Bloodhound.Packed.Jmp

Bonjour tout le monde,

J'ai attrape le virus de Bloodhound.Pached.Jmp malheuresement mon anti virus (Symantec Norton Anti Virus) le detec mais bien qu'il inscrit "Delete:succeeded" le probleme persiste toujours a chaque fois que je demmare mon PC

J'ai installe HijachThis and j'ai genererer le fichier log ke voici si dessous j'espere bien que quelqu'un pourra m'aider

Merci D'avance


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:10:06 PM, on 4/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
c:\WINDOWS\system32\ifxspmgt.exe
c:\WINDOWS\system32\ifxtcs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\lotus\notes\ntmulti.exe
c:\WINDOWS\system32\IfxPsdSv.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\WINDOWS\system32\AccelerometerSt.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
c:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://login.microsoftonline.com/9ceb45d9-8994-49de-a178-bcc598fec3ce/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=994527B4677B97AC7CB779374FF51CB01A92DFFF1B1B8ADE-39099707D76CA9F59D0B3AB44D4391C30EB71C67AFA24AEB1A41DA401CB6FD28&redirect_uri=https:%2F%2Fsita365.sharepoint.com%2F_forms%2Fdefault.aspx&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=eea5329f-a0a0-a000-888b-18836a9b4df4
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.microsoftonline.com/9ceb45d9-8994-49de-a178-bcc598fec3ce/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=994527B4677B97AC7CB779374FF51CB01A92DFFF1B1B8ADE-39099707D76CA9F59D0B3AB44D4391C30EB71C67AFA24AEB1A41DA401CB6FD28&redirect_uri=https:%2F%2Fsita365.sharepoint.com%2F_forms%2Fdefault.aspx&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=eea5329f-a0a0-a000-888b-18836a9b4df4
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by SITA (Global-IE (U) 1.02)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [IFXSPMGT] c:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - S-1-5-18 Startup: DskMgr.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: DskMgr.exe (User 'Default user')
O4 - .DEFAULT User Startup: DskMgr.exe (User 'Default user')
O4 - Startup: DskMgr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MyApp\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MyApp\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://login.microsoftonline.com/9ceb45d9-8994-49de-a178-bcc598fec3ce/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=994527B4677B97AC7CB779374FF51CB01A92DFFF1B1B8ADE-39099707D76CA9F59D0B3AB44D4391C30EB71C67AFA24AEB1A41DA401CB6FD28&redirect_uri=https:%2F%2Fsita365.sharepoint.com%2F_forms%2Fdefault.aspx&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=eea5329f-a0a0-a000-888b-18836a9b4df4
O15 - Trusted Zone: http://fileadeadmin.equant.com
O15 - Trusted Zone: http://fileadeadminbck.equant.com
O15 - Trusted Zone: http://fileadeadminete.equant.com
O15 - Trusted Zone: http://fileadeatl.equant.com
O15 - Trusted Zone: http://fileadebck.equant.com
O15 - Trusted Zone: http://fileadmin.equant.com
O15 - Trusted Zone: http://www1.ins.com/?tm=1&kw=insurance&KW1=Health%20Insurance%20Plans&KW2=Dental%20Insurance%20Plans&KW3=Insurance%20Payment%20Processing&KW4=Cloud%20Proxy%20Service&searchbox=0&domainname=0&backfill=0
O15 - Trusted Zone: http://www1.ins.com/?tm=1&kw=insurance&KW1=Health%20Insurance%20Plans&KW2=Dental%20Insurance%20Plans&KW3=Insurance%20Payment%20Processing&KW4=Cloud%20Proxy%20Service&searchbox=0&domainname=0&backfill=0
O15 - Trusted Zone: http://atldst01.corp.sita.aero
O15 - Trusted Zone: http://londst01.corp.sita.aero
O15 - Trusted Zone: http://stame01.corp.sita.aero
O15 - Trusted Zone: http://stemea01.corp.sita.aero
O15 - Trusted Zone: http://fileadeadmin.equant.com (HKLM)
O15 - Trusted Zone: http://fileadeadminbck.equant.com (HKLM)
O15 - Trusted Zone: http://fileadeadminete.equant.com (HKLM)
O15 - Trusted Zone: http://fileadeatl.equant.com (HKLM)
O15 - Trusted Zone: http://fileadebck.equant.com (HKLM)
O15 - Trusted Zone: http://fileadmin.equant.com (HKLM)
O15 - Trusted Zone: http://www1.ins.com/?tm=1&kw=insurance&KW1=Health%20Insurance%20Plans&KW2=Dental%20Insurance%20Plans&KW3=Insurance%20Payment%20Processing&KW4=Cloud%20Proxy%20Service&searchbox=0&domainname=0&backfill=0 (HKLM)
O15 - Trusted Zone: http://www1.ins.com/?tm=1&kw=insurance&KW1=Health%20Insurance%20Plans&KW2=Dental%20Insurance%20Plans&KW3=Insurance%20Payment%20Processing&KW4=Cloud%20Proxy%20Service&searchbox=0&domainname=0&backfill=0 (HKLM)
O15 - Trusted Zone: http://atldst01.corp.sita.aero (HKLM)
O15 - Trusted Zone: http://londst01.corp.sita.aero (HKLM)
O15 - Trusted Zone: http://stame01.corp.sita.aero (HKLM)
O15 - Trusted Zone: http://stemea01.corp.sita.aero (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = corp.sita.aero
O17 - HKLM\Software\..\Telephony: DomainName = corp.sita.aero
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF6C7C1A-59FB-406C-9E05-FCAB61E0AADA}: Domain = corp.sita.aero
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = corp.sita.aero
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = corp.sita.aero
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\WINDOWS\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\WINDOWS\system32\ifxtcs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Program Files\lotus\notes\ntmulti.exe
O23 - Service: Personal Secure Drive service (PersonalSecureDriveService) - Infineon Technologies AG - c:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe