Auteur Sujet: PC Smart Cleanup  (Lu 12353 fois)

0 Membres et 1 Invité sur ce sujet

Hors ligne chantal11

  • Admin Formation
  • Mega Power Members
  • ****
  • Messages: 25002
    • Windows 10 - Windows 8 - Windows 7 - Windows Vista
PC Smart Cleanup
« le: octobre 19, 2017, 16:20:57 »
Contenu republié avec la permission de Malwarebytes

PC Smart Cleanup est un faux nettoyeur/optimiseur, affiche intentionnellement des faux-positifs pour convaincre l'utilisateur que son système a des problèmes et lui faire acheter le logiciel.
Plus d'infos : Registry Cleaners: Digital Snake Oil | Malwarebytes Labs



  • S'installe en tant que programme, soit à l'insu de l'utilisateur ou parce qu'il n'a pas décoché les sponsors proposés lors de l'installation d'un logiciel gratuit légitime, soit depuis le site de l'éditeur

  • Affiche ces alertes pendant l'installation


  • Affiche ces écrans pendant les opérations


  • Crée cette icône dans la Barre des tâches, sur le Bureau et dans le Menu Démarrer

  • Crée ces tâches planifiées








**********

Détection de PC Smart Cleanup dans des rapports FRST :

Citer
PC Smart Cleanup Installer version 3.0 (HKLM-x32\...\{6706DF9F-E1C8-5C4E-AB48-80452QEQ1277}_is1) (Version: 3.0 - PC Smart Cleanup Installer)
PC Smart Cleanup version 3.0 (HKLM-x32\...\{6406DF9F-E9C8-4C2E-AB48-80352BDR8529}_is1) (Version: 3.0 - PC Smart Cleanup)
Task: {E7E51E6B-EF09-45D7-9CDE-4F393D80A136} - System32\Tasks\pcsmartcleanup_onstartup => C:\Program Files (x86)\PC Smart Cleanup\pc-smart-cleanup.exe [2017-08-26] ()

() C:\Program Files (x86)\PC Smart Cleanup\pc-smart-cleanup.exe
() C:\Program Files (x86)\PC Smart Cleanup\mswin.exe
() C:\Program Files (x86)\PC Smart Cleanup\pcsmartcleanup_popup.exe
HKCU\...\Run: [PC Smart Cleanup] => C:\Program Files (x86)\PC Smart Cleanup\PCSmart.bat [55 2017-07-19] ()
C:\Windows\System32\Tasks\pcsmartcleanup_onstartup
C:\Users\Public\Desktop\PC Smart Cleanup.lnk
C:\ProgramData\PC Smart Cleanup
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Smart Cleanup
C:\Program Files\PC Smart Cleanup Installer
C:\Program Files (x86)\PC Smart Cleanup
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Smart Cleanup Installer
C:\Program Files (x86)\PC Smart Cleanup Installer

**********

Détecté et traité par Malwarebytes en tant que Rogue
Sous la version Premium, Malwarebytes bloque l'accès au domaine pcsmartcleanup.com et l'IP 184.95.32.178

Citer
-Scan Details-
Process: 3
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\mswin.exe, Quarantined, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\pc-smart-cleanup.exe, Quarantined, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\pcsmartcleanup_popup.exe, Quarantined, [748], [433236],1.0.2771

Module: 4
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\x64\SQLite.Interop.dll, Quarantined, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\mswin.exe, Quarantined, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\pc-smart-cleanup.exe, Quarantined, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\pcsmartcleanup_popup.exe, Quarantined, [748], [433236],1.0.2771

Registry Key: 4
Rogue.PCSmartCleanup, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{6406DF9F-E9C8-4C2E-AB48-80352BDR8529}_is1, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{6706DF9F-E1C8-5C4E-AB48-80452QEQ1277}_is1, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E7E51E6B-EF09-45D7-9CDE-4F393D80A136}, Delete-on-Reboot, [748], [433241],1.0.2771
Rogue.PCSmartCleanup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\pcsmartcleanup_onstartup, Delete-on-Reboot, [748], [433240],1.0.2771

Registry Value: 2
Rogue.PCSmartCleanup, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|PC Smart Cleanup, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E7E51E6B-EF09-45D7-9CDE-4F393D80A136}|PATH, Delete-on-Reboot, [748], [433241],1.0.2771

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 18
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\Sounds, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\x64, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\x86, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\br, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\db, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\de, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\en, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\es, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\fr, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\it, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\ja, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\ProgramData\PC Smart Cleanup\db, Delete-on-Reboot, [748], [433243],1.0.2771
Rogue.PCSmartCleanup, C:\PROGRAMDATA\PC SMART CLEANUP, Delete-on-Reboot, [748], [433243],1.0.2771
Rogue.PCSmartCleanup, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PC SMART CLEANUP, Delete-on-Reboot, [748], [433244],1.0.2771
Rogue.PCSmartCleanup, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PC SMART CLEANUP INSTALLER, Delete-on-Reboot, [748], [433245],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files\PC Smart Cleanup Installer\softupdate, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, C:\PROGRAM FILES\PC SMART CLEANUP INSTALLER, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup Installer\softupdate, Delete-on-Reboot, [748], [433246],1.0.2771

File: 63
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\br\pc-smart-cleanup-uninstaller.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\br\pc-smart-cleanup.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\de\pc-smart-cleanup-uninstaller.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\de\pc-smart-cleanup.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\en\pc-smart-cleanup-uninstaller.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\en\pc-smart-cleanup.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\es\pc-smart-cleanup-uninstaller.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\es\pc-smart-cleanup.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\fr\pc-smart-cleanup-uninstaller.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\fr\pc-smart-cleanup.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\it\pc-smart-cleanup-uninstaller.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\it\pc-smart-cleanup.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\ja\pc-smart-cleanup-uninstaller.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\ja\pc-smart-cleanup.resources.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\Sounds\English-Audio.wav, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\Sounds\French-Audio-men.wav, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\Sounds\French-Audio.wav, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\Sounds\popupp.wav, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\Sounds\scan_completed.wav, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\x64\SQLite.Interop.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\x86\SQLite.Interop.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\favicon.ico, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\Ionic.Zip.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\Microsoft.Win32.TaskScheduler.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\mswin.exe, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\Newtonsoft.Json.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\NUnrar.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\pc-smart-cleanup-uninstaller.exe, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\pc-smart-cleanup.exe, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\pc-smart-cleanup.exe.config, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\pc-smart-cleanup.pdb, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\pc-smart-cleanup.vshost.exe.config, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\pc-smart-cleanup.vshost.exe.manifest, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\PCSmart.bat, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\pcsmartcleanup_popup.exe, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\SQLiteHelper.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\SQLiteHelper.pdb, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\System.Data.SQLite.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\System.Data.SQLite.Linq.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\unins000.dat, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\unins000.exe, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\unins000.msg, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\web_reference.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\WpfAnimatedGif.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup\WpfPageTransitions.dll, Delete-on-Reboot, [748], [433236],1.0.2771
Rogue.PCSmartCleanup, C:\ProgramData\PC Smart Cleanup\db\BT.jmps, Delete-on-Reboot, [748], [433243],1.0.2771
Rogue.PCSmartCleanup, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Smart Cleanup\PC Smart Cleanup.lnk, Delete-on-Reboot, [748], [433244],1.0.2771
Rogue.PCSmartCleanup, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Smart Cleanup\Uninstall PC Smart Cleanup.lnk, Delete-on-Reboot, [748], [433244],1.0.2771
Rogue.PCSmartCleanup, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Smart Cleanup Installer\PC Smart Cleanup Installer.lnk, Delete-on-Reboot, [748], [433245],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files\PC Smart Cleanup Installer\softupdate\pc-smart-cleanup.exe, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup Installer\favicon.ico, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup Installer\pc-smart-cleanup-installer.exe, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup Installer\pc-smart-cleanup-installer.exe.config, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup Installer\pc-smart-cleanup-installer.pdb, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup Installer\pc-smart-cleanup-installer.vshost.exe.config, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup Installer\pc-smart-cleanup-installer.vshost.exe.manifest, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup Installer\unins000.dat, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup Installer\unins000.exe, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup Installer\unins000.msg, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, C:\Program Files (x86)\PC Smart Cleanup Installer\web_reference.dll, Delete-on-Reboot, [748], [433246],1.0.2771
Rogue.PCSmartCleanup, C:\USERS\PUBLIC\DESKTOP\PC SMART CLEANUP.LNK, Delete-on-Reboot, [748], [433242],1.0.2771
Rogue.PCSmartCleanup, C:\WINDOWS\SYSTEM32\TASKS\PCSMARTCLEANUP_ONSTARTUP, Delete-on-Reboot, [748], [433239],1.0.2771
Rogue.PCSmartCleanup, C:\USERS\{username}\DESKTOP\PC-SMART-CLEANUP-EN.EXE, Delete-on-Reboot, [748], [433248],1.0.2771

Physical Sector: 0
(No malicious items detected)



Tutoriel d'utilisation Malwarebytes en images


Source : Removal instructions for PC Smart Cleanup de Metallica - Malwarebytes Forums



Toujours infecté ? Une question avant de faire des manipulations ?

Venez poster un nouveau sujet dans ce forum : http://forum.security-x.fr/desinfections/  en prenant soin de suivre la procédure http://forum.security-x.fr/desinfections/procedure-preliminaire/
 

Security-X

PC Smart Cleanup
« le: octobre 19, 2017, 16:20:57 »