desole de vous deranger mais j'ai un soucis .j'ai un virus ou ver sur mon pc et je n'arive pas m'en debarasser .mon fournisseur internet m'envoie un message ""Cher(e) abonné(e),
Suite a differentes plaintes qui nous ont ete adressees, nous avons identifie la presence d'un serveur Open proxy sur votre machine.""" mais je ne trouve pas de logiciels ou de virus sur mon pc .j'ai lancer antivir , spybot spyware terminator ,ad-aware. mais je trouve rien de concluant
voici le raport hijackthis :
ogfile of HijackThis v1.99.1
Scan saved at 21:54 , on 25/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VttHooks.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files1\Quoiquipasse\qqp_agent.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\program Files\Clock\Clock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{EB76CCD8-FF70-4838-BE7F-0C749F494735}\sign.exe
d:\Program Files1\Change Mon Ecran\CmeSystray.exe
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
D:\Program Files1\Nero 8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\slserv.exe
D:\Program Files1\Sunbelt Software\Personal Firewall\kpf4ss.exe
d:\Program Files1\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
D:\Program Files1\Sunbelt Software\Personal Firewall\kpf4gui.exe
D:\Program Files1\Sunbelt Software\Personal Firewall\kpf4gui.exe
D:\Program Files1\GigaTribe\gigatribe.exe
D:\Program Files1\Mozilla Thunderbird\thunderbird.exe
D:\Program Files1\Mozilla Firefox\firefox.exe
C:\Hiajckthis\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://windows-unattended.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://windows-unattended.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://windows-unattended.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://windows-unattended.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://windows-unattended.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://windows-unattended.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://windows-unattended.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 75.67.92.226 http://paypal.com
O1 - Hosts: 75.67.92.226 http://www.paypal.com
O1 - Hosts: 75.67.92.226 paypal.co.uk
O1 - Hosts: 75.67.92.226 www.paypal.co.uk
O1 - Hosts: 75.67.92.226 http://paypal.co.uk
O1 - Hosts: 75.67.92.226 http://www.paypal.co.uk
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~3\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\Drive\vsdrv.exe
O4 - HKLM\..\Run: [signature] C:\Windows\Drive\sign.exe
O4 - HKLM\..\Run: [TopDesk] C:\WINDOWS\system32\VttHooks.exe
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files1\Nero 8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Quoiquipasse] D:\Program Files1\Quoiquipasse\qqp_agent.exe
O4 - HKCU\..\Run: [3D] C:\program Files\Topdesk\topdesk.exe
O4 - HKCU\..\Run: [Vistadrv] C:\Windows\Drive\vsdrv.exe
O4 - HKCU\..\Run: [signature] C:\Windows\Drive\sign.exe
O4 - HKCU\..\Run: [uberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [Horlorge] C:\program Files\Clock\Clock.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - Startup: Cme.lnk = D:\Program Files1\Change Mon Ecran\Change Mon Ecran.exe
O4 - Startup: GigaTribe.lnk = D:\Program Files1\GigaTribe\gigatribe.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
O8 - Extra context menu item: Ajouter à Change Mon Ecran - c:\windows\CmeIE.htm
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~3\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~3\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [iNTERNATIONAL] International*
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{043F9CC5-0800-4824-AA95-6B6454A97434}: NameServer = 217.114.163.197
O17 - HKLM\System\CCS\Services\Tcpip\..\{353D01D3-7518-42D9-9366-A7DE10EE680D}: NameServer = 217.114.163.197
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9FDA28F-F9A1-4B6B-80FA-05EC5EC48494}: NameServer = 217.114.163.197
O17 - HKLM\System\CS1\Services\Tcpip\..\{043F9CC5-0800-4824-AA95-6B6454A97434}: NameServer = 217.114.163.197
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r (file missing)
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files1\Nero 8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - D:\Program Files1\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - d:\Program Files1\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
pouvez m'aider s'il vous plait .car j'ai peur qu'il coupe ma connection .
