Malwarebytes Anti-Malware www.malwarebytes.org Date de l'analyse: 16/07/2016 Heure de l'analyse: 10:13 Fichier journal: Rapport.txt Administrateur: Oui Version: 2.2.1.1043 Base de données de programmes malveillants: v2016.07.16.03 Base de données de rootkits: v2016.05.27.01 Licence: Gratuit Protection contre les programmes malveillants: Désactivé Protection contre les sites Web malveillants: Désactivé Autoprotection: Désactivé Système d'exploitation: Windows 10 Processeur: x64 Système de fichiers: NTFS Utilisateur: Pc-Famille Type d'analyse: Analyse des menaces Résultat: Terminé Objets analysés: 336802 Temps écoulé: 14 min, 38 s Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Activé Rootkits: Activé Heuristique: Activé PUP: Activé PUM: Activé Processus: 0 (Aucun élément malveillant détecté) Modules: 0 (Aucun élément malveillant détecté) Clés du Registre: 7 PUP.Optional.VBates.Gen, HKLM\SOFTWARE\AKAQDUKSEUT, , [5f5433f1613942f40216d8223cc745bb], PUP.Optional.IDSCProduct, HKLM\SOFTWARE\MICROSOFT\TRACING\idscservice_RASMANCS, , [793a40e4e2b8c175ee41ac5009fa14ec], PUP.Optional.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\TRACING\otutnetwork_RASAPI32, , [625165bff8a2f0467d73e01bdc27a15f], PUP.Optional.WizzCaster, HKLM\SOFTWARE\MICROSOFT\TRACING\wizzcaster_RASAPI32, , [0fa4ee36fd9d95a1f19a619db15217e9], PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, , [3380ce563565072f30202584ba4a9769], PUP.Optional.VBates.Gen, HKLM\SOFTWARE\WOW6432NODE\AKAQDUKSEUT, , [793ab074ccceeb4be43451a9c83bc33d], PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Statdex.exe, , [902352d2e2b8be7807d86b5e61a1a759], Valeurs du Registre: 12 PUP.Optional.VBates.Gen, HKLM\SOFTWARE\Akaqdukseut|installer_name, vbates_clkmfrex_.exe, , [5f5433f1613942f40216d8223cc745bb] PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.hohosearch.com/?ts=AHEqAn4oBH0rB0..&v=20160513&uid=025ACEBF6692AD4D6EC1EA23851EE424&ptid=epf1&mode=ffsengext, , [3380ce563565072f30202584ba4a9769] PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.hohosearch.com/?ts=AHEqAn4oBH0rB0..&v=20160513&uid=025ACEBF6692AD4D6EC1EA23851EE424&ptid=epf1&mode=ffsengext, , [03b0b96b237746f0a3ad327764a031cf] PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.hohosearch.com/chrome.php?uid=025ACEBF6692AD4D6EC1EA23851EE424&ptid=epf1&q={searchTerms}&ts=AHEqAn4oBH0rB0..&v=20160513&mode=ffsengext, , [9c17170d2c6eb6801d33c7e2e22253ad] PUP.Optional.HohoSearch.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.hohosearch.com/chrome.php?uid=025ACEBF6692AD4D6EC1EA23851EE424&ptid=epf1&ts=AHEqAn4oBH0rB0..&v=20160513&mode=ffexttoolbar&q=, , [902383a1cecc1a1c153bc4e55ea62bd5] PUP.Optional.VBates.Gen, HKLM\SOFTWARE\WOW6432NODE\Akaqdukseut|installer_name, vbates_clkmfrex_.exe, , [793ab074ccceeb4be43451a9c83bc33d] Adware.EoRezo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|sun21, , [971ceb39bcde2511fc76cc27669dd828], Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IPHLPSVC\PARAMETERS\PROXYMGR\{0F307608-4861-4FB8-88A5-BB7F48B0321E}|AutoConfigUrl, http://unstops.org/wpad.dat?86494c9468ded16b4b30dc34c3191e8410059773, , [2a89042014864de948f3956b7391926e] Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IPHLPSVC\PARAMETERS\PROXYMGR\{6B76F637-3509-477F-9718-10E469E99281}|AutoConfigUrl, http://unstops.org/wpad.dat?86494c9468ded16b4b30dc34c3191e8410059773, , [a60d30f4aeec5cda71ca32ce6a9a1ce4] Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, 0http://unstops.org/wpad.dat?86494c9468ded16b4b30dc34c3191e8410059773, , [b6fdf4302c6e5fd7ee4e768a24e0df21] PUP.Optional.Linkury.ACMB1, HKU\S-1-5-18\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSnapdoCSDIRev&co=FR&userid=b5e5e322-1926-b035-6868-fb2b385cb49f&searchtype=sc&installDate=13/05/2016&barcodeid=51213003&channelid=3&av=windows, , [ae05c75dfaa09c9a2b2fe2132fd447b9] Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1877469431-1950097638-2383952434-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://unstops.org/wpad.dat?86494c9468ded16b4b30dc34c3191e8410059773, , [05aec65e58429d999e9b619fde26d030] Données du Registre: 0 (Aucun élément malveillant détecté) Dossiers: 1 PUP.Optional.Linkury, C:\Windows\Temp\Smartbar, , [565db470c5d5f6400884e311a261b24e], Fichiers: 14 PUP.Optional.PerionTB, C:\Program Files\Akaqdukseut\bsdp32.sys, , [f3c03aea02980d29e79d428b4fb2eb15], RiskWare.GameHack, C:\Program Files (x86)\Cities XXL\steam_api.dll, , [f6bdf82cd1c90036a3d3efb9c63eda26], PUP.Optional.OpenCandy, C:\Users\Pc-Famille\Desktop\jeux Enzo\CheatEngine651.exe, , [9e15ef355c3e979fdd3057365fa2946c], PUP.Optional.Komodia, C:\Windows\Temp\ziengine.ini.log, , [b0036fb5debc1422a3eb3bb37e85718f], PUP.Optional.Komodia, C:\Windows\Temp\zdengine.log, , [d0e37ea6990187afa1eef0fe81824bb5], PUP.Optional.Linkury, C:\Users\Pc-Famille\AppData\Roaming\md.xml, , [fbb827fd089273c343857679ad56649c], PUP.Optional.Linkury, C:\Users\Pc-Famille\AppData\Roaming\noah.dat, , [7b38c65efb9f66d07d4c628dc53e43bd], PUP.Optional.Linkury, C:\Users\Pc-Famille\AppData\Roaming\lobby.dat, , [169d47ddcdcdbf77cf84c32df80b7090], PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Biotrax.ico, , [565db470c5d5f6400884e311a261b24e], PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\KonkRedlex.ico, , [565db470c5d5f6400884e311a261b24e], PUP.Optional.Linkury.Gen, C:\Users\Pc-Famille\AppData\Roaming\LamTrax.tst, , [555e29fb4f4b37ffd9b356a79c67ec14], PUP.Optional.Linkury.Gen, C:\Users\Pc-Famille\AppData\Roaming\Zamis.tst, , [654efa2a1e7cfa3c3b511ce1f60d8080], PUP.Optional.Linkury.ACMB1, C:\Users\Pc-Famille\AppData\Roaming\Config.xml, , [595a30f4dac02c0add7805988d77af51], PUP.Optional.Linkury.ACMB1, C:\Users\Pc-Famille\AppData\Roaming\InstallationConfiguration.xml, , [d9dae0446e2cd0660c4a2c713fc5a957], Secteurs physiques: 0 (Aucun élément malveillant détecté) (end)