philnoug
Messages postés81Date d'inscriptionsamedi 21 janvier 2006StatutMembreDernière intervention 7 novembre 2008
-
15 avril 2006 à 02:20
boulepate62
Messages postés22970Date d'inscriptionmardi 14 mars 2006StatutContributeur sécuritéDernière intervention24 décembre 2016
-
15 avril 2006 à 15:33
Salut à tous
Il y avait longtemps!!!
Est-ce quelqu'un sait lire ça?
c'est a priori un log de scan de "xoftspy":
<?xml version = "1.0"?>
<Session START = "15 Apr 06 02:01:30" END = "15 Apr 06 02:01:30">
<Information Version = "4.21" DatabaseVersion = "169" DataBaseDate = "12 APR 2006"/>
<Information OS = "Win XP"/>
<Information ServicePack = "Service Pack 2"/>
<Information WorkingDirectory = "C:\Program Files\XoftSpy\"/>
<Information Option = "AdvSpyware Scan" State = "ON"/>
<Information Option = "Scan IE Favorites" State = "ON"/>
<Information Option = "Scan Host Files" State = "ON"/>
<Information Option = "Scan Drives" State = "OFF"/>
<Information Option = "Do Not Scan Executables" State = "OFF"/>
<Information Option = "Scan Registry" State = "ON"/>
<Information Option = "Scan Active Processes" State = "ON"/>
<Information Option = "Automatic Database Update" State = "ON"/>
<Information Option = "Automatic Program Update" State = "ON"/>
<Information Option = "Automatic Removal" State = "OFF"/>
<Information Option = "Exit When Finished" State = "OFF"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Windows\CurrentVersion\Run"/>
<Information Value = "avast!" Data = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" MD5 = "9eb989d83225f2e6d9ecfdccdd0db0ca" Path = ""/>
<Information Value = "ccApp" Data = "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" MD5 = "ce7e4c5c24142d2d2be2f0633f9419ad" Path = ""/>
<Information Value = "TkBellExe" Data = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot" MD5 = "77ed13fd3196ebc7311ccd6899c7488c" Path = ""/>
<Information Value = "InstaFinderK" Data = "C:\Program Files\INSTAFINK\InstaFinderK_inst.exe" MD5 = "108fccb4186903b1fab79acfe9a4b7ac" Path = ""/>
<Information Value = "SemanticInsight" Data = "C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe"/>
<Information RootKey = "HKEY_CURRENT_USER" KeyPath = "Software\Microsoft\Windows\CurrentVersion\RunOnce"/>
<Information Value = "^SetupICWDesktop" Data = ""/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Windows NT\CurrentVersion\Winlogon"/>
<Information Value = "Userinit" Data = "C:\WINDOWS\system32\userinit.exe,"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Windows NT\CurrentVersion\Winlogon"/>
<Information Value = "Shell" Data = "Explorer.exe"/>
<Information RootKey = "HKEY_CURRENT_USER" KeyPath = "Software\Microsoft\Windows NT\CurrentVersion\Windows"/>
<Information Value = "load" Data = ""/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Windows NT\CurrentVersion\Windows"/>
<Information Value = "AppInit_DLLs" Data = ""/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"/>
<Information Value = "PostBootReminder" Data = "{7849596a-48ea-486e-8937-a2a3009f31a9}"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler"/>
<Information Value = "{438755C2-A8BA-11D1-B96B-00A0C90312E1}" Data = "Pré-chargeur Browseui"/>
<Information Value = "{8C7461EF-2B13-11d2-BE35-3078302C2030}" Data = "Démon de cache des catégories de composant"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\OLE"/>
<Information Value = "DefaultLaunchPermission" Data = ""/>
<Information Value = "MachineLaunchRestriction" Data = ""/>
<Information Value = "MachineAccessRestriction" Data = ""/>
<Information Value = "EnableDCOM" Data = "Y"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "SOFTWARE\Classes\PROTOCOLS\Filter\text/html"/>
<Information Value = "" Data = "RXResult MIME Filter"/>
<Information Value = "CLSID" Data = "{2AB289AE-4B90-4281-B2AE-1F4BB034B647}"/>
<Information RootKey = "HKEY_CURRENT_USER" KeyPath = "Software\Microsoft\Internet Explorer\Main"/>
<Information Value = "NoUpdateCheck" Data = "(DWORD) 0x1 0 0 0"/>
<Information Value = "NoJITSetup" Data = "(DWORD) 0x1 0 0 0"/>
<Information Value = "Cache_Update_Frequency" Data = "Once_Per_Session"/>
<Information Value = "Do404Search" Data = ""/>
<Information Value = "Local Page" Data = "C:\windows\system32\blank.htm"/>
<Information Value = "Use Custom Search URL" Data = "(DWORD) 0 0 0 0"/>
<Information Value = "Window_Placement" Data = ""/>
<Information Value = "BandRest" Data = ""/>
<Information Value = "Start Page" Data = "https://www.google.fr/?gws_rd=ssl"/>
<Information Value = "Default_Search_URL" Data = "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"/>
<Information Value = "Search Page" Data = ""/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Internet Explorer\Main"/>
<Information Value = "Cache_Percent_of_Disk" Data = ""/>
<Information Value = "Anchor_Visitation_Horizon" Data = ""/>
<Information Value = "Placeholder_Width" Data = ""/>
<Information Value = "Placeholder_Height" Data = ""/>
<Information Value = "Wizard_Version" Data = "6.00.2800.1106"/>
<Information Value = "BandRest" Data = ""/>
<Information Value = "BigBitmap" Data = "C:\PROGRA~1\Wanadoo\static38.bmp" MD5 = "48e5621858b3aa95a091346a1683303e" Path = ""/>
<Information Value = "SmallBitmap" Data = "C:\PROGRA~1\Wanadoo\static22.bmp" MD5 = "c11464e8d029b5885b4cb505b16fcb27" Path = ""/>
<Information Value = "Default_Search_URL" Data = "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"/>
<Information Value = "Start Page" Data = "https://www.google.fr/?gws_rd=ssl"/>
<Information Value = "Search Page" Data = ""/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Internet Explorer\Search"/>
<Information Value = "SearchAssistant" Data = "https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"/>
<Information Value = "CustomizeSearch" Data = "https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"/>
<Information RootKey = "HKEY_CURRENT_USER" KeyPath = "Software\Microsoft\Internet Explorer\SearchURL"/>
<Information Value = "provider" Data = ""/>
<Information Value = "" Data = "http://home.microsoft.com/access/autosearch.asp?p=%s"/>
<Information RootKey = "HKEY_CURRENT_USER" KeyPath = "Software\Microsoft\Internet Explorer\URLSearchHooks"/>
<Information Value = "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" Data = ""/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Internet Explorer\Toolbar"/>
<Information Value = "{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" Data = "Norton AntiVirus"/>
<Information RootKey = "HKEY_CURRENT_USER" KeyPath = "Software\Microsoft\Internet Explorer\Toolbar"/>
<Information Value = "LinksFolderName" Data = "Links"/>
<Information Value = "Locked" Data = "(DWORD) 0x1 0 0 0"/>
<Information Value = "{710EB7A1-45ED-11D0-924A-0020AFC7AC4D}" Data = ""/>
<Information Value = "BrandBitmap" Data = "C:\PROGRA~1\Wanadoo\ani38.bmp" MD5 = "d85088f3338ecb2891e42b56c71b28bb" Path = ""/>
<Information Value = "SmBrandBitmap" Data = "C:\PROGRA~1\Wanadoo\ani22.bmp" MD5 = "49df66fd8845ff800094e862435ab278" Path = ""/>
<Information Value = "BigBitmap" Data = "C:\PROGRA~1\Wanadoo\static38.bmp" MD5 = "48e5621858b3aa95a091346a1683303e" Path = ""/>
<Information Value = "SmallBitmap" Data = "C:\PROGRA~1\Wanadoo\static22.bmp" MD5 = "c11464e8d029b5885b4cb505b16fcb27" Path = ""/>
<Information Value = "smBrandHeight" Data = "(DWORD) 0x16 0 0 0"/>
<Information Value = "BrandHeight" Data = "(DWORD) 0x26 0 0 0"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "SOFTWARE\Classes\exefile\shell\open\command"/>
<Information Value = "" Data = "%1 %*"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "SOFTWARE\Classes\comfile\shell\open\command"/>
<Information Value = "" Data = "%1 %*"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "SOFTWARE\Classes\batfile\shell\open\command"/>
<Information Value = "" Data = "%1 %*"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "SOFTWARE\Classes\piffile\shell\open\command"/>
<Information Value = "" Data = "%1 %*"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "SOFTWARE\Classes\scrfile\shell\open\command"/>
<Information Value = "" Data = "%1 /S"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "SOFTWARE\Classes\htafile\shell\open\command"/>
<Information Value = "" Data = "C:\WINDOWS\system32\mshta.exe %1 %*" MD5 = "00022270f47d6a7ee8d8b9140063ebc9" Path = ""/>
<Information RootKey = "HKEY_CURRENT_USER" KeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings"/>
<Information Value = "ProxyEnable" Data = "(DWORD) 0 0 0 0"/>
<Information Directory = "D:\Documents and Settings\philippe.FIFOU\Menu Démarrer\Programmes\Démarrage\*" Program = "desktop.ini" MD5 = "d6a6856702e3f0953e7246a9b4a9fe35" />
<Information Directory = "D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\*" Program = "desktop.ini" MD5 = "d6a6856702e3f0953e7246a9b4a9fe35" />
<Scanning TIME = "15 Apr 06 02:01:30">
<PROCESS NAME = "C:\WINDOWS\system32\services.exe" MD5 = "732e0b1abaace15d80ec19056b0a2af9"/>
<PROCESS NAME = "C:\WINDOWS\system32\lsass.exe" MD5 = "9f3744a5c6f49291a7a685040a013399"/>
<PROCESS NAME = "C:\WINDOWS\system32\Ati2evxx.exe" MD5 = "6633cbf0d658440f0962d90e5bd20dde"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "1bd6c2f707a275cb7c16fd99fe0f31ca"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "1bd6c2f707a275cb7c16fd99fe0f31ca"/>
<PROCESS NAME = "C:\WINDOWS\System32\svchost.exe" MD5 = "1bd6c2f707a275cb7c16fd99fe0f31ca"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "1bd6c2f707a275cb7c16fd99fe0f31ca"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "1bd6c2f707a275cb7c16fd99fe0f31ca"/>
<PROCESS NAME = "C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe" MD5 = "5c0fcb31676012d4c5a35e61d5698a33"/>
<PROCESS NAME = "C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe" MD5 = "4b0f91ce0ee88625e95a4cfe91cca6b3"/>
<PROCESS NAME = "C:\Program Files\Norton Internet Security\ISSVC.exe" MD5 = "64bc5239264896c8d8fce558cfba029b"/>
<PROCESS NAME = "C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe" MD5 = "443e397643965e08c5ab6a6caa732b97"/>
<PROCESS NAME = "C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe" MD5 = "08fa56b7c13b4cbf0e5d351aecad92b1"/>
<PROCESS NAME = "C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe" MD5 = "d66fb119a9c44978b9eeef9836534f74"/>
<PROCESS NAME = "C:\WINDOWS\system32\Ati2evxx.exe" MD5 = "6633cbf0d658440f0962d90e5bd20dde"/>
<PROCESS NAME = "C:\WINDOWS\Explorer.EXE" MD5 = "4c33e5b9a6197b6ed215f6cfba0a2daa"/>
<PROCESS NAME = "C:\WINDOWS\system32\spoolsv.exe" MD5 = "da81ec57acd4cdc3d4c51cf3d409af9f"/>
<PROCESS NAME = "C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe" MD5 = "e13406f701a9b2a7513cd6798a40cecb"/>
<PROCESS NAME = "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" MD5 = "435d862e96fe19612093177cf6618f4e"/>
<PROCESS NAME = "C:\Program Files\Alwil Software\Avast4\ashServ.exe" MD5 = "0839b8bfdf17dac8c9b083009768400e"/>
<PROCESS NAME = "C:\WINDOWS\system32\cisvc.exe" MD5 = "d24f6382f5171b07705364812e9459e2"/>
<PROCESS NAME = "c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe" MD5 = "4921cb1fae6978d44a91d0d65d93fa57"/>
<PROCESS NAME = "C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe" MD5 = "bc2ddaf478aaf92f237fb52e35eb53d6"/>
<PROCESS NAME = "C:\Program Files\ewido anti-malware\ewidoctrl.exe" MD5 = "26830b750372ab1bf29c95deebeb802f"/>
<PROCESS NAME = "C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe" MD5 = "c0e569681f74a0c1e5fbebf914509bf0"/>
<PROCESS NAME = "C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE" MD5 = "11f714f85530a2bd134074dc30e99fca"/>
<PROCESS NAME = "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe" MD5 = "998e500c07d76d4e7aaefba32edc26d5"/>
<PROCESS NAME = "C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe" MD5 = "ca90d2c55eb3bb90687677bea3db0b59"/>
<PROCESS NAME = "C:\WINDOWS\system32\wdfmgr.exe" MD5 = "c81b8635dee0d3ef5f64b3dd643023a5"/>
<PROCESS NAME = "c:\APPS\Powercinema\Kernel\TV\CLSched.exe" MD5 = "bfb1a491b7cfafbd35220537eee92760"/>
<PROCESS NAME = "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" MD5 = "a7a61a9ffe49102c0ecdc259c915bdb9"/>
<PROCESS NAME = "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" MD5 = "1e898fa5ea0c8cb3bf053997516bb2c0"/>
<PROCESS NAME = "C:\WINDOWS\System32\alg.exe" MD5 = "2fe681d10c5fc343dbbc0610b8dd4d24"/>
<PROCESS NAME = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" MD5 = "9eb989d83225f2e6d9ecfdccdd0db0ca"/>
<PROCESS NAME = "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" MD5 = "ce7e4c5c24142d2d2be2f0633f9419ad"/>
<PROCESS NAME = "C:\Program Files\Winamp\winampa.exe" MD5 = "74def28c23c5de2ccee84e89217380d7"/>
<PROCESS NAME = "C:\Program Files\MSN Messenger\msnmsgr.exe" MD5 = "d491eb642758e6161345da99d495c4d9"/>
<PROCESS NAME = "C:\Program Files\Fichiers communs\RTE\RTEGPRS.exe" MD5 = "47239e0708eb2aaf9d179e37f144f4df"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "1bd6c2f707a275cb7c16fd99fe0f31ca"/>
<PROCESS NAME = "C:\WINDOWS\system32\cidaemon.exe" MD5 = "72999aa48322da948ce50c08b414a0ec"/>
<PROCESS NAME = "C:\WINDOWS\system32\taskmgr.exe" MD5 = "ae149e57bbc6fd628095f62574556c00"/>
<PROCESS NAME = "C:\Program Files\Norman\Norman Ad-aware SE Plus\Ad-Watch.exe" MD5 = "008c65c38799c48bbe3f94c20e21c244"/>
<PROCESS NAME = "C:\Program Files\mozilla.org\Mozilla\mozilla.exe" MD5 = "2eca4597d3ddfd074d67f67554fa13c3"/>
<PROCESS NAME = "C:\Program Files\LimeWire\LimeWire.exe" MD5 = "97918093dd905f51b2985ea597160b9e"/>
<PROCESS NAME = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" MD5 = "77ed13fd3196ebc7311ccd6899c7488c"/>
<PROCESS NAME = "C:\Program Files\XoftSpy\XoftSpy.exe" MD5 = "14a25102642960b794b4cf5981b2c341"/>
<ScanningRegKeys>
</SW>
<SW NAME = "TopPicks">
<REGKEYFOUND NAME = "clsid\{1d3bce37-7834-4579-8169-e67681420a98}"/>
<REGKEY NAME = "TopPicks clsid\{1d3bce37-7834-4579-8169-e67681420a98}"/>
</SW>
<SW NAME = "TopPicks">
<REGKEYFOUND NAME = "software\classes\clsid\{1d3bce37-7834-4579-8169-e67681420a98}"/>
<REGKEY NAME = "TopPicks software\classes\clsid\{1d3bce37-7834-4579-8169-e67681420a98}"/>
</SW>
<SW NAME = "TopPicks">
<REGKEYFOUND NAME = "software\classes\clsid\{e813099d-5529-47f4-9b37-4afafcb00a43}"/>
<REGKEY NAME = "TopPicks software\classes\clsid\{e813099d-5529-47f4-9b37-4afafcb00a43}"/>
</SW>
<SW NAME = "TopPicks">
<REGKEYFOUND NAME = "interface\{258a3625-183b-4477-aee2-ea54df6d878d}"/>
<REGKEY NAME = "TopPicks interface\{258a3625-183b-4477-aee2-ea54df6d878d}"/>
</SW>
<SW NAME = "TopPicks">
<REGKEYFOUND NAME = "interface\{ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb}"/>
<REGKEY NAME = "TopPicks interface\{ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb}"/>
</SW>
<SW NAME = "TopPicks">
<REGKEYFOUND NAME = "interface\{e813099d-5529-47f4-9b37-4afafcb00a43}"/>
<REGKEY NAME = "TopPicks interface\{e813099d-5529-47f4-9b37-4afafcb00a43}"/>
</SW>
<SW NAME = "TopPicks">
<REGKEYFOUND NAME = "software\classes\interface\{258a3625-183b-4477-aee2-ea54df6d878d}"/>
<REGKEY NAME = "TopPicks software\classes\interface\{258a3625-183b-4477-aee2-ea54df6d878d}"/>
</SW>
<SW NAME = "TopPicks">
<REGKEYFOUND NAME = "software\classes\interface\{ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb}"/>
<REGKEY NAME = "TopPicks software\classes\interface\{ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb}"/>
</SW>
<SW NAME = "TopPicks">
<REGKEYFOUND NAME = "software\classes\interface\{e813099d-5529-47f4-9b37-4afafcb00a43}"/>
<REGKEY NAME = "TopPicks software\classes\interface\{e813099d-5529-47f4-9b37-4afafcb00a43}"/>
</SW>
<SW NAME = "TopPicks">
<REGKEYFOUND NAME = "typelib\{676f6d1d-c559-42a9-860b-27c1477b7179}"/>
<REGKEY NAME = "TopPicks typelib\{676f6d1d-c559-42a9-860b-27c1477b7179}"/>
</SW>
<SW NAME = "TopSearch">
<REGKEYFOUND NAME = "clsid\{e813099d-5529-47f4-9b37-4afafcb00a43}"/>
<REGKEY NAME = "TopSearch clsid\{e813099d-5529-47f4-9b37-4afafcb00a43}"/>
</SW>
<SW NAME = "TopSearch">
<REGKEYFOUND NAME = "clsid\{e813099d-5529-47f4-9b37-4afafcb00a43}\inprocserver32"/>
<REGKEY NAME = "TopSearch clsid\{e813099d-5529-47f4-9b37-4afafcb00a43}\inprocserver32"/>
</SW>
<SW NAME = "TopSearch">
<REGKEYFOUND NAME = "appid\{8b0fef15-54dc-49f5-8377-8172de975f75}"/>
<REGKEY NAME = "TopSearch appid\{8b0fef15-54dc-49f5-8377-8172de975f75}"/>
</SW>
<SW NAME = "TopSearch">
<REGKEYFOUND NAME = "adm25.adm25"/>
<REGKEY NAME = "TopSearch adm25.adm25"/>
</SW>
<SW NAME = "TopSearch">
<REGKEYFOUND NAME = "adm25.adm25.1"/>
<REGKEY NAME = "TopSearch adm25.adm25.1"/>
</SW>
<SW NAME = "TopSearch">
<REGKEYFOUND NAME = "software\classes\adm25.adm25.1"/>
<REGKEY NAME = "TopSearch software\classes\adm25.adm25.1"/>
</SW>
<SW NAME = "TopSearch">
<REGKEYFOUND NAME = "software\classes\adm25.adm25"/>
<REGKEY NAME = "TopSearch software\classes\adm25.adm25"/>
</SW>
<SW NAME = "TopSearch">
<REGKEYFOUND NAME = "software\classes\topsearch.tslink.1"/>
<REGKEY NAME = "TopSearch software\classes\topsearch.tslink.1"/>
</SW>
<SW NAME = "TopSearch">
<REGKEYFOUND NAME = "software\classes\topsearch.tslink"/>
<REGKEY NAME = "TopSearch software\classes\topsearch.tslink"/>
</SW>
<SW NAME = "TopSearch">
<REGKEYFOUND NAME = "software\altnet"/>
<REGKEY NAME = "TopSearch software\altnet"/>
</SW>
<SW NAME = "TopSearch">
<REGKEYFOUND NAME = "software\classes\appid\{8b0fef15-54dc-49f5-8377-8172de975f75}"/>
<REGKEY NAME = "TopSearch software\classes\appid\{8b0fef15-54dc-49f5-8377-8172de975f75}"/>
</SW>
<SW NAME = "Cydoor">
<REGKEYFOUND NAME = "software\cydoor"/>
<REGKEY NAME = "Cydoor software\cydoor"/>
</SW>
<SW NAME = "Adware.P2PNetworking">
<REGKEYFOUND NAME = "software\p2p networking"/>
<REGKEY NAME = "Adware.P2PNetworking software\p2p networking"/>
</SW>
<SW NAME = "Adware.P2PNetworking">
<REGKEYFOUND NAME = "clsid\{b7156514-a76c-4545-9d5b-a4e1d02c7aec}"/>
<REGKEY NAME = "Adware.P2PNetworking clsid\{b7156514-a76c-4545-9d5b-a4e1d02c7aec}"/>
</SW>
<SW NAME = "Adware.P2PNetworking">
<REGKEYFOUND NAME = "interface\{582ab125-1403-42fb-9efb-198690ba1496}"/>
<REGKEY NAME = "Adware.P2PNetworking interface\{582ab125-1403-42fb-9efb-198690ba1496}"/>
</SW>
<SW NAME = "Adware.P2PNetworking">
<REGKEYFOUND NAME = "typelib\{edd3b3e9-3ffd-4836-a6de-d4a9c473a971}"/>
<REGKEY NAME = "Adware.P2PNetworking typelib\{edd3b3e9-3ffd-4836-a6de-d4a9c473a971}"/>
</SW>
<SW NAME = "CoolWebSearch">
<REGKEYFOUND NAME = "protocols\filter\text/html"/>
<REGKEY NAME = "CoolWebSearch protocols\filter\text/html"/>
</SW>
<SW NAME = "CoolWebSearch">
<REGKEYFOUND NAME = "software\classes\protocols\filter\text/html"/>
<REGKEY NAME = "CoolWebSearch software\classes\protocols\filter\text/html"/>
</SW>
<SW NAME = "Smitfraud">
<REGKEYFOUND NAME = "software\microsoft\windows\currentversion\explorer\browser helper objecta"/>
<REGKEY NAME = "Smitfraud software\microsoft\windows\currentversion\explorer\browser helper objecta"/>
</ScanningRegKeys>
<ScanningRegValues>
</SW>
<SW NAME = "ISTBar">
<REGVALUE VALUE = "ISTBar software\microsoft\internet explorer\main\bandrest"/>
<REGVALUEFOUND NAME = "software\microsoft\internet explorer\main\bandrest"/>
</ScanningRegValues>
<ScanningRegValuesChanged>
</ScanningRegValuesChanged>
<FILE PATH = "Cydoor C:\WINDOWS\system32\cd_clint.dll"/>
<FILE PATH = "C:\WINDOWS\system32\cd_clint.dll"/>
<FILE PATH = "real cookie D:\Documents and Settings\philippe.FIFOU\Cookies\philippe@real[1].txt"/>
<FILE PATH = "D:\Documents and Settings\philippe.FIFOU\Cookies\philippe@real[1].txt"/>
<FOLDER PATH = "TopSearch C:\Program Files\altnet"/>
<FOLDER PATH = "TopSearch C:\Program Files\altnet\Download Manager"/>
<FILE PATH = "TopSearch C:\Program Files\altnet\Download Manager\altinst1.dll"/>
<FILE PATH = "TopSearch C:\Program Files\altnet\Download Manager\altinst2.dll"/>
<FILE PATH = "TopSearch C:\Program Files\altnet\Download Manager\asm.exe"/>
<FILE PATH = "TopSearch C:\Program Files\altnet\Download Manager\asmps.dll"/>
<FOLDER PATH = "TopSearch C:\Program Files\altnet\My Altnet Shares"/>
<FOLDER PATH = "Cydoor C:\WINDOWS\system32\adcache"/>
<FILE PATH = "Cydoor C:\WINDOWS\system32\adcache\B_329_0_0_106800.htm"/>
<FILE PATH = "Cydoor C:\WINDOWS\system32\adcache\B_329_0_0_107400.htm"/>
<FILE PATH = "Cydoor C:\WINDOWS\system32\adcache\B_329_1_0_449200.gif"/>
<FILE PATH = "Cydoor C:\WINDOWS\system32\adcache\B_329_1_0_449600.gif"/>
<FILE PATH = "Cydoor C:\WINDOWS\system32\adcache\B_329_1_0_454300.gif"/>
<FILE PATH = "Cydoor C:\WINDOWS\system32\adcache\B_329_2_0_106800.htm"/>
<FILE PATH = "Cydoor C:\WINDOWS\system32\adcache\B_329_2_0_107400.htm"/>
<FILE PATH = "Cydoor C:\WINDOWS\system32\adcache\B_329_3_0_106800.htm"/>
<FILE PATH = "Cydoor C:\WINDOWS\system32\adcache\B_329_3_0_107400.htm"/>
<FILE PATH = "Cydoor C:\WINDOWS\system32\adcache\B_329_4_0_111600.htm"/>
<FILE PATH = "Cydoor C:\WINDOWS\system32\adcache\B_329_4_0_152400.htm"/>
<FILE PATH = "Cydoor C:\WINDOWS\system32\adcache\B_329_4_0_155300.htm"/>
<FILE PATH = "Cydoor C:\WINDOWS\system32\adcache\B_329_4_0_164100.htm"/>
<FOLDER PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\adm.exe"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\adm25.dll"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\adm4.dll"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\admdata.dll"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\admdloader.dll"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\admfdi.dll"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\admprog.dll"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\atl.dll"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\dmfiles.cab"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\DMinfo3.cab"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\dminstall7.cab"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\msvcirt.dll"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\mysearch.cab"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\pmexe.cab"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\pmfiles.cab"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\pminstall.cab"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\Setup.cab"/>
<FILE PATH = "Adware.P2PNetworking C:\WINDOWS\temp\altnet\Setup.exe"/>
<FOLDER PATH = "InstaFinder C:\Program Files\instafink"/>
<FILE PATH = "InstaFinder C:\Program Files\instafink\InstaFinderK_inst.exe"/>
<FOLDER PATH = " C:\Program Files\rxtoolbar"/>
<FILE PATH = " C:\Program Files\rxtoolbar\RXToolBar.dll"/>
<FILE PATH = " C:\Program Files\rxtoolbar\sfcont.bin"/>
<FILE PATH = " C:\Program Files\rxtoolbar\sfcont.dll"/>
<FOLDER PATH = "Viewpoint C:\Program Files\viewpoint"/>
<FOLDER PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\AxMetaStream.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\ClassIDs.ini"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\ComponentMgr.dll"/>
<FOLDER PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\AOLArt.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\AOLShell.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\AOLUserShell.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\Cursors.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\DataTracking.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\GifReader.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\JpegReader.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\LensFlares.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\Mts3Reader.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\ObjectMovie.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\SceneComponent.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\ServiceComponent.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\SreeDMMX.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\SWFView.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\VectorView.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\VMPAudio.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\VMPExtras.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\VMPSpeech.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\VMPVideo.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\WaveletReader.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\Components\ZoomView.dll"/>
<FOLDER PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\DownloadedComponents"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\MetaStreamID.ini"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\MtsAxInstaller.exe"/>
<FOLDER PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\NewComponents"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\npViewpoint.dll"/>
<FILE PATH = "Viewpoint C:\Program Files\viewpoint\Viewpoint Experience Technology\npViewpoint.xpt"/>
</Scanning>
boulepate62
Messages postés22970Date d'inscriptionmardi 14 mars 2006StatutContributeur sécuritéDernière intervention24 décembre 20162 575 15 avril 2006 à 02:52
Salut ou plutot re !
bon ben.. tu es infecté ;-)
Telecharge, installe puis mets à jour ce logiciel anti-spywares, une fois que c'est fait, fais un scan complet de ton systeme et colle le rapport ici stp
Ewido:
Ewido Security Suite
philnoug
Messages postés81Date d'inscriptionsamedi 21 janvier 2006StatutMembreDernière intervention 7 novembre 200837 15 avril 2006 à 14:37
Je ne pouvais plus me connecter à CCM!!!
j'ai Ewido, adawareSe, adaware alert, entre autre mais ewido ne m'affiche pas le rapport.
Un copain m'a dit avoir eu un problème et restaurer le systéme il y a quelque jour, mais je le soupçonne de ne pas tout me dire...
JE NE PRETE PLUS MON PC!!!!!
boulepate62
Messages postés22970Date d'inscriptionmardi 14 mars 2006StatutContributeur sécuritéDernière intervention24 décembre 20162 575 15 avril 2006 à 15:33
Installe le dans son propre dossier:
-cliques droit sur le bureau, nouveau dossier, installes-le dedans.
Lance le, cliques sur "do a system scan and save logfile"
Puis copies et colles le rapport ici.