Hi Nicky,
Thank you very much for sharing your work. I have always preferred very small isos lite and yours is perfect besides being able to change and language and above all being stable.
I would like to ask you about a couple of doubts I had when installing Malwarebytes. It was a bit difficult for me to install it, in fact it hung up sometimes while I was analysing but then it managed to finish the analysis.
The thing is that with this newly installed lite, Malwarebytes and Adwcleaner have detected 8 threats and I would like to know what they are since they come from the this iso.From what I have observed the vast majority seem to be threats from changes in the system registry (I suppose to increase performance or eliminate telemetry) and one I know that its the Medicines, no problem about it.
Can anyone confirm exactly what these positives are about?
Is there anything going on if I have them in quarantine?
Thanks!
Regards!
MALWAREBYTES:
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 255800
Amenazas detectadas: 6
Amenazas en cuarentena: 6
Tiempo transcurrido: 6 min, 30 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 5
PUM.Optional.LowRiskFileTypes, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ASSOCIATIONS|LOWRISKFILETYPES, En cuarentena, 6594, 251589, 1.0.33538, , ame, , ,
PUM.Optional.LowRiskFileTypes, HKU\S-1-5-21-1245644681-2023811289-1568025871-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ASSOCIATIONS|LOWRISKFILETYPES, En cuarentena, 6594, 251589, 1.0.33538, , ame, , ,
PUM.Optional.LowRiskFileTypes, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ASSOCIATIONS|LOWRISKFILETYPES, En cuarentena, 6594, 251589, 1.0.33538, , ame, , ,
PUM.Optional.LowRiskFileTypes, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ASSOCIATIONS|LOWRISKFILETYPES, En cuarentena, 6594, 251589, 1.0.33538, , ame, , ,
PUM.Optional.DisableMRT, HKLM\SOFTWARE\POLICIES\MICROSOFT\MRT|DONTOFFERTHROUGHWUAU, En cuarentena, 6935, 676880, 1.0.33538, , ame, , ,
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 1
HackTool.KMS, C:\USERS\PAOLO\Medicines\W10DIGITALACTIVATION.EXE, En cuarentena, 1314, 769828, 1.0.33538, , ame, , D235BA8691C9D5B6667F4F0B69AF58AF, 07EC18C02E1298B5B47F04F267E5EECF8A161ADD80ED85A7D94941F9D9EF318F
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
ADWCLEANER
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-11-23.1 (Cloud)
# Support:
You must be registered for see links
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-28-2020
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 8
# Failed: 0
***** [ Services ] *****
Deleted scan
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Classes\CLSID\{65416821-217D-44BD-9C61-F53398FB1B46}
Deleted HKLM\Software\Classes\CLSID\{6DFC0DC7-FDC5-44C2-8B80-5977BA8F8ACC}
Deleted HKLM\Software\Classes\CLSID\{E5AFF088-92F8-41a9-8CAB-E9CDCCE967AC}
Deleted HKLM\Software\Classes\Interface\{65416821-217D-44BD-9C61-F53398FB1B46}
Deleted HKLM\Software\Classes\TypeLib\{39A37965-0A96-43A3-870E-821FE5C84B0B}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{65416821-217D-44BD-9C61-F53398FB1B46}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{39A37965-0A96-43A3-870E-821FE5C84B0B}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2113 octets] - [28/11/2020 14:33:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########