Scan avec Ad-Aware SE
Forum Sécurité - Virus : Scan avec Ad-Aware SE
Voila j'ai eu "57 new critical objects" apres le scan . Dois je tout supprimer?????? merci !
Ad-Aware SE Build 1.06r1
Logfile Created on:samedi 10 février 2007 17:25:27
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R150 09.02.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
ErrorSafe(TAC index:10):2 total references
MRU List(TAC index:0):55 total references
Possible Browser Hijack attempt(TAC index:3):16 total references
Tracking Cookie(TAC index:3):16 total references
WhenU.WeatherCast(TAC index:2):1 total references
Win32.Trojandownloader.Zlob(TAC index:10):5 total references
VirusBurst(TAC index:3):17 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
10-02-2007 17:25:27 - Scan started. (Smart mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 560
ThreadCreationTime : 10-02-2007 08:39:43
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 836
ThreadCreationTime : 10-02-2007 08:39:47
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 860
ThreadCreationTime : 10-02-2007 08:39:47
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 952
ThreadCreationTime : 10-02-2007 08:39:48
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 964
ThreadCreationTime : 10-02-2007 08:39:48
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1148
ThreadCreationTime : 10-02-2007 08:39:49
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1244
ThreadCreationTime : 10-02-2007 08:39:50
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1348
ThreadCreationTime : 10-02-2007 08:39:50
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1384
ThreadCreationTime : 10-02-2007 08:39:50
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1552
ThreadCreationTime : 10-02-2007 08:39:52
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1704
ThreadCreationTime : 10-02-2007 08:39:53
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:12 [lexbces.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1924
ThreadCreationTime : 10-02-2007 08:39:54
BasePriority : Normal
FileVersion : 9.37
ProductVersion : 9.37
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LexBce Service
InternalName : LexBce Service
LegalCopyright : (C) 1993 - 2003 Lexmark International, Inc.
OriginalFilename : LexBceS.exe
#:13 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1956
ThreadCreationTime : 10-02-2007 08:39:54
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:14 [aswupdsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 740
ThreadCreationTime : 10-02-2007 08:40:01
BasePriority : Normal
#:15 [ashserv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 752
ThreadCreationTime : 10-02-2007 08:40:01
BasePriority : High
FileVersion : 4, 7, 936, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright (c) 2007 ALWIL Software
OriginalFilename : aswServ.exe
#:16 [btntservice.exe]
FilePath : C:\Program Files\IVT Corporation\BlueSoleil\
ProcessID : 772
ThreadCreationTime : 10-02-2007 08:40:01
BasePriority : Normal
#:17 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 808
ThreadCreationTime : 10-02-2007 08:40:01
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:18 [cdac11ba.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 868
ThreadCreationTime : 10-02-2007 08:40:01
BasePriority : Normal
FileVersion : 4.20.0
ProductVersion : 4.20.0 Windows NT 2002/07/15
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002 Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English
#:19 [ftrtsvc.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1116
ThreadCreationTime : 10-02-2007 08:40:02
BasePriority : Normal
FileVersion : 11.0 (4)
ProductVersion : 11.0 (4)
ProductName : FTRTSVC NT Service
CompanyName : France Telecom
FileDescription : FTRTSVC NT Service
InternalName : FTRTSVC
LegalCopyright : France Telecom R&D 2004
OriginalFilename : FTRTSVC.EXE
#:20 [persfw.exe]
FilePath : C:\Program Files\Kerio\Personal Firewall\
ProcessID : 1328
ThreadCreationTime : 10-02-2007 08:40:04
BasePriority : Normal
FileVersion : 2, 1, 5, 0
ProductVersion : 2, 1, 5, 0
ProductName : Kerio Personal Firewall
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall Engine
InternalName : PERSFW
LegalCopyright : Copyright © 2002
OriginalFilename : PERSFW.exe
#:21 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 892
ThreadCreationTime : 10-02-2007 08:40:10
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:22 [ashmaisv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 2224
ThreadCreationTime : 10-02-2007 08:40:16
BasePriority : Normal
#:23 [ashwebsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 2264
ThreadCreationTime : 10-02-2007 08:40:16
BasePriority : Normal
#:24 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2608
ThreadCreationTime : 10-02-2007 08:40:18
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:25 [dllhost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3080
ThreadCreationTime : 10-02-2007 09:10:23
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : COM Surrogate
InternalName : dllhost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : dllhost.exe
#:26 [msdtc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 384
ThreadCreationTime : 10-02-2007 09:10:24
BasePriority : Normal
FileVersion : 2001.12.4414.258
ProductVersion : 03.01.00.4414
ProductName : Microsoft Distributed Transaction Coordinator
CompanyName : Microsoft Corporation
FileDescription : MS DTC console program
InternalName : MSDTC.EXE
LegalCopyright : Copyright (C) Microsoft Corp. 1995-1998
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation. Windows(TM) is a trademark of Microsoft Corporation
#:27 [hpzipm12.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3792
ThreadCreationTime : 10-02-2007 11:21:40
BasePriority : Normal
FileVersion : 10, 1, 1, 5
ProductVersion : 10, 1, 1, 5
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-Packard Company
OriginalFilename : PmlDrv.exe
#:28 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 3424
ThreadCreationTime : 10-02-2007 16:12:36
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE
#:29 [shvrtf.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2004
ThreadCreationTime : 10-02-2007 16:12:40
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Application Angel
FileDescription : Application MFC Angel
InternalName : Angel
LegalCopyright : Copyright (C) 2003
OriginalFilename : Angel.EXE
#:30 [vsnpstd.exe]
FilePath : C:\WINDOWS\
ProcessID : 532
ThreadCreationTime : 10-02-2007 16:12:40
BasePriority : Normal
FileVersion : 1, 0, 0, 4
ProductVersion : 1, 0, 0, 4
ProductName : CameraMonitor Application
FileDescription : CameraMonitor MFC Application
InternalName : CameraMonitor
LegalCopyright : Copyright (C) 2003
OriginalFilename : CameraMonitor.EXE
#:31 [msgplus.exe]
FilePath : C:\Program Files\MessengerPlus! 3\
ProcessID : 3924
ThreadCreationTime : 10-02-2007 16:12:41
BasePriority : Normal
#:32 [realsched.exe]
FilePath : C:\Program Files\Fichiers communs\Real\Update_OB\
ProcessID : 1060
ThreadCreationTime : 10-02-2007 16:12:41
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:33 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0\bin\
ProcessID : 356
ThreadCreationTime : 10-02-2007 16:12:42
BasePriority : Normal
#:34 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1020
ThreadCreationTime : 10-02-2007 16:12:42
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Exécuter une DLL en tant qu'application
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : RUNDLL.EXE
#:35 [ashdisp.exe]
FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
ProcessID : 3164
ThreadCreationTime : 10-02-2007 16:12:45
BasePriority : Normal
FileVersion : 4, 7, 936, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright (c) 2007 ALWIL Software
OriginalFilename : aswDisp.exe
#:36 [hpwuschd2.exe]
FilePath : C:\Program Files\HP\HP Software Update\
ProcessID : 372
ThreadCreationTime : 10-02-2007 16:12:48
BasePriority : Normal
FileVersion : 70.0.170.000
ProductVersion : 070.000.170.000
ProductName : hp digital imaging
CompanyName : Hewlett-Packard Development Company, L.P.
FileDescription : Hewlett-Packard Product Assistant
InternalName : hpwuSchd2
LegalCopyright : Copyright (C) Hewlett-Packard Development Company, L.P. 1995-2005
OriginalFilename : hpwuSchd2.exe
Comments : Hewlett-Packard Product Assistant
#:37 [lvcoms.exe]
FilePath : C:\Program Files\Fichiers communs\Logitech\QCDriver2\
ProcessID : 1572
ThreadCreationTime : 10-02-2007 16:12:49
BasePriority : Normal
FileVersion : 8.1.2.1003
ProductVersion : 8.1.2.1003
ProductName : Logitech QuickCam
CompanyName : Logitech Inc.
FileDescription : LVCom Server
InternalName : LVComS.exe
LegalCopyright : (c) 1996-2003 Logitech. All rights reserved.
OriginalFilename : LVComS.exe
#:38 [lexpps.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3404
ThreadCreationTime : 10-02-2007 16:12:49
BasePriority : Normal
FileVersion : 9.37
ProductVersion : 9.37
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LEXPPS.EXE
InternalName : LEXPPS
LegalCopyright : (C) 1993 - 2003 Lexmark International, Inc.
OriginalFilename : LEXPPS.EXE
Comments : MarkVision for Windows '95 New P2P Server (32-bit)
#:39 [taskbaricon.exe]
FilePath : C:\PROGRA~1\Wanadoo\
ProcessID : 1300
ThreadCreationTime : 10-02-2007 16:12:49
BasePriority : Normal
FileVersion : 5.9 (1)
ProductVersion : 5.9 (1)
ProductName : Kit de Connexion et de Services
CompanyName : France Télécom R&D
FileDescription : Gestion de l'icône de la barre des tâches
InternalName : TaskBarIcon
LegalCopyright : Copyright (C) France Télécom R&D 1999 - 2003
OriginalFilename : TaskBarIcon.exe
#:40 [hpqtra08.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 568
ThreadCreationTime : 10-02-2007 16:12:51
BasePriority : Normal
FileVersion : 70.0.170.000
ProductVersion : 070.000.170.000
ProductName : hp digital imaging
CompanyName : Hewlett-Packard Development Company, L.P.
FileDescription : HP Digital Imaging Monitor
InternalName : HPQTRA00
LegalCopyright : Copyright (C) Hewlett-Packard Development Company, L.P. 1995-2005
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor
#:41 [gestionnaireinternet.exe]
FilePath : C:\PROGRA~1\Wanadoo\
ProcessID : 2760
ThreadCreationTime : 10-02-2007 16:12:53
BasePriority : Normal
FileVersion : 5.9 (3)
ProductVersion : 5.9 (3)
ProductName : Kit de Connexion et de Services
CompanyName : France Télécom R&D
FileDescription : Espace Client
InternalName : EspaceClient
LegalCopyright : Copyright (C) France Télécom R&D 1999-2003
OriginalFilename : EspaceClient.exe
#:42 [comcomp.exe]
FilePath : C:\PROGRA~1\Wanadoo\
ProcessID : 3600
ThreadCreationTime : 10-02-2007 16:12:55
BasePriority : Normal
FileVersion : 11b.0 (8)
ProductVersion : 11b.0 (8)
ProductName : Kit de Connexion et de Services
CompanyName : France Télécom R&D
FileDescription : Module de communication
InternalName : ComComp
LegalCopyright : Copyright (C) France Télécom R&D 1999-2003
OriginalFilename : ComComp.exe
#:43 [hpqimzone.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 2748
ThreadCreationTime : 10-02-2007 16:12:58
BasePriority : Normal
#:44 [toaster.exe]
FilePath : C:\PROGRA~1\Wanadoo\
ProcessID : 1760
ThreadCreationTime : 10-02-2007 16:13:01
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Application Toaster
CompanyName : France Telecom R&D
FileDescription : Application MFC Toaster
InternalName : Toaster
LegalCopyright : Copyright France Telecom R&D (C) 2004
OriginalFilename : Toaster.EXE
#:45 [inactivity.exe]
FilePath : C:\PROGRA~1\Wanadoo\
ProcessID : 244
ThreadCreationTime : 10-02-2007 16:13:01
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Application Inactivity
FileDescription : Application MFC Inactivity
InternalName : Inactivity
LegalCopyright : Copyright France Telecom R&D (C) 2004
OriginalFilename : Inactivity.EXE
#:46 [pollingmodule.exe]
FilePath : C:\PROGRA~1\Wanadoo\
ProcessID : 3964
ThreadCreationTime : 10-02-2007 16:13:01
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Application PollingModule
FileDescription : Application PollingModule
InternalName : PollingModule
LegalCopyright : Copyright France Telecom R&D (C) 2004
OriginalFilename : PollingModule.EXE
#:47 [alertm~1.exe]
FilePath : C:\WINDOWS\System32\ALERTM~1\
ProcessID : 2484
ThreadCreationTime : 10-02-2007 16:13:03
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Application AlertModule
FileDescription : Application MFC AlertModule
InternalName : AlertModule
LegalCopyright : Copyright (C) 2003
OriginalFilename : AlertModule.EXE
#:48 [watch.exe]
FilePath : C:\PROGRA~1\Wanadoo\
ProcessID : 3816
ThreadCreationTime : 10-02-2007 16:13:06
BasePriority : Normal
FileVersion : 11.0 (2)
ProductVersion : 11.0 (2)
ProductName : Kit de Connexion et de Services
CompanyName : France Télécom R&D
FileDescription : Surveillance des modifications
InternalName : Watch
LegalCopyright : Copyright (C) France Télécom R&D 1999-2003
OriginalFilename : Watch.exe
#:49 [firefox.exe]
FilePath : C:\Program Files\Mozilla Firefox\
ProcessID : 3864
ThreadCreationTime : 10-02-2007 16:13:12
BasePriority : Normal
#:50 [hpqste08.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 464
ThreadCreationTime : 10-02-2007 16:13:13
BasePriority : Normal
FileVersion : 70.0.170.000
ProductVersion : 070.000.170.000
ProductName : hp digital imaging
CompanyName : Hewlett-Packard Development Company, L.P.
FileDescription : HP CUE Status
InternalName : HPQSTS00
LegalCopyright : Copyright (C) Hewlett-Packard Development Company, L.P. 1995-2005
OriginalFilename : HPQSTS00.EXE
Comments : HP CUE Status
#:51 [msiexec.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3904
ThreadCreationTime : 10-02-2007 16:18:33
BasePriority : Normal
#:52 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ProcessID : 220
ThreadCreationTime : 10-02-2007 16:23:26
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
ErrorSafe Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{68bc55e9-4d3e-4c89-89ac-7559763c98b8}
ErrorSafe Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a0e2e5ab-c02f-489b-bd7b-58c329f774f3}
WhenU.WeatherCast Object Recognized!
Type : Regkey
Data :
TAC Rating : 2
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wusn.1
Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{74a49269-9779-48b4-a0e6-3a5af2a3ade6}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0af62f35-d454-42b3-a1ab-83934dce5c03}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0d5332e4-6d74-484d-a7fa-8c81135772e5}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{132e8735-44e8-4991-b24f-46e375480c77}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{31023eb1-dbfa-4959-92f1-5031347af7ca}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{5eb46647-1b09-46ce-b226-8b1e63c7cbfd}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{5ebbcc5d-a38f-43cd-918f-9c02ca79df46}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{8ccca599-5b2e-4f5a-af9c-057b01e86510}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a6dc33fd-0a23-42bd-86d2-d5138f1fa43b}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a77f53fd-44c4-4c9d-a3f9-276de0883c68}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{be02dc3c-8da6-4424-a07d-93c6f9bc3534}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{cd0c9501-80d4-48f1-a18a-4d9f1c7a844e}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{dedbc675-8f5f-49d7-a65a-adee6502c01f}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{e8a0ccd3-5acb-4daa-bfaf-2b848627d553}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{efc5443a-147a-440b-b7a7-9e30f6ea9d8b}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{f6d4e489-014b-4bc9-83d7-8547b386afed}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{fbfb63bc-426b-4fac-b634-d986255809d0}
VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{7f78a644-c4a7-4f71-ba4e-5323aa95e7d5}
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 21
Objects found so far: 21
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Possible Browser Hijack attempt Object Recognized!
Type : Regkey
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams
Value : UninstallString
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams
Value : HelpLink
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams
Value : Publisher
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams
Value : URLInfoAbout
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams
Value : Contact
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams
Value : Comments
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Garden Dreams
Value : DisplayIcon
Possible Browser Hijack attempt Object Recognized!
Type : Regkey
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy
Value : UninstallString
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy
Value : HelpLink
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy
Value : Publisher
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy
Value : URLInfoAbout
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy
Value : Contact
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy
Value : Comments
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy "http://www.gamehouse.com/"
TAC Rating : 3
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Pizza Frenzy
Value : DisplayIcon
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 16
Objects found so far: 37
Win32.Trojandownloader.Zlob Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\internet explorer\toolbar\Webbrowser
Value : {74a49269-9779-48b4-a0e6-3a5af2a3ade6}
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@bs.serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:charlie@bs.serving-sys.com/
Expires : 31-12-2037 23:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:398
Value : Cookie:charlie@atdmt.com/
Expires : 20-08-2011 01:00:00
LastSync : Hits:398
UseCount : 0
Hits : 398
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:48
Value : Cookie:charlie@doubleclick.net/
Expires : 13-11-2009 16:18:48
LastSync : Hits:48
UseCount : 0
Hits : 48
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:23
Value : Cookie:charlie@tradedoubler.com/
Expires : 31-01-2027 20:27:06
LastSync : Hits:23
UseCount : 0
Hits : 23
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:charlie@serving-sys.com/
Expires : 31-12-2037 23:00:00
LastSync : Hits:13
UseCount : 0
Hits : 13
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@bluestreak[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:114
Value : Cookie:charlie@bluestreak.com/
Expires : 02-02-2017 15:50:14
LastSync : Hits:114
UseCount : 0
Hits : 114
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:charlie@adtech.de/
Expires : 26-08-2016 14:45:44
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:44
Value : Cookie:charlie@2o7.net/
Expires : 24-12-2011 15:35:38
LastSync : Hits:44
UseCount : 0
Hits : 44
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:28
Value : Cookie:charlie@advertising.com/
Expires : 28-01-2012 21:52:44
LastSync : Hits:28
UseCount : 0
Hits : 28
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@estat[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:charlie@estat.com/
Expires : 02-09-2016 14:35:16
LastSync : Hits:10
UseCount : 0
Hits : 10
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:14
Value : Cookie:charlie@mediaplex.com/
Expires : 22-06-2009 01:00:00
LastSync : Hits:14
UseCount : 0
Hits : 14
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@as1.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:48
Value : Cookie:charlie@as1.falkag.de/
Expires : 31-10-2006 12:35:34
LastSync : Hits:48
UseCount : 0
Hits : 48
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@msnportal.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:charlie@msnportal.112.2o7.net/
Expires : 05-09-2011 11:57:54
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:33
Value : Cookie:charlie@weborama.fr/
Expires : 05-09-2011 11:59:06
LastSync : Hits:33
UseCount : 0
Hits : 33
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@www.smartadserver[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:137
Value : Cookie:charlie@www.smartadserver.com/
Expires : 04-02-2027 20:27:38
LastSync : Hits:137
UseCount : 0
Hits : 137
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : charlie@as-eu.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:20
Value : Cookie:charlie@as-eu.falkag.net/
Expires : 07-02-2007 17:56:26
LastSync : Hits:20
UseCount : 0
Hits : 20
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 16
Objects found so far: 54
Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 54
Disk Scan Result for C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 54
Disk Scan Result for C:\DOCUME~1\charlie\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 54
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 54
MRU List Object Recognized!
Location: : C:\Documents and Settings\charlie\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\charlie\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\jasc\animation shop 3\fileopendialog
Description : list of recently opened files in jasc animation shop
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\jasc\animation shop 3\fileopendialog
Description : list of recently opened files in jasc animation shop
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\jasc\animation shop 3\recent file list
Description : list of recently used files in jasc animation shop
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\jasc\animation shop 3\recent file list
Description : list of recently used files in jasc animation shop
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\jasc\animation shop 3\saveasdialog
Description : list of recently saved files in jasc animation shop
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\jasc\animation shop 3\saveasdialog
Description : list of recently saved files in jasc animation shop
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\frontpage\editor
Description : last used folder in microsoft frontpage
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\frontpage\editor
Description : folder of the last used web in microsoft frontpage
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\frontpage\editor\insert image\recently used urls
Description : list of recently used urls in microsoft frontpage
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\frontpage\editor\recently used urls
Description : list of recently used urls in microsoft frontpage
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\frontpage\explorer\frontpage explorer\recent file list
Description : list of recently used files in microsoft frontpage
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\frontpage\explorer\frontpage explorer\recent page list
Description : list of recently used pages in microsoft frontpage
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\frontpage\explorer\frontpage explorer\recent web list
Description : list of recently used webs in microsoft frontpage
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1004\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history
MRU List Object Recognized!
Location: : S-1-5-21-316737412-2480357603-786680529-1007\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\internet security
Win32.Trojandownloader.Zlob Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\internet security
Value : 65005
Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\app paths\ecodec.exe
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 3
Objects found so far: 112
17:28:33 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:03:05.610
Objects scanned:114893
Objects identified:57
Objects ignored:0
New critical objects:57
Il y a 2079 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
