Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 15/01/2015
Heure de l'examen: 13:33:20
Fichier journal: mb.txt
Administrateur: Oui
Version: 2.00.4.1028
Base de donn�es Malveillants: v2015.01.15.08
Base de donn�es Rootkits: v2015.01.14.01
Licence: Gratuit
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Auto-protection: D�sactiv�(e)
Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: Oursal Abourre
Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 373741
Temps �coul�: 24 min, 32 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristique: Activ�(e)
PUP: Avertir
PUM: Activ�(e)
Processus: 0
(Aucun �l�ment malicieux detect�)
Modules: 0
(Aucun �l�ment malicieux detect�)
Cl�s du Registre: 22
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.CoreClass, Mis en quarantaine, [b5ff698e55341e180e19c6a8b05360a0],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.CoreClass.1, Mis en quarantaine, [bafab443dbaeaf8748df7af48083639d],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.OnDemandCOMClassSvc, Mis en quarantaine, [892bd22596f303338f985519b05349b7],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.OnDemandCOMClassSvc.1.0, Mis en quarantaine, [852f04f36c1d181e081fb7b7798a0000],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.Update3COMClassService, Mis en quarantaine, [773d3fb8ee9b2d09bb6c3935af547e82],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.Update3COMClassService.1.0, Mis en quarantaine, [4272db1c63268da90621076715ee31cf],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.Update3WebSvc, Mis en quarantaine, [ebc9f106d7b2d66083a4a9c561a27e82],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.Update3WebSvc.1.0, Mis en quarantaine, [a60e8275e5a41c1acb5c046ac14227d9],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\APPID\DuuquUpdate.exe, Mis en quarantaine, [6f45b641711894a2bc6a0f5f8083936d],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\MIME\DATABASE\CONTENT TYPE\application/x-vnd.duuqu.oneclickctrl.9, Mis en quarantaine, [199be2159fea8caa7eabcca2748f857b],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\MIME\DATABASE\CONTENT TYPE\application/x-vnd.duuqu.update3webcontrol.3, Mis en quarantaine, [476d10e7e7a23cfad059a7c7ca3918e8],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.CoreClass, Mis en quarantaine, [288c36c1c6c387afcf5890de6b98bf41],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.CoreClass.1, Mis en quarantaine, [2d8753a4c9c0b185c85f3d31fe05b44c],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.OnDemandCOMClassSvc, Mis en quarantaine, [922231c6d3b659dd081ff47a5ba817e9],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.OnDemandCOMClassSvc.1.0, Mis en quarantaine, [34806f88addc8caa1512a9c556ad758b],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.Update3COMClassService, Mis en quarantaine, [1b997e79612804321b0cd599ce3541bf],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.Update3COMClassService.1.0, Mis en quarantaine, [961efff8e0a967cff0376905877ccd33],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.Update3WebSvc, Mis en quarantaine, [942049ae731672c4052281ed5fa403fd],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.Update3WebSvc.1.0, Mis en quarantaine, [159f3bbca0e96dc92ff8026c3cc70df3],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\DuuquUpdate.exe, Mis en quarantaine, [8f2503f454355adc4dd984ea00032ed2],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MIME\DATABASE\CONTENT TYPE\application/x-vnd.duuqu.oneclickctrl.9, Mis en quarantaine, [12a2dc1b5f2af24401286e00a75ca35d],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MIME\DATABASE\CONTENT TYPE\application/x-vnd.duuqu.update3webcontrol.3, Mis en quarantaine, [6c4820d7c1c850e671b8f47a28dbad53],
Valeurs du Registre: 0
(Aucun �l�ment malicieux detect�)
Donn�es du Registre: 0
(Aucun �l�ment malicieux detect�)
Dossiers: 2
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
Fichiers: 8
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\chrome.manifest, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\install.rdf, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\framefox.js, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\framefox.png, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\prefman.js, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\script-compiler-overlay.xul, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\script-compiler.js, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\xmlhttprequester.js, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
Secteurs physiques: 0
(Aucun �l�ment malicieux detect�)
(end)
www.malwarebytes.org
Date de l'examen: 15/01/2015
Heure de l'examen: 13:33:20
Fichier journal: mb.txt
Administrateur: Oui
Version: 2.00.4.1028
Base de donn�es Malveillants: v2015.01.15.08
Base de donn�es Rootkits: v2015.01.14.01
Licence: Gratuit
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Auto-protection: D�sactiv�(e)
Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: Oursal Abourre
Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 373741
Temps �coul�: 24 min, 32 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristique: Activ�(e)
PUP: Avertir
PUM: Activ�(e)
Processus: 0
(Aucun �l�ment malicieux detect�)
Modules: 0
(Aucun �l�ment malicieux detect�)
Cl�s du Registre: 22
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.CoreClass, Mis en quarantaine, [b5ff698e55341e180e19c6a8b05360a0],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.CoreClass.1, Mis en quarantaine, [bafab443dbaeaf8748df7af48083639d],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.OnDemandCOMClassSvc, Mis en quarantaine, [892bd22596f303338f985519b05349b7],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.OnDemandCOMClassSvc.1.0, Mis en quarantaine, [852f04f36c1d181e081fb7b7798a0000],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.Update3COMClassService, Mis en quarantaine, [773d3fb8ee9b2d09bb6c3935af547e82],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.Update3COMClassService.1.0, Mis en quarantaine, [4272db1c63268da90621076715ee31cf],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.Update3WebSvc, Mis en quarantaine, [ebc9f106d7b2d66083a4a9c561a27e82],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\DuuquUpdate.Update3WebSvc.1.0, Mis en quarantaine, [a60e8275e5a41c1acb5c046ac14227d9],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\APPID\DuuquUpdate.exe, Mis en quarantaine, [6f45b641711894a2bc6a0f5f8083936d],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\MIME\DATABASE\CONTENT TYPE\application/x-vnd.duuqu.oneclickctrl.9, Mis en quarantaine, [199be2159fea8caa7eabcca2748f857b],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\CLASSES\MIME\DATABASE\CONTENT TYPE\application/x-vnd.duuqu.update3webcontrol.3, Mis en quarantaine, [476d10e7e7a23cfad059a7c7ca3918e8],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.CoreClass, Mis en quarantaine, [288c36c1c6c387afcf5890de6b98bf41],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.CoreClass.1, Mis en quarantaine, [2d8753a4c9c0b185c85f3d31fe05b44c],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.OnDemandCOMClassSvc, Mis en quarantaine, [922231c6d3b659dd081ff47a5ba817e9],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.OnDemandCOMClassSvc.1.0, Mis en quarantaine, [34806f88addc8caa1512a9c556ad758b],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.Update3COMClassService, Mis en quarantaine, [1b997e79612804321b0cd599ce3541bf],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.Update3COMClassService.1.0, Mis en quarantaine, [961efff8e0a967cff0376905877ccd33],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.Update3WebSvc, Mis en quarantaine, [942049ae731672c4052281ed5fa403fd],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DuuquUpdate.Update3WebSvc.1.0, Mis en quarantaine, [159f3bbca0e96dc92ff8026c3cc70df3],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\DuuquUpdate.exe, Mis en quarantaine, [8f2503f454355adc4dd984ea00032ed2],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MIME\DATABASE\CONTENT TYPE\application/x-vnd.duuqu.oneclickctrl.9, Mis en quarantaine, [12a2dc1b5f2af24401286e00a75ca35d],
PUP.Optional.Duuqu.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MIME\DATABASE\CONTENT TYPE\application/x-vnd.duuqu.update3webcontrol.3, Mis en quarantaine, [6c4820d7c1c850e671b8f47a28dbad53],
Valeurs du Registre: 0
(Aucun �l�ment malicieux detect�)
Donn�es du Registre: 0
(Aucun �l�ment malicieux detect�)
Dossiers: 2
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
Fichiers: 8
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\chrome.manifest, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\install.rdf, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\framefox.js, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\framefox.png, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\prefman.js, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\script-compiler-overlay.xul, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\script-compiler.js, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
PUP.Optional.FrameFox.A, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}\content\xmlhttprequester.js, Mis en quarantaine, [04b000f78efb45f11d453f2d0102827e],
Secteurs physiques: 0
(Aucun �l�ment malicieux detect�)
(end)