Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 24/01/2018
Heure de l'analyse: 13:57
Fichier journal: 2e6d36ec-0106-11e8-9f8f-60029220355c.json
Administrateur: Oui

-Informations du logiciel-
Version: 3.3.1.2183
Version de composants: 1.0.262
Version de pack de mise à jour: 1.0.3775
Licence: Premium

-Informations système-
Système d'exploitation: Windows 10 (Build 16299.192)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: IYAD\iyaddu

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 408864
Menaces détectées: 24
Menaces mises en quarantaine: 24
Temps écoulé: 34 min, 8 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 7
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\InstallShield® Update Service Scheduler, En quarantaine, [285], [261680],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3B807AE6-65D5-4E71-B564-AE68C706AA80}, En quarantaine, [285], [261680],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{3B807AE6-65D5-4E71-B564-AE68C706AA80}, En quarantaine, [285], [261680],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OPTIMIZE THUMBNAIL CACHE FILES, En quarantaine, [285], [328817],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2D2233F8-08E4-41D0-BE49-3DAFEC3198A7}, En quarantaine, [285], [328817],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{2D2233F8-08E4-41D0-BE49-3DAFEC3198A7}, En quarantaine, [285], [328817],1.0.3775

Valeur du registre: 15
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1437628794-3035026654-3620806506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1437628794-3035026654-3620806506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1437628794-3035026654-3620806506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, En quarantaine, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2D2233F8-08E4-41D0-BE49-3DAFEC3198A7}|PATH, En quarantaine, [285], [328818],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3B807AE6-65D5-4E71-B564-AE68C706AA80}|PATH, En quarantaine, [285], [261682],1.0.3775

Données du registre: 0
(Aucun élément malveillant détecté)

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 0
(Aucun élément malveillant détecté)

Fichier: 2
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\InstallShield® Update Service Scheduler, En quarantaine, [285], [261680],1.0.3775
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\OPTIMIZE THUMBNAIL CACHE FILES, En quarantaine, [285], [328817],1.0.3775

Secteur physique: 0
(Aucun élément malveillant détecté)


(end)