Perte de connexion internet (mkc001 ?)

Bonjour à tous,

Depuis quelques jours, ma connexion à internet saute après quelques minutes (msn reste accessible !)
Ce problème coïncide avec l'apparition de mkc001 (que je ne parviens pas à virer).
J'ai de plus d'autres sites en tout genre qui se mettent par défaut dans mes favoris.
Et des pop-ups publicitaires dans tous les sens ! (Norton n'a jamais réussi à virer les log publicitaires)

Pour info, j'ai du désinstaller SP2 car ne reconnaissait pas mon imprimante deskjet 990cxi !

J'ai utilisé spybot, Xoftspy, Norton (qui ne fonctionne plus depuis !).
Ci-dessous les résulats avec Hijackthis et aboutBuster :


Logfile of HijackThis v1.99.0
Scan saved at 19:02:52, on 19/02/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\Probe\AsusProb.exe
F:\Program Files\Winamp\winampa.exe
F:\Program Files\QuickTime\qttask.exe
F:\WINDOWS\System32\sstray.exe
F:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr-be\msnappau.exe
F:\DOCUME~1\NO4761~1\LOCALS~1\Temp\Rar$EX00.719\AnyDVD.exe
F:\WINDOWS\System32\obqepp.exe
F:\WINDOWS\system32\addej32.exe
F:\DOCUME~1\NO4761~1\LOCALS~1\Temp\35.tmp.exe
F:\WINDOWS\System32\ctfmon.exe
F:\Program Files\MSN Messenger\MsnMsgr.Exe
F:\WINDOWS\System32\wscript.exe
F:\WINDOWS\System32\wscript.exe
F:\WINDOWS\System32\wscript.exe
F:\PROGRA~1\INCRED~1\bin\IMApp.exe
F:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
F:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
F:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
F:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
F:\WINDOWS\system32\crypserv.exe
F:\Program Files\Norton AntiVirus\navapsvc.exe
F:\Program Files\Norton AntiVirus\SAVScan.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\ipaq.exe
F:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
F:\WINDOWS\System32\wuauclt.exe
F:\DOCUME~1\NO4761~1\LOCALS~1\Temp\Rar$EX00.015\AboutBuster\AboutBuster.exe
F:\Program Files\WinRAR\WinRAR.exe
F:\DOCUME~1\NO4761~1\LOCALS~1\Temp\Rar$EX00.829\HijackThis.exe
F:\DOCUME~1\NO4761~1\LOCALS~1\Temp\Rar$EX01.797\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://F:\WINDOWS\ticrs.dll/sp.html#12345
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://F:\WINDOWS\ticrs.dll/sp.html#12345
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://F:\WINDOWS\ticrs.dll/sp.html#12345
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://F:\WINDOWS\ticrs.dll/sp.html#12345
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://F:\WINDOWS\ticrs.dll/sp.html#12345
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://F:\WINDOWS\ticrs.dll/sp.html#12345
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://F:\WINDOWS\ticrs.dll/sp.html#12345
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.be/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.scarlet.be:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {A50865E4-41F3-A6FC-9B1B-A396EC13BEFB} - F:\WINDOWS\sysks32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - F:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr-be\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -off
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [WinampAgent] F:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] F:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [ccApp] "F:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [msnappau] "F:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr-be\msnappau.exe"
O4 - HKLM\..\Run: [AnyDVD] F:\DOCUME~1\NO4761~1\LOCALS~1\Temp\Rar$EX00.719\AnyDVD.exe
O4 - HKLM\..\Run: [nnkvnf] F:\WINDOWS\System32\obqepp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [addej32.exe] F:\WINDOWS\system32\addej32.exe
O4 - HKLM\..\Run: [6A.tmp] F:\DOCUME~1\NO4761~1\LOCALS~1\Temp\6A.tmp.exe 2 10001
O4 - HKLM\..\Run: [35.tmp] F:\DOCUME~1\NO4761~1\LOCALS~1\Temp\35.tmp.exe 0 10001
O4 - HKLM\..\Run: [epl2] F:\WINDOWS\System32\epl2.exe
O4 - HKLM\..\Run: [6A.tmp.exe] F:\DOCUME~1\NO4761~1\LOCALS~1\Temp\6A.tmp.exe 3 10001
O4 - HKLM\..\Run: [35.tmp.exe] F:\DOCUME~1\NO4761~1\LOCALS~1\Temp\35.tmp.exe 1 10001
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] F:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Spyware Begone] F:\Program Files\freescan.exe -FastScan
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = F:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = F:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = F:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SATARaid.lnk = ?
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - F:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - F:\Program Files\SideFind\sidefind.dll (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINDOWS\web\related.htm
O12 - Plugin for .ssc: F:\WINDOWS\Downloaded Program Files\Ubizen\SmartStart\NPSmartStart32.dll
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.05p.com (HKLM)
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.scoobidoo.com (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted IP range: 206.161.125.149
O15 - Trusted IP range: 206.161.125.149 (HKLM)
O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {94B964F0-45CC-11D4-9F1D-0060085C7782} (Version Class) - https://www.deutschebank.be/multisecure/smartstart/Win32/SmartStartSetup.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O23 - Service: Symantec Event Manager - Symantec Corporation - F:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - F:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - F:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Crypkey License - Unknown - crypserv.exe (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique - Unknown - F:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements - Unknown - F:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI - Unknown - F:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting - Unknown - F:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect - Symantec Corporation - F:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: DDE réseau - Unknown - F:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau - Unknown - F:\WINDOWS\system32\netdde.exe
O23 - Service: Plug-and-Play - Unknown - F:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance - Unknown - F:\WINDOWS\system32\sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - F:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - F:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Carte à puce - Unknown - F:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance - Unknown - F:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - F:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Cliché instantané de volume - Unknown - F:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI - Unknown - F:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Workstation NetLogon Service - Unknown - F:\WINDOWS\system32\ipaq.exe


-- Scan 1 ---------------------------
About:Buster Version 4.0
Reference List : 23

No ADS found on system
Removed 5 Random Key Entries
Attempted Clean Of Temp folder.
Removed Uninstall Key (HSA)
Removed Uninstall Key (SE)
Removed Uninstall Key (SW)
Pages Reset... Done!

-- Scan 2 ---------------------------
About:Buster Version 4.0
Reference List : 23

No ADS found on system
Attempted Clean Of Temp folder.
Pages Reset... Done!



Merci d'aider un simple utilisateur sans défense !!!