClean Pro\CleanSchedule.exe, En quarantaine, [e4c919a3bdddc67024824ca871936a96],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RegClean Pro\SSDPTstub.exe, En quarantaine, [a805a319c8d29a9ceaf048accd3701ff],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RegClean Pro\systweakasp.exe, En quarantaine, [327b447834663df9836202f16e960000],
PUP.Optional.SysTweak, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RegClean Pro\unins000.exe, En quarantaine, [d7d666566931a294d60e338ead54c838],
PUP.Optional.MultiExtension, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RHelpers\ChromeHelper\ChromeHelper.exe, En quarantaine, [08a53c802377ca6c2783c35e748cca36],
PUP.Optional.MultiExtension, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RHelpers\FirefoxHelper\FirefoxHelper.exe, En quarantaine, [238af3c99cfecb6bc4e636eb3fc126da],
PUP.Optional.MultiExtension, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RHelpers\IeHelper\IeHelper.exe, En quarantaine, [446953692c6e0d29c5e5fd24f20eff01],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\announce.js, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\background.html, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\contentscript.js, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\icon.png, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\icon128.png, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\icon16.png, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\icon48.png, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\iframecontentscript.js, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\manifest.json, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\chromeifbc.dll, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\ifbcjs.dll, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\ifb_classic.exe, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\iFunBox2014.exe, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\MediaInfo.dll, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\unins000.dat, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\unins000.exe, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\vficef.dat, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\vfwcef.dat, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\vfwdef.dat, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\vfwproc.bin, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\links\ifunbox.nxgen.blog.url, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\links\page.ico, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
Secteurs physiques: 0
(Aucun ¨¦l¨¦ment malveillant d¨¦tect¨¦)
(end)
www.malwarebytes.org
Date de l'analyse: 05/11/2016
Heure de l'analyse: 20:50
Fichier journal: Malware analyse.txt
Administrateur: Oui
Version: 2.2.1.1043
Base de donn¨¦es de programmes malveillants: v2016.11.05.09
Base de donn¨¦es de rootkits: v2016.10.31.01
Licence: Gratuit
Protection contre les programmes malveillants: D¨¦sactiv¨¦
Protection contre les sites Web malveillants: D¨¦sactiv¨¦
Autoprotection: D¨¦sactiv¨¦
Syst¨¨me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst¨¨me de fichiers: NTFS
Utilisateur: hp
Type d'analyse: Analyse des menaces
R¨¦sultat: Termin¨¦
Objets analys¨¦s: 518359
Temps ¨¦coul¨¦: 56 min, 49 s
M¨¦moire: Activ¨¦
D¨¦marrage: Activ¨¦
Syst¨¨me de fichiers: Activ¨¦
Archives: Activ¨¦
Rootkits: D¨¦sactiv¨¦
Heuristique: Activ¨¦
PUP: Activ¨¦
PUM: Activ¨¦
Processus: 0
(Aucun ¨¦l¨¦ment malveillant d¨¦tect¨¦)
Modules: 0
(Aucun ¨¦l¨¦ment malveillant d¨¦tect¨¦)
Cl¨¦s du Registre: 34
Rootkit.Necurs.GO, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\tsnethlpx64, Supprimer au red¨¦marrage, [832ac5f7148676c03baea02d5ea2bb45],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\APPID\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4}, En quarantaine, [b8f5f3c9e8b256e080887b022ad89e62],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{1DD31B76-C57E-49BA-94BC-BF53F0C82CD4}, En quarantaine, [b8f5f3c9e8b256e080887b022ad89e62],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{1DD31B76-C57E-49BA-94BC-BF53F0C82CD4}, En quarantaine, [b8f5f3c9e8b256e080887b022ad89e62],
PUP.Optional.Xunlei.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{004B0726-A010-4abf-8556-FCDB7F1FCA1E}, En quarantaine, [515c219b27733204cbad870f8979649c],
PUP.Optional.Xunlei.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}, En quarantaine, [515c219b27733204cbad870f8979649c],
PUP.Optional.Xunlei.BHO, HKU\S-1-5-21-1592242826-1200034856-1619733032-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}, En quarantaine, [515c219b27733204cbad870f8979649c],
PUP.Optional.Xunlei.BHO, HKU\S-1-5-21-1592242826-1200034856-1619733032-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}, En quarantaine, [515c219b27733204cbad870f8979649c],
PUP.Optional.WebSteroids, HKLM\SOFTWARE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, En quarantaine, [a805d7e50c8ea98db204d1c216ec50b0],
PUP.Optional.DynConIE, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, En quarantaine, [426bbffd8b0f082e4539d0bf05fd20e0],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027}, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\ASBarBroker.BDBroker.1, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\ASBarBroker.BDBroker, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ASBarBroker.BDBroker, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\WOW6432NODE\ASBarBroker.BDBroker, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ASBarBroker.BDBroker.1, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\WOW6432NODE\ASBarBroker.BDBroker.1, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027}, En quarantaine, [9b127c40f2a833034db9027b47bbb749],
PUP.Optional.Bandoo.AppFlsh, HKU\S-1-5-21-1592242826-1200034856-1619733032-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}, En quarantaine, [7637605ce1b9d4621e14dfb7d72b5da3],
PUP.Optional.ValueApps, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F63AAEDC-3602-49EF-AA45-262380A98980}, En quarantaine, [3974a814aaf08caad9a1c7cc8979da26],
PUP.Optional.ValueApps, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F63AAEDC-3602-49EF-AA45-262380A98980}, En quarantaine, [3974a814aaf08caad9a1c7cc8979da26],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11CC93E4-0BE6-4f8f-82AA-D577FB955B05}, En quarantaine, [e7c6a71569318da95ea9b9c453af946c],
Adware.BDSearch, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{E5D5D4A1-17F0-41D7-B1C6-0979F91E6F46}, En quarantaine, [e1cc0fadafeb61d5a06f2659976b19e7],
Adware.Sogou, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{FDAEAB93-6DC0-4A63-81C6-95C88ED36F6A}, En quarantaine, [7e2f2498c1d95dd9ce07b0d1d230dc24],
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IEXPLORE.EXE, En quarantaine, [ffae2f8d0f8b0a2c267ff6fe53b11ee2],
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IEXPLORE.EXE, En quarantaine, [ffae2f8d0f8b0a2c267ff6fe53b11ee2],
Trojan.Agent, HKLM\SOFTWARE\CLASSES\thunder, En quarantaine, [f3ba4d6f574390a6b420fe2fe023cb35],
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\thunder, En quarantaine, [b6f76d4fff9b9e98eee65bd2d231da26],
PUP.Optional.Gameo, HKU\S-1-5-21-1592242826-1200034856-1619733032-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\76A44D75_0, En quarantaine, [85280fadc2d84ee8a27ad7fc2cd69769],
Trojan.Agent, HKU\S-1-5-21-1592242826-1200034856-1619733032-1000_Classes\thunder, En quarantaine, [f2bbfcc0b0ea3204cd0780adb64d649c],
PUP.Optional.ASK, HKU\S-1-5-21-1592242826-1200034856-1619733032-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FA28606-DE77-4029-AF96-B231E3B8F827}, En quarantaine, [9b1211ab0b8f54e2d6c86a6437cb6c94],
PUP.Optional.iFunBox, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\iFunBox 2014_is1, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7AAD4D76-1C02-42C5-9253-14655539BD57}, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{7AAD4D76-1C02-42C5-9253-14655539BD57}, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
Valeurs du Registre: 8
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\UNKNOWN\SHELL\OPENAS\COMMAND|Advanced System Protector.bak, C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL En quarantaine, [bbf279439109c076349107eded17a45c], %5
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\UNKNOWN\SHELL\OPENDLG\COMMAND|Advanced System Protector.bak, C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL En quarantaine, [08a55369b2e8fc3afdcb5a9ac53f7b85], %5
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\UNKNOWN\SHELL\OPENAS\COMMAND|Advanced System Protector.bak, C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL En quarantaine, [05a8c2fac8d2b086cff60ee6fa0af10f], %5
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\UNKNOWN\SHELL\OPENDLG\COMMAND|Advanced System Protector.bak, C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL En quarantaine, [a7062e8e435794a2a127cc28bd47e51b], %5
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\UNKNOWN\SHELL\OPENAS\COMMAND|Advanced System Protector.bak, C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL En quarantaine, [17968d2ff0aa38fe764f649070947888], %5
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\UNKNOWN\SHELL\OPENDLG\COMMAND|Advanced System Protector.bak, C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL En quarantaine, [9617209c6634b77f11b7fef6bb49ad53], %5
PUP.Optional.Gameo, HKU\S-1-5-21-1592242826-1200034856-1619733032-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\76a44d75_0, {0.0.0.00000000}.{0cadc5bf-c29e-431d-b780-f95f0d58b418}|\Device\HarddiskVolume2\Users\hp\AppData\Roaming\Gameo\gameo.exe%b{00000000-0000-0000-0000-000000000000}, En quarantaine, [85280fadc2d84ee8a27ad7fc2cd69769]
PUP.Optional.ASK, HKU\S-1-5-21-1592242826-1200034856-1619733032-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF, En quarantaine, [9b1211ab0b8f54e2d6c86a6437cb6c94]
Donn¨¦es du Registre: 0
(Aucun ¨¦l¨¦ment malveillant d¨¦tect¨¦)
Dossiers: 5
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\links, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.MoviesToolBar, C:\Users\Guiying\AppData\LocalLow\ilividmoviestoolbar181, En quarantaine, [4865c5f7ebaf56e03ab3dcdc1de5e11f],
Fichiers: 58
Rootkit.Necurs.GO, C:\Program Files (x86)\QQPCMgr\12.0.18066.222\TsNetHlpX64.sys, Supprimer au red¨¦marrage, [832ac5f7148676c03baea02d5ea2bb45],
PUP.Optional.Funshion, C:\Users\hp\AppData\Roaming\CloudMedia\JadeHe.dat, En quarantaine, [fdb0b00c7b1fcc6a29d5f85755ac5fa1],
PUP.Optional.StartPage, C:\Users\hp\AppData\Roaming\DSTEMPD\_kyhz05_s.exe, En quarantaine, [8825d9e3d3c763d3a0bfc49bf01024dc],
PUP.Optional.Kread, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Kommun.dll, En quarantaine, [b1fcf5c71387ef4799c6ad3549b77b85],
PUP.Optional.Bundler, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\LibDownloadManagement.dll, En quarantaine, [e9c4912bdfbbba7cf0c95ffaee1326da],
Trojan.Chad.TT, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\QQPetKernelBeta13Build001.EXE, En quarantaine, [307de1db5c3e171f6ec15c46a858d828],
PUP.Optional.Bandoo, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\dtuser.exe, En quarantaine, [6f3eceee1c7e092d4239f69c28dc08f8],
PUP.Optional.SpeedingUpMyPC, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Optimizer Pro\OptProHelper.dll, En quarantaine, [802d11ab05957bbbc2aba7690ef7aa56],
PUP.Optional.OptimizerPro, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Optimizer Pro\OptProSmartScan.exe, En quarantaine, [1994e1db1b7f1e187f770d9ee719db25],
PUP.Optional.SpeedingUpMyPC, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Optimizer Pro\unins000.exe, En quarantaine, [3f6e526ad4c61a1c7bf211fffa0bd927],
PUP.Optional.PullUpdate, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Websteroids\Uninstall.exe, En quarantaine, [931a8735cfcb3cfa705eef868c7539c7],
PUP.Optional.CreativeIslandMedia, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Websteroids\IE\common.dll, En quarantaine, [4c616f4d5b3fe353c2ac4680d42c9f61],
PUP.Optional.Bandoo, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Movies Toolbar\Datamngr\setmgrc1.cfg, En quarantaine, [decf49730a90df575544395ee61ebd43],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\AdvancedSystemProtector.exe, En quarantaine, [01ac9824dcbec571a04e23d06e9609f7],
PUP.Optional.SysTweak, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\AppResource.dll, En quarantaine, [7f2e0ab2732779bd11957183a75db24e],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\AspManager.exe, En quarantaine, [05a82d8f0892ae8826c88370cb392bd5],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\filetypehelper.exe, En quarantaine, [6f3e9c20b0ea4de99a54df1458acf10f],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\scandll.dll, En quarantaine, [8924cdef9802280e15d98c67f50f7e82],
PUP.Optional.SysTweak, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\SSDPTstub.exe, En quarantaine, [ecc12a922d6d0e28dcfe049ffb06e41c],
PUP.Optional.SysTweak, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\unins000.exe, En quarantaine, [1994ba02e4b6bd79dc08319021e0758b],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\Troubleshooter\asp-fixer.com, En quarantaine, [9d10536953473501a7fe1ed69b697b85],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\Troubleshooter\asp-fixer.exe, En quarantaine, [d5d89b21d3c706305f46e4109272da26],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\Troubleshooter\asp-fixer.pif, En quarantaine, [f8b5bb017e1cf4420d98955f36ce34cc],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\Troubleshooter\asp-fixer.scr, En quarantaine, [96170ab20f8b072feabbb04457adec14],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\Troubleshooter\firefox.com, En quarantaine, [a20bffbdd0cacd6933724fa5c53f3dc3],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Advanced System Protector\Troubleshooter\iexplore.exe, En quarantaine, [ffae2f8d0f8b0a2c267ff6fe53b11ee2],
PUP.Optional.InternetUpdater, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\InternetUpdater\InternetUpdaterService.exe, En quarantaine, [16978d2fd6c4f83e908b52da33ce9b65],
PUP.Optional.Norpalla, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\Norpalla\NorpallaUninstall.exe, En quarantaine, [436a5765b3e76fc79334200140c050b0],
PUP.Optional.SysTweak, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RegClean Pro\RegCleanPro.exe, En quarantaine, [a40912aa108a5dd9b57a8f2e04fd837d],
PUP.Optional.SysTweak, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RegClean Pro\CleanSchedule.exe, En quarantaine, [e4c919a3bdddc67024824ca871936a96],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RegClean Pro\SSDPTstub.exe, En quarantaine, [a805a319c8d29a9ceaf048accd3701ff],
PUP.Optional.AdvancedSystemProtector, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RegClean Pro\systweakasp.exe, En quarantaine, [327b447834663df9836202f16e960000],
PUP.Optional.SysTweak, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RegClean Pro\unins000.exe, En quarantaine, [d7d666566931a294d60e338ead54c838],
PUP.Optional.MultiExtension, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RHelpers\ChromeHelper\ChromeHelper.exe, En quarantaine, [08a53c802377ca6c2783c35e748cca36],
PUP.Optional.MultiExtension, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RHelpers\FirefoxHelper\FirefoxHelper.exe, En quarantaine, [238af3c99cfecb6bc4e636eb3fc126da],
PUP.Optional.MultiExtension, C:\Users\hp\AppData\Roaming\ZHP\Quarantine\RHelpers\IeHelper\IeHelper.exe, En quarantaine, [446953692c6e0d29c5e5fd24f20eff01],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\announce.js, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\background.html, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\contentscript.js, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\icon.png, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\icon128.png, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\icon16.png, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\icon48.png, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\iframecontentscript.js, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.MultiIE, C:\Users\Guiying\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\manifest.json, En quarantaine, [ab02b00cd3c78fa777138a1ad72be11f],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\chromeifbc.dll, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\ifbcjs.dll, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\ifb_classic.exe, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\iFunBox2014.exe, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\MediaInfo.dll, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\unins000.dat, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\unins000.exe, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\vficef.dat, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\vfwcef.dat, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\vfwdef.dat, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\vfwproc.bin, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\links\ifunbox.nxgen.blog.url, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
PUP.Optional.iFunBox, C:\Program Files (x86)\iFunbox 2014\links\page.ico, En quarantaine, [55585f5dfe9c6dc9bbf1f9bc5ca6a35d],
Secteurs physiques: 0
(Aucun ¨¦l¨¦ment malveillant d¨¦tect¨¦)
(end)