si ca peut t’aider j’ai fait ca sur le site pour l’analyse en ligne de Hijacks
TrendSecure
Trend Micro
Your current Web browser may not display this site properly.
TrendSecure performs best when opened with the latest version of either Microsoft Internet Explorer or Mozilla Firefox.
Comparison of your HijackThis log file items to others
The table below compares the items HijackThis found on your computer with those on other people’s computers. The column “% of PCs with item” indicates what percent of other people’s HijackThis log files contain the item in that row of the table. Additional information will be provided as more HijackThis log files are added to the AnalyzeThis database.
Each entry is coded to indicate the type of item it is on your computer. An explanation of these codes may be found at the bottom of this page.
Index % of PCs with item Code Data
1 0.1% O1 ::1 localhost
2 0.1% O13
3 0.0% O18 sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
4 1.2% O2 (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
5 0.6% O2 Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
6 0.0% O2 &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
7 0.0% O2 scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
8 0.0% O2 ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
9 0.0% O2 McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
10 0.0% O2 SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
11 0.0% O2 Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
12 0.0% O2 McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
13 0.0% O2 Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
14 0.0% O20 AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
15 0.3% O23 LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
16 0.1% O23 Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
17 0.1% O23 McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
18 0.1% O23 McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
19 0.1% O23 McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
20 0.1% O23 McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
21 0.1% O23 Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
22 0.0% O23 McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
23 0.0% O23 Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
24 0.0% O23 Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
25 0.0% O23 MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
26 0.0% O23 McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe
27 0.0% O23 McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
28 0.0% O23 NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
29 0.0% O23 NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
30 0.0% O23 NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
31 0.0% O23 CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
32 0.0% O23 eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
33 0.0% O23 Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
34 0.0% O23 Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
35 0.0% O23 McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
36 0.0% O23 iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
37 0.0% O23 Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
38 0.0% O23 McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
39 0.0% O23 Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\WINDOWS\system32\vfsFPService.exe
40 0.4% O3 Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
41 0.0% O3 Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
42 0.0% O3 McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
43 0.5% O4 [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
44 0.2% O4 [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
45 0.1% O4 [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
46 0.1% O4 BTTray.lnk = ?
47 0.1% O4 [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
48 0.1% O4 [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
49 0.1% O4 [ehTray.exe] C:\Windows\ehome\ehTray.exe
50 0.0% O4 [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
51 0.0% O4 [RtHDVCpl] RtHDVCpl.exe
52 0.0% O4 [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
53 0.0% O4 [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
54 0.0% O4 [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
55 0.0% O4 [StartCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe”
56 0.0% O4 Acer VCM.lnk = ?
57 0.0% O4 [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE R?SEAU’)
58 0.0% O4 [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE LOCAL’)
59 0.0% O4 [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE LOCAL’)
60 0.0% O4 [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
61 0.0% O4 [eAudio] “C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe”
62 0.0% O4 [BkupTray] “C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe”
63 0.0% O4 [PLFSetI] C:\Windows\PLFSetI.exe
64 0.0% O4 [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
65 0.0% O4 [ZPdtWzdVitaKey MC3000] “C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe” show
66 0.0% O4 [ArcadeDeluxeAgent] “C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe”
67 0.0% O4 [CLMLServer] “C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe”
68 0.0% O4 [PlayMovie] “C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe”
69 0.0% O4 [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
70 0.0% O4 Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe
71 0.0% O4 [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe”
72 0.0% O4 [BitTorrent DNA] “C:\Users\M?do\Program Files\DNA\btdna.exe”
73 0.0% O4 [EPSON Stylus SX200 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU “C:\Windows\TEMP\E_S8EDA.tmp” /EF “HKCU”
74 0.0% O4 [MsnMsgr] “C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” /background
75 0.0% O4 [EPSON Stylus SX200 Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU “C:\Windows\TEMP\E_SD4C6.tmp” /EF “HKCU”
76 0.0% O4 [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
77 0.0% O4 [0b9jPQ2M7J] C:\ProgramData\whkzezmp\ihglwdyz.exe
78 0.0% O4 [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
79 0.0% O4 [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
80 0.0% O8 E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE…
81 0.0% O8 Envoyer au p?riph?rique &Bluetooth… - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
82 0.0% O8 Envoyer l’? au p?riph?rique Bluetooth… - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
83 0.2% O9 Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
84 0.1% O9 @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
85 0.0% O9 @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
86 0.0% O9 @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
87 0.0% O9 (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
88 0.0% O9 @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
89 0.0% O9 Envoyer ? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
90 0.0% O9 &Envoyer ? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
91 0.0% O9 Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
92 0.0% O9 Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
93 0.0% O9 (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
94 0.0% O9 (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
95 0.0% O9 Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
96 5.4% P01 C:\WINDOWS\Explorer.EXE
97 0.9% P01 C:\WINDOWS\system32\NOTEPAD.EXE
98 0.8% P01 C:\Program Files\Mozilla Firefox\firefox.exe
99 0.5% P01 C:\Program Files\Windows Defender\MSASCui.exe
100 0.5% P01 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
101 0.3% P01 C:\Windows\ehome\ehtray.exe
102 0.3% P01 C:\Windows\ehome\ehmsas.exe
103 0.2% P01 C:\Program Files\Windows Media Player\wmpnscfg.exe
104 0.2% P01 C:\PROGRA~1\mcafee.com\agent\mcagent.exe
105 0.1% P01 C:\Windows\system32\taskeng.exe
106 0.1% P01 C:\Windows\system32\Dwm.exe
107 0.1% P01 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
108 0.1% P01 C:\Windows\system32\wbem\unsecapp.exe
109 0.1% P01 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
110 0.1% P01 C:\Program Files\Windows Sidebar\sidebar.exe
111 0.1% P01 C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
112 0.1% P01 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
113 0.1% P01 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
114 0.0% P01 C:\Windows\RtHDVCpl.exe
115 0.0% P01 C:\Program Files\BitTorrent\bittorrent.exe
116 0.0% P01 C:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
117 0.0% P01 C:\Windows\WindowsMobile\wmdc.exe
118 0.0% P01 C:\Program Files\Launch Manager\LManager.exe
119 0.0% P01 C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
120 0.0% P01 C:\PROGRA~1\McAfee\MSC\mcshell.exe
121 0.0% P01 C:\Program Files\Acer\Acer VCM\AcerVCM.exe
122 0.0% P01 C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
123 0.0% P01 C:\Windows\system32\dfrgui.exe
124 0.0% P01 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
125 0.0% P01 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
126 0.0% P01 C:\Windows\PLFSetI.exe
127 0.0% P01 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
128 0.0% P01 C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
129 0.0% P01 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
130 0.0% P01 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
131 0.0% P01 C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
132 0.0% P01 C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
133 0.0% P01 C:\Program Files\Convesoft\Orion\Messenger.exe
134 0.0% P01 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
135 0.0% P01 C:\Users\M?do\Program Files\DNA\btdna.exe
136 0.0% P01 C:\Users\MDO~1\AppData\Local\Temp\RtkBtMnt.exe
137 0.0% P01 C:\Users\M?do\Desktop\Scan 5HiJackThis.exe
138 0.0% P01 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
139 0.0% P01 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe
140 0.0% P01 C:\Program Files\Acer\Acer VCM\VC.exe
141 0.0% P01 C:\Program Files\Acer\Acer VCM\acp2HID.exe
142 0.0% P01 C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
143 0.3% R0 HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
144 0.3% R0 HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
145 0.3% R0 HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
146 0.0% R0 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.fr.acer.yahoo.com…
147 0.0% R0 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.sfr.fr…
148 2.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
149 1.9% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
150 0.3% R1 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
151 0.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.fr.acer.yahoo.com…
Explanation of the codes
R - Registry, StartPage/SearchPage changes
* R0 - Changed registry value
* R1 - Created registry value
* R2 - Created registry key
* R3 - Created extra registry value where only one should be
F - IniFiles, autoloading entries
* F0 - Changed inifile value
* F1 - Created inifile value
* F2 - Changed inifile value, mapped to Registry
* F3 - Created inifile value, mapped to Registry
N - Netscape/Mozilla StartPage/SearchPage changes
* N1 - Change in prefs.js of Netscape 4.x
* N2 - Change in prefs.js of Netscape 6
* N3 - Change in prefs.js of Netscape 7
* N4 - Change in prefs.js of Mozilla
O - Other, several sections which represent:
* O1 - Hijack of auto.search.msn.com with Hosts file
* O2 - Enumeration of existing MSIE BHO's
* O3 - Enumeration of existing MSIE toolbars
* O4 - Enumeration of suspicious autoloading Registry entries
* O5 - Blocking of loading Internet Options in Control Panel
* O6 - Disabling of 'Internet Options' Main tab with Policies
* O7 - Disabling of Regedit with Policies
* O8 - Extra MSIE context menu items
* O9 - Extra 'Tools' menuitems and buttons
* O10 - Breaking of Internet access by New.Net or WebHancer
* O11 - Extra options in MSIE 'Advanced' settings tab
* O12 - MSIE plugins for file extensions or MIME types
* O13 - Hijack of default URL prefixes
* O14 - Changing of IERESET.INF
* O15 - Trusted Zone Autoadd
* O16 - Download Program Files item
* O17 - Domain hijack
* O18 - Enumeration of existing protocols and filters
* O19 - User stylesheet hijack
* O20 - AppInit_DLLs autorun Registry value, Winlogon Notify Registry keys
* O21 - ShellServiceObjectDelayLoad (SSODL) autorun Registry key
* O22 - SharedTaskScheduler autorun Registry key
* O23 - Enumeration of NT Services
* O24 - Enumeration of ActiveX Desktop Components