Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'analyse: 16/07/2016
Heure de l'analyse: 10:13
Fichier journal: Rapport.txt
Administrateur: Oui
Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.07.16.03
Base de données de rootkits: v2016.05.27.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Pc-Famille
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 336802
Temps écoulé: 14 min, 38 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du Registre: 7
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\AKAQDUKSEUT, , [5f5433f1613942f40216d8223cc745bb],
PUP.Optional.IDSCProduct, HKLM\SOFTWARE\MICROSOFT\TRACING\idscservice_RASMANCS, , [793a40e4e2b8c175ee41ac5009fa14ec],
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\TRACING\otutnetwork_RASAPI32, , [625165bff8a2f0467d73e01bdc27a15f],
PUP.Optional.WizzCaster, HKLM\SOFTWARE\MICROSOFT\TRACING\wizzcaster_RASAPI32, , [0fa4ee36fd9d95a1f19a619db15217e9],
PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, , [3380ce563565072f30202584ba4a9769],
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\WOW6432NODE\AKAQDUKSEUT, , [793ab074ccceeb4be43451a9c83bc33d],
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Statdex.exe, , [902352d2e2b8be7807d86b5e61a1a759],
Valeurs du Registre: 12
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\Akaqdukseut|installer_name, vbates_clkmfrex_.exe, , [5f5433f1613942f40216d8223cc745bb]
PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.hohosearch.com/?ts=AHEqAn4oBH0rB0..&v=20160513&uid=025ACEBF6692AD4D6EC1EA23851EE424&ptid=epf1&mode=ffsengext, , [3380ce563565072f30202584ba4a9769]
PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.hohosearch.com/?ts=AHEqAn4oBH0rB0..&v=20160513&uid=025ACEBF6692AD4D6EC1EA23851EE424&ptid=epf1&mode=ffsengext, , [03b0b96b237746f0a3ad327764a031cf]
PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.hohosearch.com/chrome.php?uid=025ACEBF6692AD4D6EC1EA23851EE424&ptid=epf1&q={searchTerms}&ts=AHEqAn4oBH0rB0..&v=20160513&mode=ffsengext, , [9c17170d2c6eb6801d33c7e2e22253ad]
PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.hohosearch.com/chrome.php?uid=025ACEBF6692AD4D6EC1EA23851EE424&ptid=epf1&ts=AHEqAn4oBH0rB0..&v=20160513&mode=ffexttoolbar&q=, , [902383a1cecc1a1c153bc4e55ea62bd5]
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\WOW6432NODE\Akaqdukseut|installer_name, vbates_clkmfrex_.exe, , [793ab074ccceeb4be43451a9c83bc33d]
Adware.EoRezo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|sun21, , [971ceb39bcde2511fc76cc27669dd828],
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IPHLPSVC\PARAMETERS\PROXYMGR\{0F307608-4861-4FB8-88A5-BB7F48B0321E}|AutoConfigUrl, http://unstops.org/wpad.dat?86494c9468ded16b4b30dc34c3191e8410059773, , [2a89042014864de948f3956b7391926e]
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IPHLPSVC\PARAMETERS\PROXYMGR\{6B76F637-3509-477F-9718-10E469E99281}|AutoConfigUrl, http://unstops.org/wpad.dat?86494c9468ded16b4b30dc34c3191e8410059773, , [a60d30f4aeec5cda71ca32ce6a9a1ce4]
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, 0http://unstops.org/wpad.dat?86494c9468ded16b4b30dc34c3191e8410059773, , [b6fdf4302c6e5fd7ee4e768a24e0df21]
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-18\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSnapdoCSDIRev&co=FR&userid=b5e5e322-1926-b035-6868-fb2b385cb49f&searchtype=sc&installDate=13/05/2016&barcodeid=51213003&channelid=3&av=windows, , [ae05c75dfaa09c9a2b2fe2132fd447b9]
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1877469431-1950097638-2383952434-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://unstops.org/wpad.dat?86494c9468ded16b4b30dc34c3191e8410059773, , [05aec65e58429d999e9b619fde26d030]
Données du Registre: 0
(Aucun élément malveillant détecté)
Dossiers: 1
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar, , [565db470c5d5f6400884e311a261b24e],
Fichiers: 14
PUP.Optional.PerionTB, C:\Program Files\Akaqdukseut\bsdp32.sys, , [f3c03aea02980d29e79d428b4fb2eb15],
RiskWare.GameHack, C:\Program Files (x86)\Cities XXL\steam_api.dll, , [f6bdf82cd1c90036a3d3efb9c63eda26],
PUP.Optional.OpenCandy, C:\Users\Pc-Famille\Desktop\jeux Enzo\CheatEngine651.exe, , [9e15ef355c3e979fdd3057365fa2946c],
PUP.Optional.Komodia, C:\Windows\Temp\ziengine.ini.log, , [b0036fb5debc1422a3eb3bb37e85718f],
PUP.Optional.Komodia, C:\Windows\Temp\zdengine.log, , [d0e37ea6990187afa1eef0fe81824bb5],
PUP.Optional.Linkury, C:\Users\Pc-Famille\AppData\Roaming\md.xml, , [fbb827fd089273c343857679ad56649c],
PUP.Optional.Linkury, C:\Users\Pc-Famille\AppData\Roaming\noah.dat, , [7b38c65efb9f66d07d4c628dc53e43bd],
PUP.Optional.Linkury, C:\Users\Pc-Famille\AppData\Roaming\lobby.dat, , [169d47ddcdcdbf77cf84c32df80b7090],
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Biotrax.ico, , [565db470c5d5f6400884e311a261b24e],
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\KonkRedlex.ico, , [565db470c5d5f6400884e311a261b24e],
PUP.Optional.Linkury.Gen, C:\Users\Pc-Famille\AppData\Roaming\LamTrax.tst, , [555e29fb4f4b37ffd9b356a79c67ec14],
PUP.Optional.Linkury.Gen, C:\Users\Pc-Famille\AppData\Roaming\Zamis.tst, , [654efa2a1e7cfa3c3b511ce1f60d8080],
PUP.Optional.Linkury.ACMB1, C:\Users\Pc-Famille\AppData\Roaming\Config.xml, , [595a30f4dac02c0add7805988d77af51],
PUP.Optional.Linkury.ACMB1, C:\Users\Pc-Famille\AppData\Roaming\InstallationConfiguration.xml, , [d9dae0446e2cd0660c4a2c713fc5a957],
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.org
Date de l'analyse: 16/07/2016
Heure de l'analyse: 10:13
Fichier journal: Rapport.txt
Administrateur: Oui
Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.07.16.03
Base de données de rootkits: v2016.05.27.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Pc-Famille
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 336802
Temps écoulé: 14 min, 38 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du Registre: 7
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\AKAQDUKSEUT, , [5f5433f1613942f40216d8223cc745bb],
PUP.Optional.IDSCProduct, HKLM\SOFTWARE\MICROSOFT\TRACING\idscservice_RASMANCS, , [793a40e4e2b8c175ee41ac5009fa14ec],
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\TRACING\otutnetwork_RASAPI32, , [625165bff8a2f0467d73e01bdc27a15f],
PUP.Optional.WizzCaster, HKLM\SOFTWARE\MICROSOFT\TRACING\wizzcaster_RASAPI32, , [0fa4ee36fd9d95a1f19a619db15217e9],
PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, , [3380ce563565072f30202584ba4a9769],
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\WOW6432NODE\AKAQDUKSEUT, , [793ab074ccceeb4be43451a9c83bc33d],
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Statdex.exe, , [902352d2e2b8be7807d86b5e61a1a759],
Valeurs du Registre: 12
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\Akaqdukseut|installer_name, vbates_clkmfrex_.exe, , [5f5433f1613942f40216d8223cc745bb]
PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.hohosearch.com/?ts=AHEqAn4oBH0rB0..&v=20160513&uid=025ACEBF6692AD4D6EC1EA23851EE424&ptid=epf1&mode=ffsengext, , [3380ce563565072f30202584ba4a9769]
PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.hohosearch.com/?ts=AHEqAn4oBH0rB0..&v=20160513&uid=025ACEBF6692AD4D6EC1EA23851EE424&ptid=epf1&mode=ffsengext, , [03b0b96b237746f0a3ad327764a031cf]
PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.hohosearch.com/chrome.php?uid=025ACEBF6692AD4D6EC1EA23851EE424&ptid=epf1&q={searchTerms}&ts=AHEqAn4oBH0rB0..&v=20160513&mode=ffsengext, , [9c17170d2c6eb6801d33c7e2e22253ad]
PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.hohosearch.com/chrome.php?uid=025ACEBF6692AD4D6EC1EA23851EE424&ptid=epf1&ts=AHEqAn4oBH0rB0..&v=20160513&mode=ffexttoolbar&q=, , [902383a1cecc1a1c153bc4e55ea62bd5]
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\WOW6432NODE\Akaqdukseut|installer_name, vbates_clkmfrex_.exe, , [793ab074ccceeb4be43451a9c83bc33d]
Adware.EoRezo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|sun21, , [971ceb39bcde2511fc76cc27669dd828],
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IPHLPSVC\PARAMETERS\PROXYMGR\{0F307608-4861-4FB8-88A5-BB7F48B0321E}|AutoConfigUrl, http://unstops.org/wpad.dat?86494c9468ded16b4b30dc34c3191e8410059773, , [2a89042014864de948f3956b7391926e]
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IPHLPSVC\PARAMETERS\PROXYMGR\{6B76F637-3509-477F-9718-10E469E99281}|AutoConfigUrl, http://unstops.org/wpad.dat?86494c9468ded16b4b30dc34c3191e8410059773, , [a60d30f4aeec5cda71ca32ce6a9a1ce4]
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, 0http://unstops.org/wpad.dat?86494c9468ded16b4b30dc34c3191e8410059773, , [b6fdf4302c6e5fd7ee4e768a24e0df21]
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-18\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSnapdoCSDIRev&co=FR&userid=b5e5e322-1926-b035-6868-fb2b385cb49f&searchtype=sc&installDate=13/05/2016&barcodeid=51213003&channelid=3&av=windows, , [ae05c75dfaa09c9a2b2fe2132fd447b9]
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1877469431-1950097638-2383952434-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://unstops.org/wpad.dat?86494c9468ded16b4b30dc34c3191e8410059773, , [05aec65e58429d999e9b619fde26d030]
Données du Registre: 0
(Aucun élément malveillant détecté)
Dossiers: 1
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar, , [565db470c5d5f6400884e311a261b24e],
Fichiers: 14
PUP.Optional.PerionTB, C:\Program Files\Akaqdukseut\bsdp32.sys, , [f3c03aea02980d29e79d428b4fb2eb15],
RiskWare.GameHack, C:\Program Files (x86)\Cities XXL\steam_api.dll, , [f6bdf82cd1c90036a3d3efb9c63eda26],
PUP.Optional.OpenCandy, C:\Users\Pc-Famille\Desktop\jeux Enzo\CheatEngine651.exe, , [9e15ef355c3e979fdd3057365fa2946c],
PUP.Optional.Komodia, C:\Windows\Temp\ziengine.ini.log, , [b0036fb5debc1422a3eb3bb37e85718f],
PUP.Optional.Komodia, C:\Windows\Temp\zdengine.log, , [d0e37ea6990187afa1eef0fe81824bb5],
PUP.Optional.Linkury, C:\Users\Pc-Famille\AppData\Roaming\md.xml, , [fbb827fd089273c343857679ad56649c],
PUP.Optional.Linkury, C:\Users\Pc-Famille\AppData\Roaming\noah.dat, , [7b38c65efb9f66d07d4c628dc53e43bd],
PUP.Optional.Linkury, C:\Users\Pc-Famille\AppData\Roaming\lobby.dat, , [169d47ddcdcdbf77cf84c32df80b7090],
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Biotrax.ico, , [565db470c5d5f6400884e311a261b24e],
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\KonkRedlex.ico, , [565db470c5d5f6400884e311a261b24e],
PUP.Optional.Linkury.Gen, C:\Users\Pc-Famille\AppData\Roaming\LamTrax.tst, , [555e29fb4f4b37ffd9b356a79c67ec14],
PUP.Optional.Linkury.Gen, C:\Users\Pc-Famille\AppData\Roaming\Zamis.tst, , [654efa2a1e7cfa3c3b511ce1f60d8080],
PUP.Optional.Linkury.ACMB1, C:\Users\Pc-Famille\AppData\Roaming\Config.xml, , [595a30f4dac02c0add7805988d77af51],
PUP.Optional.Linkury.ACMB1, C:\Users\Pc-Famille\AppData\Roaming\InstallationConfiguration.xml, , [d9dae0446e2cd0660c4a2c713fc5a957],
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)