Impossible à supprimer WIN32 et autres

Le
FGV
Bonjour,

Depuis 1 semaine, AVAST me met plusieurs messages à chaque démarrage
concernant Win32 dans différents fichiers (Installer.exe ou
MTE3NDI6ODoxNg[1].exe). J'ai également la page d'accueil IE modifiée.
Après recherches diverses, j'ai passé Adware, SpyBot, RegCleaner, Avast, des
antivirus en ligne. Tout semble nettoyé et dès que je rallume le PC, les
virus sont toujours là.

Si quelqu'un pouvait me conseiller, voici le rapport HijackThis :

Logfile of HijackThis v1.99.1
Scan saved at 10:13:21, on 29/01/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:appsABoardABoard.exe
C:PROGRA~1MESSAG~1StartMessager.exe
C:Program FilesVirtual CD v4 SDKsystemvcsplay.exe
C:appsABoardAOSD.exe
C:WINDOWSsystem32hplampc.exe
C:Program FilesWinampwinampa.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesNuCamCamCheckCamCheck.exe
C:Program FilesFichiers communsRealUpdate_OBealsched.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesSlySoftCloneCDCloneCDTray.exe
C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsFileAgent.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWStwain_32SiPixSCBlink2Srvany.exe
C:WINDOWStwain_32SiPixSCBlink2USBPNP.exe
C:Program FilesAdobePhotoshop Elements
3.0PhotoshopElementsDeviceConnect.exe
C:WINDOWSsystem32slserv.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesVirtual CD v4 SDKsystemvcssecs.exe
C:windowswinsysban4.exe
C:Program FilesMicrosoft ActiveSyncWCESCOMM.EXE
C:Program FilesLogitechDesktop
Messenger8876480ProgramBackWeb-8876480.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesLogitechSetPointKEM.exe
C:Program FilesSony CorporationPicture PackagePicture Package
MenuSonyTray.exe
C:Program FilesSony CorporationPicture PackagePicture Package
ApplicationsResidence.exe
C:Program FilesSAGEM Wi-Fi USB 802.11gWLANUTL.exe
C:Program FilesWINZIPWZQKPICK.EXE
C:Program FilesLogitechSetPointKHALMNPR.EXE
C:WINDOWSSystem32wuauclt.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesMicrosoft OfficeOFFICE11WINWORD.EXE
C:Program FilesHijackthisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://searchbar.findthewebsiteyouneed.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://searchbar.findthewebsiteyouneed.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.google.fr
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
file://C:APPSIEofflinefr.htm
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.google.fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
http://searchbar.findthewebsiteyouneed.com
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride = localhost
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSS
ystem32msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} -
C:Program FilesCanonEasy-WebPrintToolband.dll
O3 - Toolbar: UCmore XP - The Search Accelerator -
{44BE0690-5429-47f0-85BB-3FFD8020233E} - C:Program
FilesTheSearchAcceleratorUCMTSAIE.dll
O4 - HKLM..Run: [ACTIVBOARD] c:appsABoardABoard.exe
O4 - HKLM..Run: [MessagerStarter Wanadoo]
C:PROGRA~1MESSAG~1StartMessager.exe Messager Wanadoo
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program
FilesAlcatelSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [VCSPlayer] "C:Program FilesVirtual CD v4
SDKsystemvcsplay.exe"
O4 - HKLM..Run: [CheckMedi8or] C:Program FilesMediator 7
ProCheckNewUser.exe
O4 - HKLM..Run: [hplampc] C:WINDOWSsystem32hplampc.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program
FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [CamCheck] C:Program FilesNuCamCamCheckCamCheck.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBealsched.exe" -osboot
O4 - HKLM..Run: [PinnacleDriverCheck]
C:WINDOWSSystem32PSDrvCheck.exe -CheckReg
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [CloneCDTray] "C:Program
FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 - HKLM..Run: [ATIPTA] C:ATI TechnologiesATI Control
Panelatiptaxx.exe
O4 - HKLM..Run: [Easy-PrintToolBox] C:Program
FilesCanonEasy-PrintToolBoxBJPSMAIN.EXE /logon
O4 - HKLM..Run: [winsysupd] C:windowswinsysupd4.exe
O4 - HKLM..Run: [winsysban] C:windowswinsysban4.exe
O4 - HKLM..Run: [myupdates] c:windowsmyupdates.exe
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft
ActiveSyncWCESCOMM.EXE"
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe"
/background
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop
Messenger8876480ProgramBackWeb-8876480.exe
O4 - Startup: Registration-Studio 8.lnk = C:Program FilesPinnacleStudio
8RegisterRegTool.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:Program
FilesLogitechSetPointKEM.exe
O4 - Global Startup: Picture Package Menu.lnk = C:Program FilesSony
CorporationPicture PackagePicture Package MenuSonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:Program FilesSony
CorporationPicture PackagePicture Package ApplicationsResidence.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi
802.11g.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:Program
FilesWINZIPWZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste
d'impressions - res://C:Program
FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide -
res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:Program
FilesCanonEasy-WebPrintResource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:Program
FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: Créer un Favori de l'appareil mobile -
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:Program FilesMicrosoft
ActiveSyncinetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:Program FilesMicrosoft ActiveSyncinetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:Program FilesMicrosoft
ActiveSyncinetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:WINDOWSSystem32Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengerMSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengerMSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32msvrl.dll
O12 - Plugin for .spop: C:Program FilesInternet
ExplorerPluginsNPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:APPSIEofflinefr.htm
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/s...ctlcab.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid9204
O16 - DPF: {1B3E3251-658E-4F03-8881-68302FE3CE9E} - file://C:Documents and
SettingsF-COCHERILLocal SettingsTempFCabtmp1214.xms
O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} (PackageHTML) -
http://acces.blonde.com/package/op/...tmlCab.CAB
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13}
(PPSDKActiveXScanner.MainScreen) -
http://ppupdates.ca.com/downloads/s...canner.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} -
http://promo.dollarrevenue.com/webm...ad100a.exe
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) -
http://tools.ebayimg.com/eps/wl/act...0-3-24.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} -
http://sib1.od2.com/common/Member/C.../setup.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/.../cabsa.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) -
http://housecall65.trendmicro.com/h...hcImpl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/...scan53.cab
O16 - DPF: {7B8DF65F-FED6-468D-AFAF-4DC02FAD019C} -
http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) -
http://www.bitdefender.com/scan/Msi...fender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/active...asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1.hp.com/ewfrf-JA...anager.ocx
O16 - DPF: {AE609930-A6EB-4A78-B7DA-B3200705FEBD} (Mophun Control) -
http://www.mophun.com/codebase/mophun.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/m...loader.cab
O16 - DPF: {B8A23E08-0B26-4348-AA96-33395A51DDD9} -
http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) -
http://servicesv4.moviesystem.com/cabs/msway.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) -
http://tools.ebayimg.com/eps/active...-0-3-0.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71}
(InfosFinder2.InfosFinder) -
http://support.packardbell.com/file...inder2.CAB
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) -
http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O17 -
HKLMSystemCCSServicesTcpip..{09B14A90-6BD8-499D-A34D-0308D1D61341}:
NameServer = 192.168.1.1,80.10.246.2
O17 -
HKLMSystemCCSServicesTcpip..{EEBFF13A-CF90-45C6-B362-DBE98E955FAB}:
NameServer = 193.252.19.3,193.252.19.4
O17 -
HKLMSystemCS1ServicesTcpip..{09B14A90-6BD8-499D-A34D-0308D1D61341}:
NameServer = 192.168.1.1,80.10.246.2
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown
owner - C:Program FilesAdobePhotoshop Elements
3.0PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Blink2PnP - Unknown owner -
C:WINDOWStwain_32SiPixSCBlink2Srvany.exe
O23 - Service: Photoshop Elements Device Connect
(PhotoshopElementsDeviceConnect) - Unknown owner - C:Program
FilesAdobePhotoshop Elements 3.0PhotoshopElementsDeviceConnect.exe
O23 - Service: SmartLinkService (SLService) - -
C:WINDOWSSYSTEM32slserv.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) -
H+H Software GmbH - C:Program FilesVirtual CD v4 SDKsystemvcssecs.exe

J'ai peur de faire des bétises en supprimer des lignes..

Merci pour votre aide

France
Publicité
Vidéos High-Tech et Jeu Vidéo
Téléchargements
Vos réponses
Gagnez chaque mois un abonnement Premium avec GNT : Inscrivez-vous !
Trier par : date / pertinence
rm
Le #1569332

J'ai peur de faire des bétises en supprimer des lignes.....


pas peur d'utiliser Internet Explorer mal réglé pour surfer n'importe où ?

m'enfin c'est trop tard, donc petit ménage:

en mode sans echec, restauration système désactivée,
il faut déjà passer un coup de LSPFix en lisant bien la doc...
http://cexx.org/lspfix.htm
http://www.snapfiles.com/get/winsockxpfix.html
pour nettoyer Winsock...

ensuite, toujours en mode sans echec, restauration système désactivée,
cocher puis fixer en priorité les salétés suivantes:

O4 - HKLM..Run: [winsysupd] C:windowswinsysupd4.exe
O4 - HKLM..Run: [winsysban] C:windowswinsysban4.exe
O4 - HKLM..Run: [myupdates] c:windowsmyupdates.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL http://searchbar.findthewebsiteyouneed.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar http://searchbar.findthewebsiteyouneed.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page http://www.google.fr
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page http://www.google.fr
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL file://C:APPSIEofflinefr.htm
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page http://www.google.fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page http://www.google.fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant http://searchbar.findthewebsiteyouneed.com
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride = localhost

R3 - Default URLSearchHook is missing

ensuite, pour éclaircir et laisser respirer l'engin, virer aussi:

O4 - HKLM..Run: [VCSPlayer] "C:Program FilesVirtual CD v4
SDKsystemvcsplay.exe"
O4 - HKLM..Run: [CheckMedi8or] C:Program FilesMediator 7
ProCheckNewUser.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program
FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [CamCheck] C:Program FilesNuCamCamCheckCamCheck.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [PinnacleDriverCheck]
C:WINDOWSSystem32PSDrvCheck.exe -CheckReg
O4 - HKLM..Run: [CloneCDTray] "C:Program
FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 - HKLM..Run: [ATIPTA] C:ATI TechnologiesATI Control
Panelatiptaxx.exe
O4 - HKLM..Run: [Easy-PrintToolBox] C:Program
FilesCanonEasy-PrintToolBoxBJPSMAIN.EXE /logon
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe"
/background
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop
Messenger8876480ProgramBackWeb-8876480.exe
O4 - Startup: Registration-Studio 8.lnk = C:Program FilesPinnacleStudio
8RegisterRegTool.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Picture Package Menu.lnk = C:Program FilesSony
CorporationPicture PackagePicture Package MenuSonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:Program FilesSony
CorporationPicture PackagePicture Package ApplicationsResidence.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi
802.11g.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:Program
FilesWINZIPWZQKPICK.EXE

et

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSystem32msjava.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:APPSIEofflinefr.htm
O16 - DPF: ppctlcab -
http://ppupdates.ca.com/downloads/s...ctlcab.cab
O16 - DPF: {1B3E3251-658E-4F03-8881-68302FE3CE9E} - file://C:Documents and
SettingsF-COCHERILLocal SettingsTempFCabtmp1214.xms
O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} (PackageHTML) -
http://acces.blonde.com/package/op/...tmlCab.CAB
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13}
(PPSDKActiveXScanner.MainScreen) -
http://ppupdates.ca.com/downloads/s...canner.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} -
http://promo.dollarrevenue.com/webm...ad100a.exe
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) -
http://tools.ebayimg.com/eps/wl/act...0-3-24.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} -
http://sib1.od2.com/common/Member/C.../setup.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/.../cabsa.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) -
http://housecall65.trendmicro.com/h...hcImpl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/...scan53.cab
O16 - DPF: {7B8DF65F-FED6-468D-AFAF-4DC02FAD019C} -
http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) -
http://www.bitdefender.com/scan/Msi...fender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/active...asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1.hp.com/ewfrf-JA...anager.ocx
O16 - DPF: {AE609930-A6EB-4A78-B7DA-B3200705FEBD} (Mophun Control) -
http://www.mophun.com/codebase/mophun.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/m...loader.cab
O16 - DPF: {B8A23E08-0B26-4348-AA96-33395A51DDD9} -
http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) -
http://servicesv4.moviesystem.com/cabs/msway.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) -
http://tools.ebayimg.com/eps/active...-0-3-0.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71}
(InfosFinder2.InfosFinder) -
http://support.packardbell.com/file...inder2.CAB
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) -
http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O17 -
HKLMSystemCCSServicesTcpip..{09B14A90-6BD8-499D-A34D-0308D1D61341}:
NameServer = 192.168.1.1,80.10.246.2
O17 -
HKLMSystemCCSServicesTcpip..{EEBFF13A-CF90-45C6-B362-DBE98E955FAB}:
NameServer = 193.252.19.3,193.252.19.4
O17 -
HKLMSystemCS1ServicesTcpip..{09B14A90-6BD8-499D-A34D-0308D1D61341}:
NameServer = 192.168.1.1,80.10.246.2

bon courage et n'ai pas peur d'utiliser autre chose qu'internet explorer
pour surfer...

@+
--
rm

FGV
Le #1569330
J'ai tout fait comme tu m'as dit et tout refonctionne. Plus de message
d'Avast.

Merci beaucoup.

France



"rm" news:uehkc6yhoa8z$.13j54lgmw8uya$

J'ai peur de faire des bétises en supprimer des lignes.....


pas peur d'utiliser Internet Explorer mal réglé pour surfer n'importe où ?

m'enfin c'est trop tard, donc petit ménage:

en mode sans echec, restauration système désactivée,
il faut déjà passer un coup de LSPFix en lisant bien la doc...
http://cexx.org/lspfix.htm
http://www.snapfiles.com/get/winsockxpfix.html
pour nettoyer Winsock...

ensuite, toujours en mode sans echec, restauration système désactivée,
cocher puis fixer en priorité les salétés suivantes:

O4 - HKLM..Run: [winsysupd] C:windowswinsysupd4.exe
O4 - HKLM..Run: [winsysban] C:windowswinsysban4.exe
O4 - HKLM..Run: [myupdates] c:windowsmyupdates.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL > http://searchbar.findthewebsiteyouneed.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar > http://searchbar.findthewebsiteyouneed.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page > http://www.google.fr
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > http://www.google.fr
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL > file://C:APPSIEofflinefr.htm
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page > http://www.google.fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page > http://www.google.fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > http://searchbar.findthewebsiteyouneed.com
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride = localhost

R3 - Default URLSearchHook is missing

ensuite, pour éclaircir et laisser respirer l'engin, virer aussi:

O4 - HKLM..Run: [VCSPlayer] "C:Program FilesVirtual CD v4
SDKsystemvcsplay.exe"
O4 - HKLM..Run: [CheckMedi8or] C:Program FilesMediator 7
ProCheckNewUser.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program
FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [CamCheck] C:Program FilesNuCamCamCheckCamCheck.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [PinnacleDriverCheck]
C:WINDOWSSystem32PSDrvCheck.exe -CheckReg
O4 - HKLM..Run: [CloneCDTray] "C:Program
FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 - HKLM..Run: [ATIPTA] C:ATI TechnologiesATI Control
Panelatiptaxx.exe
O4 - HKLM..Run: [Easy-PrintToolBox] C:Program
FilesCanonEasy-PrintToolBoxBJPSMAIN.EXE /logon
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe"
/background
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop
Messenger8876480ProgramBackWeb-8876480.exe
O4 - Startup: Registration-Studio 8.lnk = C:Program FilesPinnacleStudio
8RegisterRegTool.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Picture Package Menu.lnk = C:Program FilesSony
CorporationPicture PackagePicture Package MenuSonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:Program FilesSony
CorporationPicture PackagePicture Package ApplicationsResidence.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi
802.11g.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:Program
FilesWINZIPWZQKPICK.EXE

et

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSystem32msjava.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:APPSIEofflinefr.htm
O16 - DPF: ppctlcab -
http://ppupdates.ca.com/downloads/s...ctlcab.cab
O16 - DPF: {1B3E3251-658E-4F03-8881-68302FE3CE9E} - file://C:Documents
and

SettingsF-COCHERILLocal SettingsTempFCabtmp1214.xms
O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} (PackageHTML) -
http://acces.blonde.com/package/op/...tmlCab.CAB
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13}
(PPSDKActiveXScanner.MainScreen) -
http://ppupdates.ca.com/downloads/s...canner.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} -
http://promo.dollarrevenue.com/webm...ad100a.exe
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl
Class) -

http://tools.ebayimg.com/eps/wl/act...0-3-24.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} -
http://sib1.od2.com/common/Member/C.../setup.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/.../cabsa.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX
6.5) -


http://housecall65.trendmicro.com/h...hcImpl.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -

http://a840.g.akamai.net/7/840/537/...scan53.cab

O16 - DPF: {7B8DF65F-FED6-468D-AFAF-4DC02FAD019C} -
http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline
Control) -

http://www.bitdefender.com/scan/Msi...fender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/active...asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1.hp.com/ewfrf-JA...anager.ocx
O16 - DPF: {AE609930-A6EB-4A78-B7DA-B3200705FEBD} (Mophun Control) -
http://www.mophun.com/codebase/mophun.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/m...loader.cab
O16 - DPF: {B8A23E08-0B26-4348-AA96-33395A51DDD9} -
http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) -
http://servicesv4.moviesystem.com/cabs/msway.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl
Class) -

http://tools.ebayimg.com/eps/active...-0-3-0.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71}
(InfosFinder2.InfosFinder) -
http://support.packardbell.com/file...inder2.CAB
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) -
http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O17 -
HKLMSystemCCSServicesTcpip..{09B14A90-6BD8-499D-A34D-0308D1D61341}:
NameServer = 192.168.1.1,80.10.246.2
O17 -
HKLMSystemCCSServicesTcpip..{EEBFF13A-CF90-45C6-B362-DBE98E955FAB}:
NameServer = 193.252.19.3,193.252.19.4
O17 -
HKLMSystemCS1ServicesTcpip..{09B14A90-6BD8-499D-A34D-0308D1D61341}:
NameServer = 192.168.1.1,80.10.246.2

bon courage et n'ai pas peur d'utiliser autre chose qu'internet explorer
pour surfer...

@+
--
rm



Publicité
Suivre les réponses
Poster une réponse
Anonyme