Confirmation anlyse hijack
pyg
Messages postés
3
Statut
Membre
-
darkcrystal33 Messages postés 3815 Statut Contributeur -
darkcrystal33 Messages postés 3815 Statut Contributeur -
Bonjour à tous,
ma cousine ayant qq soucis de ralentissements avec sa machine (+plantages IE) je lui ai demandé de faire un log HijackThis.
Voila ce que j'ai recu.
J'ai commencé une analyse mais j'aurais aimé avoir une confimation pour qq éléments :
Logfile of HijackThis v1.97.7
Scan saved at 21:23:52, on 05/05/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\S3hotkey.exe
C:\WINDOWS\System32\S3tray2.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\program files\180solutions\msbb.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Internet Optimizer\actalert.exe
C:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Tiscali\Dialer\Dialer.exe
C:\Documents and Settings\All Users\Documents\AUDREY\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.couldnotfind.com/search_page.html?&account_id=63580
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotfind.com/search_page.html?&account_id=63580
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_page.html?&account_id=63580
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tiscali -
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.tiscali.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: VeriSign Inc. i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_1_4.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - _{CE000994-A58C-4441-8938-744CD72AB27F} - (no file)
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_1_4.dll
O2 - BHO: (no name) - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem214.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Barre Magique &Tiscali - {01A7812B-59E8-4A4F-BFD6-EEE6D4CB6BA2} - C:\Program Files\Tiscali\Barre Magique 1.04.02.23\Tiscali BBar.dll
O4 - HKLM\..\Run: [S3hotkey] S3hotkey.exe
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TiscaliParam] C:\Program Files\Tiscali\Dialer\bootparam.exe
O4 - HKLM\..\Run: [EPSON Stylus C44 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C44 Series" /O6 "USB001" /M "Stylus C44"
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [msbb] c:\program files\180solutions\msbb.exe
O4 - HKLM\..\Run: [zanajcj] C:\WINDOWS\zanajcj.exe
O4 - HKLM\..\Run: [fupwzwz] C:\WINDOWS\fupwzwz.exe
O4 - HKLM\..\Run: [mpwb] C:\WINDOWS\mpwb.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Console Java (Sun) (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Aide i-Nav (HKLM)
O9 - Extra 'Tools' menuitem: Aide i-Nav (HKLM)
O9 - Extra 'Tools' menuitem: Options i-Nav (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/PackageHtmlCab.CAB
O16 - DPF: {35F59C80-C1F2-4EEA-9981-686C7D5A9277} (VacPro.emsat_ver3) - http://www.advnt01.com/dialer/emsat_ver3.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {74F6B963-B89B-44D4-AAD0-8EEDC4973314} (IsHere Class) - http://barremagique.tiscali.fr/download/TiscaliBarreMagique.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38100.6302662037
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash5r42.cab
O16 - DPF: {EF86873F-04C2-4A95-A373-5703C08EFC7B} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v3.0/0006_regular_fr.cabO16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{905EAE8B-92F4-452C-A049-35E81DD87B4F}: NameServer = 213.36.80.1
ma cousine ayant qq soucis de ralentissements avec sa machine (+plantages IE) je lui ai demandé de faire un log HijackThis.
Voila ce que j'ai recu.
J'ai commencé une analyse mais j'aurais aimé avoir une confimation pour qq éléments :
Logfile of HijackThis v1.97.7
Scan saved at 21:23:52, on 05/05/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\S3hotkey.exe
C:\WINDOWS\System32\S3tray2.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\program files\180solutions\msbb.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Internet Optimizer\actalert.exe
C:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Tiscali\Dialer\Dialer.exe
C:\Documents and Settings\All Users\Documents\AUDREY\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.couldnotfind.com/search_page.html?&account_id=63580
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotfind.com/search_page.html?&account_id=63580
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_page.html?&account_id=63580
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tiscali -
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.tiscali.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: VeriSign Inc. i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_1_4.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - _{CE000994-A58C-4441-8938-744CD72AB27F} - (no file)
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_1_4.dll
O2 - BHO: (no name) - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem214.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Barre Magique &Tiscali - {01A7812B-59E8-4A4F-BFD6-EEE6D4CB6BA2} - C:\Program Files\Tiscali\Barre Magique 1.04.02.23\Tiscali BBar.dll
O4 - HKLM\..\Run: [S3hotkey] S3hotkey.exe
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TiscaliParam] C:\Program Files\Tiscali\Dialer\bootparam.exe
O4 - HKLM\..\Run: [EPSON Stylus C44 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C44 Series" /O6 "USB001" /M "Stylus C44"
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [msbb] c:\program files\180solutions\msbb.exe
O4 - HKLM\..\Run: [zanajcj] C:\WINDOWS\zanajcj.exe
O4 - HKLM\..\Run: [fupwzwz] C:\WINDOWS\fupwzwz.exe
O4 - HKLM\..\Run: [mpwb] C:\WINDOWS\mpwb.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Console Java (Sun) (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Aide i-Nav (HKLM)
O9 - Extra 'Tools' menuitem: Aide i-Nav (HKLM)
O9 - Extra 'Tools' menuitem: Options i-Nav (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/PackageHtmlCab.CAB
O16 - DPF: {35F59C80-C1F2-4EEA-9981-686C7D5A9277} (VacPro.emsat_ver3) - http://www.advnt01.com/dialer/emsat_ver3.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {74F6B963-B89B-44D4-AAD0-8EEDC4973314} (IsHere Class) - http://barremagique.tiscali.fr/download/TiscaliBarreMagique.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38100.6302662037
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash5r42.cab
O16 - DPF: {EF86873F-04C2-4A95-A373-5703C08EFC7B} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v3.0/0006_regular_fr.cabO16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{905EAE8B-92F4-452C-A049-35E81DD87B4F}: NameServer = 213.36.80.1
A voir également:
- Confirmation anlyse hijack
- Confirmation de lecture whatsapp - Guide
- Confirmation de lecture gmail - Guide
- Hijack this - Télécharger - Antivirus & Antimalwares
- Sms code de confirmation facebook sans demande ✓ - Forum Réseaux sociaux
- Harcèlement code Facebook via messages - Forum Facebook
7 réponses
C'est pour xxxtoolbar que tu hésites ? :-)
Je serais toi je lui ferais sauver son registre (ou mettre en quarantaine, je sais pas si Hijack le fait) et supprimer tout ce que hijack a trouvé.
a+
dje-dje
Il y a 10 types de personne dans le monde,
ceux qui comprennent le binaire et les autres
Je serais toi je lui ferais sauver son registre (ou mettre en quarantaine, je sais pas si Hijack le fait) et supprimer tout ce que hijack a trouvé.
a+
dje-dje
Il y a 10 types de personne dans le monde,
ceux qui comprennent le binaire et les autres
Woops, j'ai posté un peu vite.
En gras : sûr à 99% que c'est à virer
En italique : douteux, mais je voudrais bien une confirmation...
Pour la suppression, mieux vaut HijackThis ou AdAware (car le niveau informatique n'est pas top top et je ne suis pas sur place) ?
Merci
PY
En gras : sûr à 99% que c'est à virer
En italique : douteux, mais je voudrais bien une confirmation...
Pour la suppression, mieux vaut HijackThis ou AdAware (car le niveau informatique n'est pas top top et je ne suis pas sur place) ?
Merci
PY
Dans le dout j'utiliserai Ad-aware et je lui ferais mettre en quarantaine.
Si c'est OK apres un redémarrage, elle videra sa quarantaine. Tu lui as j'espere conseillé un anti-virus?
a+
dje-dje
Il y a 10 types de personne dans le monde,
ceux qui comprennent le binaire et les autres
Si c'est OK apres un redémarrage, elle videra sa quarantaine. Tu lui as j'espere conseillé un anti-virus?
a+
dje-dje
Il y a 10 types de personne dans le monde,
ceux qui comprennent le binaire et les autres
tu peux supprimer les lignes que tu as surlignées en gras sans problème...juste une réserve pour actalert.exe, mais bon comme il est dans le même répertoire, il sert la même cause...
logiciels pour se protéger:
http://www.spybot-updates.com/files/spybotsd13rc4.exe
http://www.javacoolsoftware.com/sbdownload.html
http://frenchmozilla.sourceforge.net/firefox/
-----------------------------------------------------------------------------
C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
Process File: istsvc or istsvc.exe
Process Name: IST Service
Description: Application that is an Internet Explorer toolbar that helps a user to find adult material on the net. The application also displays advertisements.
Company: Integrated Search Technologies
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): Yes
Common Errors: N/A
---------------------------------------------------------------------
C:\Program Files\Internet Optimizer\optimize.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
Process File: optimize or optimize.exe
Process Name: Optimize
Description: Adult content dialer that dials numbers specific to porn related sites.
Company: N/A
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): Yes
Common Errors: N/A
-----------------------------------------------------------------------------
C:\program files\180solutions\msbb.exe
O4 - HKLM\..\Run: [msbb] c:\program files\180solutions\msbb.exe
Process File: msbb or msbb.exe
Process Name: MSBB Web3000 Spyware Application
Description: MSBB Web3000 spyware application that is included with some adware products and is started from the registry when Windows is loaded.
Company: 180Solutions.com
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): Yes
Common Errors: N/A
------------------------------------------------------------------------------
O16 - DPF: {EF86873F-04C2-4A95-A373-5703C08EFC7B} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v3.0/0006_regular_fr.cabO16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) -
------------------------------------------------------------------------------
C:\Program Files\Internet Optimizer\actalert.exe
Process File: actalert or actalert.exe
Process Name: ActAlert
Description: Contact management solution tool.
Company: Best Software SB, Inc.
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No
Common Errors: N/A
*** http://vil.nai.com/vil/stinger/ ***
*** http://www.ravantivirus.com/scan/ ***
logiciels pour se protéger:
http://www.spybot-updates.com/files/spybotsd13rc4.exe
http://www.javacoolsoftware.com/sbdownload.html
http://frenchmozilla.sourceforge.net/firefox/
-----------------------------------------------------------------------------
C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
Process File: istsvc or istsvc.exe
Process Name: IST Service
Description: Application that is an Internet Explorer toolbar that helps a user to find adult material on the net. The application also displays advertisements.
Company: Integrated Search Technologies
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): Yes
Common Errors: N/A
---------------------------------------------------------------------
C:\Program Files\Internet Optimizer\optimize.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
Process File: optimize or optimize.exe
Process Name: Optimize
Description: Adult content dialer that dials numbers specific to porn related sites.
Company: N/A
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): Yes
Common Errors: N/A
-----------------------------------------------------------------------------
C:\program files\180solutions\msbb.exe
O4 - HKLM\..\Run: [msbb] c:\program files\180solutions\msbb.exe
Process File: msbb or msbb.exe
Process Name: MSBB Web3000 Spyware Application
Description: MSBB Web3000 spyware application that is included with some adware products and is started from the registry when Windows is loaded.
Company: 180Solutions.com
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): Yes
Common Errors: N/A
------------------------------------------------------------------------------
O16 - DPF: {EF86873F-04C2-4A95-A373-5703C08EFC7B} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v3.0/0006_regular_fr.cabO16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) -
------------------------------------------------------------------------------
C:\Program Files\Internet Optimizer\actalert.exe
Process File: actalert or actalert.exe
Process Name: ActAlert
Description: Contact management solution tool.
Company: Best Software SB, Inc.
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No
Common Errors: N/A
*** http://vil.nai.com/vil/stinger/ ***
*** http://www.ravantivirus.com/scan/ ***
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
NE PAS SUPPRIMER: si en possession des périphériques concernés
C:\Program Files\Apoint2K\Apoint.exe
Process File: apoint or apoint.exe
Process Name: Alps Pointing-device Driver
Description: Pointing-device driver for touchpads manufactured by Alps.
Company: Alps Electric Co
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No
Common Errors: N/A
(se trouve en général sur les portables, pour faire fonctionner le touchpad)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
E_S10IC2.EXE
fullname Epson Status Monitor
manufacturer and other relevant information Epson
http://www.epson.com
Epson Status Monitor 3 for the Epson Stylus C62 Series of inkjet printers
ne pas supprimer si abonné chez tiscali...
C:\Program Files\Tiscali\Dialer\Dialer.exe
*** http://vil.nai.com/vil/stinger/ ***
*** http://www.ravantivirus.com/scan/ ***
C:\Program Files\Apoint2K\Apoint.exe
Process File: apoint or apoint.exe
Process Name: Alps Pointing-device Driver
Description: Pointing-device driver for touchpads manufactured by Alps.
Company: Alps Electric Co
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No
Common Errors: N/A
(se trouve en général sur les portables, pour faire fonctionner le touchpad)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
E_S10IC2.EXE
fullname Epson Status Monitor
manufacturer and other relevant information Epson
http://www.epson.com
Epson Status Monitor 3 for the Epson Stylus C62 Series of inkjet printers
ne pas supprimer si abonné chez tiscali...
C:\Program Files\Tiscali\Dialer\Dialer.exe
*** http://vil.nai.com/vil/stinger/ ***
*** http://www.ravantivirus.com/scan/ ***
dje-dje : elle a dejà un Norton (à jour ?)
darkcrystal33 : où as tu pu obtenir ces rapports, car c'est ce que je cherchais sans avoir trouvé. J'étais obligé de passer par Google à tatons.
En tout cas, merci *beaucoup* à tous les 2.
PY
darkcrystal33 : où as tu pu obtenir ces rapports, car c'est ce que je cherchais sans avoir trouvé. J'étais obligé de passer par Google à tatons.
En tout cas, merci *beaucoup* à tous les 2.
PY
je passe par google aussi...ça viens de http://www.liutilities.com/
(WinTasks 4 Professional) à l'essai 15 jours ici:
http://nct.digitalriver.com/fulfill/0138.002
http://www.downseek.com/download/get/?id=27103&url=http://www.lidownloads.com/demos/wintasksprotrial.exe
http://files1.majorgeeks.com/files/1bcef5d8bd566084523bf65b7e1a245d/diagnostics/wintasksprotrial.exe
*** http://vil.nai.com/vil/stinger/ ***
*** http://www.ravantivirus.com/scan/ ***
(WinTasks 4 Professional) à l'essai 15 jours ici:
http://nct.digitalriver.com/fulfill/0138.002
http://www.downseek.com/download/get/?id=27103&url=http://www.lidownloads.com/demos/wintasksprotrial.exe
http://files1.majorgeeks.com/files/1bcef5d8bd566084523bf65b7e1a245d/diagnostics/wintasksprotrial.exe
*** http://vil.nai.com/vil/stinger/ ***
*** http://www.ravantivirus.com/scan/ ***
