Publicité
Publicité
Format du document : text/plain
Prévisualisation
# AdwCleaner v6.043 - Logfile created 21/02/2017 at 10:18:11
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-20.3 [Server]
# Operating System : Windows 10 Home (X64)
# Username : HU Dylan - DESKTOP-PVLPE67
# Running from : C:\Users\HU Dylan\Downloads\adwcleaner_6.043.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
Service Found: WinSAPSvc
Service Found: Archer
Service Found: ed2kidle
Service Found: iThemes5
Service Found: Stuhoph
***** [ Folders ] *****
Folder Found: C:\Program Files (x86)\WinSnare(4.1.0)
Folder Found: C:\Program Files (x86)\WinSnare(4.1.3)
Folder Found: C:\Users\HU Dylan\AppData\Roaming\cacaoweb
Folder Found: C:\Users\HU Dylan\AppData\Roaming\WinSAPSvc
Folder Found: C:\Users\HU Dylan\AppData\Roaming\winsapsvc
Folder Found: C:\Users\HU Dylan\AppData\Roaming\aMule
Folder Found: C:\Users\HU Dylan\AppData\Roaming\WinSnare
Folder Found: C:\Users\HU Dylan\AppData\Roaming\Climofabech
Folder Found: C:\Users\HU Dylan\AppData\Roaming\CLIMOFABECH
Folder Found: C:\Users\HU Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
Folder Found: C:\ProgramData\WinSAPSvc
Folder Found: C:\ProgramData\winsapsvc
Folder Found: C:\ProgramData\Application Data\WinSAPSvc
Folder Found: C:\ProgramData\Application Data\winsapsvc
Folder Found: C:\Program Files (x86)\WinArcher
Folder Found: C:\Program Files (x86)\winarcher
Folder Found: C:\Program Files (x86)\Drecaward Client
Folder Found: C:\Program Files (x86)\MIO
Folder Found: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\Roaming\Tencent
Folder Found: C:\Users\HU Dylan\AppData\Roaming\WinSnare
Folder Found: C:\Program Files (x86)\MIO
***** [ Files ] *****
File Found: C:\Users\HU Dylan\Downloads\cacaoweb.exe
File Found: C:\Users\HU Dylan\Desktop\cacaoweb.exe
File Found: C:\Program Files (x86)\Common Files\SERVICES\ITHEMES.DLL
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious keys found.
***** [ Shortcuts ] *****
No infected shortcut found.
***** [ Scheduled Tasks ] *****
Task Found: Milimili
Task Found: Drecaward Client
Task Found: Niiseclajuent
***** [ Registry ] *****
Key Found: HKU\.DEFAULT\Software\jhdbca
Key Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\cacaoweb
Key Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\PRODUCTSETUP
Key Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\csastats
Key Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\ICSW1.23
Key Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\MICROSOFT\wewewe
Key Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\WinSnare
Key Found: HKU\S-1-5-18\Software\jhdbca
Key Found: HKCU\Software\cacaoweb
Key Found: HKCU\Software\PRODUCTSETUP
Key Found: HKCU\Software\csastats
Key Found: HKCU\Software\ICSW1.23
Key Found: HKCU\Software\MICROSOFT\wewewe
Key Found: HKCU\Software\WinSnare
Key Found: HKLM\SOFTWARE\trotuxSoftware
Key Found: HKLM\SOFTWARE\ScreenShot
Key Found: HKLM\SOFTWARE\jhdbca
Key Found: HKLM\SOFTWARE\WinArcher
Key Found: HKLM\SOFTWARE\Ckafoyanerqeent
Key Found: HKLM\SOFTWARE\dozuent.exe
Key Found: HKLM\SOFTWARE\Suvosh
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B2EFFD4E-D098-4845-9D56-DE75BEB35913}
Key Found: [x64] HKCU\Software\cacaoweb
Key Found: [x64] HKCU\Software\PRODUCTSETUP
Key Found: [x64] HKCU\Software\csastats
Key Found: [x64] HKCU\Software\ICSW1.23
Key Found: [x64] HKCU\Software\MICROSOFT\wewewe
Key Found: [x64] HKCU\Software\WinSnare
Key Found: [x64] HKLM\SOFTWARE\jhdbca
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\duba.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.duba.com
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\azlyrics.com
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.azlyrics.com
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\azlyrics.com
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.azlyrics.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\duba.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.duba.com
Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\azlyrics.com
Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.azlyrics.co
Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\azlyrics.com
Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.azlyrics.com
Value Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Value Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Value Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Key Found: HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Value Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
Value Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [ArcherGroupEx]
Value Found: HKLM\SYSTEM\CurrentControlSet\Services\Themes [DependOnService]
Value Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [Stuhoph]
***** [ Web browsers ] *****
No malicious Firefox based browser items found.
No malicious Chromium based browser items found.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [6642 Bytes] - [21/02/2017 10:18:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6715 Bytes] ##########
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-20.3 [Server]
# Operating System : Windows 10 Home (X64)
# Username : HU Dylan - DESKTOP-PVLPE67
# Running from : C:\Users\HU Dylan\Downloads\adwcleaner_6.043.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
Service Found: WinSAPSvc
Service Found: Archer
Service Found: ed2kidle
Service Found: iThemes5
Service Found: Stuhoph
***** [ Folders ] *****
Folder Found: C:\Program Files (x86)\WinSnare(4.1.0)
Folder Found: C:\Program Files (x86)\WinSnare(4.1.3)
Folder Found: C:\Users\HU Dylan\AppData\Roaming\cacaoweb
Folder Found: C:\Users\HU Dylan\AppData\Roaming\WinSAPSvc
Folder Found: C:\Users\HU Dylan\AppData\Roaming\winsapsvc
Folder Found: C:\Users\HU Dylan\AppData\Roaming\aMule
Folder Found: C:\Users\HU Dylan\AppData\Roaming\WinSnare
Folder Found: C:\Users\HU Dylan\AppData\Roaming\Climofabech
Folder Found: C:\Users\HU Dylan\AppData\Roaming\CLIMOFABECH
Folder Found: C:\Users\HU Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
Folder Found: C:\ProgramData\WinSAPSvc
Folder Found: C:\ProgramData\winsapsvc
Folder Found: C:\ProgramData\Application Data\WinSAPSvc
Folder Found: C:\ProgramData\Application Data\winsapsvc
Folder Found: C:\Program Files (x86)\WinArcher
Folder Found: C:\Program Files (x86)\winarcher
Folder Found: C:\Program Files (x86)\Drecaward Client
Folder Found: C:\Program Files (x86)\MIO
Folder Found: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\Roaming\Tencent
Folder Found: C:\Users\HU Dylan\AppData\Roaming\WinSnare
Folder Found: C:\Program Files (x86)\MIO
***** [ Files ] *****
File Found: C:\Users\HU Dylan\Downloads\cacaoweb.exe
File Found: C:\Users\HU Dylan\Desktop\cacaoweb.exe
File Found: C:\Program Files (x86)\Common Files\SERVICES\ITHEMES.DLL
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious keys found.
***** [ Shortcuts ] *****
No infected shortcut found.
***** [ Scheduled Tasks ] *****
Task Found: Milimili
Task Found: Drecaward Client
Task Found: Niiseclajuent
***** [ Registry ] *****
Key Found: HKU\.DEFAULT\Software\jhdbca
Key Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\cacaoweb
Key Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\PRODUCTSETUP
Key Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\csastats
Key Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\ICSW1.23
Key Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\MICROSOFT\wewewe
Key Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\WinSnare
Key Found: HKU\S-1-5-18\Software\jhdbca
Key Found: HKCU\Software\cacaoweb
Key Found: HKCU\Software\PRODUCTSETUP
Key Found: HKCU\Software\csastats
Key Found: HKCU\Software\ICSW1.23
Key Found: HKCU\Software\MICROSOFT\wewewe
Key Found: HKCU\Software\WinSnare
Key Found: HKLM\SOFTWARE\trotuxSoftware
Key Found: HKLM\SOFTWARE\ScreenShot
Key Found: HKLM\SOFTWARE\jhdbca
Key Found: HKLM\SOFTWARE\WinArcher
Key Found: HKLM\SOFTWARE\Ckafoyanerqeent
Key Found: HKLM\SOFTWARE\dozuent.exe
Key Found: HKLM\SOFTWARE\Suvosh
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B2EFFD4E-D098-4845-9D56-DE75BEB35913}
Key Found: [x64] HKCU\Software\cacaoweb
Key Found: [x64] HKCU\Software\PRODUCTSETUP
Key Found: [x64] HKCU\Software\csastats
Key Found: [x64] HKCU\Software\ICSW1.23
Key Found: [x64] HKCU\Software\MICROSOFT\wewewe
Key Found: [x64] HKCU\Software\WinSnare
Key Found: [x64] HKLM\SOFTWARE\jhdbca
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\duba.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.duba.com
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\azlyrics.com
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.azlyrics.com
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\azlyrics.com
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.azlyrics.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\duba.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.duba.com
Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\azlyrics.com
Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.azlyrics.co
Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\azlyrics.com
Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.azlyrics.com
Value Found: HKU\S-1-5-21-2191782336-4012611912-442011344-1001\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Value Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Value Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Key Found: HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Value Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
Value Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [ArcherGroupEx]
Value Found: HKLM\SYSTEM\CurrentControlSet\Services\Themes [DependOnService]
Value Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [Stuhoph]
***** [ Web browsers ] *****
No malicious Firefox based browser items found.
No malicious Chromium based browser items found.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [6642 Bytes] - [21/02/2017 10:18:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6715 Bytes] ##########