Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 24/01/2018
Heure de l'analyse: 13:57
Fichier journal: 2e6d36ec-0106-11e8-9f8f-60029220355c.json
Administrateur: Oui
-Informations du logiciel-
Version: 3.3.1.2183
Version de composants: 1.0.262
Version de pack de mise à jour: 1.0.3775
Licence: Premium
-Informations système-
Système d'exploitation: Windows 10 (Build 16299.192)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: IYAD\iyaddu
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 408864
Menaces détectées: 24
Menaces mises en quarantaine: 24
Temps écoulé: 34 min, 8 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection
-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)
Module: 0
(Aucun élément malveillant détecté)
Clé du registre: 7
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\InstallShield® Update Service Scheduler, En quarantaine, [285], [261680],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3B807AE6-65D5-4E71-B564-AE68C706AA80}, En quarantaine, [285], [261680],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{3B807AE6-65D5-4E71-B564-AE68C706AA80}, En quarantaine, [285], [261680],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OPTIMIZE THUMBNAIL CACHE FILES, En quarantaine, [285], [328817],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2D2233F8-08E4-41D0-BE49-3DAFEC3198A7}, En quarantaine, [285], [328817],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{2D2233F8-08E4-41D0-BE49-3DAFEC3198A7}, En quarantaine, [285], [328817],1.0.3775
Valeur du registre: 15
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1437628794-3035026654-3620806506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1437628794-3035026654-3620806506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1437628794-3035026654-3620806506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2D2233F8-08E4-41D0-BE49-3DAFEC3198A7}|PATH, En quarantaine, [285], [328818],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3B807AE6-65D5-4E71-B564-AE68C706AA80}|PATH, En quarantaine, [285], [261682],1.0.3775
Données du registre: 0
(Aucun élément malveillant détecté)
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 0
(Aucun élément malveillant détecté)
Fichier: 2
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\InstallShield® Update Service Scheduler, En quarantaine, [285], [261680],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\OPTIMIZE THUMBNAIL CACHE FILES, En quarantaine, [285], [328817],1.0.3775
Secteur physique: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 24/01/2018
Heure de l'analyse: 13:57
Fichier journal: 2e6d36ec-0106-11e8-9f8f-60029220355c.json
Administrateur: Oui
-Informations du logiciel-
Version: 3.3.1.2183
Version de composants: 1.0.262
Version de pack de mise à jour: 1.0.3775
Licence: Premium
-Informations système-
Système d'exploitation: Windows 10 (Build 16299.192)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: IYAD\iyaddu
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 408864
Menaces détectées: 24
Menaces mises en quarantaine: 24
Temps écoulé: 34 min, 8 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection
-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)
Module: 0
(Aucun élément malveillant détecté)
Clé du registre: 7
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\InstallShield® Update Service Scheduler, En quarantaine, [285], [261680],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3B807AE6-65D5-4E71-B564-AE68C706AA80}, En quarantaine, [285], [261680],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{3B807AE6-65D5-4E71-B564-AE68C706AA80}, En quarantaine, [285], [261680],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OPTIMIZE THUMBNAIL CACHE FILES, En quarantaine, [285], [328817],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2D2233F8-08E4-41D0-BE49-3DAFEC3198A7}, En quarantaine, [285], [328817],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{2D2233F8-08E4-41D0-BE49-3DAFEC3198A7}, En quarantaine, [285], [328817],1.0.3775
Valeur du registre: 15
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1437628794-3035026654-3620806506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1437628794-3035026654-3620806506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1437628794-3035026654-3620806506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2D2233F8-08E4-41D0-BE49-3DAFEC3198A7}|PATH, En quarantaine, [285], [328818],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3B807AE6-65D5-4E71-B564-AE68C706AA80}|PATH, En quarantaine, [285], [261682],1.0.3775
Données du registre: 0
(Aucun élément malveillant détecté)
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 0
(Aucun élément malveillant détecté)
Fichier: 2
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\InstallShield® Update Service Scheduler, En quarantaine, [285], [261680],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\OPTIMIZE THUMBNAIL CACHE FILES, En quarantaine, [285], [328817],1.0.3775
Secteur physique: 0
(Aucun élément malveillant détecté)
(end)