Besoin d’aide ? Fais appel à la communauté ou embauche un spécialiste.
Aller à Avira Answers
Nom:Adware/DomaIQ.GK
Type:Logiciel publicitaire
En circulation:Non
Infections signalées Faible
Potentiel de distribution:Faible
Potentiel de destruction:Faible a moyen
Fichier statique:Oui
Version VDF:7.11.83.96 - vendredi 7 juin 2013
Version IVDF:7.11.83.96 - vendredi 7 juin 2013

 Général Méthode de propagation:
   • Il ne possède pas de propre routine de propagation


Les alias:
   •  Kaspersky: not-a-virus:AdWare.Win32.DomaIQ.cb
   •  Eset: Win32/DomaIQ.I


Plateformes / Systèmes d'exploitation:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Effets secondaires:
   • Il modifie des registres


Immédiatement après l'exécution l'information suivante est affichée:


 Fichiers  Il supprime les fichiers suivants:
   • %Temp%\DIQM\Setup_151\bin\Webcake\info.html
   • %Temp%\DIQM\Setup_151\bin\SpeedUpMyPc\info.html
   • %Temp%\DIQM\Setup_151\bin\OptimizerPro\info.html
   • %Temp%\DIQM\Setup_151\bin\MixiDjYahoo\info.html
   • %Temp%\DIQM\Setup_151\bin\exe\close.html
   • %Temp%\DIQM\Setup_151\bin\exe\finish.html
   • %Temp%\DIQM\Setup_151\bin\exe\instalando.html
   • %Temp%\DIQM\Setup_151\bin\exe\options.html
   • %Temp%\DIQM\Setup_151\bin\exe\welcome.html
   • %Temp%\DIQM\Setup_151\bin\Driverpro\info.html
   • %Temp%\DIQM\Setup_151\bin\Dealply\info.html



Les fichiers suivants sont créés:

– Des fichiers qui peuvent être supprimés après:
   • %Temp%\DIQM\Setup_151\bin\Dealply\info.html
   • %Temp%\DIQM\Setup_151\temp\OptimizerProinfo.dfe
   • %Temp%\DIQM\Setup_151\bin\css\images\optimizerpro-img.png
   • %Temp%\DIQM\Setup_151\bin\css\images\optimizerpro-logo-big.png
   • %Temp%\DIQM\Setup_151\bin\css\images\optimizerpro-logo.png
   • %Temp%\DIQM\Setup_151\bin\css\optimizerpro.css
   • %Temp%\DIQM\Setup_151\bin\OptimizerPro\info.html
   • %Temp%\DIQM\Setup_151\temp\SpeedUpMyPcinfo.dfe
   • %Temp%\DIQM\Setup_151\bin\css\images\speedupmypc-img.png
   • %Temp%\DIQM\Setup_151\bin\css\speedupmypc.css
   • %Temp%\DIQM\Setup_151\bin\SpeedUpMyPc\info.html
   • %Temp%\DIQM\Setup_151\temp\Driverproinfo.dfe
   • %Temp%\DIQM\Setup_151\bin\css\driverpro.css
   • %Temp%\DIQM\Setup_151\bin\css\images\driverpro-img.png
   • %Temp%\DIQM\Setup_151\bin\Driverpro\info.html
   • %Temp%\DIQM\Setup_151\bin\Driverpro\info.html
   • %Temp%\DIQM\Setup_151\bin\Webcake\info.dfe
   • %Temp%\DIQM\Setup_151\bin\SpeedUpMyPc\info.dfe
   • %Temp%\DIQM\Setup_151\bin\MixiDjYahoo\info.dfe
   • %Temp%\DIQM\Setup_151\bin\exe\close.dfe
   • %Temp%\DIQM\Setup_151\bin\exe\finish.dfe
   • %Temp%\DIQM\Setup_151\bin\exe\instalando.dfe
   • %Temp%\DIQM\Setup_151\bin\exe\options.dfe
   • %Temp%\DIQM\Setup_151\bin\exe\welcome.dfe
   • %Temp%\DIQM\Setup_151\bin\Driverpro\info.dfe
   • %Temp%\DIQM\Setup_151\bin\Dealply\info.dfe
   • %Temp%\DIQM\Setup_151\bin\css\base.css
   • %Temp%\DIQM\Setup_151\Software\MixiDjYahoo
   • %Temp%\DIQM\Setup_151\Software\Webcake
   • %Temp%\DIQM\Setup_151\Software\OptimizerPro.exe
   • %Temp%\DIQM\Setup_151\Software\Setup

 Registre Les clés de registre suivantes sont ajoutées afin de charger le service après le redémarrage:

– [HKCU\Software\Microsoft\Internet Explorer\Main]
   • "ApplicationTileImmersiveActivation"="dword:0x00000000"
   • "AssociationActivationMode"="dword:0x00000002"
   • "bProtector Start Page"="http://mixidj.d**********.com/?affID=121139&babsrc=HP_ss&mntrId=D88100AB2F0C4369"
   • "Start Page"="http://mixidj.**********search.com/?affID=121139&babsrc=HP_ss&mntrId=D88100AB2F0C4369"



Les clés de registre suivantes sont ajoutée:

– [HKCR\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}]
   • "(Default)"="WebCakeIEClient"

– [HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916}\Instl\Data]
   • "hp_url"="http://mixidj.**********search.com/?affID=121139&babsrc=HP_ss&mntrId=D88100AB2F0C4369"
   • "kw_url"="http://mixidj.**********search.com/?affID=121139&babsrc=KW_ss&mntrId=D88100AB2F0C4369&q="
   • "nt_url"="http://mixidj.**********search.com/?affID=121139&babsrc=NT_ss&mntrId=D88100AB2F0C4369"
   • "sp_name"="Mixi.DJ Search"
   • "sp_url"="http://mixidj.**********search.com/?q={searchTerms}&affID=121139&babsrc=SP_ss&mntrId=D88100AB2F0C4369"
   • "tb_url"="http://mixidj.**********search.com/?q={searchTerms}&affID=121139&babsrc=TB_ss&mntrId=D88100AB2F0C4369"
   • "trace"="dword:0x00000000"

– [HKCR\AppID\WebCakeIEClient.DLL]
   • "AppID"="{7169BBB3-3289-4696-B35D-4A88BCF6FB12}"

– [HKCR\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}]
   • "(Default)"="WebCake"

– [HKCR\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}\InprocServer32]
   • "(Default)"="%PROGRAM FILES%\WebCake\WebCakeIEClient.dll"
   • "ThreadingModel"="Apartment"

– [HKCR\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}\ProgID]
   • "(Default)"="WebCakeIEClient.Layers.1"

– [HKCR\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}\TypeLib]
   • "(Default)"="{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}"

– [HKCR\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}\
   VersionIndependentProgID]
   • "(Default)"="WebCakeIEClient.Layers"

– [HKCR\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}]
   • "(Default)"="WebCake Api"

– [HKCR\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}\InprocServer32]
   • "(Default)"="%PROGRAM FILES%\WebCake\WebCakeIEClient.dll"
   • "ThreadingModel"="Apartment"

– [HKCR\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}\ProgID]
   • "(Default)"="WebCakeIEClient.Api.1"

– [HKCR\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}\TypeLib]
   • "(Default)"="{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}"

– [HKCR\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}\
   VersionIndependentProgID]
   • "(Default)"="WebCakeIEClient.Api"

– [HKCR\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}]
   • "(Default)"="1fcaa1f5-3b6e-422a-8670-48faa1b6f168"

– [HKCR\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}\
   defaultEnableAppsList]
   • "(Default)"="layers,brain/features,newOffers/wc"

– [HKCR\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}\InprocServer32]
   • "(Default)"="%SYSDIR%\catsrvut.dll"
   • "ThreadingModel"="Both"

– [HKCR\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}]
   • "(Default)"="PSFactoryBuffer"

– [HKCR\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}\InProcServer32]
   • "(Default)"="%PROGRAM FILES%\WebCake\WebCakeIEClient.dll"
   • "ThreadingModel"="Both"

– [HKCR\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}]
   • "(Default)"="c566ff0c-d67f-4a22-9898-6422e366dd92"

– [HKCR\Interface\{000C1025-0000-0000-C000-000000000046}\NumMethods]
   • "(Default)"="33"

– [HKCR\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}]
   • "(Default)"="ILayers"

– [HKCR\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}\NumMethods]
   • "(Default)"="7"

– [HKCR\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}\
   ProxyStubClsid]
   • "(Default)"="{00020424-0000-0000-C000-000000000046}"

– [HKCR\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}\
   ProxyStubClsid32]
   • "(Default)"="{DF84E609-C3A4-49CB-A160-61767DAF8899}"

– [HKCR\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}\TypeLib]
   • "(Default)"="{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}"
   • "Version"="1.0"

– [HKCR\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}]
   • "(Default)"="IApi"

– [HKCR\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}\NumMethods]
   • "(Default)"="17"

– [HKCR\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}\
   ProxyStubClsid]
   • "(Default)"="{00020424-0000-0000-C000-000000000046}"

– [HKCR\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}\
   ProxyStubClsid32]
   • "(Default)"="{DF84E609-C3A4-49CB-A160-61767DAF8899}"

– [HKCR\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}\TypeLib]
   • "(Default)"="{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}"
   • "Version"="1.0"

– [HKCR\Msi.Package\DefaultIcon]
   • "(Default)"="%SYSDIR%\msiexec.exe,0"

– [HKCR\Msi.Patch\DefaultIcon]
   • "(Default)"="%SYSDIR%\msiexec.exe,0"

– [HKCR\TypeLib\{000C1092-0000-0000-C000-000000000046}\1.0\409\win32]
   • "(Default)"="%SYSDIR%\msi.dll"

– [HKCR\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}\1.0]
   • "(Default)"="WebCakeIEClient 1.0 Type Library"

– [HKCR\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}\1.0\0\win32]
   • "(Default)"="%PROGRAM FILES%\WebCake\WebCakeIEClient.dll"

– [HKCR\WebCakeIEClient.Api.1]
   • "(Default)"="WebCake Api"

– [HKCR\WebCakeIEClient.Api.1\CLSID]
   • "(Default)"="{AF6B0594-6008-4327-93E5-608AD710A6FA}"

– [HKCR\WebCakeIEClient.Api]
   • "(Default)"="WebCake Api"

– [HKCR\WebCakeIEClient.Api\CLSID]
   • "(Default)"="{AF6B0594-6008-4327-93E5-608AD710A6FA}"

– [HKCR\WebCakeIEClient.Api\CurVer]
   • "(Default)"="WebCakeIEClient.Api.1"

– [HKCR\WebCakeIEClient.Layers.1]
   • "(Default)"="WebCake"

– [HKCR\WebCakeIEClient.Layers.1\CLSID]
   • "(Default)"="{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}"

– [HKCR\WebCakeIEClient.Layers]
   • "(Default)"="WebCake"

– [HKCR\WebCakeIEClient.Layers\CLSID]
   • "(Default)"="{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}"

– [HKCR\WebCakeIEClient.Layers\CurVer]
   • "(Default)"="WebCakeIEClient.Layers.1"

– [HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\
   REGISTRY\USER\S-1-5-21-602162358-2077806209-839522115-1003\Software\
   SweetIM\Toolbars\Internet Explorer\Data]
   • "UserRejectedGuard_DS"="dword:0x00000001"
   • "UserRejectedGuard_HP"="dword:0x00000001"
   • "UserSelectedDS"="0"
   • "UserSelectedHP"="0"

– [HKLM\SOFTWARE\Babylon\Babylon Client\DefaultSettings]
   • "SetSearch"="dword:0x07777004"

– [HKLM\SOFTWARE\Classes\AppID\
   {A2773ED4-83BD-488A-A186-73590706C916}\Instl\Data]
   • "hp_url"="http://mixidj.**********search.com/?affID=121139&babsrc=HP_ss&mntrId=D88100AB2F0C4369"
   • "kw_url"="http://mixidj.**********search.com/?affID=121139&babsrc=KW_ss&mntrId=D88100AB2F0C4369&q="
   • "nt_url"="http://mixidj.**********search.com/?affID=121139&babsrc=NT_ss&mntrId=D88100AB2F0C4369"
   • "sp_name"="Mixi.DJ Search"
   • "sp_url"="http://mixidj.**********search.com/?q={searchTerms}&affID=121139&babsrc=SP_ss&mntrId=D88100AB2F0C4369"
   • "tb_url"="http://mixidj.**********search.com/?q={searchTerms}&affID=121139&babsrc=TB_ss&mntrId=D88100AB2F0C4369"
   • "trace"="dword:0x00000000"

– [HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}\
   defaultEnableAppsList]
   • "(Default)"="layers,brain/features,newOffers/wc"

– [HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}\
   InprocServer32]
   • "(Default)"="%SYSDIR%\catsrvut.dll"
   • "ThreadingModel"="Both"

 Informations divers Connexion Internet:
Afin de vérifier sa connexion Internet, les serveurs DNS suivants sont contactés
   • bi.soft**********.net
   • dl.cdn-serv**********.com
   • track.idea**********.com
   • reports.mont**********.com

Description insérée par Wensin Lee le vendredi 7 juin 2013
Description mise à jour par Wensin Lee le vendredi 7 juin 2013

Retour . . . .
https:// Cet écran est crypté pour votre sécurité.