HijackThis

Twitter iPhone pliant OnePlus 11 PS5 Disney+ Orange Livebox Windows 11

Entraide Windows Windows XP Discussions Générales HijackThis

2 réponses

AnnieS

07/05/2004 à 18:01

bonjour
voici le rapport que me fait HijackThis , j'aimerais que quelqu'un m'aide à
trier tout ça
Merci

Logfile of HijackThis v1.97.7
Scan saved at 17:50:30, on 07/05/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\D-Tools\daemon.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\PROGRA~1\DAP\DAP.EXE
C:\Program Files\Caere\OmniPagePro10.0\opware32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Wanadoo Messager\Wanadoo Messager.exe
C:\Program Files\MailWasher Pro\MailWasher.exe
C:\PROGRA~1\NETMEE~1\conf.exe
C:\WINDOWS\System32\rundll32.exe
E:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.coloriages.net/menu/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
Liens
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program
Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\windows\downloaded program files\googletoolbar_fr_2.0.108-big.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\windows\downloaded program files\googletoolbar_fr_2.0.108-big.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} -
C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program
Files\D-Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser
Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [OmniPage] C:\Program
Files\Caere\OmniPagePro10.0\opware32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\RunOnce: [!CleanupNetMeetingDispDriver]
"C:\WINDOWS\System32\rundll32.exe" msconf.dll,CleanupNetMeetingDispDriver 0
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
present
O8 - Extra context menu item: &Download with &DAP -
C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://c:\windows\downloaded
program files\GoogleToolbar_fr_2.0.108-big.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\windows\downloaded
program files\GoogleToolbar_fr_2.0.108-big.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page -
res://c:\windows\downloaded program
files\GoogleToolbar_fr_2.0.108-big.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic 2001 - C:\Program
Files\Copernic 2001 Pro\Search Extension.htm
O8 - Extra context menu item: Download &all with DAP -
C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Si&milar Pages - res://c:\windows\downloaded
program files\GoogleToolbar_fr_2.0.108-big.dll/cmsimilar.html
O9 - Extra 'Tools' menuitem: Console Java (Sun) (HKLM)
O9 - Extra 'Tools' menuitem: Lancer Copernic 2001 (HKLM)
O9 - Extra button: Copernic 2001 (HKLM)
O9 - Extra button: Capturer ! (HKLM)
O9 - Extra 'Tools' menuitem: Capturer ce web (HKLM)
O9 - Extra button: Traduire (HKLM)
O9 - Extra 'Tools' menuitem: &Traduire avec Gist-In-Time (HKLM)
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O12 - Plugin for .pdf: C:\Program Files\Internet
Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) -
http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {11111111-1111-1111-1111-111111111157} - file://C:\Program
Files\Internet Explorer\e1189.exe
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Fun Web Products
Installer Start) -
http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.5.cab
O16 - DPF: {23B7A816-3647-49D2-9756-6F41CE8F9201}
(ddm_download.ddm_control) -
http://bins.dynamicdesktopmedia.com/cab/ddm_control.CAB
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
http://download.yahoo.com/dl/installs/yinst0309.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update
Installation Engine) -
http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {486E48B5-ABF2-42BB-A327-2679DF3FB822} -
http://akamai.downloadv3.com/binaries/IA/ia_XP.cab
O16 - DPF: {4BEE3896-4820-48D1-85EA-5A9A9ECD3D95} (OPUCatalog Class) -
http://office.microsoft.com/productupdates/content/opuc.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://207.188.7.150/14b7f7df4e73b23a8618/netzip/RdxIE601_fr.cab
O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) -
http://office.microsoft.com/productupdates/content/opuc.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller
Class) - http://h30155.www3.hp.com/ediags/gs/install/guidedsolutions.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38094.2131018518
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) -
http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?316
O16 - DPF: {F5820AD3-9B20-423E-B2AA-7AF2B4055746} (CRegistryDownload
Class) - http://download.paltalk.com/download/0.x/regdload.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{418699C6-B9B6-41F7-8EB5-3B94DE52BB4F}:
NameServer = 212.247.156.66 212.151.136.250
O17 -
HKLM\System\CS1\Services\Tcpip\..\{418699C6-B9B6-41F7-8EB5-3B94DE52BB4F}:
NameServer = 212.247.156.66 212.151.136.250

--
Enlevez A pour me répondre
A+
AnnieS

2 réponses

JacK [MVP]

07/05/2004 à 18:25

sur les news:c7gbs9$kqn$
AnnieS signalait:

bonjour
voici le rapport que me fait HijackThis , j'aimerais que quelqu'un
m'aide à trier tout ça
Merci

Logfile of HijackThis v1.97.7
Scan saved at 17:50:30, on 07/05/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1GrisoftAVG6avgserv.exe
C:Program FilesExecutive SoftwareDiskeeperLiteDKService.exe
C:Program FilesKerioPersonal Firewallpersfw.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesD-Toolsdaemon.exe
C:PROGRA~1GrisoftAVG6avgcc32.exe
C:Program FilesBrowser MouseBrowser Mouse1.0lwbwheel.exe
C:PROGRA~1DAPDAP.EXE
C:Program FilesCaereOmniPagePro10.0opware32.exe
C:Program FilesQuickTimeqttask.exe
C:WINDOWSSystem32rundll32.exe
C:Program FilesWanadoo MessagerWanadoo Messager.exe
C:Program FilesMailWasher ProMailWasher.exe
C:PROGRA~1NETMEE~1conf.exe
C:WINDOWSSystem32rundll32.exe
E:HijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > http://www.coloriages.net/menu/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page > R0 - HKCUSoftwareMicrosoftInternet
ExplorerToolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} -
C:Program FilesSolidDocumentsSolidConverterPDFExploreExtPDF.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:windowsdownloaded program filesgoogletoolbar_fr_2.0.108-big.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:windowsdownloaded program filesgoogletoolbar_fr_2.0.108-big.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: SolidConverter PDF -
{259F616C-A300-44F5-B04A-ED001A26C85C} - C:Program
FilesSolidDocumentsSolidConverterPDFExploreExtPDF.dll
O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program
FilesD-Toolsdaemon.exe" -lang 1036
O4 - HKLM..Run: [AVG_CC] C:PROGRA~1GrisoftAVG6avgcc32.exe
/STARTUP
O4 - HKLM..Run: [LWBMOUSE] C:Program FilesBrowser MouseBrowser
Mouse1.0lwbwheel.exe
O4 - HKLM..Run: [DownloadAccelerator] C:PROGRA~1DAPDAP.EXE
/STARTUP
O4 - HKLM..Run: [OmniPage] C:Program
FilesCaereOmniPagePro10.0opware32.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program
FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM..RunOnce: [!CleanupNetMeetingDispDriver]
"C:WINDOWSSystem32rundll32.exe"
msconf.dll,CleanupNetMeetingDispDriver 0 O6 -
HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: &Download with &DAP -
C:PROGRA~1DAPdapextie.htm
O8 - Extra context menu item: &Google Search -
res://c:windowsdownloaded program
filesGoogleToolbar_fr_2.0.108-big.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links -
res://c:windowsdownloaded program
filesGoogleToolbar_fr_2.0.108-big.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page -
res://c:windowsdownloaded program
filesGoogleToolbar_fr_2.0.108-big.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic 2001 - C:Program
FilesCopernic 2001 ProSearch Extension.htm
O8 - Extra context menu item: Download &all with DAP -
C:PROGRA~1DAPdapextie2.htm
O8 - Extra context menu item: Si&milar Pages -
res://c:windowsdownloaded program
filesGoogleToolbar_fr_2.0.108-big.dll/cmsimilar.html
O9 - Extra 'Tools' menuitem: Console Java (Sun) (HKLM)
O9 - Extra 'Tools' menuitem: Lancer Copernic 2001 (HKLM)
O9 - Extra button: Copernic 2001 (HKLM)
O9 - Extra button: Capturer ! (HKLM)
O9 - Extra 'Tools' menuitem: Capturer ce web (HKLM)
O9 - Extra button: Traduire (HKLM)
O9 - Extra 'Tools' menuitem: &Traduire avec Gist-In-Time (HKLM)
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O12 - Plugin for .pdf: C:Program FilesInternet
ExplorerPLUGINSnppdf32.dll
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) -
http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {11111111-1111-1111-1111-111111111157} - file://C:Program
FilesInternet Explorere1189.exe
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16
- DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Fun Web Products
Installer Start) -

http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.5.cab

O16 - DPF: {23B7A816-3647-49D2-9756-6F41CE8F9201}
(ddm_download.ddm_control) -
http://bins.dynamicdesktopmedia.com/cab/ddm_control.CAB
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter
Class) - http://download.yahoo.com/dl/installs/yinst0309.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update
Installation Engine) -
http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {486E48B5-ABF2-42BB-A327-2679DF3FB822} -
http://akamai.downloadv3.com/binaries/IA/ia_XP.cab
O16 - DPF: {4BEE3896-4820-48D1-85EA-5A9A9ECD3D95} (OPUCatalog Class) -
http://office.microsoft.com/productupdates/content/opuc.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://207.188.7.150/14b7f7df4e73b23a8618/netzip/RdxIE601_fr.cab
O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) -
http://office.microsoft.com/productupdates/content/opuc.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control)
-

http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab

O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller
Class) -
http://h30155.www3.hp.com/ediags/gs/install/guidedsolutions.cab O16 -
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -

http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38094.2131018518

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
Object) -
http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj
Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?316
O16 - DPF: {F5820AD3-9B20-423E-B2AA-7AF2B4055746} (CRegistryDownload
Class) - http://download.paltalk.com/download/0.x/regdload.cab
O17 -
HKLMSystemCCSServicesTcpip..{418699C6-B9B6-41F7-8EB5-3B94DE52BB4F}:
NameServer = 212.247.156.66 212.151.136.250
O17 -
HKLMSystemCS1ServicesTcpip..{418699C6-B9B6-41F7-8EB5-3B94DE52BB4F}:
NameServer = 212.247.156.66 212.151.136.250

'lut,

Paltalk est un spyware, mais si tu l'utilises...
--
http://www.optimix.be.tf /MVP WindowsXP/ http://websecurite.org
http://www.msmvps.com/XPditif/
http://experts.microsoft.fr/longhorn4u/
*Helping you void your warranty since 2000*
---***ANTISPAM***---
Click on the link to anwer -Cliquez sur le lien pour répondre
http://www.cerbermail.com/?csaLJS6yvZ
@(*0*)@ JacK

sur les news:c7gbs9$kqn$1@yucatan.franconews.org
AnnieS <acentaure@tele2.fr> signalait:

bonjour
voici le rapport que me fait HijackThis , j'aimerais que quelqu'un
m'aide à trier tout ça
Merci

Logfile of HijackThis v1.97.7
Scan saved at 17:50:30, on 07/05/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1GrisoftAVG6avgserv.exe
C:Program FilesExecutive SoftwareDiskeeperLiteDKService.exe
C:Program FilesKerioPersonal Firewallpersfw.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesD-Toolsdaemon.exe
C:PROGRA~1GrisoftAVG6avgcc32.exe
C:Program FilesBrowser MouseBrowser Mouse1.0lwbwheel.exe
C:PROGRA~1DAPDAP.EXE
C:Program FilesCaereOmniPagePro10.0opware32.exe
C:Program FilesQuickTimeqttask.exe
C:WINDOWSSystem32rundll32.exe
C:Program FilesWanadoo MessagerWanadoo Messager.exe
C:Program FilesMailWasher ProMailWasher.exe
C:PROGRA~1NETMEE~1conf.exe
C:WINDOWSSystem32rundll32.exe
E:HijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > http://www.coloriages.net/menu/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page > R0 - HKCUSoftwareMicrosoftInternet
ExplorerToolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} -
C:Program FilesSolidDocumentsSolidConverterPDFExploreExtPDF.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:windowsdownloaded program filesgoogletoolbar_fr_2.0.108-big.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:windowsdownloaded program filesgoogletoolbar_fr_2.0.108-big.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: SolidConverter PDF -
{259F616C-A300-44F5-B04A-ED001A26C85C} - C:Program
FilesSolidDocumentsSolidConverterPDFExploreExtPDF.dll
O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program
FilesD-Toolsdaemon.exe" -lang 1036
O4 - HKLM..Run: [AVG_CC] C:PROGRA~1GrisoftAVG6avgcc32.exe
/STARTUP
O4 - HKLM..Run: [LWBMOUSE] C:Program FilesBrowser MouseBrowser
Mouse1.0lwbwheel.exe
O4 - HKLM..Run: [DownloadAccelerator] C:PROGRA~1DAPDAP.EXE
/STARTUP
O4 - HKLM..Run: [OmniPage] C:Program
FilesCaereOmniPagePro10.0opware32.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program
FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM..RunOnce: [!CleanupNetMeetingDispDriver]
"C:WINDOWSSystem32rundll32.exe"
msconf.dll,CleanupNetMeetingDispDriver 0 O6 -
HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: &Download with &DAP -
C:PROGRA~1DAPdapextie.htm
O8 - Extra context menu item: &Google Search -
res://c:windowsdownloaded program
filesGoogleToolbar_fr_2.0.108-big.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links -
res://c:windowsdownloaded program
filesGoogleToolbar_fr_2.0.108-big.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page -
res://c:windowsdownloaded program
filesGoogleToolbar_fr_2.0.108-big.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic 2001 - C:Program
FilesCopernic 2001 ProSearch Extension.htm
O8 - Extra context menu item: Download &all with DAP -
C:PROGRA~1DAPdapextie2.htm
O8 - Extra context menu item: Si&milar Pages -
res://c:windowsdownloaded program
filesGoogleToolbar_fr_2.0.108-big.dll/cmsimilar.html
O9 - Extra 'Tools' menuitem: Console Java (Sun) (HKLM)
O9 - Extra 'Tools' menuitem: Lancer Copernic 2001 (HKLM)
O9 - Extra button: Copernic 2001 (HKLM)
O9 - Extra button: Capturer ! (HKLM)
O9 - Extra 'Tools' menuitem: Capturer ce web (HKLM)
O9 - Extra button: Traduire (HKLM)
O9 - Extra 'Tools' menuitem: &Traduire avec Gist-In-Time (HKLM)
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O12 - Plugin for .pdf: C:Program FilesInternet
ExplorerPLUGINSnppdf32.dll
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) -
http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {11111111-1111-1111-1111-111111111157} - file://C:Program
FilesInternet Explorere1189.exe
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16
- DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Fun Web Products
Installer Start) -

http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.5.cab

O16 - DPF: {23B7A816-3647-49D2-9756-6F41CE8F9201}
(ddm_download.ddm_control) -
http://bins.dynamicdesktopmedia.com/cab/ddm_control.CAB
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter
Class) - http://download.yahoo.com/dl/installs/yinst0309.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update
Installation Engine) -
http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {486E48B5-ABF2-42BB-A327-2679DF3FB822} -
http://akamai.downloadv3.com/binaries/IA/ia_XP.cab
O16 - DPF: {4BEE3896-4820-48D1-85EA-5A9A9ECD3D95} (OPUCatalog Class) -
http://office.microsoft.com/productupdates/content/opuc.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://207.188.7.150/14b7f7df4e73b23a8618/netzip/RdxIE601_fr.cab
O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) -
http://office.microsoft.com/productupdates/content/opuc.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control)
-

http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab

O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller
Class) -
http://h30155.www3.hp.com/ediags/gs/install/guidedsolutions.cab O16 -
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -

http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38094.2131018518

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
Object) -
http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj
Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?316
O16 - DPF: {F5820AD3-9B20-423E-B2AA-7AF2B4055746} (CRegistryDownload
Class) - http://download.paltalk.com/download/0.x/regdload.cab
O17 -
HKLMSystemCCSServicesTcpip..{418699C6-B9B6-41F7-8EB5-3B94DE52BB4F}:
NameServer = 212.247.156.66 212.151.136.250
O17 -
HKLMSystemCS1ServicesTcpip..{418699C6-B9B6-41F7-8EB5-3B94DE52BB4F}:
NameServer = 212.247.156.66 212.151.136.250

'lut,

Paltalk est un spyware, mais si tu l'utilises...
--
http://www.optimix.be.tf /MVP WindowsXP/ http://websecurite.org
http://www.msmvps.com/XPditif/
http://experts.microsoft.fr/longhorn4u/
*Helping you void your warranty since 2000*
---***ANTISPAM***---
Click on the link to anwer -Cliquez sur le lien pour répondre
http://www.cerbermail.com/?csaLJS6yvZ
@(*0*)@ JacK

Vous avez filtré cet utilisateur ! Consultez son message

sur les news:c7gbs9$kqn$
AnnieS signalait:

bonjour
voici le rapport que me fait HijackThis , j'aimerais que quelqu'un
m'aide à trier tout ça
Merci

Logfile of HijackThis v1.97.7
Scan saved at 17:50:30, on 07/05/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1GrisoftAVG6avgserv.exe
C:Program FilesExecutive SoftwareDiskeeperLiteDKService.exe
C:Program FilesKerioPersonal Firewallpersfw.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesD-Toolsdaemon.exe
C:PROGRA~1GrisoftAVG6avgcc32.exe
C:Program FilesBrowser MouseBrowser Mouse1.0lwbwheel.exe
C:PROGRA~1DAPDAP.EXE
C:Program FilesCaereOmniPagePro10.0opware32.exe
C:Program FilesQuickTimeqttask.exe
C:WINDOWSSystem32rundll32.exe
C:Program FilesWanadoo MessagerWanadoo Messager.exe
C:Program FilesMailWasher ProMailWasher.exe
C:PROGRA~1NETMEE~1conf.exe
C:WINDOWSSystem32rundll32.exe
E:HijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > http://www.coloriages.net/menu/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page > R0 - HKCUSoftwareMicrosoftInternet
ExplorerToolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} -
C:Program FilesSolidDocumentsSolidConverterPDFExploreExtPDF.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:windowsdownloaded program filesgoogletoolbar_fr_2.0.108-big.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:windowsdownloaded program filesgoogletoolbar_fr_2.0.108-big.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: SolidConverter PDF -
{259F616C-A300-44F5-B04A-ED001A26C85C} - C:Program
FilesSolidDocumentsSolidConverterPDFExploreExtPDF.dll
O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program
FilesD-Toolsdaemon.exe" -lang 1036
O4 - HKLM..Run: [AVG_CC] C:PROGRA~1GrisoftAVG6avgcc32.exe
/STARTUP
O4 - HKLM..Run: [LWBMOUSE] C:Program FilesBrowser MouseBrowser
Mouse1.0lwbwheel.exe
O4 - HKLM..Run: [DownloadAccelerator] C:PROGRA~1DAPDAP.EXE
/STARTUP
O4 - HKLM..Run: [OmniPage] C:Program
FilesCaereOmniPagePro10.0opware32.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program
FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM..RunOnce: [!CleanupNetMeetingDispDriver]
"C:WINDOWSSystem32rundll32.exe"
msconf.dll,CleanupNetMeetingDispDriver 0 O6 -
HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: &Download with &DAP -
C:PROGRA~1DAPdapextie.htm
O8 - Extra context menu item: &Google Search -
res://c:windowsdownloaded program
filesGoogleToolbar_fr_2.0.108-big.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links -
res://c:windowsdownloaded program
filesGoogleToolbar_fr_2.0.108-big.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page -
res://c:windowsdownloaded program
filesGoogleToolbar_fr_2.0.108-big.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic 2001 - C:Program
FilesCopernic 2001 ProSearch Extension.htm
O8 - Extra context menu item: Download &all with DAP -
C:PROGRA~1DAPdapextie2.htm
O8 - Extra context menu item: Si&milar Pages -
res://c:windowsdownloaded program
filesGoogleToolbar_fr_2.0.108-big.dll/cmsimilar.html
O9 - Extra 'Tools' menuitem: Console Java (Sun) (HKLM)
O9 - Extra 'Tools' menuitem: Lancer Copernic 2001 (HKLM)
O9 - Extra button: Copernic 2001 (HKLM)
O9 - Extra button: Capturer ! (HKLM)
O9 - Extra 'Tools' menuitem: Capturer ce web (HKLM)
O9 - Extra button: Traduire (HKLM)
O9 - Extra 'Tools' menuitem: &Traduire avec Gist-In-Time (HKLM)
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O12 - Plugin for .pdf: C:Program FilesInternet
ExplorerPLUGINSnppdf32.dll
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) -
http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {11111111-1111-1111-1111-111111111157} - file://C:Program
FilesInternet Explorere1189.exe
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16
- DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Fun Web Products
Installer Start) -

http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.5.cab

O16 - DPF: {23B7A816-3647-49D2-9756-6F41CE8F9201}
(ddm_download.ddm_control) -
http://bins.dynamicdesktopmedia.com/cab/ddm_control.CAB
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter
Class) - http://download.yahoo.com/dl/installs/yinst0309.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update
Installation Engine) -
http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {486E48B5-ABF2-42BB-A327-2679DF3FB822} -
http://akamai.downloadv3.com/binaries/IA/ia_XP.cab
O16 - DPF: {4BEE3896-4820-48D1-85EA-5A9A9ECD3D95} (OPUCatalog Class) -
http://office.microsoft.com/productupdates/content/opuc.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://207.188.7.150/14b7f7df4e73b23a8618/netzip/RdxIE601_fr.cab
O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) -
http://office.microsoft.com/productupdates/content/opuc.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control)
-

http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab

O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller
Class) -
http://h30155.www3.hp.com/ediags/gs/install/guidedsolutions.cab O16 -
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -

http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38094.2131018518

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
Object) -
http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj
Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?316
O16 - DPF: {F5820AD3-9B20-423E-B2AA-7AF2B4055746} (CRegistryDownload
Class) - http://download.paltalk.com/download/0.x/regdload.cab
O17 -
HKLMSystemCCSServicesTcpip..{418699C6-B9B6-41F7-8EB5-3B94DE52BB4F}:
NameServer = 212.247.156.66 212.151.136.250
O17 -
HKLMSystemCS1ServicesTcpip..{418699C6-B9B6-41F7-8EB5-3B94DE52BB4F}:
NameServer = 212.247.156.66 212.151.136.250

'lut,

Paltalk est un spyware, mais si tu l'utilises...
--
http://www.optimix.be.tf /MVP WindowsXP/ http://websecurite.org
http://www.msmvps.com/XPditif/
http://experts.microsoft.fr/longhorn4u/
*Helping you void your warranty since 2000*
---***ANTISPAM***---
Click on the link to anwer -Cliquez sur le lien pour répondre
http://www.cerbermail.com/?csaLJS6yvZ
@(*0*)@ JacK

AnnieS

07/05/2004 à 19:54

JacK [MVP] wrote:

sur les news:c7gbs9$kqn$
AnnieS signalait:
bonjour
voici le rapport que me fait HijackThis , j'aimerais que quelqu'un
m'aide à trier tout ça
Merci

'lut,

Paltalk est un spyware, mais si tu l'utilises...

oui

--
Enlevez A pour me répondre
A+
AnnieS

HijackThis

2 réponses

Veuillez sélectionner un problème