Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 27/06/2014
Heure de l'examen: 00:25:14
Fichier journal: mal.txt
Administrateur: Oui

Version: 2.00.2.1012
Base de données Malveillants: v2014.06.26.09
Base de données Rootkits: v2014.06.23.02
Licence: Gratuite
Protection contre les malveillants: Désactivé(e)
Protection contre les sites Web malveillants: Désactivé(e)
Self-protection: Désactivé(e)

Système d'exploitation: Windows XP Service Pack 3
Processeur: x86
Système de fichiers: FAT32
Utilisateur: Denis de HARO

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 301942
Temps écoulé: 1 h, 37 min, 8 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristics: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 6
Adware.Tuto4PC, C:\Program Files\fst_fr_255\fst_fr_255.exe, 3584, Supprimé-au-redémarrage, [1cf5e499fb809d9991368a83758cf10f]
PUP.Optional.Firseria, C:\Documents and Settings\Denis de HARO\Mes documents\TÃ©lÃ©chargements\Windows%207%20familial%20premium%20SP1%20U%20ISO%20Francais%20x64.exe, 7024, Supprimé-au-redémarrage, [62af027b126991a5fe64515eff05f907]
PUP.Optional.FirstSeenToday.A, C:\Program Files\fst_fr_255\fst_fr_255.exe, 3584, Supprimé-au-redémarrage, [e03192eb4734f83e991d93295da5916f]
Adware.EoRezo, C:\Documents and Settings\Denis de HARO\Local Settings\Application Data\fst_fr_255\upfst_fr_255.exe, 3260, Supprimé-au-redémarrage, [3ad78af32a5144f207482ad9a65e45bb]
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\ViewPasswordon174.exe, 11284, Supprimé-au-redémarrage, [57ba38452457d165ae558723ef13ad53]
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\wdViewPasswordX.exe, 3392, Supprimé-au-redémarrage, [57ba38452457d165ae558723ef13ad53]

Modules: 1
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\ViewPasswordon174.dll, Supprimé-au-redémarrage, [57ba38452457d165ae558723ef13ad53], 

Clés du Registre: 11
PUP.Optional.SuperFish.A, HKU\S-1-5-21-1570106061-833509052-641237796-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Mis en quarantaine, [f61b2459a9d29a9c3dcf02a9ad55b749], 
Adware.EoRezo, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\fst_fr_255_is1, Mis en quarantaine, [63ae2a533f3c3402fb50d9c3956df20e], 
PUP.Optional.ViewPassword.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\B800FCEC-6357-A5E7-D27D-6834D5A7A88F, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, HKLM\SOFTWARE\CLASSES\CLSID\{C27A6CC0-EC7F-6C40-D81C-C2C0E86CB95B}, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{DD9AC078-326F-5AB1-57C3-3B8EFE00B05B}, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E3270255-EB96-FE1A-77AB-26BE249E1CFF}, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C27A6CC0-EC7F-6C40-D81C-C2C0E86CB95B}, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, HKU\S-1-5-21-1570106061-833509052-641237796-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C27A6CC0-EC7F-6C40-D81C-C2C0E86CB95B}, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, HKU\S-1-5-21-1570106061-833509052-641237796-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C27A6CC0-EC7F-6C40-D81C-C2C0E86CB95B}, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, HKLM\SOFTWARE\CLASSES\CLSID\{C27A6CC0-EC7F-6C40-D81C-C2C0E86CB95B}\INPROCSERVER32, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ViewPassword, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 

Valeurs du Registre: 3
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_fr_255, "C:\Program Files\fst_fr_255\fst_fr_255.exe", Mis en quarantaine, [1cf5e499fb809d9991368a83758cf10f]
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_fr_255, "C:\Program Files\fst_fr_255\fst_fr_255.exe", Mis en quarantaine, [e03192eb4734f83e991d93295da5916f]
Adware.EoRezo, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|upfst_fr_255.exe, C:\Documents and Settings\Denis de HARO\Local Settings\Application Data\fst_fr_255\upfst_fr_255.exe -runhelper, Mis en quarantaine, [3ad78af32a5144f207482ad9a65e45bb]

Données du Registre: 0
(No malicious items detected)

Dossiers: 5
Adware.EoRezo, C:\Documents and Settings\Denis de HARO\Local Settings\Application Data\fst_fr_255, Supprimé-au-redémarrage, [17facfaeea9169cd2d1bf9a3cd35e21e], 
Adware.EoRezo, C:\Documents and Settings\Denis de HARO\Local Settings\Application Data\fst_fr_255\fst_fr_255, Supprimé-au-redémarrage, [17facfaeea9169cd2d1bf9a3cd35e21e], 
Adware.EoRezo, C:\Documents and Settings\Denis de HARO\Local Settings\Application Data\fst_fr_255\fst_fr_255\1.10, Supprimé-au-redémarrage, [17facfaeea9169cd2d1bf9a3cd35e21e], 
Adware.EoRezo, C:\Program Files\fst_fr_255, Supprimé-au-redémarrage, [63ae2a533f3c3402fb50d9c3956df20e], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft, Supprimé-au-redémarrage, [57ba38452457d165ae558723ef13ad53], 

Fichiers: 30
Adware.Tuto4PC, C:\Program Files\fst_fr_255\fst_fr_255.exe, Supprimé-au-redémarrage, [1cf5e499fb809d9991368a83758cf10f], 
PUP.Optional.Firseria, C:\Documents and Settings\Denis de HARO\Mes documents\TÃ©lÃ©chargements\Windows%207%20familial%20premium%20SP1%20U%20ISO%20Francais%20x64.exe, Supprimé-au-redémarrage, [62af027b126991a5fe64515eff05f907], 
PUP.Optional.BundleInstaller.A, C:\Documents and Settings\Denis de HARO\Local Settings\Temp\n6404\s6404.exe, Supprimé-au-redémarrage, [eb26ff7ea5d660d62cc19cad738dd32d], 
PUP.Optional.BundleInstaller.A, C:\Documents and Settings\Denis de HARO\Local Settings\Temp\n8465\s8465.exe, Mis en quarantaine, [28e980fded8e1125638a1a2f808020e0], 
PUP.Optional.ViewPassword.A, C:\WINDOWS\Tasks\ViewPassword Update.job, Mis en quarantaine, [e0318feed3a8fe3840dd6064956da858], 
PUP.Optional.ViewPassword.A, C:\WINDOWS\Tasks\ViewPassword_wd.job, Mis en quarantaine, [39d8aad35a211e18ad704e7679892bd5], 
PUP.Optional.FirstSeenToday.A, C:\Program Files\fst_fr_255\fst_fr_255.exe, Supprimé-au-redémarrage, [e03192eb4734f83e991d93295da5916f], 
Adware.EoRezo, C:\Documents and Settings\Denis de HARO\Local Settings\Application Data\fst_fr_255\upfst_fr_255.exe, Supprimé-au-redémarrage, [3ad78af32a5144f207482ad9a65e45bb], 
Adware.EoRezo, C:\Documents and Settings\Denis de HARO\Local Settings\Application Data\fst_fr_255\user_profil.cyp, Mis en quarantaine, [17facfaeea9169cd2d1bf9a3cd35e21e], 
Adware.EoRezo, C:\Documents and Settings\Denis de HARO\Local Settings\Application Data\fst_fr_255\upfst_fr_255.cyl, Mis en quarantaine, [17facfaeea9169cd2d1bf9a3cd35e21e], 
Adware.EoRezo, C:\Documents and Settings\Denis de HARO\Local Settings\Application Data\fst_fr_255\fst_fr_255\1.10\cnf.cyl, Mis en quarantaine, [17facfaeea9169cd2d1bf9a3cd35e21e], 
Adware.EoRezo, C:\Documents and Settings\Denis de HARO\Local Settings\Application Data\fst_fr_255\fst_fr_255\1.10\eorezo.cyl, Mis en quarantaine, [17facfaeea9169cd2d1bf9a3cd35e21e], 
Adware.EoRezo, C:\Program Files\fst_fr_255\unins000.dat, Mis en quarantaine, [63ae2a533f3c3402fb50d9c3956df20e], 
Adware.EoRezo, C:\Program Files\fst_fr_255\unins000.exe, Mis en quarantaine, [63ae2a533f3c3402fb50d9c3956df20e], 
Adware.EoRezo, C:\Program Files\fst_fr_255\predm.exe, Mis en quarantaine, [63ae2a533f3c3402fb50d9c3956df20e], 
Adware.EoRezo, C:\Program Files\fst_fr_255\freeSoftToday_widget.exe, Mis en quarantaine, [63ae2a533f3c3402fb50d9c3956df20e], 
Adware.EoRezo, C:\Program Files\fst_fr_255\unins000.msg, Mis en quarantaine, [63ae2a533f3c3402fb50d9c3956df20e], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\Sqlite3.dll, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\ViewPasswordon174.bin, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\a.db, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\b.db, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\Uninstall.exe, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\174.dll, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\174.xpi, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\ViewPasswordon174.exe, Supprimé-au-redémarrage, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\ViewPasswordon174.dll, Supprimé-au-redémarrage, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\wdViewPasswordX.exe, Supprimé-au-redémarrage, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\appViewPasswordn16.exe, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\174.dat, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 
PUP.Optional.ViewPassword.A, C:\Program Files\-ViewPassword-soft\ViewPasswordon174.ini, Mis en quarantaine, [57ba38452457d165ae558723ef13ad53], 

Secteurs physiques: 0
(No malicious items detected)


(end)