Malwarebytes
www.malwarebytes.com
-Dettagli log-
Data scansione: 04/06/20
Ora scansione: 14:09
File di log: 4b5fd8a6-a65c-11ea-bc10-b42e99489fcd.json
-Informazioni software-
Versione: 4.1.0.56
Versione componenti: 1.0.931
Aggiorna versione pacchetto: 1.0.25000
Licenza: Trial
-Informazioni sistema-
SO: Windows 10 (Build 18362.778)
CPU: x64
File system: NTFS
Utente: DESKTOP-BET9BCM\ang3l
-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Scansione avviata da: Manuale
Risultati: Completata
Elementi analizzati: 291204
Minacce rilevate: 33
Minacce messe in quarantena: 33
Tempo impiegato: 1 min, 36 sec
-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare
-Dettagli scansione-
Processo: 1
Trojan.BitCoinMiner, C:\WINDOWS\SYSTEM32\WINLOGUI.EXE, In quarantena, 913, 767023, , , ,
Modulo: 1
Trojan.BitCoinMiner, C:\WINDOWS\SYSTEM32\WINLOGUI.EXE, In quarantena, 913, 767023, , , ,
Chiave di registro: 12
Backdoor.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\WDI\SrvHost, In quarantena, 853, 653659, , , ,
Backdoor.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{12542AAB-16AD-43A2-B55D-1FC1F09EF2FD}, In quarantena, 853, 653659, , , ,
Backdoor.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{12542AAB-16AD-43A2-B55D-1FC1F09EF2FD}, In quarantena, 853, 653659, , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EFBC7EF4-2A1A-41E4-AECD-C8FFF13E7D1A}, In quarantena, 495, 780231, , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{EFBC7EF4-2A1A-41E4-AECD-C8FFF13E7D1A}, In quarantena, 495, 780231, , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MICROSOFT\WINDOWS\WININET\Winlogui, In quarantena, 495, 780231, 1.0.25000, , ame,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Application Experience\STARTUPCHECKLIBRARY, In quarantena, 495, 735770, , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{11723D17-2F25-4540-B575-D1C795EAE596}, In quarantena, 495, 735770, , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{11723D17-2F25-4540-B575-D1C795EAE596}, In quarantena, 495, 735770, , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Windows Error Reporting\winrmsrv, In quarantena, 495, 780529, , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{996AFF58-2BFC-44AF-A8EE-52366C95E051}, In quarantena, 495, 780529, , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{996AFF58-2BFC-44AF-A8EE-52366C95E051}, In quarantena, 495, 780529, , , ,
Valore di registro: 4
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{11723D17-2F25-4540-B575-D1C795EAE596}|PATH, In quarantena, 495, 782993, 1.0.25000, , ame,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{12542AAB-16AD-43A2-B55D-1FC1F09EF2FD}|PATH, In quarantena, 495, 784920, 1.0.25000, , ame,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{996AFF58-2BFC-44AF-A8EE-52366C95E051}|PATH, In quarantena, 495, 780528, 1.0.25000, , ame,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EFBC7EF4-2A1A-41E4-AECD-C8FFF13E7D1A}|PATH, In quarantena, 495, 780232, 1.0.25000, , ame,
Dati di registro: 3
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|ANTIVIRUSDISABLENOTIFY, Sostituito, 13675, 293294, 1.0.25000, , ame,
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|FIREWALLDISABLENOTIFY, Sostituito, 13675, 293295, 1.0.25000, , ame,
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UPDATESDISABLENOTIFY, Sostituito, 13675, 293296, 1.0.25000, , ame,
Flusso di dati: 0
(Nessun elemento nocivo rilevato)
Cartella: 0
(Nessun elemento nocivo rilevato)
File: 12
Backdoor.Agent, C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\WDI\SrvHost, In quarantena, 853, 653659, , , ,
Backdoor.Agent, C:\WINDOWS\SYSTEM32\WINSCOMRSSRV.DLL, In quarantena, 853, 653659, 1.0.25000, , ame,
Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\WININET\WINLOGUI, In quarantena, 495, 780231, , , ,
Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\APPLICATION EXPERIENCE\STARTUPCHECKLIBRARY, In quarantena, 495, 735770, 1.0.25000, , ame,
Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\WINDOWS ERROR REPORTING\WINRMSRV, In quarantena, 495, 780529, 1.0.25000, , ame,
Trojan.FakeMS.TskLnk, C:\WINDOWS\SYSTEM32\STARTUPCHECKLIBRARY.DLL, In quarantena, 4087, 676770, 1.0.25000, 5A74DC805B2D0D63F8E75887, dds, 00749436
Trojan.BitCoinMiner, C:\WINDOWS\SYSTEM32\WINLOGUI.EXE, In quarantena, 913, 767023, 1.0.25000, , ame,
Trojan.BitCoinMiner, C:\WINDOWS\SYSTEM32\WINRMSRV.EXE, In quarantena, 913, 767022, 1.0.25000, , ame,
PUP.Optional.BundleInstaller, C:\USERS\ANG3L\DOWNLOADS\UTWEB_INSTALLER.EXE, In quarantena, 509, 790622, 1.0.25000, , ame,
PUP.Optional.BundleInstaller, C:\USERS\ANG3L\DOWNLOADS\UTORRENT (1).EXE, In quarantena, 509, 790622, 1.0.25000, , ame,
PUP.Optional.BundleInstaller, C:\USERS\ANG3L\DOWNLOADS\UTORRENT.EXE, In quarantena, 509, 790622, 1.0.25000, , ame,
PUP.Optional.BundleInstaller, C:\USERS\ANG3L\DOWNLOADS\UTWEB_INSTALLER (1).EXE, In quarantena, 509, 790622, 1.0.25000, , ame,
Settore fisico: 0
(Nessun elemento nocivo rilevato)
WMI: 0
(Nessun elemento nocivo rilevato)
(end)