Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 06/10/2017
Heure de l'analyse: 12:43
Fichier journal: 2433772e-aa83-11e7-abb1-002683303c67.json
Administrateur: Oui

-Informations du logiciel-
Version: 3.2.2.2029
Version de composants: 1.0.207
Version de pack de mise à jour: 1.0.2961
Licence: Gratuit

-Informations système-
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: PC-ASUS\Mourad

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 404632
Menaces détectées: 113
Menaces mises en quarantaine: 112
Temps écoulé: 3 min, 7 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection

-Détails de l'analyse-
Processus: 3
Worm.Brontok, C:\USERS\MOURAD\APPDATA\LOCAL\SERVICES.EXE, En quarantaine, [1738], [295315],1.0.2961
Worm.Brontok, C:\USERS\MOURAD\APPDATA\LOCAL\WINLOGON.EXE, En quarantaine, [1738], [295315],1.0.2961
Worm.Brontok, C:\USERS\MOURAD\APPDATA\LOCAL\LSASS.EXE, En quarantaine, [1738], [295315],1.0.2961

Module: 3
Worm.Brontok, C:\USERS\MOURAD\APPDATA\LOCAL\SERVICES.EXE, En quarantaine, [1738], [295315],1.0.2961
Worm.Brontok, C:\USERS\MOURAD\APPDATA\LOCAL\WINLOGON.EXE, En quarantaine, [1738], [295315],1.0.2961
Worm.Brontok, C:\USERS\MOURAD\APPDATA\LOCAL\LSASS.EXE, En quarantaine, [1738], [295315],1.0.2961

Clé du registre: 0
(Aucun élément malveillant détecté)

Valeur du registre: 1
Trojan.Agent, HKU\S-1-5-21-1257724250-2820774847-4291860047-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|TOK-CIRRHATUS, En quarantaine, [19], [195980],1.0.2961

Données du registre: 0
(Aucun élément malveillant détecté)

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 2
Worm.Brontok, C:\USERS\MOURAD\APPDATA\LOCAL\Bron.tok-4-6, En quarantaine, [1738], [172457],1.0.2961
Worm.Brontok.Generic, C:\USERS\MOURAD\APPDATA\LOCAL\Loc.Mail.Bron.Tok, Échec de la suppression, [2764], [370221],1.0.2961

Fichier: 104
Trojan.Agent, C:\USERS\MOURAD\APPDATA\LOCAL\CSRSS.EXE, En quarantaine, [19], [196188],1.0.2961
Worm.Brontok, C:\USERS\MOURAD\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\EMPTY.PIF, En quarantaine, [1738], [202884],1.0.2961
Worm.Brontok, C:\USERS\MOURAD\APPDATA\LOCAL\INETINFO.EXE, En quarantaine, [1738], [206437],1.0.2961
Worm.Brontok.Generic, C:\USERS\MOURAD\APPDATA\LOCAL\Bron.tok.A4.em.bin, En quarantaine, [2764], [370222],1.0.2961
Worm.Brontok.Generic, C:\USERS\MOURAD\APPDATA\LOCAL\Kosong.Bron.Tok.txt, En quarantaine, [2764], [370222],1.0.2961
Worm.Brontok.Generic, C:\USERS\MOURAD\APPDATA\LOCAL\Update.4.Bron.Tok.bin, Supprimer au redémarrage, [2764], [370222],1.0.2961
Trojan.Agent, C:\USERS\MOURAD\APPDATA\LOCAL\SMSS.EXE, En quarantaine, [19], [195980],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\0GK500B01D0B8X@cougar.noc.ucla.edu.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\0GK500B01D0B8Y@cougar.noc.ucla.edu.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\0GK500B04D0B8X@cougar.noc.ucla.edu.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\0GK500B4GD0888@cougar.noc.ucla.edu.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\0GK500B4HD0888@cougar.noc.ucla.edu.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\123DCircuits.parents@autodesk.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\15090.61304.110929.45684@aaa.zzz.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\jph@emilia.engr.sgi.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\jseward@bzip.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\kbk@shore.net.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\lemma@confuego.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\m.hadfield@niwa.co.nz.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\madler@alumni.caltech.edu.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\mailserv@ietf.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\nobody@python.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\None@bounce2.pobox.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\osterfeld@kde.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\pino@kde.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\post@babylon.socal.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\ppp@zzz.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\privacy.questions@autodesk.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\privacy@amd.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\project.ignite.parents@autodesk.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\projectignite.parents@autodesk.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\request@python.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\request@zzz.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\robertl@cwi.nl.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\sax@megginson.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\scoffman@wellpartner.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\szegedia@freemail.hu.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\timbo@jeeves.wooster.local.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\tinkercad.parents@autodesk.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\xx@xx.dk.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\core@openssl.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\cperson@dom.ain.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\cravindogs@cravindogs.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\D@ietf.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\DAEMON@zinfandel.lacita.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\daniel@haxx.se.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\david@megginson.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\ddd@zzz.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\dev@python.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\dperson@dom.ain.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\Drafts@ietf.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\dscherer@cmu.edu.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\edab.7804f5cb8070@python.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\eee@zzz.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\father.time@xcar.wooster.local.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\15261.36209.358846.118674@anthem.python.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\chrish@qnx.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\johan.paul@gmail.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\privacy@amd.comt.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\alain.bernard@mrn.gouv.qc.ca.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\aperson@dom.ain.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\barry@digicool.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\barry@python.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\barry@zope.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\baz@bar.foo.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\bbb@ddd.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\bbb@zzz.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\bperson@dom.ain.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\buhrt@iquest.net.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\butenhof@zko.dec.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\bwarsaw@python.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\cc@dd.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\ccc@zzz.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\15265.9468.713530.98441@python.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\15265.9482.641338.555352@python.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\15613.28051.707126.569693@dom.ain.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\200104061723.JAB03225@zinfandel.lacita.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\4B66B890.4070408@teconcept.de.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\56104586@oxy.edu.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\6df65d354b.father.time@rpc.wooster.local.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\aa@bb.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\adam@kde.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\fdrake@acm.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\flavio.castelli@gmail.com.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\flavio@castelli.name.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\help@python.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\henryi@oxy.edu.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\igor@mir2.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\information@geod.nrcan.gc.ca.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\isp@freebsd.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\jack@cwi.nl.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\jangel1@cougar.noc.ucla.edu.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\jangel1@ucla.edu.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok.Generic, C:\Users\Mourad\AppData\Local\Loc.Mail.Bron.Tok\jloup@gzip.org.ini, En quarantaine, [2764], [370221],1.0.2961
Worm.Brontok, C:\USERS\MOURAD\APPDATA\LOCAL\SERVICES.EXE, En quarantaine, [1738], [295315],1.0.2961
Worm.Brontok, C:\USERS\MOURAD\APPDATA\LOCAL\WINLOGON.EXE, En quarantaine, [1738], [295315],1.0.2961
Worm.Brontok, C:\USERS\MOURAD\APPDATA\LOCAL\LSASS.EXE, En quarantaine, [1738], [295315],1.0.2961
PUP.Optional.Reimage, C:\USERS\MOURAD\APPDATA\ROAMING\ZHP\QUARANTINE\REIMAGEREPAIR.EXE, En quarantaine, [1061], [331559],1.0.2961
Worm.Brontok, C:\USERS\MOURAD\APPDATA\ROAMING\MICROSOFT\WINDOWS\TEMPLATES\BARARONTOK.COM, En quarantaine, [1738], [295315],1.0.2961
CrackTool.Agent.Steam, C:\PROGRAM FILES (X86)\FAST AND FURIOUS SHOWDOWN\STEAM_API.DLL, En quarantaine, [2028], [352888],1.0.2961
Worm.Brontok, C:\USERS\MOURAD\DOCUMENTS\DOCUMENTS.EXE, En quarantaine, [1738], [295315],1.0.2961
PUP.Optional.BundleInstaller, C:\USERS\MOURAD\DOWNLOADS\BLUESTACKS-2.EXE, En quarantaine, [20], [23396],1.0.2961
Adware.IStartSurf, C:\USERS\MOURAD\DOWNLOADS\NON CONFIRMé 497753.CRDOWNLOAD, En quarantaine, [812], [394968],1.0.2961
PUP.Optional.InstallCore, C:\USERS\MOURAD\DOWNLOADS\PES-2016.EXE, En quarantaine, [2], [312237],1.0.2961

Secteur physique: 0
(Aucun élément malveillant détecté)


(end)