Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 23/09/2021
Durée d'analyse: 19:15
Fichier journal: d3a91e32-1c91-11ec-822b-00d86159b17e.json
-Informations du logiciel-
Version: 4.4.7.134
Version de composants: 1.0.1464
Version de pack de mise à jour: 1.0.45264
Licence: Gratuit
-Informations système-
Système d'exploitation: Windows 10 (Build 19042.1237)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: DESKTOP-FBQVH2D\Romio
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 335422
Menaces détectées: 58
Menaces mises en quarantaine: 56
Temps écoulé: 3 min, 6 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Détection
PUM: Détection
-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)
Module: 0
(Aucun élément malveillant détecté)
Clé du registre: 7
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Optimize Thumbnail Cache, En quarantaine, 3904, 943626, , , , , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EC03A147-D7ED-499D-9FD7-5CB79637DC97}, En quarantaine, 3904, 943626, , , , , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{EC03A147-D7ED-499D-9FD7-5CB79637DC97}, En quarantaine, 3904, 943626, , , , , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Trojan.Agent.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Intel Rapid, En quarantaine, 3740, 976736, , , , , ,
Trojan.Agent.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{855F1E7F-8DC3-48B5-9006-F4069A1E39C5}, En quarantaine, 3740, 976736, , , , , ,
Trojan.Agent.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{855F1E7F-8DC3-48B5-9006-F4069A1E39C5}, En quarantaine, 3740, 976736, , , , , ,
Valeur du registre: 13
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Échec de la suppression, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-2887478810-2401684599-1784179501-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Échec de la suppression, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, En quarantaine, 3904, 943647, 1.0.45264, , ame, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, En quarantaine, 3904, 943647, 1.0.45264, , ame, , ,
PUP.Optional.ForcedExtension, HKU\S-1-5-21-2887478810-2401684599-1784179501-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|eedlgdlajadkbbjoobobefphmfkcchfk, En quarantaine, 298, 980953, , , , , ,
Données du registre: 0
(Aucun élément malveillant détecté)
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 4
PUP.Optional.ForcedExtension, C:\USERS\ROMIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk, En quarantaine, 298, 980953, , , , , ,
PUP.Optional.ForcedExtension, C:\USERS\ROMIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk, En quarantaine, 298, 980953, , , , , ,
PUP.Optional.ForcedExtension, C:\USERS\ROMIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En quarantaine, 298, 980953, , , , , ,
PUP.Optional.ForcedExtension, C:\USERS\ROMIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EEDLGDLAJADKBBJOOBOBEFPHMFKCCHFK, En quarantaine, 298, 980953, 1.0.45264, , ame, , ,
Fichier: 34
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\OPTIMIZE THUMBNAIL CACHE, En quarantaine, 3904, 943626, 1.0.45264, , ame, , 1B52B8628BE3E60A31C1EE363A0C0601, 8DB6C212911655D8EF66BE8298269AF3B85D60C40028726AAAF49673B13EA36B
PUP.Optional.ForcedExtension, C:\USERS\ROMIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, 298, 980953, , , , , FA943458746519C4302339BA9698EEC7, EED8F14609151BABEBEC93030F01080C06B8AB5AF5EF902F7E98F0CCAC54EAF0
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\000003.log, En quarantaine, 298, 980953, , , , , FBE2543FC7880A6AFF6256ED79E5887C, A81AD33055090FC648EA75B979CB78BB59E48CEB370D14E53989E8B14A1CA8F7
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\CURRENT, En quarantaine, 298, 980953, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\LOCK, En quarantaine, 298, 980953, , , , , ,
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\LOG, En quarantaine, 298, 980953, , , , , 09A702933948AF69AC35EC58C9D8CB91, 0D31BC1A816EC704B9740D21FECB869AB7BA3B4D95DB8CD54FF5C74DA92AC4E8
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\LOG.old, En quarantaine, 298, 980953, , , , , 6FA7025CBE8DA380003C088605CB1FBC, 06B7EC02FF2F6798D0496555545AEA291933EFDCADE297D78817FAD16710D483
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\MANIFEST-000001, En quarantaine, 298, 980953, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\000003.log, En quarantaine, 298, 980953, , , , , 9C1A1AC843A430450F816B2BA818F355, 2EFA5AC9E7AB76049043C66F9489F3B21C96D1F988886C8E8F586C917969584D
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\CURRENT, En quarantaine, 298, 980953, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\LOCK, En quarantaine, 298, 980953, , , , , ,
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\LOG, En quarantaine, 298, 980953, , , , , 473C27FF670AE7050BA5953758006897, 89D7C9EC21B1746FE2F606135A0E430BCF8EF4905669A90DA66AB5040C25EED9
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\LOG.old, En quarantaine, 298, 980953, , , , , 6BD980CB0389F863826E31DABD55146A, B5BF108F9EA9D0495FA767A91E640922C6603A111EB6ED9515731B7507E85EB6
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\MANIFEST-000001, En quarantaine, 298, 980953, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.ldb, En quarantaine, 298, 980953, , , , , FE382E791274914BEE5950777E4F1FD3, 935D36C021D0E08A5648C622F3F6FDE376E3310013680AE598C0E22DC943D132
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\012842.ldb, En quarantaine, 298, 980953, , , , , 3490C6DCF18F647F6BE4B907A80475DC, 5E7A2C78E78BF7212EDB35B09385F843CE9BF8B57443D09CB43F5D4EDF77CBAD
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\017764.ldb, En quarantaine, 298, 980953, , , , , 038C947A1C4861E4674F23C91B168220, D7D881F287E2BE3EFE85539869951C1DDA0A5063D1358544EEBD26AA8BF77BDB
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\017767.ldb, En quarantaine, 298, 980953, , , , , 9482EA1DA3F5D71BC94C36B8D86036D7, A43F83E42D07D5F07C7A32573F3EA0C5C979FA3F9435B79B4D3CC6309E2FB7DB
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\017770.ldb, En quarantaine, 298, 980953, , , , , 7F1E87C17C86F6770E94EF0BF21BCC64, 209ECAFA2A53D83E38B180006FAC44C444BA45A0B123E52EB6E19E431E7A44F6
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\017772.log, En quarantaine, 298, 980953, , , , , 426375A81D0E3C6D681DC079232B9E3E, 3CECF4A716E1314DB86A662802EC847E363E13CC8102130E9AD5498E43F3D481
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\017773.ldb, En quarantaine, 298, 980953, , , , , 7E34E0EC738F81769B2C18E8002C650F, F2AED01043E5D6173EECBF14F02893FA45FB1030A22D96616C34CD1BB264FA89
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En quarantaine, 298, 980953, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En quarantaine, 298, 980953, , , , , ,
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En quarantaine, 298, 980953, , , , , DFADF7E17D26F028B36383BAE5D7DD5E, 0869140A5F13D4077F536975DE99C5E1F920DD230CC63783562D11A0F5689214
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En quarantaine, 298, 980953, , , , , F66F397210EACE590ABEB8CBD9820306, 014FA8BD3D8F7C1D0AC64CFACC9FB0DFD9703AC98799B9C65859194010A4F992
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En quarantaine, 298, 980953, , , , , 5D1A95BACE821D8C9810B98E7CB58C65, FEE66CE62463FFEC6C048A020218A8C8061922CFCB80863FF12CE34F2F098E1F
PUP.Optional.ForcedExtension, C:\USERS\ROMIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EEDLGDLAJADKBBJOOBOBEFPHMFKCCHFK\3.4.0_0\MANIFEST.JSON, En quarantaine, 298, 980953, 1.0.45264, , ame, , 9FB87377BE645CF3448D0F79A5C52A7A, 0086960693DF05D2B150272B7D6F214B23D1CDD265E459B29FE612854450A244
Trojan.Agent.E, C:\WINDOWS\SYSTEM32\TASKS\Intel Rapid, En quarantaine, 3740, 976736, 1.0.45264, , ame, , 81A39E055345C149F3F7C46793B0FD67, 4FD2EB29BF7CAB12BC04FEDBB4DDEE49FBEA2C6F95DC4048CE3FC431F75BCBAE
PUP.Optional.AuslogicsDiskDefrag, C:\USERS\ROMIO\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\DISKDEFRAG.EXE, En quarantaine, 3614, 563400, 1.0.45264, , ame, , CAA77CDC9088CA77C147AC138D9E1946, 067E7172FF94F6657196BFBDBF3B44C9E89AD0869F24F1E88FEE464A1A7EE1F0
Malware.AI.1304314335, C:\USERS\ROMIO\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\KMSUPD.EXE, En quarantaine, 1000000, 0, 1.0.45264, C40F0297B3A8A6B44DBE41DF, dds, 01435084, F69BF8D90E7C39258D199D68796673F4, 78FC8AC15C81A9F912F6B1133E111D9AAB731341A6EA7FA24FECD70CAF936BCC
Trojan.ClipBanker, C:\USERS\ROMIO\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\INTEL RAPID\INTELRAPID.EXE, En quarantaine, 4463, 977161, 1.0.45264, 7555B619D7E1F90637749626, dds, 01435084, 9B00E8F80C9AA71464FB5CE1EE341AC0, D3F818F671A780F2C76D66CE8709DB5951DBEA56EC7BF76C24EF05F887565BD8
RiskWare.AutoKMS, C:\PROGRAM FILES (X86)\FOLDER1\KMSAUTO NET.EXE, En quarantaine, 7587, 931159, 1.0.45264, , ame, , 6EE7F3ECD5111CD5306792FD3141515D, 69A8AE6352CFFD366409DF8E566E84315B4BFFCF5865A4B8079C446123BA1D26
Trojan.ClipBanker, C:\PROGRAM FILES (X86)\FOLDER1\SETUP1.EXE, En quarantaine, 4463, 977161, 1.0.45264, , ame, , 9B00E8F80C9AA71464FB5CE1EE341AC0, D3F818F671A780F2C76D66CE8709DB5951DBEA56EC7BF76C24EF05F887565BD8
RiskWare.AutoKMS, C:\PROGRAM FILES (X86)\FOLDER1\KMSAUTONET.EXE, En quarantaine, 7587, 931159, 1.0.45264, , ame, , 6EE7F3ECD5111CD5306792FD3141515D, 69A8AE6352CFFD366409DF8E566E84315B4BFFCF5865A4B8079C446123BA1D26
Secteur physique: 0
(Aucun élément malveillant détecté)
WMI: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 23/09/2021
Durée d'analyse: 19:15
Fichier journal: d3a91e32-1c91-11ec-822b-00d86159b17e.json
-Informations du logiciel-
Version: 4.4.7.134
Version de composants: 1.0.1464
Version de pack de mise à jour: 1.0.45264
Licence: Gratuit
-Informations système-
Système d'exploitation: Windows 10 (Build 19042.1237)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: DESKTOP-FBQVH2D\Romio
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 335422
Menaces détectées: 58
Menaces mises en quarantaine: 56
Temps écoulé: 3 min, 6 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Détection
PUM: Détection
-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)
Module: 0
(Aucun élément malveillant détecté)
Clé du registre: 7
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Optimize Thumbnail Cache, En quarantaine, 3904, 943626, , , , , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EC03A147-D7ED-499D-9FD7-5CB79637DC97}, En quarantaine, 3904, 943626, , , , , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{EC03A147-D7ED-499D-9FD7-5CB79637DC97}, En quarantaine, 3904, 943626, , , , , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Trojan.Agent.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Intel Rapid, En quarantaine, 3740, 976736, , , , , ,
Trojan.Agent.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{855F1E7F-8DC3-48B5-9006-F4069A1E39C5}, En quarantaine, 3740, 976736, , , , , ,
Trojan.Agent.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{855F1E7F-8DC3-48B5-9006-F4069A1E39C5}, En quarantaine, 3740, 976736, , , , , ,
Valeur du registre: 13
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Échec de la suppression, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-2887478810-2401684599-1784179501-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Échec de la suppression, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, En quarantaine, 3904, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, En quarantaine, 3904, 943647, 1.0.45264, , ame, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, En quarantaine, 3904, 943647, 1.0.45264, , ame, , ,
PUP.Optional.ForcedExtension, HKU\S-1-5-21-2887478810-2401684599-1784179501-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|eedlgdlajadkbbjoobobefphmfkcchfk, En quarantaine, 298, 980953, , , , , ,
Données du registre: 0
(Aucun élément malveillant détecté)
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 4
PUP.Optional.ForcedExtension, C:\USERS\ROMIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk, En quarantaine, 298, 980953, , , , , ,
PUP.Optional.ForcedExtension, C:\USERS\ROMIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk, En quarantaine, 298, 980953, , , , , ,
PUP.Optional.ForcedExtension, C:\USERS\ROMIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En quarantaine, 298, 980953, , , , , ,
PUP.Optional.ForcedExtension, C:\USERS\ROMIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EEDLGDLAJADKBBJOOBOBEFPHMFKCCHFK, En quarantaine, 298, 980953, 1.0.45264, , ame, , ,
Fichier: 34
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\OPTIMIZE THUMBNAIL CACHE, En quarantaine, 3904, 943626, 1.0.45264, , ame, , 1B52B8628BE3E60A31C1EE363A0C0601, 8DB6C212911655D8EF66BE8298269AF3B85D60C40028726AAAF49673B13EA36B
PUP.Optional.ForcedExtension, C:\USERS\ROMIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, 298, 980953, , , , , FA943458746519C4302339BA9698EEC7, EED8F14609151BABEBEC93030F01080C06B8AB5AF5EF902F7E98F0CCAC54EAF0
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\000003.log, En quarantaine, 298, 980953, , , , , FBE2543FC7880A6AFF6256ED79E5887C, A81AD33055090FC648EA75B979CB78BB59E48CEB370D14E53989E8B14A1CA8F7
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\CURRENT, En quarantaine, 298, 980953, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\LOCK, En quarantaine, 298, 980953, , , , , ,
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\LOG, En quarantaine, 298, 980953, , , , , 09A702933948AF69AC35EC58C9D8CB91, 0D31BC1A816EC704B9740D21FECB869AB7BA3B4D95DB8CD54FF5C74DA92AC4E8
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\LOG.old, En quarantaine, 298, 980953, , , , , 6FA7025CBE8DA380003C088605CB1FBC, 06B7EC02FF2F6798D0496555545AEA291933EFDCADE297D78817FAD16710D483
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\MANIFEST-000001, En quarantaine, 298, 980953, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\000003.log, En quarantaine, 298, 980953, , , , , 9C1A1AC843A430450F816B2BA818F355, 2EFA5AC9E7AB76049043C66F9489F3B21C96D1F988886C8E8F586C917969584D
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\CURRENT, En quarantaine, 298, 980953, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\LOCK, En quarantaine, 298, 980953, , , , , ,
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\LOG, En quarantaine, 298, 980953, , , , , 473C27FF670AE7050BA5953758006897, 89D7C9EC21B1746FE2F606135A0E430BCF8EF4905669A90DA66AB5040C25EED9
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\LOG.old, En quarantaine, 298, 980953, , , , , 6BD980CB0389F863826E31DABD55146A, B5BF108F9EA9D0495FA767A91E640922C6603A111EB6ED9515731B7507E85EB6
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\eedlgdlajadkbbjoobobefphmfkcchfk\MANIFEST-000001, En quarantaine, 298, 980953, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.ldb, En quarantaine, 298, 980953, , , , , FE382E791274914BEE5950777E4F1FD3, 935D36C021D0E08A5648C622F3F6FDE376E3310013680AE598C0E22DC943D132
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\012842.ldb, En quarantaine, 298, 980953, , , , , 3490C6DCF18F647F6BE4B907A80475DC, 5E7A2C78E78BF7212EDB35B09385F843CE9BF8B57443D09CB43F5D4EDF77CBAD
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\017764.ldb, En quarantaine, 298, 980953, , , , , 038C947A1C4861E4674F23C91B168220, D7D881F287E2BE3EFE85539869951C1DDA0A5063D1358544EEBD26AA8BF77BDB
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\017767.ldb, En quarantaine, 298, 980953, , , , , 9482EA1DA3F5D71BC94C36B8D86036D7, A43F83E42D07D5F07C7A32573F3EA0C5C979FA3F9435B79B4D3CC6309E2FB7DB
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\017770.ldb, En quarantaine, 298, 980953, , , , , 7F1E87C17C86F6770E94EF0BF21BCC64, 209ECAFA2A53D83E38B180006FAC44C444BA45A0B123E52EB6E19E431E7A44F6
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\017772.log, En quarantaine, 298, 980953, , , , , 426375A81D0E3C6D681DC079232B9E3E, 3CECF4A716E1314DB86A662802EC847E363E13CC8102130E9AD5498E43F3D481
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\017773.ldb, En quarantaine, 298, 980953, , , , , 7E34E0EC738F81769B2C18E8002C650F, F2AED01043E5D6173EECBF14F02893FA45FB1030A22D96616C34CD1BB264FA89
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En quarantaine, 298, 980953, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En quarantaine, 298, 980953, , , , , ,
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En quarantaine, 298, 980953, , , , , DFADF7E17D26F028B36383BAE5D7DD5E, 0869140A5F13D4077F536975DE99C5E1F920DD230CC63783562D11A0F5689214
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En quarantaine, 298, 980953, , , , , F66F397210EACE590ABEB8CBD9820306, 014FA8BD3D8F7C1D0AC64CFACC9FB0DFD9703AC98799B9C65859194010A4F992
PUP.Optional.ForcedExtension, C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En quarantaine, 298, 980953, , , , , 5D1A95BACE821D8C9810B98E7CB58C65, FEE66CE62463FFEC6C048A020218A8C8061922CFCB80863FF12CE34F2F098E1F
PUP.Optional.ForcedExtension, C:\USERS\ROMIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EEDLGDLAJADKBBJOOBOBEFPHMFKCCHFK\3.4.0_0\MANIFEST.JSON, En quarantaine, 298, 980953, 1.0.45264, , ame, , 9FB87377BE645CF3448D0F79A5C52A7A, 0086960693DF05D2B150272B7D6F214B23D1CDD265E459B29FE612854450A244
Trojan.Agent.E, C:\WINDOWS\SYSTEM32\TASKS\Intel Rapid, En quarantaine, 3740, 976736, 1.0.45264, , ame, , 81A39E055345C149F3F7C46793B0FD67, 4FD2EB29BF7CAB12BC04FEDBB4DDEE49FBEA2C6F95DC4048CE3FC431F75BCBAE
PUP.Optional.AuslogicsDiskDefrag, C:\USERS\ROMIO\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\DISKDEFRAG.EXE, En quarantaine, 3614, 563400, 1.0.45264, , ame, , CAA77CDC9088CA77C147AC138D9E1946, 067E7172FF94F6657196BFBDBF3B44C9E89AD0869F24F1E88FEE464A1A7EE1F0
Malware.AI.1304314335, C:\USERS\ROMIO\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\KMSUPD.EXE, En quarantaine, 1000000, 0, 1.0.45264, C40F0297B3A8A6B44DBE41DF, dds, 01435084, F69BF8D90E7C39258D199D68796673F4, 78FC8AC15C81A9F912F6B1133E111D9AAB731341A6EA7FA24FECD70CAF936BCC
Trojan.ClipBanker, C:\USERS\ROMIO\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\INTEL RAPID\INTELRAPID.EXE, En quarantaine, 4463, 977161, 1.0.45264, 7555B619D7E1F90637749626, dds, 01435084, 9B00E8F80C9AA71464FB5CE1EE341AC0, D3F818F671A780F2C76D66CE8709DB5951DBEA56EC7BF76C24EF05F887565BD8
RiskWare.AutoKMS, C:\PROGRAM FILES (X86)\FOLDER1\KMSAUTO NET.EXE, En quarantaine, 7587, 931159, 1.0.45264, , ame, , 6EE7F3ECD5111CD5306792FD3141515D, 69A8AE6352CFFD366409DF8E566E84315B4BFFCF5865A4B8079C446123BA1D26
Trojan.ClipBanker, C:\PROGRAM FILES (X86)\FOLDER1\SETUP1.EXE, En quarantaine, 4463, 977161, 1.0.45264, , ame, , 9B00E8F80C9AA71464FB5CE1EE341AC0, D3F818F671A780F2C76D66CE8709DB5951DBEA56EC7BF76C24EF05F887565BD8
RiskWare.AutoKMS, C:\PROGRAM FILES (X86)\FOLDER1\KMSAUTONET.EXE, En quarantaine, 7587, 931159, 1.0.45264, , ame, , 6EE7F3ECD5111CD5306792FD3141515D, 69A8AE6352CFFD366409DF8E566E84315B4BFFCF5865A4B8079C446123BA1D26
Secteur physique: 0
(Aucun élément malveillant détecté)
WMI: 0
(Aucun élément malveillant détecté)
(end)