virus ???Résolu/Fermé

Question

Bonjour,
j'ai un pb avec des dll manquantes que je n'arrive pas à remplacer
y a t'il un probleme important - dll avec pb nvcpl + NvMcTray.dll,NvTaskbarInit

ci dessous hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 22:33:04, on 18/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\agenda 2 Rainlendar\Rainlendar.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = HTTP=proxy.club-internet.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 69.31.79.187 auto.search.msn.com
O1 - Hosts: 69.31.79.187 auto.search.msn.com
O1 - Hosts: 69.31.79.102 auto.search.msn.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: ProxyConn Browser Helper Object - {7D9E713D-0388-4384-BDD8-2A42EB1C4F04} - C:\Program Files\Club-Internet\SurfExpress\PrxcnBrsrCtrl.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - Startup: Rainlendar.lnk = C:\Program Files\agenda 2 Rainlendar\Rainlendar.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Bloquer ce serveur... - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Bloquer cette publicité... - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Ouvrir tous les liens de la page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Rechercher sur le Web... - C:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Surligner - C:\Program Files\Avant Browser\Highlight.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://housecall.trendmicro-europe.com/housecall/Xscan53.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} - http://www.sponsoradulto.com/fr/SysWebTelecom.cab
O18 - Protocol: bw+0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {ED7FA8AA-1210-48A9-8F60-C2AF9EA2E8F7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe


merci pour votre aide

Utilisateur anonyme · Answer

Salut

Désactive le pare-feu de Windows(SP2) il ne sert à rien puis installe celui ci pour plus de sécurité 

Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
--->Kerio
-tutoriel: pour configurer et comprendre l'utilisation de Kerio
https://kerio.probb.fr/


Télécharge, installe puis met à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici stp
Ewido:  (en Anglais reste gratuit après la période d'essai)
--->Ewido
Si tu as besoin d'aide avec Ewido(devenu AVG-antispyware) regarde ce tutoriel:
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html

Utilisateur anonyme · Answer

Non concernant Avast
Tu as déjà commencé le téléchargement de Kerio ?

martum · Answer

non j'ai commence ewido mais je suis à plus d'une heure de telechgt !!
je ne pense pas que le rapport se fera ce soir !!!

Utilisateur anonyme · Answer

prend cette version de Kerio elle pése 2Mo en  moins ;-)
http://www.dsi12.fr/telechargements/vnc/kerio-kpf-4.2.2-911-win.exe

A++

Utilisateur anonyme · Answer

Salut

oui tu peux la supprimer.

¤ Tu as quoi comme anti-spywares ?


¤ Fait ce nettoyage: (à faire réguliérement)

¤Telecharge et installe CCleaner (n'installe pas la barre d'outil Yahoo)
---> Ccleaner

dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
 
Si tu as besoin d'aide pour Ccleaner, regarde ce tutoriel:
http://www.tutopat.com/viewtopic.php?t=305


¤ Puis remet un rapport hijackthis stp

A++

martum · Answer

merci de me donner une reponse.

Utilisateur anonyme · Answer

Salut

¤ Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr9.hpwis.com/ 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/ 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/ 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr9.hpwis.com/
O1 - Hosts: 69.31.79.187 auto.search.msn.com 
O1 - Hosts: 69.31.79.187 auto.search.msn.com 
O1 - Hosts: 69.31.79.102 auto.search.msn.com
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) 
O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file) 
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup 
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit 
O4 - HKLM\..\Run: [mrdklix] c:\windows\system32\mrdklix.exe mrdklix 
O4 - HKLM\..\Run: [Workflow] F:\install\Workflow.exe
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab 
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/... 
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://housecall.trendmicro-europe.com/housecall/Xscan53.cab 
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} - http://www.sponsoradulto.com/fr/SysWebTelecom.cab



¤ Clic sur "demarrer", "executer", tape: services.msc ,cherche dans la liste cette ligne, fais un clic droit dessus choisis "propriétés" et régle la sur "désactivé"

- NVIDIA Driver Helper Service


¤ Télécharge Killbox: 
http://www.killbox.net/downloads/KillBox.exe

Double clique sur killbox.exe (Pocket Killbox)

- coche: delete on reboot
dans la barre vide entre ceci: (exactement)

c:\windows\system32\mrdklix.exe

- clique sur le rond rouge avec la croix blanche
- une fenêtre va apparaître pour confirmation cliques sur "YES"
- une seconde fenêtre te demande si tu veux redémarrer cliques sur "YES"

Laisse le pc redémarrer s'il ne redémarre pas de lui même alors fait le.


¤ Télécharge Hoster 
http://www.funkytoad.com/download/hoster.zip 

Dézippe le sur ton bureau, double clic sur hoster.exe
Sur la droite clic sur "Restore Microsoft's Hosts file"
Puis ferme le programme.


¤ Refait un nettoyage complet avec CCleaner 

¤ Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clique dessus et choisis "accepter l'active X" pour  faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

https://www.bitdefender.com/toolbox/ 


ça devrait être ok ;-)

martum · Answer

pb résolu après analyse HJT
merci

Virus ???

8 réponses

Discussions similaires

Newsletters