Salut, Pourriez vous vérifier le contenu du fichier Log générer par le logiciel adware. En effet j'expérimente depuis quelques temps des petits soucis à l'installation de certains logiciel sur mon poste. De plus j'ai de nombreuses Popup lorsque je consulte Internet. Merci d'avance pour votre aide - David Lavasoft Ad-aware Personal Build 1.03 Logfile created on:vendredi 27 août 2004 16:50:56 Created with Ad-aware SE Personal, free for private use. Using definitions file:SE1R3 12.08.2004 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 180Solutions(TAC index:8):6 total references Alexa(TAC index:5):1 total references BargainBuddy(TAC index:8):2 total references DyFuCA(TAC index:3):49 total references istbar(TAC index:6):29 total references Other(TAC index:5):12 total references Possible Browser Hijack attempt(TAC index:3):1 total references Powerscan(TAC index:5):9 total references SideFind(TAC index:5):19 total references StopPop(TAC index:3):1 total references Tracking Cookie(TAC index:3):23 total references VX2(TAC index:10):30 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-aware Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-aware settings in log file Set : Include additional Ad-aware settings in log file Set : Include reference summary in log file Set : Backup current definitions file before updating Set : Play sound at scan completion if scan locates critical objects 27-08-2004 16:50:56 - Scan started. (Full System Scan) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 432 ThreadCreationTime : 27-08-2004 14:37:26 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 480 ThreadCreationTime : 27-08-2004 14:37:28 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 512 ThreadCreationTime : 27-08-2004 14:37:29 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 556 ThreadCreationTime : 27-08-2004 14:37:29 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Système d'exploitation Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Applications Services et Contrôleur InternalName : services.exe LegalCopyright : © Microsoft Corporation. Tous droits réservés. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 568 ThreadCreationTime : 27-08-2004 14:37:29 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [ati2evxx.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 740 ThreadCreationTime : 27-08-2004 14:37:30 BasePriority : Normal #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 768 ThreadCreationTime : 27-08-2004 14:37:30 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 792 ThreadCreationTime : 27-08-2004 14:37:30 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 860 ThreadCreationTime : 27-08-2004 14:37:30 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 884 ThreadCreationTime : 27-08-2004 14:37:30 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1012 ThreadCreationTime : 27-08-2004 14:37:31 BasePriority : Normal FileVersion : 5.1.2600.0 (XPClient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:12 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1112 ThreadCreationTime : 27-08-2004 14:37:31 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:13 [defwatch.exe] FilePath : C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\ ProcessID : 1148 ThreadCreationTime : 27-08-2004 14:37:31 BasePriority : Normal FileVersion : 8.00.00.9374 ProductVersion : 8.00.00.9374 ProductName : Norton AntiVirus CompanyName : Symantec Corporation FileDescription : Virus Definition Daemon InternalName : DefWatch LegalCopyright : Copyright © 1998 Symantec Corporation OriginalFilename : DefWatch.exe #:14 [mdm.exe] FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\ ProcessID : 1192 ThreadCreationTime : 27-08-2004 14:37:31 BasePriority : Normal FileVersion : 7.00.9466 ProductVersion : 7.00.9466 ProductName : Microsoft® Visual Studio .NET CompanyName : Microsoft Corporation FileDescription : Machine Debug Manager InternalName : mdm.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : mdm.exe #:15 [rtvscan.exe] FilePath : C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\ ProcessID : 1272 ThreadCreationTime : 27-08-2004 14:37:32 BasePriority : Normal FileVersion : 8.00.00.9374 ProductVersion : 8.00.00.9374 ProductName : Symantec AntiVirus CompanyName : Symantec Corporation FileDescription : Symantec AntiVirus LegalCopyright : Copyright (C) Symantec Corporation 1991-2002 #:16 [smagent.exe] FilePath : C:\Program Files\Analog Devices\SoundMAX\ ProcessID : 1304 ThreadCreationTime : 27-08-2004 14:37:32 BasePriority : Normal FileVersion : 3, 2, 6, 0 ProductVersion : 3, 2, 6, 0 ProductName : SoundMAX service agent CompanyName : Analog Devices, Inc. FileDescription : SoundMAX service agent component InternalName : SMAgent LegalCopyright : Copyright © 2002 OriginalFilename : SMAgent.exe #:17 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1324 ThreadCreationTime : 27-08-2004 14:37:32 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:18 [winvnc4.exe] FilePath : C:\Program Files\RealVNC\VNC4\ ProcessID : 1400 ThreadCreationTime : 27-08-2004 14:37:32 BasePriority : Normal FileVersion : 4.0b4 ProductVersion : 4.0b4 ProductName : VNC Server 4.0 CompanyName : RealVNC Ltd. FileDescription : VNC Server for Win32 InternalName : WinVNC 4.0 LegalCopyright : Copyright © RealVNC Ltd. 2002-2003 LegalTrademarks : RealVNC OriginalFilename : winvnc4.exe #:19 [ati2evxx.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 396 ThreadCreationTime : 27-08-2004 14:39:12 BasePriority : Normal #:20 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 476 ThreadCreationTime : 27-08-2004 14:39:12 BasePriority : Normal FileVersion : 6.00.2800.1221 (xpsp2.030511-1403) ProductVersion : 6.00.2800.1221 ProductName : Système d'exploitation Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Explorateur Windows InternalName : explorer LegalCopyright : © Microsoft Corporation. Tous droits réservés. OriginalFilename : EXPLORER.EXE #:21 [smax4pnp.exe] FilePath : C:\Program Files\Analog Devices\SoundMAX\ ProcessID : 868 ThreadCreationTime : 27-08-2004 14:39:12 BasePriority : Normal FileVersion : 4, 0, 4, 11 ProductVersion : 4, 0, 4, 11 ProductName : SMax4PNP Application CompanyName : Analog Devices, Inc. FileDescription : SMax4PNP MFC Application InternalName : SMax4PNP LegalCopyright : Copyright (C) 2002-2003 Analog Devices OriginalFilename : SMax4PNP.EXE #:22 [smax4.exe] FilePath : C:\Program Files\Analog Devices\SoundMAX\ ProcessID : 972 ThreadCreationTime : 27-08-2004 14:39:12 BasePriority : Normal FileVersion : 4, 0, 4, 25 ProductVersion : 4, 0, 4, 25 ProductName : SoundMAX Control Panel CompanyName : Analog Devices, Inc. FileDescription : SoundMAX Control Center InternalName : SMax4 LegalCopyright : Copyright © 2002-2003, Analog Devices OriginalFilename : SMax4.EXE #:23 [atiptaxx.exe] FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\ ProcessID : 1000 ThreadCreationTime : 27-08-2004 14:39:13 BasePriority : Normal FileVersion : 6.14.10.5046 ProductVersion : 6.14.10.5046 ProductName : ATI Desktop Component CompanyName : ATI Technologies, Inc. FileDescription : ATI Desktop Control Panel InternalName : Atiptaxx.exe LegalCopyright : Copyright (C) 1998-2002 ATI Technologies Inc. OriginalFilename : Atiptaxx.exe #:24 [g-vga.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1056 ThreadCreationTime : 27-08-2004 14:39:13 BasePriority : Normal FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : Menu Application FileDescription : Menu MFC Application InternalName : Menu LegalCopyright : Copyright (C) 2001 OriginalFilename : Menu.EXE #:25 [vptray.exe] FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\ ProcessID : 1176 ThreadCreationTime : 27-08-2004 14:39:13 BasePriority : Normal FileVersion : 8.00.00.9374 ProductVersion : 8.00.00.9374 ProductName : Symantec AntiVirus CompanyName : Symantec Corporation FileDescription : Symantec AntiVirus LegalCopyright : Copyright (C) Symantec Corporation 1991-2002 #:26 [hpztsb09.exe] FilePath : C:\WINDOWS\System32\spool\drivers\w32x86\3\ ProcessID : 1244 ThreadCreationTime : 27-08-2004 14:39:13 BasePriority : Normal FileVersion : 2.236.2.0 ProductVersion : 2.236.2.0 ProductName : HP DeskJet CompanyName : HP LegalCopyright : Copyright (c) Hewlett-Packard Company 1999-2003 #:27 [hpwuschd.exe] FilePath : C:\Program Files\Hewlett-Packard\HP Software Update\ ProcessID : 1296 ThreadCreationTime : 27-08-2004 14:39:13 BasePriority : Normal FileVersion : 1, 0, 0, 2 ProductVersion : 1, 0, 0, 2 ProductName : Hewlett-Packard hpwuSchd CompanyName : Hewlett-Packard FileDescription : hpwuSchd InternalName : hpwuSchd LegalCopyright : Copyright © 2003 OriginalFilename : hpwuSchd.exe #:28 [hpcmpmgr.exe] FilePath : C:\Program Files\HP\hpcoretech\ ProcessID : 1600 ThreadCreationTime : 27-08-2004 14:39:14 BasePriority : Normal FileVersion : 2.1.1 ProductVersion : 2.1.1 ProductName : hp coretech (COmponent REuse TECHnology) CompanyName : Hewlett-Packard Company FileDescription : HP Framework Component Manager Service InternalName : HPComponentManagerService module LegalCopyright : Copyright (C) Hewlett-Packard. 2002-2003 OriginalFilename : HPCmpMgr.exe #:29 [hpotdd01.exe] FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\ ProcessID : 1620 ThreadCreationTime : 27-08-2004 14:39:14 BasePriority : Normal FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : Hewlett-Packard hpotdd01 CompanyName : Hewlett-Packard FileDescription : hpotdd01 InternalName : hpotdd01 LegalCopyright : Copyright © 2002 OriginalFilename : hpotdd01.exe #:30 [mmtray.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1632 ThreadCreationTime : 27-08-2004 14:39:14 BasePriority : Normal FileVersion : 3, 0, 0, 1 ProductVersion : 3, 0, 0, 0 ProductName : Morgan Multimedia MMTray CompanyName : Morgan Multimedia FileDescription : MMTray InternalName : MMTray LegalCopyright : Copyright © 1990-2001 Morgan Multimedia OriginalFilename : MMTray.exe #:31 [mmtray2k.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1668 ThreadCreationTime : 27-08-2004 14:39:14 BasePriority : Normal #:32 [mmtraylsi.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1684 ThreadCreationTime : 27-08-2004 14:39:14 BasePriority : Normal FileVersion : 3, 0, 0, 1 ProductVersion : 3, 0, 0, 0 ProductName : Morgan Multimedia MMTray CompanyName : Morgan Multimedia FileDescription : MMTray InternalName : MMTray LegalCopyright : Copyright © 1990-2001 Morgan Multimedia OriginalFilename : MMTray.exe #:33 [qttask.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1472 ThreadCreationTime : 27-08-2004 14:39:15 BasePriority : Normal FileVersion : 6.3 ProductVersion : QuickTime 6.3 ProductName : QuickTime CompanyName : Apple Computer, Inc. InternalName : QuickTime Task LegalCopyright : © Apple Computer, Inc. 2001-2003 OriginalFilename : QTTask.exe #:34 [istsvc.exe] FilePath : C:\Program Files\ISTsvc\ ProcessID : 1824 ThreadCreationTime : 27-08-2004 14:39:15 BasePriority : Normal FileVersion : 1, 0, 0, 2 ProductVersion : 1, 0, 0, 2 ProductName : istsvc FileDescription : istsvc InternalName : istsvc LegalCopyright : Copyright © 2004 OriginalFilename : istsvc.exe #:35 [optimize.exe] FilePath : C:\Program Files\Internet Optimizer\ ProcessID : 1844 ThreadCreationTime : 27-08-2004 14:39:15 BasePriority : Normal #:36 [actalert.exe] FilePath : C:\Program Files\Internet Optimizer\ ProcessID : 1892 ThreadCreationTime : 27-08-2004 14:39:16 BasePriority : Normal #:37 [irtiajy.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1888 ThreadCreationTime : 27-08-2004 14:39:16 BasePriority : Normal #:38 [msbb.exe] FilePath : C:\program files\180solutions\ ProcessID : 1968 ThreadCreationTime : 27-08-2004 14:39:16 BasePriority : Normal FileVersion : 5, 12, 0, 13 ProductVersion : 5, 12, 0, 13 ProductName : Search Assistant CompanyName : 180solutions, Inc. FileDescription : Search Assistant LegalCopyright : Copyright © 2004, 180solutions Inc. Warning! 180Solutions Object found in Memory(c:\program files\180solutions\msbbhook.dll) 180Solutions Object Recognized! Type : Process Data : msbbhook.dll Category : Data Miner Comment : Object : c:\program files\180solutions\ #:39 [ctfmon.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1676 ThreadCreationTime : 27-08-2004 14:39:17 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:40 [msmsgs.exe] FilePath : C:\Program Files\Messenger\ ProcessID : 2000 ThreadCreationTime : 27-08-2004 14:39:17 BasePriority : Normal FileVersion : 4.7.2009 ProductVersion : Version 4.7 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Messenger InternalName : msmsgs LegalCopyright : Copyright (c) Microsoft Corporation 1997-2003 LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries. OriginalFilename : msmsgs.exe #:41 [dslmon.exe] FilePath : C:\Program Files\SAGEM\SAGEM F@st 800-840\ ProcessID : 2128 ThreadCreationTime : 27-08-2004 14:39:19 BasePriority : Normal FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : DSLMON Application FileDescription : ADIMON MFC Application InternalName : DSLMON LegalCopyright : Copyright (C) 2000 OriginalFilename : ADIMON.EXE #:42 [sonytray.exe] FilePath : C:\Program Files\Sony Corporation\Image Transfer\ ProcessID : 2168 ThreadCreationTime : 27-08-2004 14:39:20 BasePriority : Normal #:43 [ad-aware.exe] FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\ ProcessID : 2272 ThreadCreationTime : 27-08-2004 14:50:48 BasePriority : Normal FileVersion : 6.2.0.162 ProductVersion : VI.Second Edition ProductName : Lavasoft Ad-aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-aware SE Core application InternalName : Ad-aware.exe LegalCopyright : Copyright © Lavasoft Sweden OriginalFilename : Ad-aware.exe Comments : All Rights Reserved #:44 [hh.exe] FilePath : C:\WINDOWS\ ProcessID : 2064 ThreadCreationTime : 27-08-2004 14:50:48 BasePriority : Normal FileVersion : 5.2.3644.0 ProductVersion : 5.2.3644.0 ProductName : HTML Help CompanyName : Microsoft Corporation FileDescription : Microsoft® HTML Help Executable InternalName : HH 1.4 LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : HH.exe Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 1 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 180Solutions Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\msbb Alexa Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : typelib\{40b1d454-9ca4-43cc-86aa-cb175eac52fb} DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : typelib\{0be10b0d-b4db-4693-9b1f-9aead54d17dc} DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{1c01d150-91a4-4de0-9bf8-a35d1bdf1001} DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : dyfuca_bh.sinkobj.1 DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : dyfuca_bh.sinkobj DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : dyfuca_bh.bhobj.1 DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : dyfuca_bh.bhobj DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{cea206e8-8057-4a04-ace9-ff0d69a92297} DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4} DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{00000010-6f7d-442c-93e3-4a4827c2e4c8} DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-21-1220945662-651377827-682003330-1003\software\avenue media DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\dyfuca DyFuCA Object Recognized! Type : Regkey Data : DyFuCA Category : Malware Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\microsoft\windows\currentversion\uninstall\DyFuCA DyFuCA Object Recognized! Type : Regkey Data : DyFuCA Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-18\software\microsoft\windows\currentversion\uninstall\DyFuCA DyFuCA Object Recognized! Type : Regkey Data : DyFuCA Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-19\software\microsoft\windows\currentversion\uninstall\DyFuCA DyFuCA Object Recognized! Type : Regkey Data : DyFuCA Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-20\software\microsoft\windows\currentversion\uninstall\DyFuCA DyFuCA Object Recognized! Type : Regkey Data : DyFuCA Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-21-1220945662-651377827-682003330-1003\software\microsoft\windows\currentversion\uninstall\DyFuCA DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\microsoft\windows\currentversion\uninstall\Internet Optimizer DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\microsoft\windows\currentversion\uninstall\Internet Optimizer Active Alert DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\microsoft\windows\currentversion\uninstall\Internet Optimizer Software Installer DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-18\software\microsoft\windows\currentversion\uninstall\Internet Optimizer DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-18\software\microsoft\windows\currentversion\uninstall\Internet Optimizer Active Alert DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-18\software\microsoft\windows\currentversion\uninstall\Internet Optimizer Software Installer DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-19\software\microsoft\windows\currentversion\uninstall\Internet Optimizer DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-19\software\microsoft\windows\currentversion\uninstall\Internet Optimizer Active Alert DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-19\software\microsoft\windows\currentversion\uninstall\Internet Optimizer Software Installer DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-20\software\microsoft\windows\currentversion\uninstall\Internet Optimizer DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-20\software\microsoft\windows\currentversion\uninstall\Internet Optimizer Active Alert DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-20\software\microsoft\windows\currentversion\uninstall\Internet Optimizer Software Installer DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-21-1220945662-651377827-682003330-1003\software\microsoft\windows\currentversion\uninstall\Internet Optimizer DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-21-1220945662-651377827-682003330-1003\software\microsoft\windows\currentversion\uninstall\Internet Optimizer Active Alert DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-21-1220945662-651377827-682003330-1003\software\microsoft\windows\currentversion\uninstall\Internet Optimizer Software Installer DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\Internet Optimizer DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\Internet Optimizer Active Alert DyFuCA Object Recognized! Type : Regkey Data : Internet Optimizer Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\Internet Optimizer Software Installer DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4} DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\avenue media\internet optimizer DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\avenue media istbar Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{5f1abcdb-a875-46c1-8345-b72a4567e486} istbar Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : istactivex.installer istbar Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : istactivex.installer.2 istbar Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : pugi.pugiobj istbar Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : pugi.pugiobj.1 istbar Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : typelib\{6d3f5de4-e980-4407-a10f-9ac771abaae6} istbar Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-21-1220945662-651377827-682003330-1003\software\ist istbar Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-21-1220945662-651377827-682003330-1003\software\istbar istbar Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\istsvc istbar Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\istbaristbar istbar Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\istsvc SideFind Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{10e42047-deb9-4535-a118-b3f6ec39b807} SideFind Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : browserhelperobject.bahelper SideFind Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : browserhelperobject.bahelper.1 SideFind Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{8cba1b49-8144-4721-a7b1-64c578c9eed7} SideFind Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{a3fdd654-a057-4971-9844-4ed8e67dbbb8} SideFind Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : sidefind.finder SideFind Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : sidefind.finder.1 SideFind Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : typelib\{58634367-d62b-4c2c-86be-5aac45cdb671} SideFind Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : typelib\{d0288a41-9855-4a9b-8316-babe243648da} SideFind Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\sidefind SideFind Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\sidefind SideFind Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\sidefind StopPop Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{4534cd6b-59d6-43fd-864b-06a0d843444a} VX2 Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{000020dd-c72e-4113-af77-dd56626c6c42} VX2 Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{0000607d-d204-42c7-8e46-216055bf9918} VX2 Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : mxtargetdll.mxtargetdllobj.1 VX2 Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : twaintecdll.twaintecdllobj.1 VX2 Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : typelib\{690bccb4-6b83-4203-ae77-038c116594ec} VX2 Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : vx2.vx2obj DyFuCA Object Recognized! Type : RegValue Data : Category : Malware Comment : "Internet Optimizer" Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\run Value : Internet Optimizer istbar Object Recognized! Type : RegValue Data : Category : Malware Comment : "{5F1ABCDB-A875-46C1-8345-B72A4567E486}" Rootkey : HKEY_USERS Object : S-1-5-21-1220945662-651377827-682003330-1003\software\microsoft\internet explorer\toolbar\webbrowser Value : {5F1ABCDB-A875-46C1-8345-B72A4567E486} istbar Object Recognized! Type : RegValue Data : Category : Malware Comment : "{5F1ABCDB-A875-46c1-8345-B72A4567E486}" Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\toolbar Value : {5F1ABCDB-A875-46c1-8345-B72A4567E486} istbar Object Recognized! Type : RegValue Data : Category : Malware Comment : "IST Service" Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\run Value : IST Service Powerscan Object Recognized! Type : RegValue Data : Category : Malware Comment : "account_id" Rootkey : HKEY_USERS Object : S-1-5-21-1220945662-651377827-682003330-1003\software\powerscan Value : account_id Powerscan Object Recognized! Type : RegValue Data : Category : Malware Comment : "account_id" Rootkey : HKEY_USERS Object : S-1-5-21-1220945662-651377827-682003330-1003\\software\powerscan Value : account_id Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 76 Objects found so far: 77 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» VX2 Object Recognized! Type : Regkey Data : Category : Data Miner Comment : ({000020DD-C72E-4113-AF77-DD56626C6C42}) Rootkey : HKEY_CLASSES_ROOT Object : LocalNRDDll.LocalNRDDllObj.1 Possible Browser Hijack attempt : {386A771C-E96A-421F-8BA7-32F1B706892F} (http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_cracks.cab) Possible Browser Hijack attempt Object Recognized! Type : Regkey Data : Category : Vulnerability Comment : Possible Browser Hijack attempt : http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_cracks.cab Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{386A771C-E96A-421F-8BA7-32F1B706892F} 180Solutions Object Recognized! Type : RegValue Data : Category : Data Miner Comment : "xwnwdyp" Rootkey : HKEY_LOCAL_MACHINE Object : Software\Microsoft\Windows\CurrentVersion\Run Value : xwnwdyp 180Solutions Object Recognized! Type : File Data : xwnwdyp.exe Category : Data Miner Comment : Object : c:\windows\ Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 3 Objects found so far: 81 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : user@cgi-bin[2].txt Category : Data Miner Comment : Cookie:user@imrworldwide.com/cgi-bin Value : Cookie:user@imrworldwide.com/cgi-bin Tracking Cookie Object Recognized! Type : IECache Entry Data : user@www.smartadserver[1].txt Category : Data Miner Comment : Cookie:user@www.smartadserver.com/ Value : Cookie:user@www.smartadserver.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@gator[1].txt Category : Data Miner Comment : Cookie:user@gator.com/ Value : Cookie:user@gator.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@c.porngraph[2].txt Category : Data Miner Comment : Cookie:user@c.porngraph.com/ Value : Cookie:user@c.porngraph.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@valueclick[1].txt Category : Data Miner Comment : Cookie:user@valueclick.net/ Value : Cookie:user@valueclick.net/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@z1.adserver[1].txt Category : Data Miner Comment : Cookie:user@z1.adserver.com/ Value : Cookie:user@z1.adserver.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@ehg-idg.hitbox[1].txt Category : Data Miner Comment : Cookie:user@ehg-idg.hitbox.com/ Value : Cookie:user@ehg-idg.hitbox.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@revenue[2].txt Category : Data Miner Comment : Cookie:user@revenue.net/ Value : Cookie:user@revenue.net/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@questionmarket[1].txt Category : Data Miner Comment : Cookie:user@questionmarket.com/ Value : Cookie:user@questionmarket.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@counter4.sextracker[1].txt Category : Data Miner Comment : Cookie:user@counter4.sextracker.com/ Value : Cookie:user@counter4.sextracker.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@atdmt[2].txt Category : Data Miner Comment : Cookie:user@atdmt.com/ Value : Cookie:user@atdmt.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@sextracker[1].txt Category : Data Miner Comment : Cookie:user@sextracker.com/ Value : Cookie:user@sextracker.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@bluestreak[1].txt Category : Data Miner Comment : Cookie:user@bluestreak.com/ Value : Cookie:user@bluestreak.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@xxxtoolbar[2].txt Category : Data Miner Comment : Cookie:user@xxxtoolbar.com/ Value : Cookie:user@xxxtoolbar.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@as-us.falkag[2].txt Category : Data Miner Comment : Cookie:user@as-us.falkag.net/ Value : Cookie:user@as-us.falkag.net/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@www.slotch[2].txt Category : Data Miner Comment : Cookie:user@www.slotch.com/ Value : Cookie:user@www.slotch.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@doubleclick[2].txt Category : Data Miner Comment : Cookie:user@doubleclick.net/ Value : Cookie:user@doubleclick.net/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@mediaplex[1].txt Category : Data Miner Comment : Cookie:user@mediaplex.com/ Value : Cookie:user@mediaplex.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@a.as-eu.falkag[2].txt Category : Data Miner Comment : Cookie:user@a.as-eu.falkag.net/ Value : Cookie:user@a.as-eu.falkag.net/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@as1.falkag[1].txt Category : Data Miner Comment : Cookie:user@as1.falkag.de/ Value : Cookie:user@as1.falkag.de/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@linksynergy[2].txt Category : Data Miner Comment : Cookie:user@linksynergy.com/ Value : Cookie:user@linksynergy.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@hitbox[2].txt Category : Data Miner Comment : Cookie:user@hitbox.com/ Value : Cookie:user@hitbox.com/ Tracking Cookie Object Recognized! Type : IECache Entry Data : user@bfast[2].txt Category : Data Miner Comment : Cookie:user@bfast.com/ Value : Cookie:user@bfast.com/ Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 23 Objects found so far: 104 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Object "alchem.exe" found in this archive. VX2 Object Recognized! Type : File Data : alchem.cab Category : Malware Comment : Object "alchem.exe" found in this archive. Object : C:\Documents and Settings\user\Local Settings\Temp\ Powerscan Object Recognized! Type : File Data : powerscan.exe Category : Malware Comment : Object : C:\Documents and Settings\user\Local Settings\Temp\ FileVersion : 1, 1, 0, 2 ProductVersion : 1, 1, 0, 2 ProductName : PowerScan v1.1 FileDescription : PowerScan v1.1 InternalName : PowerScan v1.1 LegalCopyright : Copyright (C) 2004 OriginalFilename : Power-Scan.exe BargainBuddy Object Recognized! Type : File Data : shortcuts.txt Category : Data Miner Comment : Object : C:\Documents and Settings\user\Local Settings\Temp\ VX2 Object Recognized! Type : File Data : preInsTT.exe Category : Data Miner Comment : Object : C:\Documents and Settings\user\Local Settings\Temp\THI7542.tmp\ Object "preInsTT.exe" found in this archive. VX2 Object Recognized! Type : File Data : twaintec.cab Category : Data Miner Comment : Object "preInsTT.exe" found in this archive. Object : C:\Documents and Settings\user\Local Settings\Temp\THI7542.tmp\ Object "twaintec.dll" found in this archive. VX2 Object Recognized! Type : File Data : twaintec.cab Category : Data Miner Comment : Object "twaintec.dll" found in this archive. Object : C:\Documents and Settings\user\Local Settings\Temp\THI7542.tmp\ VX2 Object Recognized! Type : File Data : twaintec.dll Category : Data Miner Comment : Object : C:\Documents and Settings\user\Local Settings\Temp\THI7542.tmp\ FileVersion : 0, 1, 4, 30 ProductVersion : 0, 1, 4, 30 ProductName : twaintec CompanyName : Twaintec FileDescription : www.twain-tech.com InternalName : twaintec LegalCopyright : Copyright © 2003 OriginalFilename : twaintec.dll Comments : www.Twain-Tech.com VX2 Object Recognized! Type : File Data : preInsTT.exe Category : Data Miner Comment : Object : C:\Documents and Settings\user\Local Settings\Temp\THI76DA.tmp\ Object "preInsTT.exe" found in this archive. VX2 Object Recognized! Type : File Data : twaintec.cab Category : Data Miner Comment : Object "preInsTT.exe" found in this archive. Object : C:\Documents and Settings\user\Local Settings\Temp\THI76DA.tmp\ Object "twaintec.dll" found in this archive. VX2 Object Recognized! Type : File Data : twaintec.cab Category : Data Miner Comment : Object "twaintec.dll" found in this archive. Object : C:\Documents and Settings\user\Local Settings\Temp\THI76DA.tmp\ VX2 Object Recognized! Type : File Data : twaintec.dll Category : Data Miner Comment : Object : C:\Documents and Settings\user\Local Settings\Temp\THI76DA.tmp\ FileVersion : 0, 1, 4, 30 ProductVersion : 0, 1, 4, 30 ProductName : twaintec CompanyName : Twaintec FileDescription : www.twain-tech.com InternalName : twaintec LegalCopyright : Copyright © 2003 OriginalFilename : twaintec.dll Comments : www.Twain-Tech.com VX2 Object Recognized! Type : File Data : bdl14122[1].exe Category : Data Miner Comment : Object : C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\HC0MGN7V\ FileVersion : 1, 0, 0, 4 ProductVersion : 1, 0, 0, 4 ProductName : Thinstaller FileDescription : Thinstaller client InternalName : prototype LegalCopyright : Copyright © 2003 OriginalFilename : prototype.exe DyFuCA Object Recognized! Type : File Data : nem219[1].dll Category : Malware Comment : Object : C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\HSY81KQS\ FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : DyFuCA_BH Module FileDescription : DyFuCA_BH Module InternalName : DyFuCA_BH LegalCopyright : Copyright 2002 OriginalFilename : DyFuCA_BH.DLL Powerscan Object Recognized! Type : File Data : powerscan[1].exe Category : Malware Comment : Object : C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\JODDJ484\ FileVersion : 1, 1, 0, 2 ProductVersion : 1, 1, 0, 2 ProductName : PowerScan v1.1 FileDescription : PowerScan v1.1 InternalName : PowerScan v1.1 LegalCopyright : Copyright (C) 2004 OriginalFilename : Power-Scan.exe 180Solutions Object Recognized! Type : File Data : ncase[1].exe Category : Data Miner Comment : Object : C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\OLKA6O0T\ FileVersion : 5, 4, 0, 1 ProductVersion : 5, 4, 0, 1 ProductName : Search Assistant CompanyName : 180Solutions, Inc. FileDescription : Search Assistant LegalCopyright : Copyright © 2004, 180Solutions Inc. BargainBuddy Object Recognized! Type : File Data : ist_shortcuts_list[1].htm Category : Data Miner Comment : Object : C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\UPOFEPE5\ Powerscan Object Recognized! Type : File Data : powerscan.exe Category : Malware Comment : Object : C:\Program Files\Power Scan\ FileVersion : 1, 1, 0, 2 ProductVersion : 1, 1, 0, 2 ProductName : PowerScan v1.1 FileDescription : PowerScan v1.1 InternalName : PowerScan v1.1 LegalCopyright : Copyright (C) 2004 OriginalFilename : Power-Scan.exe VX2 Object Recognized! Type : File Data : preInsTT.exe Category : Data Miner Comment : Object : C:\WINDOWS\LastGood\ VX2 Object Recognized! Type : File Data : twaintec.dll Category : Data Miner Comment : Object : C:\WINDOWS\LastGood\ FileVersion : 0, 1, 4, 30 ProductVersion : 0, 1, 4, 30 ProductName : twaintec CompanyName : Twaintec FileDescription : www.twain-tech.com InternalName : twaintec LegalCopyright : Copyright © 2003 OriginalFilename : twaintec.dll Comments : www.Twain-Tech.com DyFuCA Object Recognized! Type : File Data : nem219.dll Category : Malware Comment : Object : C:\WINDOWS\ FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : DyFuCA_BH Module FileDescription : DyFuCA_BH Module InternalName : DyFuCA_BH LegalCopyright : Copyright 2002 OriginalFilename : DyFuCA_BH.DLL VX2 Object Recognized! Type : File Data : preInsTT.exe Category : Data Miner Comment : Object : C:\WINDOWS\ VX2 Object Recognized! Type : File Data : twaintec.dll Category : Data Miner Comment : Object : C:\WINDOWS\ FileVersion : 0, 1, 4, 30 ProductVersion : 0, 1, 4, 30 ProductName : twaintec CompanyName : Twaintec FileDescription : www.twain-tech.com InternalName : twaintec LegalCopyright : Copyright © 2003 OriginalFilename : twaintec.dll Comments : www.Twain-Tech.com Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 126 Deep scanning and examining files (X:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for X:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 126 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 126 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 180Solutions Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\180solutions DyFuCA Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\wsem update DyFuCA Object Recognized! Type : Folder Category : Malware Comment : Object : C:\Program Files\Internet Optimizer DyFuCA Object Recognized! Type : File Data : wsem301.dll Category : Malware Comment : Object : C:\WINDOWS\ FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : DyFuCA_BH Module FileDescription : DyFuCA_BH Module InternalName : DyFuCA_BH LegalCopyright : Copyright 2002 OriginalFilename : DyFuCA_BH.DLL DyFuCA Object Recognized! Type : File Data : actalert.exe Category : Malware Comment : Object : C:\Program Files\internet optimizer\update\ DyFuCA Object Recognized! Type : File Data : install.exe Category : Malware Comment : Object : C:\Program Files\internet optimizer\update\ DyFuCA Object Recognized! Type : File Data : optimize.exe Category : Malware Comment : Object : C:\Program Files\internet optimizer\ DyFuCA Object Recognized! Type : File Data : actalert.exe Category : Malware Comment :

Bonsoir Dleclaire, Quelle version as-tu de Ad-aware, car il y en a une nouvelle de sortie la SE. Est-ce la payante ou la gratuite ? a+ [smile][bisous]

Salut, Y a rien à vérifier pour Adaware. Tu peux tout virer les yeux fermés ce qu'il te propose. Mais d'après le peu que j'ai vu, tu en as des dangereux. Donc le plus vite sera le mieux !

Un petit [IMG]http://forumprog.free.fr/GS_d1b6e45875bfa134011ed9623ff589d0.png[/IMG] en passant JP. [IMG]http://img39.exs.cx/img39/6404/kiss4.gif[/IMG]

Bonjour Soazig [timide]

salut Soazig [coeurs][ange] et le debut du message ---> [bierre][chinois] dleclaire merci pour la lecture ....