Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 15/01/2015 Heure de l'examen: 13:33:20 Fichier journal: mb.txt Administrateur: Oui Version: 2.00.4.1028 Base de données Malveillants: v2015.01.15.08 Base de données Rootkits: v2015.01.14.01 Licence: Gratuit Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Auto-protection: Désactivé(e) Système d'exploitation: Windows 7 Service Pack 1 Processeur: x64 Système de fichiers: NTFS Utilisateur: Oursal Abourre Type d'examen: Examen "Menaces" Résultat: Terminé Objets analysés: 373741 Temps écoulé: 24 min, 32 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Désactivé(e) Heuristique: Activé(e) PUP: Avertir PUM: Activé(e) Processus: 0 (Aucun élément malicieux detecté) Modules: 0 (Aucun élément malicieux detecté) Clés du Registre: 22 PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.CoreClass, Mis en quarantaine, [b5ff698e55341e180e19c6a8b05360a0], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.CoreClass.1, Mis en quarantaine, [bafab443dbaeaf8748df7af48083639d], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.OnDemandCOMClassSvc, Mis en quarantaine, [892bd22596f303338f985519b05349b7], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.OnDemandCOMClassSvc.1.0, Mis en quarantaine, [852f04f36c1d181e081fb7b7798a0000], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.Update3COMClassService, Mis en quarantaine, [773d3fb8ee9b2d09bb6c3935af547e82], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.Update3COMClassService.1.0, Mis en quarantaine, [4272db1c63268da90621076715ee31cf], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.Update3WebSvc, Mis en quarantaine, [ebc9f106d7b2d66083a4a9c561a27e82], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.Update3WebSvc.1.0, Mis en quarantaine, [a60e8275e5a41c1acb5c046ac14227d9], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\APPID\DuuquUpdate.exe, Mis en quarantaine, [6f45b641711894a2bc6a0f5f8083936d], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\MIME\DATABASE\CONTENT TYPE\application/x-vnd.duuqu.oneclickctrl.9, Mis en quarantaine, [199be2159fea8caa7eabcca2748f857b], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\MIME\DATABASE\CONTENT TYPE\application/x-vnd.duuqu.update3webcontrol.3, Mis en quarantaine, [476d10e7e7a23cfad059a7c7ca3918e8], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.CoreClass, Mis en quarantaine, [288c36c1c6c387afcf5890de6b98bf41], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.CoreClass.1, Mis en quarantaine, [2d8753a4c9c0b185c85f3d31fe05b44c], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.OnDemandCOMClassSvc, Mis en quarantaine, [922231c6d3b659dd081ff47a5ba817e9], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.OnDemandCOMClassSvc.1.0, Mis en quarantaine, [34806f88addc8caa1512a9c556ad758b], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.Update3COMClassService, Mis en quarantaine, [1b997e79612804321b0cd599ce3541bf], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.Update3COMClassService.1.0, Mis en quarantaine, [961efff8e0a967cff0376905877ccd33], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.Update3WebSvc, Mis en quarantaine, [942049ae731672c4052281ed5fa403fd], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.Update3WebSvc.1.0, Mis en quarantaine, [159f3bbca0e96dc92ff8026c3cc70df3], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\DuuquUpdate.exe, Mis en quarantaine, [8f2503f454355adc4dd984ea00032ed2], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MIME\DATABASE\CONTENT TYPE\application/x-vnd.duuqu.oneclickctrl.9, Mis en quarantaine, [12a2dc1b5f2af24401286e00a75ca35d], PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MIME\DATABASE\CONTENT TYPE\application/x-vnd.duuqu.update3webcontrol.3, Mis en quarantaine, [6c4820d7c1c850e671b8f47a28dbad53], Valeurs du Registre: 0 (Aucun élément malicieux detecté) Données du Registre: 0 (Aucun élément malicieux detecté) Dossiers: 2 PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e], PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e], Fichiers: 8 PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\chrome.manifest, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e], PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\install.rdf, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e], PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\framefox.js, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e], PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\framefox.png, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e], PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\prefman.js, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e], PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\script-compiler-overlay.xul, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e], PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\script-compiler.js, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e], PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\xmlhttprequester.js, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e], Secteurs physiques: 0 (Aucun élément malicieux detecté) (end)