Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 10/04/2014
Heure de l'examen: 21:33:27
Fichier journal: Rapport mbam 20140410.txt
Administrateur: Oui

Version: 2.00.1.1004
Base de données Malveillants: v2014.04.10.07
Base de données Rootkits: v2014.03.27.01
Licence: Gratuite
Protection contre les malveillants: Désactivé(e)
Protection contre les sites Web malveillants: Désactivé(e)
Chameleon: Désactivé(e)

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Stéphane

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 274161
Temps écoulé: 14 min, 32 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Shuriken: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Clés du Registre: 48
Trojan.Downloader, HKLM\SOFTWARE\CLASSES\APPID\{90A52F08-64AC-4DC6-9D7D-4516670275D3}, Mis en quarantaine, [6946b474c0bbb3834e422811956dd828], 
Trojan.Downloader, HKLM\SOFTWARE\CLASSES\TYPELIB\{90A52F08-64AC-4DC6-9D7D-4516670275D3}, Mis en quarantaine, [6946b474c0bbb3834e422811956dd828], 
Trojan.Downloader, HKLM\SOFTWARE\CLASSES\INTERFACE\{6C51F7E9-8542-4F25-A30F-2060157752E1}, Mis en quarantaine, [6946b474c0bbb3834e422811956dd828], 
Trojan.Downloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6C51F7E9-8542-4F25-A30F-2060157752E1}, Mis en quarantaine, [6946b474c0bbb3834e422811956dd828], 
Trojan.Downloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{90A52F08-64AC-4DC6-9D7D-4516670275D3}, Mis en quarantaine, [6946b474c0bbb3834e422811956dd828], 
Trojan.Downloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{90A52F08-64AC-4DC6-9D7D-4516670275D3}, Mis en quarantaine, [6946b474c0bbb3834e422811956dd828], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0400EBCA-042C-4000-AA89-9713FBEDB671}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0400EBCA-042C-4000-AA89-9713FBEDB671}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, Mis en quarantaine, [af00a97fe89301357ddc70d6b74be020], 
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\Nosibay.SurfMatch, Mis en quarantaine, [9c13bb6dabd094a2be3fb857c042be42], 
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\Nosibay.SurfMatch.1, Mis en quarantaine, [e1ce42e69be0aa8c936a12fde2204ab6], 
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Nosibay.SurfMatch, Mis en quarantaine, [e1ce42e69be0aa8c936a12fde2204ab6], 
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Nosibay.SurfMatch.1, Mis en quarantaine, [e1ce42e69be0aa8c936a12fde2204ab6], 
PUP.Optional.OfferBox.A, HKLM\SOFTWARE\CLASSES\OKitSpace, Mis en quarantaine, [f5ba3deb84f7ce68ac4e2be71ae8b848], 
PUP.Optional.OfferBox.A, HKLM\SOFTWARE\CLASSES\OKitSpace.1, Mis en quarantaine, [c8e7c2665e1dc96def0b34de21e1669a], 
PUP.Optional.OfferBox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OKitSpace, Mis en quarantaine, [c8e7c2665e1dc96def0b34de21e1669a], 
PUP.Optional.OfferBox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OKitSpace.1, Mis en quarantaine, [c8e7c2665e1dc96def0b34de21e1669a], 
PUP.Optional.OKitSpace.A, HKLM\SOFTWARE\CLASSES\APPID\OKitSpace.DLL, Mis en quarantaine, [6649de4a205b4aec451eb6c0976b32ce], 
PUP.Optional.DiscountDragon.A, HKLM\SOFTWARE\WOW6432NODE\Discount Dragon, Mis en quarantaine, [f7b81414ed8ead89d1161f4d5ba7916f], 
PUP.Optional.FindRight.A, HKLM\SOFTWARE\WOW6432NODE\FindRight, Mis en quarantaine, [7e31bd6b9fdc5bdb9ec61d534fb38977], 
PUP.Optional.OKitSpace.A, HKLM\SOFTWARE\WOW6432NODE\OKitSpace, Mis en quarantaine, [b0ff57d1e5969f975114a9cd3dc5c040], 
PUP.Optional.OKitSpace.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\OKitSpace.DLL, Mis en quarantaine, [bff075b32c4fa78fc0a3e19517eb7a86], 
PUP.Optional.FindRight.A, HKU\S-1-5-21-1579718804-2232042044-1324881323-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\FindRight, Mis en quarantaine, [0aa52dfb3d3e6ec8cd98254b5da54bb5], 

Valeurs du Registre: 0
(No malicious items detected)

Données du Registre: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplacé,[307f969298e339fdd0e034e8a163e31d]

Dossiers: 4
PUP.Optional.Delta.A, C:\Users\Stéphane\AppData\Local\Temp\mt_ffx\Delta, Mis en quarantaine, [9e11002805769b9bcfe26fe9af5339c7], 
PUP.Optional.Delta.A, C:\Users\Stéphane\AppData\Local\Temp\mt_ffx\Delta\delta, Mis en quarantaine, [9e11002805769b9bcfe26fe9af5339c7], 
PUP.Optional.Delta.A, C:\Users\Stéphane\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.22.0, Mis en quarantaine, [9e11002805769b9bcfe26fe9af5339c7], 
PUP.Optional.Conduit.A, C:\Users\Stéphane\AppData\Local\Temp\ct3281621, Mis en quarantaine, [7639dd4b502b072fc547332652b01ae6], 

Fichiers: 39
PUP.Optional.InstallCore.A, C:\Users\Stéphane\Desktop\BlueStacks-SplitInstaller_native(1).exe, Mis en quarantaine, [6847ff294f2c7bbb7f8c9365cb38eb15], 
PUP.OfferBundler.ST, C:\SoftonicDownloader_pour_free-youtube-to-mp3-converter.exe, Mis en quarantaine, [7e312800f7842e0831da8004ed13c53b], 
PUP.Optional.SkyTech.A, C:\Users\Stéphane\AppData\Local\Temp\vit_sweet-page.exe, Mis en quarantaine, [c6e94fd9b2c9ca6c1f8bd9768180ef11], 
PUP.Optional.Amonetize, C:\Users\Stéphane\AppData\Local\Temp\setup__4921.exe, Mis en quarantaine, [a10ea97fd2a996a024b0fb39ae525fa1], 
PUP.Optional.OpenCandy, C:\Users\Stéphane\AppData\Local\Temp\_MTB613824819424813112011.exe, Mis en quarantaine, [4669181055262610b4496ad5ef159c64], 
PUP.Optional.Vittalia, C:\Users\Stéphane\AppData\Local\Temp\1396444374itinstallerp.exe, Mis en quarantaine, [ecc3f6328fec69cd5f7d53afb54c926e], 
PUP.Optional.VIT.A, C:\Users\Stéphane\AppData\Local\Temp\instloffer.exe, Mis en quarantaine, [7c3388a07704f2445b40f60de41d07f9], 
PUP.Optional.MySearchDial.A, C:\Users\Stéphane\AppData\Local\Temp\Mysearchdial.exe.1621786, Mis en quarantaine, [1b94a8802358dd5964a5edc28c7745bb], 
PUP.Optional.NationZoom.A, C:\Users\Stéphane\AppData\Local\Temp\fullpackage_temp1389218435\Baofeng.exe, Mis en quarantaine, [d5da8a9e2754aa8c89ddad80aa56e917], 
PUP.Optional.SkyTech.A, C:\Users\Stéphane\AppData\Local\Temp\fullpackage_temp1389218435\UpDate.dll, Mis en quarantaine, [4867b57386f5bd79a46e1f13b14f48b8], 
PUP.Optional.WpManager.A, C:\Users\Stéphane\AppData\Local\Temp\fullpackage_temp1389218435\tmp\wpm.exe, Mis en quarantaine, [9619c365e4971b1b4020ae94e61b03fd], 
PUP.Optional.Conduit.A, C:\Users\Stéphane\AppData\Local\Temp\ct3281621\stub.exe, Mis en quarantaine, [f8b77eaa90eb56e03cdca786709003fd], 
PUP.Optional.BubbleDock.A, C:\Users\Stéphane\AppData\Local\Temp\142014145427\Uninstall Bubble Dock.exe, Mis en quarantaine, [8629f533e398fd392ac7062dd32e7f81], 
PUP.Optional.BubbleDock.A, C:\Users\Stéphane\AppData\Local\Temp\142014150553\Uninstall Bubble Dock.exe, Mis en quarantaine, [e0cfba6e1665de588071f43fb64b0df3], 
PUP.Optional.Vittalia, C:\Users\Stéphane\AppData\Local\Temp\nsaA583.tmp\tkDecript.dll, Mis en quarantaine, [0fa0240497e42214a66fe48f2bd6fd03], 
PUP.Optional.Vittalia, C:\Users\Stéphane\AppData\Local\Temp\nsi3F71.tmp\tkDecript.dll, Mis en quarantaine, [8728d35585f6d165a372b9bad52ce719], 
PUP.Optional.Vittalia, C:\Users\Stéphane\AppData\Local\Temp\nsi7A4F.tmp\tkDecript.dll, Mis en quarantaine, [c2edcf5967141323b75e78fb827f1ae6], 
PUP.Optional.Conduit.A, C:\Users\Stéphane\AppData\Local\Temp\nspB3F4.tmp\mconduitinstaller.exe, Mis en quarantaine, [426d7aaea0db0b2b5624271751affc04], 
PUP.Optional.Vittalia, C:\Users\Stéphane\AppData\Local\Temp\nssB683.tmp\tkDecript.dll, Mis en quarantaine, [fab554d43f3cd85e74a1e390827fe818], 
PUP.Optional.Babylon.A, C:\Users\Stéphane\AppData\Local\Temp\F99EC938-BAB0-7891-8A09-71221960E194\CrxInstaller.dll, Mis en quarantaine, [2689111725562f0743394ec4b948fd03], 
PUP.Optional.Babylon.A, C:\Users\Stéphane\AppData\Local\Temp\F99EC938-BAB0-7891-8A09-71221960E194\MntrDLLInstall.dll, Mis en quarantaine, [1f90091f43380d2990ed030f20e1817f], 
PUP.Optional.Babylon.A, C:\Users\Stéphane\AppData\Local\Temp\F99EC938-BAB0-7891-8A09-71221960E194\Setup.exe, Mis en quarantaine, [654a5cccbbc0dc5a34ed09159e627789], 
PUP.Optional.Vittalia, C:\Users\Stéphane\AppData\Local\Temp\nsuD163.tmp\tkDecript.dll, Mis en quarantaine, [f4bb31f746351224f223086b3cc59a66], 
PUP.Optional.BabSolution.A, C:\Users\Stéphane\AppData\Local\Temp\bus97AC\BUSolution.dll, Mis en quarantaine, [802fd850265574c2f5d31ee768999c64], 
PUP.Optional.ToolBarInstaller.A, C:\Users\Stéphane\AppData\Local\Temp\is-0RL4F.tmp\BuenoSearchTB.exe, Mis en quarantaine, [d3dc3eeabac1fe38d5be2cc9e320fe02], 
PUP.Optional.InstallMonetizer.A, C:\Users\Stéphane\AppData\Local\Temp\is-2U313.tmp\InstallManager.exe, Mis en quarantaine, [b7f8b771ff7c8bab049408186c9507f9], 
PUP.Optional.Iminent.A, C:\Users\Stéphane\AppData\Local\Temp\is-7TH1R.tmp\IminentSetup.exe, Mis en quarantaine, [357a899f037839fdfa0d2ff812ef6997], 
PUP.Optional.InstallMonetizer.A, C:\Users\Stéphane\AppData\Local\Temp\is-ER6U8.tmp\InstallManager.exe, Mis en quarantaine, [d3dcf3354e2d3105b4e44fd199687a86], 
PUP.Optional.OpenCandy, C:\Users\Stéphane\Downloads\aTube_Catcher_Setup.exe, Mis en quarantaine, [d5da25039dde0630fffe56e9e71de917], 
PUP.Optional.Softonic.A, C:\Users\Stéphane\Downloads\SoftonicDownloader_for_daemon-tools.exe, Mis en quarantaine, [cde2f0387efdda5ce296041538c9936d], 
PUP.Optional.OpenCandy, C:\Users\Stéphane\Downloads\veetle-0.9.19.exe, Mis en quarantaine, [3f707cac403bb185629bd56ac93bb848], 
PUP.Optional.Vittalia, C:\Users\Stéphane\Downloads\installer_bluestacks_0_7_16_910_French(1).exe, Mis en quarantaine, [b7f82008077442f4879bb996eb16b34d], 
PUP.Optional.Vittalia, C:\Users\Stéphane\Downloads\installer_bluestacks_0_7_16_910_French.exe, Mis en quarantaine, [0ba4a97f7b00c6704ad8034cea1745bb], 
PUP.Optional.Freemium.A, C:\Users\Stéphane\Downloads\installer_itunes_French.exe, Mis en quarantaine, [624dd65282f91026cf666bb5659c45bb], 
PUP.Optional.SmartBar.A, C:\Windows\Installer\23d5b.msi, Mis en quarantaine, [01aeb77182f96bcbeee6d84f13ed2cd4], 
PUP.Optional.FindRight.A, C:\Users\Stéphane\AppData\Roaming\Mozilla\Firefox\Profiles\0lk5b017.default\extensions\{42e50651-9669-456e-9081-d5a836274274}.xpi, Mis en quarantaine, [931c5ccce497cd69f3a55811fd05d42c], 
PUP.Optional.Bubbledock.A, C:\Users\Stéphane\AppData\Roaming\Bubble Dock.boostrap.log, Mis en quarantaine, [bff09593c1ba47efeb2f4a2a3bc741bf], 
PUP.Optional.BenchUpdater.A, C:\Windows\Tasks\bench-Updater removing.job, Mis en quarantaine, [159a4ade2a51c07664fd2b4b22e03ac6], 
PUP.Optional.Conduit.A, C:\Users\Stéphane\AppData\Local\Temp\ct3281621\chLogic.exe, Mis en quarantaine, [7639dd4b502b072fc547332652b01ae6], 

Secteurs physiques: 0
(No malicious items detected)


(end)