EGD ACCESS Spyware
geninapa
Messages postés
11
Statut
Membre
-
jmp59 Messages postés 31960 Date d'inscription Statut Contributeur Dernière intervention -
jmp59 Messages postés 31960 Date d'inscription Statut Contributeur Dernière intervention -
Bonjour,
J'ai plusieurs problemes de Spyware.
J'ai des fenetres de pub porno qui passent par le site "www.epass-key.com"
De plus , quand je lance mon ordi le message suivant apparait: "erreur de chargement EGDACCESS_1063.dll". J'ai lu sur le forum d'autres problèmes semblables et j'ai téléchargé hijackthis. Je joins le log de ce dernier.Ainsi que le Scan obtenu avec Activ Scan.
Merci pour votre aide.SLM
----------------------------------------------------------------------------
Scan Activ Scan :
Incident Statut Analyse
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-7a912fd2-5062053b.zip[BlackBox.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-7a912fd2-5062053b.zip[Beyond.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-7a912fd2-5062053b.zip[A.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6f855862.zip[Counter.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6f855862.zip[Gummy.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6f855862.zip[VerifierBug.class]
Virus:Trj/LowZones.RI Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6f855862.zip[web.exe]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6f855862.zip[Worker.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6f855862.zip[Xeyond.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2eba2ba2-6df9ea43.zip[Counter.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2eba2ba2-6df9ea43.zip[Gummy.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2eba2ba2-6df9ea43.zip[VerifierBug.class]
Virus:Trj/Downloader.IUE Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2eba2ba2-6df9ea43.zip[web.exe]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2eba2ba2-6df9ea43.zip[Worker.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2eba2ba2-6df9ea43.zip[Xeyond.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-787af560-1e542339.zip[Counter.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-787af560-1e542339.zip[Gummy.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-787af560-1e542339.zip[VerifierBug.class]
Virus:Trj/Downloader.IUE Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-787af560-1e542339.zip[web.exe]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-787af560-1e542339.zip[Worker.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-787af560-1e542339.zip[Xeyond.class]
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@112.2o7[2].txt
Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@247realmedia[1].txt
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@2o7[2].txt
Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@adopt.hbmediapro[2].txt
Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@adtech[2].txt
Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@as1.falkag[1].txt
Spyware:Cookie/Atwola No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@atwola[1].txt
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@bluestreak[2].txt
Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@fl01.ct2.comclick[2].txt
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@microsoftwga.112.2o7[1].txt
Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@serving-sys[2].txt
Spyware:Cookie/Smartadserver No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@smartadserver[1].txt
Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@stats1.reliablestats[1].txt
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@tradedoubler[1].txt
Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@weborama[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@xiti[1].txt
--------------------------------------------------------------------------
LOG HIJACKTHIS
Logfile of HijackThis v1.99.1
Scan saved at 17:49:34, on 26/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Fichiers communs\AOL\1132519353\ee\AOLSoftware.exe
C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\themeGold55\CursorXP\CursorXP.exe
D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\LiveUpdate\LiveUpdate.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\AOL 9.0c\aoltray.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Apple Computer\DVD@ccess\DVDAccess.exe
C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500USB.exe
C:\Program Files\AOL 9.0c\waol.exe
C:\Program Files\AOL 9.0c\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\My Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.izsktxjdkfiuudqjxrrg.info/mnOE760lmQPXI9EsonxD07gXCh92e0lZFsLwA9bMRlZz...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ypemxwbxdbga.uk/mnOE760lmQNEMOyDlRI0h12l67m7AjlS_PbwZeCS9PA.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {47FC7098-86D9-5A52-F91C-3916D49A4DA2} - C:\DOCUME~1\CHRIST~1.TES\APPLIC~1\LiveKind\EncWait.exe (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: WsftpBrowserHelper Class - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: XBTB05715 Class - {BFEDE0E4-93B8-4e48-918B-0026C10AA7E4} - C:\PROGRA~1\TEXTOW~1\SFR_TO~1.DLL (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: TextoWeb_F6 - {B574D419-5BDA-454F-B2E5-49C74EEAAF6D} - C:\Program Files\TextoWeb_F6\sfr_toolbar_f6.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] c:\progra~1\softwin\bitdef~1\bdnagent.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1132519353\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [MDDiskProtect.exe] C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
O4 - HKLM\..\Run: [MediafourGettingStartedWithMacDrive6] "C:\Program Files\Mediafour\MacDrive\MacDrive.exe" /runonce
O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE" /auto
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Fichiers communs\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
O4 - HKCU\..\Run: [optionskip] C:\DOCUME~1\CHRIST~1.TES\APPLIC~1\PLAYRD~1\Surfremote.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1063.dll,InstantAccess
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0c\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = ?
O4 - Global Startup: DVD@ccess.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: RaConfig2500USB.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500USB.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\cookies.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {07C9CFC7-DE33-4A0C-9FFB-CDFBA843B157} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {26D73573-F1B3-48C9-A989-E6CE071957A1} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {505098FD-5D61-4BC2-9B82-F969D0E932A2} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {624321F1-0581-49D8-99BD-2E952C2DF31B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/import/ImageUploader3.cab
O16 - DPF: {BE5A7132-329F-4319-B781-2A83BFE51534} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {C6760A07-A574-4705-B113-7856315922C3} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} -
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {FA83E942-B796-46DE-9155-1632ECC5473B} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{EDB96FFF-14B1-412D-8826-F91D1EF1363D}: NameServer = 205.188.146.145
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: McAfee.com Personal Firewall Service (MpfService) - McAfee.com Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2\RpcSandraSrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
---------------------------------------------------------------------------
Merci d'avance de votre aide.
SLM
J'ai plusieurs problemes de Spyware.
J'ai des fenetres de pub porno qui passent par le site "www.epass-key.com"
De plus , quand je lance mon ordi le message suivant apparait: "erreur de chargement EGDACCESS_1063.dll". J'ai lu sur le forum d'autres problèmes semblables et j'ai téléchargé hijackthis. Je joins le log de ce dernier.Ainsi que le Scan obtenu avec Activ Scan.
Merci pour votre aide.SLM
----------------------------------------------------------------------------
Scan Activ Scan :
Incident Statut Analyse
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-7a912fd2-5062053b.zip[BlackBox.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-7a912fd2-5062053b.zip[Beyond.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-7a912fd2-5062053b.zip[A.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6f855862.zip[Counter.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6f855862.zip[Gummy.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6f855862.zip[VerifierBug.class]
Virus:Trj/LowZones.RI Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6f855862.zip[web.exe]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6f855862.zip[Worker.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6f855862.zip[Xeyond.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2eba2ba2-6df9ea43.zip[Counter.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2eba2ba2-6df9ea43.zip[Gummy.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2eba2ba2-6df9ea43.zip[VerifierBug.class]
Virus:Trj/Downloader.IUE Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2eba2ba2-6df9ea43.zip[web.exe]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2eba2ba2-6df9ea43.zip[Worker.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2eba2ba2-6df9ea43.zip[Xeyond.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-787af560-1e542339.zip[Counter.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-787af560-1e542339.zip[Gummy.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-787af560-1e542339.zip[VerifierBug.class]
Virus:Trj/Downloader.IUE Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-787af560-1e542339.zip[web.exe]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-787af560-1e542339.zip[Worker.class]
Hacktool:Exploit/ByteVerify No Désinfecté C:\Documents and Settings\christian.TEST\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-787af560-1e542339.zip[Xeyond.class]
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@112.2o7[2].txt
Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@247realmedia[1].txt
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@2o7[2].txt
Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@adopt.hbmediapro[2].txt
Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@adtech[2].txt
Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@as1.falkag[1].txt
Spyware:Cookie/Atwola No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@atwola[1].txt
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@bluestreak[2].txt
Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@fl01.ct2.comclick[2].txt
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@microsoftwga.112.2o7[1].txt
Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@serving-sys[2].txt
Spyware:Cookie/Smartadserver No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@smartadserver[1].txt
Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@stats1.reliablestats[1].txt
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@tradedoubler[1].txt
Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@weborama[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\christian.TEST\Cookies\christian@xiti[1].txt
--------------------------------------------------------------------------
LOG HIJACKTHIS
Logfile of HijackThis v1.99.1
Scan saved at 17:49:34, on 26/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Fichiers communs\AOL\1132519353\ee\AOLSoftware.exe
C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\themeGold55\CursorXP\CursorXP.exe
D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\LiveUpdate\LiveUpdate.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\AOL 9.0c\aoltray.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Apple Computer\DVD@ccess\DVDAccess.exe
C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500USB.exe
C:\Program Files\AOL 9.0c\waol.exe
C:\Program Files\AOL 9.0c\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\My Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.izsktxjdkfiuudqjxrrg.info/mnOE760lmQPXI9EsonxD07gXCh92e0lZFsLwA9bMRlZz...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ypemxwbxdbga.uk/mnOE760lmQNEMOyDlRI0h12l67m7AjlS_PbwZeCS9PA.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {47FC7098-86D9-5A52-F91C-3916D49A4DA2} - C:\DOCUME~1\CHRIST~1.TES\APPLIC~1\LiveKind\EncWait.exe (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: WsftpBrowserHelper Class - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: XBTB05715 Class - {BFEDE0E4-93B8-4e48-918B-0026C10AA7E4} - C:\PROGRA~1\TEXTOW~1\SFR_TO~1.DLL (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: TextoWeb_F6 - {B574D419-5BDA-454F-B2E5-49C74EEAAF6D} - C:\Program Files\TextoWeb_F6\sfr_toolbar_f6.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] c:\progra~1\softwin\bitdef~1\bdnagent.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1132519353\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [MDDiskProtect.exe] C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
O4 - HKLM\..\Run: [MediafourGettingStartedWithMacDrive6] "C:\Program Files\Mediafour\MacDrive\MacDrive.exe" /runonce
O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE" /auto
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Fichiers communs\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
O4 - HKCU\..\Run: [optionskip] C:\DOCUME~1\CHRIST~1.TES\APPLIC~1\PLAYRD~1\Surfremote.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1063.dll,InstantAccess
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0c\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = ?
O4 - Global Startup: DVD@ccess.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: RaConfig2500USB.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500USB.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\cookies.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {07C9CFC7-DE33-4A0C-9FFB-CDFBA843B157} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {26D73573-F1B3-48C9-A989-E6CE071957A1} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {505098FD-5D61-4BC2-9B82-F969D0E932A2} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {624321F1-0581-49D8-99BD-2E952C2DF31B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/import/ImageUploader3.cab
O16 - DPF: {BE5A7132-329F-4319-B781-2A83BFE51534} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {C6760A07-A574-4705-B113-7856315922C3} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} -
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {FA83E942-B796-46DE-9155-1632ECC5473B} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{EDB96FFF-14B1-412D-8826-F91D1EF1363D}: NameServer = 205.188.146.145
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: McAfee.com Personal Firewall Service (MpfService) - McAfee.com Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2\RpcSandraSrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
---------------------------------------------------------------------------
Merci d'avance de votre aide.
SLM
A voir également:
- EGD ACCESS Spyware
- Spyware doctor - Télécharger - Antivirus & Antimalwares
- Spyware terminator - Télécharger - Antivirus & Antimalwares
- Access appdata - Guide
- Anti spyware gratuit - Télécharger - Antivirus & Antimalwares
- Spyware blaster - Télécharger - Antivirus & Antimalwares
3 réponses
Bonjour,
Dans Hijackthis, coches cette ligne et fixes-là
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1063.dll,InstantAccess
Ce sera toujours ça dont tu seras débarrassé.
Bye.
Dans Hijackthis, coches cette ligne et fixes-là
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1063.dll,InstantAccess
Ce sera toujours ça dont tu seras débarrassé.
Bye.
bonjour, j'ai fait le necessaire mais j'ai un message qui me dit :
"Résident. Modification du registre refusée.Résident a refusé la modification de Instant Access selon votre liste noire ( catégorie system Startup User Entry )
j'utilise aussi Spybot, est ce lui qui pose probleme ?
Merci d 'avance
"Résident. Modification du registre refusée.Résident a refusé la modification de Instant Access selon votre liste noire ( catégorie system Startup User Entry )
j'utilise aussi Spybot, est ce lui qui pose probleme ?
Merci d 'avance
