[Virus] infecte par SpyWorm.win32 ?
jindrak2
-
alphaboy Messages postés 13 Statut Membre -
alphaboy Messages postés 13 Statut Membre -
Bonjour tout le monde,
J'ai attrape un virus en telechargeant un fichier.
Je pense qu'il se nomme "spyWorm.win32"
Il m'a mis une nouvelle icone dans la barre de tache : un point d'interrogation avec une barre rouge qui s'affiche.
Cette icone m'affiche svt des fenetres du style :
- System alert : u have been affected by spyware ... qui me demande d'installer des logiciels anti spyware
- une pub de casino
- des fenetres sur les virus
- ...
J'ai McAffee comme antivirus
j'ai utilise Spybot Search and Destroy, il a detecte des entrees registres suspectes dans Microsoft/Windows/policies/explorer/run
il s'agit de "rare" et "user32.dll" , qui proviennent de C:\Program Files\Video ActiveX Access c'est a dire du telechargement effectue.
Le contenu de ce fichier est : iesmin, iesbunst, iesmn, imsmain,imsmn qui sont des dll ou executables , ainsi que deux icones : ot ,ts
De plus, lorque j'eteinds ou redemarre l'ordi, il m'embete avec une de ces dll mais bon il redemarre et s'eteind quand meme.
Voila, j'espere que vous pourrez m'aider à tuer ce virus, j'ai besoin de mon ordi pour mes exams et travaux et g pas envie de formater l'ordi ...
Merci d'avance
J'ai attrape un virus en telechargeant un fichier.
Je pense qu'il se nomme "spyWorm.win32"
Il m'a mis une nouvelle icone dans la barre de tache : un point d'interrogation avec une barre rouge qui s'affiche.
Cette icone m'affiche svt des fenetres du style :
- System alert : u have been affected by spyware ... qui me demande d'installer des logiciels anti spyware
- une pub de casino
- des fenetres sur les virus
- ...
J'ai McAffee comme antivirus
j'ai utilise Spybot Search and Destroy, il a detecte des entrees registres suspectes dans Microsoft/Windows/policies/explorer/run
il s'agit de "rare" et "user32.dll" , qui proviennent de C:\Program Files\Video ActiveX Access c'est a dire du telechargement effectue.
Le contenu de ce fichier est : iesmin, iesbunst, iesmn, imsmain,imsmn qui sont des dll ou executables , ainsi que deux icones : ot ,ts
De plus, lorque j'eteinds ou redemarre l'ordi, il m'embete avec une de ces dll mais bon il redemarre et s'eteind quand meme.
Voila, j'espere que vous pourrez m'aider à tuer ce virus, j'ai besoin de mon ordi pour mes exams et travaux et g pas envie de formater l'ordi ...
Merci d'avance
A voir également:
- [Virus] infecte par SpyWorm.win32 ?
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
- Ordinateur bloqué virus - Accueil - Arnaque
10 réponses
Bonjour,
Fait un sacan avec HiJackThis. (garde la fenêtre)
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html
et colle ton rapport dans http://www.hijackthis.de/
clique sur evaluer et il va te dire les lignes a cocher,, et ensuite clique sur fix checked
Fait un sacan avec HiJackThis. (garde la fenêtre)
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html
et colle ton rapport dans http://www.hijackthis.de/
clique sur evaluer et il va te dire les lignes a cocher,, et ensuite clique sur fix checked
Voila le rapport,
Logfile of HijackThis v1.99.1
Scan saved at 13:35:47, on 12/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Video ActiveX Access\iesmn.exe
C:\Program Files\Video ActiveX Access\imsmain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Video ActiveX Access\imsmn.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Outils\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Video ActiveX Access\iesmin.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Outils\PowerArchiver\PASTARTER.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\SiteAdvisor\6066\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
c:\program files\mcafee\msc\mcshell.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Lolo\Bureau\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070209
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-be?c=be&l=fr&s=gen&redirect=1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/fr-be?c=be&l=fr&s=gen&redirect=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070209
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Program Files\Video ActiveX Access\iesbpl.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Outils\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Outils\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Outils\PowerArchiver\PASTARTER.EXE
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?0a82992ae3d741e6b69818de45d55f0a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?0a82992ae3d741e6b69818de45d55f0a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{277DE1BC-4A6D-465E-A529-62C50B36A996}: NameServer = 138.48.4.4,138.48.4.10
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Outils\MATLAB7\webserver\bin\win32\matlabserver.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
J'ai transmis le rapport a hijack.de
headleft
HijackThis.de Security
Téléchargement direct
Vers le site du développeur
Database
Deutsch English Français Italian Czech
headright
Evaluation de votre log créé par HijackThis
HijackThis opens you a possibility to find and fix nasty entries on your computer easier.
Therefore it will scan special parts in the registry and on your harddisk and compare them with the default settings. If there is some abnormality detected on your computer HijackThis will save them into a logfile. In order to find out what entries are nasty and what are installed by the user, you need some background information.
A logfile is not so easy to analyze. Even for an advanced computer user. With the help of this automatic analyzer you are able to get some additional support. Just paste your complete logfile into the textbox at the bottom of this page.
A cause de quelques malentendus, je précise que je développe seulement cette analyse en ligne et non l'utilitaire HijackThis.
Service & Support
HijackThis.de Supportforum Deutsch | English
Current information
Information - If you send us unknown or incorrect rated entries please fill out all the fields in english or german language. We will ignore it otherwise. We also ignore everything which doesn't contain reliable information to this entry.
Furthermore the contact forms on this page are not intended to help with your computer problems. Please use our forum if you have problems with your computer.
Evaluation du log
veuillez copier votre log ci-dessous
ou bien recherchez un log sauvegardé sur votre disque dur
The following analyses has been stored temporarily
Logfile of Hijac...[Remove Logfile] 13.05.2007, 18:32:23
Show the visitors ratings
Aidez-nous à garder ce service gratuit en ligne! Faites-nous, s'il vous plaît, une petite donation via PayPal.
Actions
Inscription
Genre
Visitor's assessment
Information
Analyzerdetails
Logfile of HijackThis v1.99.1
Genre
Votre version semble être actuelle.
Platform: Windows XP SP2 (WinNT 5.01.2600)
Genre
Analyzerdetails
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Genre
Votre version semble être actuelle.
Visitor's assessment Analyzerdetails
C:\WINDOWS\System32\smss.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\winlogon.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\services.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\lsass.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\Ati2evxx.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\svchost.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\System32\svchost.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\System32\WLTRYSVC.EXE
Genre
Safe
Safe
Broadcom Corporation Wireless Network Tray Applet
Visitor's assessment Analyzerdetails
C:\WINDOWS\System32\bcmwltry.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\spoolsv.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\Ati2evxx.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\Explorer.EXE
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Program Files\Video ActiveX Access\iesmn.exe
Genre
Fuzzy Algorithmcheck (1.34 / 5.00), Nasty
Visitor's assessment Analyzerdetails Inconnu
C:\Program Files\Video ActiveX Access\imsmain.exe
Genre
Tâche inconnue.
Visitor's assessment Analyzerdetails
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Genre
Safe
Safe
Visitor's assessment Analyzerdetails
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
Genre
Very safe
Very safe
ATI Control Center
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\ICO.EXE
Genre
Very safe
Very safe
Visitor's assessment Analyzerdetails
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
Genre
Safe
Safe
Java Runtime
Visitor's assessment Analyzerdetails
C:\WINDOWS\stsystra.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
Genre
Install Shield Software Update
Visitor's assessment Analyzerdetails Inconnu
C:\Program Files\Video ActiveX Access\imsmn.exe
Genre
Tâche inconnue.
Visitor's assessment Analyzerdetails
C:\WINDOWS\ehome\ehtray.exe
Genre
Safe
Safe
Visitor's assessment Analyzerdetails
C:\Program Files\Creative\Mixer\CTSVolFE.exe
Genre
Very safe
Very safe
Fuzzy Algorithmcheck (4.4 / 5.00), Safe
Visitor's assessment Analyzerdetails
C:\Program Files\Dell\MediaDirect\PCMService.exe
Genre
PowerCinema
Visitor's assessment Analyzerdetails
C:\Program Files\Dell\QuickSet\quickset.exe
Genre
Safe
Safe
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\WLTRAY.exe
Genre
Very safe
Very safe
Tâche inconnue.
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Outils\Elaborate Bytes\CloneCD\CloneCDTray.exe
Genre
Eventuellement méchant! Selon notre base de données, ce processus s’exécute normalement dans c:\programme\elaborate bytes\clonecd\! Vérifiez si vous connaissez ce processus et arrangez un contrôle antivirus si nécessaire. CloneCD Taskicon
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\dla\tfswctrl.exe
Genre
Neutral
Neutral
HP DLA Packet Writing Software
Visitor's assessment Analyzerdetails
C:\Program Files\Video ActiveX Access\iesmin.exe
Genre
Fuzzy Algorithmcheck (1.34 / 5.00), Nasty
Visitor's assessment Analyzerdetails
C:\Program Files\McAfee\MSK\MskAgent.exe
Genre
Neutral
Neutral
Eventuellement méchant! Selon notre base de données, ce processus s’exécute normalement dans c:\programme\mcafee\spamki~1\! Vérifiez si vous connaissez ce processus et arrangez un contrôle antivirus si nécessaire. Bestandteil von McAfee
Visitor's assessment Analyzerdetails
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
Genre
Very safe
Very safe
McAfee SiteAdvisor
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\ctfmon.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Program Files\Dell Support\DSAgnt.exe
Genre
Very safe
Very safe
Dell Support Application
Visitor's assessment Analyzerdetails
C:\Outils\PowerArchiver\PASTARTER.EXE
Genre
Fuzzy Algorithmcheck (4 / 5.00), Safe
Visitor's assessment Analyzerdetails
C:\Program Files\Digital Line Detect\DLG.exe
Genre
Safe
Safe
Digital Line Detect - BVRP Phone Tools software suite
Visitor's assessment Analyzerdetails
C:\WINDOWS\eHome\ehRecvr.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\eHome\ehSched.exe
Genre
Neutral
Neutral
Visitor's assessment Analyzerdetails
C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
Genre
McAfee HackerWatch Service
Visitor's assessment Analyzerdetails
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
Genre
Very safe
Very safe
Part of McAfee
Visitor's assessment Analyzerdetails
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
Genre
McAfee Network Agent
Visitor's assessment Analyzerdetails
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
Genre
Very safe
Very safe
McAfee Scanner
Visitor's assessment Analyzerdetails
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
Genre
Very safe
Very safe
McAfee Protection Manager
Visitor's assessment Analyzerdetails
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
Genre
McAfee Proxy Service
Visitor's assessment Analyzerdetails
c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe
Genre
McAfee Redirector Service
Visitor's assessment Analyzerdetails
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
Genre
Very safe
Very safe
McAfee SystemGuards
Visitor's assessment Analyzerdetails
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
Genre
Very safe
Very safe
Machine Debug Manager. Used by developers.
Visitor's assessment Analyzerdetails
C:\Program Files\McAfee\MPF\MPFSrv.exe
Genre
Safe
Safe
McAfee Personal Firewall Service
Visitor's assessment Analyzerdetails
C:\PROGRA~1\McAfee\MPS\mps.exe
Genre
Very safe
Very safe
McAfee Privacy Service
Visitor's assessment Analyzerdetails
C:\Program Files\McAfee\MSK\MskSrver.exe
Genre
McAfee SpamKiller Service
Visitor's assessment Analyzerdetails
C:\Program Files\SiteAdvisor\6066\SAService.exe
Genre
McAffee SiteAdvisor
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\svchost.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Program Files\McAfee\MPS\mpsevh.exe
Genre
Part of McAfee
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\dllhost.exe
Genre
Safe
Safe
Visitor's assessment Analyzerdetails
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\eHome\ehmsas.exe
Genre
Very safe
Very safe
Visitor's assessment Analyzerdetails
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
Genre
Very safe
Very safe
ATI Control Center
Visitor's assessment Analyzerdetails
c:\program files\mcafee\msc\mcshell.exe
Genre
Fuzzy Algorithmcheck (4.31 / 5.00), Safe
Visitor's assessment Analyzerdetails
C:\Program Files\Mozilla Firefox\firefox.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
Genre
Safe
Safe
Eventuellement méchant! Selon notre base de données, ce processus s’exécute normalement dans c:\programme\mcafee.com\vso\! Vérifiez si vous connaissez ce processus et arrangez un contrôle antivirus si nécessaire.
Visitor's assessment Analyzerdetails
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Program Files\Internet Explorer\iexplore.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
Genre
Safe
Safe
Microsoft Windows Live Login Helper
Visitor's assessment Analyzerdetails Inconnu
C:\Documents and Settings\Lolo\Bureau\Scanner.exe
Genre
Tâche inconnue.
Visitor's assessment Analyzerdetails
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070209
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
Genre
Very safe
Very safe
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-be?c=be&l=fr&s=gen&redirect=1
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/fr-be?c=be&l=fr&s=gen&redirect=1
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070209
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
Genre
Very safe
Very safe
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Genre
Cette inscription a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Genre
Neutral
Neutral
Ycomp*_*_*_*.dll - Yahoo Companion!, Yahoo Companion!
Visitor's assessment Analyzerdetails
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Genre
Very safe
Very safe
AcroIEhelper.ocx, AcroIEhelper.dll - Adobe Acrobat reader, http://www.adobe.com/products/acrobat/re adstep2.html
Visitor's assessment Analyzerdetails
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
Genre
saIE.dll - SiteAdvisor, https://www.mcafee.com/en-us/safe-browser/mcafee-webadvisor.html
Visitor's assessment Analyzerdetails
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
Genre
Neutral
Neutral
tfswshx.dll - Hewlett-Packard/Veritas DLA software
Visitor's assessment Analyzerdetails
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
Genre
Very safe
Very safe
SUN Java
Visitor's assessment Analyzerdetails Inconnu
O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll
Genre
Programme inconnu.
Visitor's assessment Analyzerdetails
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
Genre
Safe
Safe
scriptproxy.dll, scriptsn.dll - McAfee, https://home.mcafee.com/StaticGenericPage.aspx?page=cookienotsupported&url=%2f%3fctst%3d1 ScriptScan
Visitor's assessment Analyzerdetails
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Genre
Safe
Safe
Programme inconnu.
Inscription superflue (car sans effet) qui peut donc être effacée ! This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Genre
Neutral
Neutral
WindowsLiveLogin.dll - Microsoft Windows_Live, https://support.microsoft.com/en-us/windows/windows-essentials-2707b879-5004-4349-c4a4-e5900945f2a9
Visitor's assessment Analyzerdetails
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
Genre
MSN Toolbar Helper
Visitor's assessment Analyzerdetails
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
Genre
Very safe
Very safe
GoogleAE.dll - Google Search related, found on Dell computers. Reportedly responsible for displaying this, http://www.google.com/hws/dell/afe? placeholder web page; also see here, https://www.gamedev.net/forums/ topic.asp?topic_id=368054 a
Visitor's assessment Analyzerdetails
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
Genre
saIE.dll - SiteAdvisor, https://www.mcafee.com/en-us/safe-browser/mcafee-webadvisor.html
Visitor's assessment Analyzerdetails
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
Genre
Msntb.dll - MSN Toolbar, https://www.bing.com/?toHttps=1&redig=C5A5F4D5ECA345F689A948C005FF88A7
Visitor's assessment Analyzerdetails
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Genre
Ycomp*_*_*_*.dll - Yahoo Companion!, http://companion.yahoo.com/
Visitor's assessment Analyzerdetails Inconnu
O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Program Files\Video ActiveX Access\iesbpl.dll
Genre
Programme inconnu.
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Genre
Very safe
Very safe
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
Genre
Very safe
Very safe
ATI Catalyst ControlCenter
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
Genre
Dell Mouse Software
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
Genre
Safe
Safe
Java von Sun
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
Genre
Neutral
Neutral
Non dangereux, mais tout de même superflu. InstallShield Update Service Scheduler; automatically searches for and performs any updates to the software so you’re always working with the most current version. Not required.
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
Genre
Non dangereux, mais tout de même superflu. InstallShield Update Service related; Automatically searches for and performs any updates to the software. Not required.
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
Genre
Neutral
Neutral
eHome Media Center PC related - Needed for Media Center Remote Functions
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
Genre
Creative Audio Control
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
Genre
In a Dell\Media Experience sub-directory
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
Genre
Very safe
Very safe
Non dangereux, mais tout de même superflu. Dell taskbar icon allowing you to quickly change settings
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Outils\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
Genre
Non dangereux, mais tout de même superflu. From Elaborate Bytes who make CloneCD - monitors the installed filters of CD-ROMs/DVD-ROMs. Note - under Win2K removing this from startup causes the CD drive in the computer to not be recognized in the OS and after rechecking it prompts that the driver has been corrupted and asks you to restart the computer to fix it
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [CloneCDTray] "C:\Outils\Elaborate Bytes\CloneCD\CloneCDTray.exe"
Genre
System tray for CloneCD - the only useful option is "Hide CDR Media" only available via this tray. Has additional unknown functions in later versions
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
Genre
Safe
Safe
Part of Sonic Solutions DVD/CD Suite / HP's packet writing software
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
Genre
Bestandteil von McAfee
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
Genre
McAfee SiteAdvisor
Visitor's assessment Analyzerdetails
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
Genre
Neutral
Neutral
Dell Support
Visitor's assessment Analyzerdetails
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Outils\PowerArchiver\PASTARTER.EXE
Genre
Fuzzy Algorithmcheck (4 / 5.00), Safe
Visitor's assessment Analyzerdetails
O4 - Global Startup: Digital Line Detect.lnk = ?
Genre
Neutral
Neutral
Cette inscription est superflue est peut être effacée !
Visitor's assessment Analyzerdetails
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
Genre
Very safe
Very safe
Cette inscription &Windows Live Search a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
Genre
Cette inscription E&xporter vers Microsoft Excel a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?0a82992ae3d741e6b69818de45d55f0a
Genre
Cette inscription Ouvrir dans un nouvel onglet d'arrière-plan a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?0a82992ae3d741e6b69818de45d55f0a
Genre
Cette inscription Ouvrir dans un nouvel onglet de premier plan a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
Genre
Safe
Safe
Cette inscription a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
Genre
Cette inscription Console Java a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
Genre
Cette inscription Recherche a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
Genre
Very safe
Very safe
Cette inscription Messenger a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
Genre
Safe
Safe
Cette inscription Windows Messenger a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails Inconnu
O17 - HKLM\System\CCS\Services\Tcpip\..\{277DE1BC-4A6D-465E-A529-62C50B36A996}: NameServer = 138.48.4.4,138.48.4.10
Genre
Effacer si l’IP ou le domaine '138.48.4.4,138.48.4.10' ne vous est pas connu.
Visitor's assessment Analyzerdetails
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
Genre
Cette inscription a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
Genre
Cette inscription a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
Genre
Cette inscription a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
Genre
Cette inscription a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
Genre
Safe
Safe
Ce service (Ati2evxx.exe) a été identifié comme étant légitime. This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe
Genre
Ce service (emproxy.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
Genre
Ce service (IDriverT.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Outils\MATLAB7\webserver\bin\win32\matlabserver.exe
Genre
Ce service (matlabserver.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
Genre
Ce service (HWAPI.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
Genre
Very safe
Very safe
Ce service (mcupdmgr.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
Genre
Safe
Safe
Ce service (mcmscsvc.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
Genre
Ce service (mcnasvc.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
Genre
Ce service (mcods.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
Genre
Very safe
Very safe
Ce service (mcpromgr.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
Genre
Ce service (mcproxy.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe
Genre
Ce service (redirsvc.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
Genre
Very safe
Very safe
Ce service (mcshield.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
Genre
Safe
Safe
Ce service (mcsysmon.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
Genre
Very safe
Very safe
Ce service (MPFSrv.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
Genre
Ce service (mps.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
Genre
Ce service (MskSrver.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
Genre
Ce service (SAService.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
Genre
Very safe
Very safe
Ce service (WLTRYSVC.EXE) a été identifié comme étant légitime.
Short analysis
La mise en oeuvre de ces conseils est à vos propres risques et périls !
© 2004 - 2007 Mathias Mattner | Contact | Developer API
bottomleft
bottomright
Logfile of HijackThis v1.99.1
Scan saved at 13:35:47, on 12/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Video ActiveX Access\iesmn.exe
C:\Program Files\Video ActiveX Access\imsmain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Video ActiveX Access\imsmn.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Outils\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Video ActiveX Access\iesmin.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Outils\PowerArchiver\PASTARTER.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\SiteAdvisor\6066\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
c:\program files\mcafee\msc\mcshell.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Lolo\Bureau\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070209
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-be?c=be&l=fr&s=gen&redirect=1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/fr-be?c=be&l=fr&s=gen&redirect=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070209
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Program Files\Video ActiveX Access\iesbpl.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Outils\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Outils\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Outils\PowerArchiver\PASTARTER.EXE
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?0a82992ae3d741e6b69818de45d55f0a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?0a82992ae3d741e6b69818de45d55f0a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{277DE1BC-4A6D-465E-A529-62C50B36A996}: NameServer = 138.48.4.4,138.48.4.10
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Outils\MATLAB7\webserver\bin\win32\matlabserver.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
J'ai transmis le rapport a hijack.de
headleft
HijackThis.de Security
Téléchargement direct
Vers le site du développeur
Database
Deutsch English Français Italian Czech
headright
Evaluation de votre log créé par HijackThis
HijackThis opens you a possibility to find and fix nasty entries on your computer easier.
Therefore it will scan special parts in the registry and on your harddisk and compare them with the default settings. If there is some abnormality detected on your computer HijackThis will save them into a logfile. In order to find out what entries are nasty and what are installed by the user, you need some background information.
A logfile is not so easy to analyze. Even for an advanced computer user. With the help of this automatic analyzer you are able to get some additional support. Just paste your complete logfile into the textbox at the bottom of this page.
A cause de quelques malentendus, je précise que je développe seulement cette analyse en ligne et non l'utilitaire HijackThis.
Service & Support
HijackThis.de Supportforum Deutsch | English
Current information
Information - If you send us unknown or incorrect rated entries please fill out all the fields in english or german language. We will ignore it otherwise. We also ignore everything which doesn't contain reliable information to this entry.
Furthermore the contact forms on this page are not intended to help with your computer problems. Please use our forum if you have problems with your computer.
Evaluation du log
veuillez copier votre log ci-dessous
ou bien recherchez un log sauvegardé sur votre disque dur
The following analyses has been stored temporarily
Logfile of Hijac...[Remove Logfile] 13.05.2007, 18:32:23
Show the visitors ratings
Aidez-nous à garder ce service gratuit en ligne! Faites-nous, s'il vous plaît, une petite donation via PayPal.
Actions
Inscription
Genre
Visitor's assessment
Information
Analyzerdetails
Logfile of HijackThis v1.99.1
Genre
Votre version semble être actuelle.
Platform: Windows XP SP2 (WinNT 5.01.2600)
Genre
Analyzerdetails
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Genre
Votre version semble être actuelle.
Visitor's assessment Analyzerdetails
C:\WINDOWS\System32\smss.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\winlogon.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\services.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\lsass.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\Ati2evxx.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\svchost.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\System32\svchost.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\System32\WLTRYSVC.EXE
Genre
Safe
Safe
Broadcom Corporation Wireless Network Tray Applet
Visitor's assessment Analyzerdetails
C:\WINDOWS\System32\bcmwltry.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\spoolsv.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\Ati2evxx.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\Explorer.EXE
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Program Files\Video ActiveX Access\iesmn.exe
Genre
Fuzzy Algorithmcheck (1.34 / 5.00), Nasty
Visitor's assessment Analyzerdetails Inconnu
C:\Program Files\Video ActiveX Access\imsmain.exe
Genre
Tâche inconnue.
Visitor's assessment Analyzerdetails
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Genre
Safe
Safe
Visitor's assessment Analyzerdetails
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
Genre
Very safe
Very safe
ATI Control Center
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\ICO.EXE
Genre
Very safe
Very safe
Visitor's assessment Analyzerdetails
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
Genre
Safe
Safe
Java Runtime
Visitor's assessment Analyzerdetails
C:\WINDOWS\stsystra.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
Genre
Install Shield Software Update
Visitor's assessment Analyzerdetails Inconnu
C:\Program Files\Video ActiveX Access\imsmn.exe
Genre
Tâche inconnue.
Visitor's assessment Analyzerdetails
C:\WINDOWS\ehome\ehtray.exe
Genre
Safe
Safe
Visitor's assessment Analyzerdetails
C:\Program Files\Creative\Mixer\CTSVolFE.exe
Genre
Very safe
Very safe
Fuzzy Algorithmcheck (4.4 / 5.00), Safe
Visitor's assessment Analyzerdetails
C:\Program Files\Dell\MediaDirect\PCMService.exe
Genre
PowerCinema
Visitor's assessment Analyzerdetails
C:\Program Files\Dell\QuickSet\quickset.exe
Genre
Safe
Safe
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\WLTRAY.exe
Genre
Very safe
Very safe
Tâche inconnue.
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Outils\Elaborate Bytes\CloneCD\CloneCDTray.exe
Genre
Eventuellement méchant! Selon notre base de données, ce processus s’exécute normalement dans c:\programme\elaborate bytes\clonecd\! Vérifiez si vous connaissez ce processus et arrangez un contrôle antivirus si nécessaire. CloneCD Taskicon
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\dla\tfswctrl.exe
Genre
Neutral
Neutral
HP DLA Packet Writing Software
Visitor's assessment Analyzerdetails
C:\Program Files\Video ActiveX Access\iesmin.exe
Genre
Fuzzy Algorithmcheck (1.34 / 5.00), Nasty
Visitor's assessment Analyzerdetails
C:\Program Files\McAfee\MSK\MskAgent.exe
Genre
Neutral
Neutral
Eventuellement méchant! Selon notre base de données, ce processus s’exécute normalement dans c:\programme\mcafee\spamki~1\! Vérifiez si vous connaissez ce processus et arrangez un contrôle antivirus si nécessaire. Bestandteil von McAfee
Visitor's assessment Analyzerdetails
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
Genre
Very safe
Very safe
McAfee SiteAdvisor
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\ctfmon.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Program Files\Dell Support\DSAgnt.exe
Genre
Very safe
Very safe
Dell Support Application
Visitor's assessment Analyzerdetails
C:\Outils\PowerArchiver\PASTARTER.EXE
Genre
Fuzzy Algorithmcheck (4 / 5.00), Safe
Visitor's assessment Analyzerdetails
C:\Program Files\Digital Line Detect\DLG.exe
Genre
Safe
Safe
Digital Line Detect - BVRP Phone Tools software suite
Visitor's assessment Analyzerdetails
C:\WINDOWS\eHome\ehRecvr.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\eHome\ehSched.exe
Genre
Neutral
Neutral
Visitor's assessment Analyzerdetails
C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
Genre
McAfee HackerWatch Service
Visitor's assessment Analyzerdetails
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
Genre
Very safe
Very safe
Part of McAfee
Visitor's assessment Analyzerdetails
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
Genre
McAfee Network Agent
Visitor's assessment Analyzerdetails
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
Genre
Very safe
Very safe
McAfee Scanner
Visitor's assessment Analyzerdetails
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
Genre
Very safe
Very safe
McAfee Protection Manager
Visitor's assessment Analyzerdetails
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
Genre
McAfee Proxy Service
Visitor's assessment Analyzerdetails
c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe
Genre
McAfee Redirector Service
Visitor's assessment Analyzerdetails
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
Genre
Very safe
Very safe
McAfee SystemGuards
Visitor's assessment Analyzerdetails
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
Genre
Very safe
Very safe
Machine Debug Manager. Used by developers.
Visitor's assessment Analyzerdetails
C:\Program Files\McAfee\MPF\MPFSrv.exe
Genre
Safe
Safe
McAfee Personal Firewall Service
Visitor's assessment Analyzerdetails
C:\PROGRA~1\McAfee\MPS\mps.exe
Genre
Very safe
Very safe
McAfee Privacy Service
Visitor's assessment Analyzerdetails
C:\Program Files\McAfee\MSK\MskSrver.exe
Genre
McAfee SpamKiller Service
Visitor's assessment Analyzerdetails
C:\Program Files\SiteAdvisor\6066\SAService.exe
Genre
McAffee SiteAdvisor
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\svchost.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Program Files\McAfee\MPS\mpsevh.exe
Genre
Part of McAfee
Visitor's assessment Analyzerdetails
C:\WINDOWS\system32\dllhost.exe
Genre
Safe
Safe
Visitor's assessment Analyzerdetails
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\WINDOWS\eHome\ehmsas.exe
Genre
Very safe
Very safe
Visitor's assessment Analyzerdetails
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
Genre
Very safe
Very safe
ATI Control Center
Visitor's assessment Analyzerdetails
c:\program files\mcafee\msc\mcshell.exe
Genre
Fuzzy Algorithmcheck (4.31 / 5.00), Safe
Visitor's assessment Analyzerdetails
C:\Program Files\Mozilla Firefox\firefox.exe
Genre
Very safe
Very safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
Genre
Safe
Safe
Eventuellement méchant! Selon notre base de données, ce processus s’exécute normalement dans c:\programme\mcafee.com\vso\! Vérifiez si vous connaissez ce processus et arrangez un contrôle antivirus si nécessaire.
Visitor's assessment Analyzerdetails
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Program Files\Internet Explorer\iexplore.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
Genre
Safe
Safe
Microsoft Windows Live Login Helper
Visitor's assessment Analyzerdetails Inconnu
C:\Documents and Settings\Lolo\Bureau\Scanner.exe
Genre
Tâche inconnue.
Visitor's assessment Analyzerdetails
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070209
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
Genre
Very safe
Very safe
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-be?c=be&l=fr&s=gen&redirect=1
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/fr-be?c=be&l=fr&s=gen&redirect=1
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070209
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
Genre
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
Genre
Very safe
Very safe
Ce site a été identifié comme étant non dangereux
Visitor's assessment Analyzerdetails
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Genre
Cette inscription a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Genre
Neutral
Neutral
Ycomp*_*_*_*.dll - Yahoo Companion!, Yahoo Companion!
Visitor's assessment Analyzerdetails
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Genre
Very safe
Very safe
AcroIEhelper.ocx, AcroIEhelper.dll - Adobe Acrobat reader, http://www.adobe.com/products/acrobat/re adstep2.html
Visitor's assessment Analyzerdetails
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
Genre
saIE.dll - SiteAdvisor, https://www.mcafee.com/en-us/safe-browser/mcafee-webadvisor.html
Visitor's assessment Analyzerdetails
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
Genre
Neutral
Neutral
tfswshx.dll - Hewlett-Packard/Veritas DLA software
Visitor's assessment Analyzerdetails
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
Genre
Very safe
Very safe
SUN Java
Visitor's assessment Analyzerdetails Inconnu
O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll
Genre
Programme inconnu.
Visitor's assessment Analyzerdetails
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
Genre
Safe
Safe
scriptproxy.dll, scriptsn.dll - McAfee, https://home.mcafee.com/StaticGenericPage.aspx?page=cookienotsupported&url=%2f%3fctst%3d1 ScriptScan
Visitor's assessment Analyzerdetails
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Genre
Safe
Safe
Programme inconnu.
Inscription superflue (car sans effet) qui peut donc être effacée ! This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Genre
Neutral
Neutral
WindowsLiveLogin.dll - Microsoft Windows_Live, https://support.microsoft.com/en-us/windows/windows-essentials-2707b879-5004-4349-c4a4-e5900945f2a9
Visitor's assessment Analyzerdetails
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
Genre
MSN Toolbar Helper
Visitor's assessment Analyzerdetails
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
Genre
Very safe
Very safe
GoogleAE.dll - Google Search related, found on Dell computers. Reportedly responsible for displaying this, http://www.google.com/hws/dell/afe? placeholder web page; also see here, https://www.gamedev.net/forums/ topic.asp?topic_id=368054 a
Visitor's assessment Analyzerdetails
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
Genre
saIE.dll - SiteAdvisor, https://www.mcafee.com/en-us/safe-browser/mcafee-webadvisor.html
Visitor's assessment Analyzerdetails
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
Genre
Msntb.dll - MSN Toolbar, https://www.bing.com/?toHttps=1&redig=C5A5F4D5ECA345F689A948C005FF88A7
Visitor's assessment Analyzerdetails
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Genre
Ycomp*_*_*_*.dll - Yahoo Companion!, http://companion.yahoo.com/
Visitor's assessment Analyzerdetails Inconnu
O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Program Files\Video ActiveX Access\iesbpl.dll
Genre
Programme inconnu.
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Genre
Very safe
Very safe
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
Genre
Very safe
Very safe
ATI Catalyst ControlCenter
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
Genre
Dell Mouse Software
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
Genre
Safe
Safe
Java von Sun
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
Genre
Neutral
Neutral
Non dangereux, mais tout de même superflu. InstallShield Update Service Scheduler; automatically searches for and performs any updates to the software so you’re always working with the most current version. Not required.
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
Genre
Non dangereux, mais tout de même superflu. InstallShield Update Service related; Automatically searches for and performs any updates to the software. Not required.
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
Genre
Neutral
Neutral
eHome Media Center PC related - Needed for Media Center Remote Functions
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
Genre
Creative Audio Control
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
Genre
In a Dell\Media Experience sub-directory
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
Genre
Very safe
Very safe
Non dangereux, mais tout de même superflu. Dell taskbar icon allowing you to quickly change settings
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Outils\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
Genre
Non dangereux, mais tout de même superflu. From Elaborate Bytes who make CloneCD - monitors the installed filters of CD-ROMs/DVD-ROMs. Note - under Win2K removing this from startup causes the CD drive in the computer to not be recognized in the OS and after rechecking it prompts that the driver has been corrupted and asks you to restart the computer to fix it
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [CloneCDTray] "C:\Outils\Elaborate Bytes\CloneCD\CloneCDTray.exe"
Genre
System tray for CloneCD - the only useful option is "Hide CDR Media" only available via this tray. Has additional unknown functions in later versions
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
Genre
Safe
Safe
Part of Sonic Solutions DVD/CD Suite / HP's packet writing software
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
Genre
Bestandteil von McAfee
Visitor's assessment Analyzerdetails
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
Genre
McAfee SiteAdvisor
Visitor's assessment Analyzerdetails
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
Genre
Neutral
Neutral
Dell Support
Visitor's assessment Analyzerdetails
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Outils\PowerArchiver\PASTARTER.EXE
Genre
Fuzzy Algorithmcheck (4 / 5.00), Safe
Visitor's assessment Analyzerdetails
O4 - Global Startup: Digital Line Detect.lnk = ?
Genre
Neutral
Neutral
Cette inscription est superflue est peut être effacée !
Visitor's assessment Analyzerdetails
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
Genre
Very safe
Very safe
Cette inscription &Windows Live Search a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
Genre
Cette inscription E&xporter vers Microsoft Excel a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?0a82992ae3d741e6b69818de45d55f0a
Genre
Cette inscription Ouvrir dans un nouvel onglet d'arrière-plan a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?0a82992ae3d741e6b69818de45d55f0a
Genre
Cette inscription Ouvrir dans un nouvel onglet de premier plan a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
Genre
Safe
Safe
Cette inscription a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
Genre
Cette inscription Console Java a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
Genre
Cette inscription Recherche a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
Genre
Very safe
Very safe
Cette inscription Messenger a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
Genre
Safe
Safe
Cette inscription Windows Messenger a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails Inconnu
O17 - HKLM\System\CCS\Services\Tcpip\..\{277DE1BC-4A6D-465E-A529-62C50B36A996}: NameServer = 138.48.4.4,138.48.4.10
Genre
Effacer si l’IP ou le domaine '138.48.4.4,138.48.4.10' ne vous est pas connu.
Visitor's assessment Analyzerdetails
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
Genre
Cette inscription a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
Genre
Cette inscription a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
Genre
Cette inscription a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
Genre
Cette inscription a été identifiée comme étant non dangereuse.
Visitor's assessment Analyzerdetails
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
Genre
Safe
Safe
This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
Genre
Safe
Safe
Ce service (Ati2evxx.exe) a été identifié comme étant légitime. This entry was classified from our visitors as good.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe
Genre
Ce service (emproxy.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
Genre
Ce service (IDriverT.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Outils\MATLAB7\webserver\bin\win32\matlabserver.exe
Genre
Ce service (matlabserver.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
Genre
Ce service (HWAPI.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
Genre
Very safe
Very safe
Ce service (mcupdmgr.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
Genre
Safe
Safe
Ce service (mcmscsvc.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
Genre
Ce service (mcnasvc.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
Genre
Ce service (mcods.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
Genre
Very safe
Very safe
Ce service (mcpromgr.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
Genre
Ce service (mcproxy.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe
Genre
Ce service (redirsvc.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
Genre
Very safe
Very safe
Ce service (mcshield.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
Genre
Safe
Safe
Ce service (mcsysmon.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
Genre
Very safe
Very safe
Ce service (MPFSrv.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
Genre
Ce service (mps.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
Genre
Ce service (MskSrver.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
Genre
Ce service (SAService.exe) a été identifié comme étant légitime.
Visitor's assessment Analyzerdetails
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
Genre
Very safe
Very safe
Ce service (WLTRYSVC.EXE) a été identifié comme étant légitime.
Short analysis
La mise en oeuvre de ces conseils est à vos propres risques et périls !
© 2004 - 2007 Mathias Mattner | Contact | Developer API
bottomleft
bottomright
Voila l'analyse faite par hijack :
[?] - C:\Program Files\Video ActiveX Access\imsmain.exe
[?] - C:\Program Files\Video ActiveX Access\imsmn.exe
[?] - C:\Documents and Settings\Lolo\Bureau\Scanner.exe
[?] - O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll
[N] - O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
[?] - O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Program Files\Video ActiveX Access\iesbpl.dll
[?] - O17 - HKLM\System\CCS\Services\Tcpip\..\{277DE1BC-4A6D-465E-A529-62C50B36A996}: NameServer = 138.48.4.4,138.48.4.10
[?] - C:\Program Files\Video ActiveX Access\imsmain.exe
[?] - C:\Program Files\Video ActiveX Access\imsmn.exe
[?] - C:\Documents and Settings\Lolo\Bureau\Scanner.exe
[?] - O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll
[N] - O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
[?] - O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Program Files\Video ActiveX Access\iesbpl.dll
[?] - O17 - HKLM\System\CCS\Services\Tcpip\..\{277DE1BC-4A6D-465E-A529-62C50B36A996}: NameServer = 138.48.4.4,138.48.4.10
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
J'ai rien fait depuis.
J'ai juste essayer de supprimer ce répertoire Video ActiveX mais bon san s succes lol
J'ai juste essayer de supprimer ce répertoire Video ActiveX mais bon san s succes lol
je l'ai supprime en mode sans echec.
Mais le virus est tjs la bien qu'il n'ouvre plus de pages tout seul, il reste juste l'icone et les system alert.
J'ai vu qu'il ne chargeait plus les exe dans le processus de windows mais qu'ils sont tjs present dans le registre
Mais le virus est tjs la bien qu'il n'ouvre plus de pages tout seul, il reste juste l'icone et les system alert.
J'ai vu qu'il ne chargeait plus les exe dans le processus de windows mais qu'ils sont tjs present dans le registre
Voila ce que donne hijack mnt
Logfile of HijackThis v1.99.1
Scan saved at 21:00:28, on 12/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Outils\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Outils\PowerArchiver\PASTARTER.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\SiteAdvisor\6066\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Lolo\Bureau\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070209
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-be?c=be&l=fr&s=gen&redirect=1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/fr-be?c=be&l=fr&s=gen&redirect=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070209
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Outils\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Outils\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Outils\PowerArchiver\PASTARTER.EXE
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?0a82992ae3d741e6b69818de45d55f0a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?0a82992ae3d741e6b69818de45d55f0a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{277DE1BC-4A6D-465E-A529-62C50B36A996}: NameServer = 138.48.4.4,138.48.4.10
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Outils\MATLAB7\webserver\bin\win32\matlabserver.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
---------------------------------------
ET l'analyse de hijackthis donne :
-------------------------------------------
[?] - C:\Documents and Settings\Lolo\Bureau\Scanner.exe
[N] - O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
[N] - O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
[N] - O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
[?] - O17 - HKLM\System\CCS\Services\Tcpip\..\{277DE1BC-4A6D-465E-A529-62C50B36A996}: NameServer = 138.48.4.4,138.48.4.10
Logfile of HijackThis v1.99.1
Scan saved at 21:00:28, on 12/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Outils\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Outils\PowerArchiver\PASTARTER.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\SiteAdvisor\6066\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Lolo\Bureau\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070209
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-be?c=be&l=fr&s=gen&redirect=1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/fr-be?c=be&l=fr&s=gen&redirect=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070209
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Outils\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Outils\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Outils\PowerArchiver\PASTARTER.EXE
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?0a82992ae3d741e6b69818de45d55f0a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?0a82992ae3d741e6b69818de45d55f0a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{277DE1BC-4A6D-465E-A529-62C50B36A996}: NameServer = 138.48.4.4,138.48.4.10
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Outils\MATLAB7\webserver\bin\win32\matlabserver.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
---------------------------------------
ET l'analyse de hijackthis donne :
-------------------------------------------
[?] - C:\Documents and Settings\Lolo\Bureau\Scanner.exe
[N] - O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
[N] - O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
[N] - O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
[?] - O17 - HKLM\System\CCS\Services\Tcpip\..\{277DE1BC-4A6D-465E-A529-62C50B36A996}: NameServer = 138.48.4.4,138.48.4.10
