Malwarebytes' Anti-Malware 1.51.2.1300
Database version: 7622
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
15/02/2012 19:50:31
mbam-log-2012-02-15 (19-50-31).txt
Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 281194
Time elapsed: 1 hour(s), 8 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 6
Files Infected: 33
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\PCTutoBHO.PCTBHO.1 (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\PCTutoBHO.PCTBHO (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423A-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423A-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423A-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCTuto_is1 (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MAJTuto (Adware.EoRezo) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (PUM.Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
c:\program files\agence-exclusive (Trojan.Eorezo) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\agence-exclusive\agence-exclusive (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\agence-exclusive\agence-exclusive\Download (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\agence-exclusive\agence-exclusive\Software (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\agence-exclusive\agence-exclusive\Software\maj (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\agence-exclusive\agence-exclusive\Software\maj\1.0.0.0 (PUP.Tuto4PC) -> Quarantined and deleted successfully.
Files Infected:
c:\documents and settings\administrateur\local settings\Temp\is-ITCTM.tmp\PCTuto\derniere_etape.exe (Trojan.Eorezo) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\mes documents\downloads\compressed\probleme msn\patch anti mise a jour msn messenger 7.5.exe (Adware.Onlinegames) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\mes documents\downloads\Programs\tuto_spybot.exe (Trojan.Eorezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{f5de0e84-117c-4eba-b479-f052019fa0f0}\RP140\A0098499.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{f5de0e84-117c-4eba-b479-f052019fa0f0}\RP145\A0099058.exe (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\system volume information\_restore{f5de0e84-117c-4eba-b479-f052019fa0f0}\RP145\A0099059.exe (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\system volume information\_restore{f5de0e84-117c-4eba-b479-f052019fa0f0}\RP145\A0099060.exe (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\system volume information\_restore{f5de0e84-117c-4eba-b479-f052019fa0f0}\RP146\A0099584.exe (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\system volume information\_restore{f5de0e84-117c-4eba-b479-f052019fa0f0}\RP146\A0099585.exe (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\system volume information\_restore{f5de0e84-117c-4eba-b479-f052019fa0f0}\RP146\A0099594.exe (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\system volume information\_restore{f5de0e84-117c-4eba-b479-f052019fa0f0}\RP146\A0099588.dll (Adware.Eorezo) -> Quarantined and deleted successfully.
d:\Internet\internet\idman\internet download manger 5.18 build 3 full version by stonecold_91\idm\Patch.exe (Riskware.Tool.CK) -> Not selected for removal.
d:\Internet\internet 2\antivirus\avira 10.0.0.565\nouveau dossier\m2d.avira.keys.&activation.by.mooooka\key finder 2.4\avk-v2.4-en.exe (RiskWare.Tool.CK) -> Not selected for removal.
d:\Internet\internet 2\windriver ghost 2.02\Crack\windriver.ghost.2.02.crack-rev.exe (RiskWare.Tool.CK) -> Not selected for removal.
d:\Internet\internet 2\idman\internet download manager 6.05b7\internet download manager 6.05b7\patch & keygen brd\Patch.exe (Riskware.Tool.CK) -> Not selected for removal.
d:\Internet\internet 2\idman\internet download manager 6.05b7\nouveau dossier\internet download manager 6.05b7\patch & keygen brd\Keygen.exe (Riskware.Tool.CK) -> Not selected for removal.
d:\Internet\internet 2\idman\internet download manager 6.05b7\nouveau dossier\internet download manager 6.05b7\patch & keygen brd\Patch.exe (Riskware.Tool.CK) -> Not selected for removal.
d:\Internet\internet-1\windriver ghost 2.02\Crack\windriver.ghost.2.02.crack-rev.exe (RiskWare.Tool.CK) -> Not selected for removal.
d:\logiciels\photoshop 9 cs2\adobe(r) photoshop(r) cs2\كراك\keygen\keygen.exe (Trojan.Agent.CK) -> Not selected for removal.
d:\logiciels\recovermyfile\getdata.recover.my.files.v4.0.4.448.readnfo_crkexe-fff\armaccess.dll (Malware.Packer) -> Not selected for removal.
d:\RACHID\install win de usb\nouveau dossier\thedjcode book.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
d:\RACHID\install win de usb\winsetupfromusb\winsetupfromusb-0.1.exe (Adware.Onlinegames) -> Quarantined and deleted successfully.
d:\RACHID\logiciel\cdburnerxp 4.2.7.1875\Stubs\39436be276998c921c15a52371c4ec3f8827ad\nmsaccessu.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
c:\program files\agence-exclusive\confmedia.cyp (Trojan.Eorezo) -> Quarantined and deleted successfully.
c:\program files\agence-exclusive\unins000.dat (Trojan.Eorezo) -> Quarantined and deleted successfully.
c:\program files\agence-exclusive\unins000.exe (Trojan.Eorezo) -> Quarantined and deleted successfully.
c:\program files\agence-exclusive\unins001.dat (Trojan.Eorezo) -> Quarantined and deleted successfully.
c:\program files\agence-exclusive\unins001.exe (Trojan.Eorezo) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\agence-exclusive\agence-exclusive\user_config.cyp (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\agence-exclusive\agence-exclusive\help_config.cyp (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\agence-exclusive\agence-exclusive\shared.cyp (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\agence-exclusive\agence-exclusive\user_profil.cyp (PUP.Tuto4PC) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\application data\MAJTuto\MAJTuto.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
