un cadeau étrange

[Apollo]

Je ne crois pas qu'un "missile" soit encore nécessaire.

 

:arrow: Télécharge SDFix de AndyManchesta et sauvegarde le sur ton Bureau.

:att: Si le lien ne fonctionne pas, essaie ceux-ci :

• http://download.bleepingcomputer.com/andymanchesta/SDFix.exe
  
• http://sdfix.net/SDFix.exe
  

• Double clique sur SDFix.exe pour lancer l'installation. L'outil sera extrait à la racine du lecteur système (généralement le C:\).
  En fin d'installation, une fenêtre du Bloc-notes s'ouvre pour afficher le contenu du fichier Installed.txt. Ferme cette fenêtre du Bloc-notes.
  

 

Va sur C:\SDFix par le poste de travail et ouvre le dossier; double-clique sur RunThis.bat (le bat peut ne pas apparaître).

 

Si l'antivirus ou le firewall se manifeste, donne l'autorisation complète aux processus de SDFix ou alors désactive tes protections momentanément, le temps de l'analyse.

 

Tape 3 pour choisir d'analyser avec SOPHOS

Valide avec la touche ENTER. Patiente le temps du chargement.

 

Appuie sur une touche lorsque cela te sera demandé.

 

Une fenêtre s'ouvrira, clique alors sur Winzip Self-Extractor puis clique sur Unzip puis sur OK puis sur Close.

 

Presser une touche quand c'est demandé.

 

Presser ensuite la touche 5 Run Full scan/Disinfect --> presser Enter --> c'est la fonction de désinfection.

 

Pour supprimer les objets découverts par Sophos, il faudra choisir de presser la touche 6 Run Full scan /Remove infections --> presser Enter].

 

Patienter jusqu'à la fin de l'analyse.

 

Le rapport sera sauvegardé sous C:\SDFix\Sophos Report.txt.

 

Copier/coller ce rapport dans ta réponse de même qu'un nouveau log Hijackthis.

 

@++

[claravik]

Bonsoir,

voici le rapport:Si tu as encore un peu d'énergie pour regarder ceci

Sophos Anti-Virus

Version 4.38.0 [Win32/Intel]

Virus data version 4.38E, February 2009

Includes detection for 614120 viruses, trojans and worms

Copyright © 1989-2009 Sophos Plc, www.sophos.com

 

System time 00:15:37, System date 02 February 2009

Command line qualifiers are: -f -remove -nc -nb -dn --stop-scan -idedir=C:\SDFix\IDE -p=C:\SDFix\SophosReport.txt

 

IDE directory is: C:\SDFix\IDE

 

File swizz-og.ide is older than 90 days

File agen-hrd.ide is older than 90 days

File agen-htk.ide is older than 90 days

File agen-hto.ide is older than 90 days

File agen-hry.ide is older than 90 days

File agen-hsk.ide is older than 90 days

File agen-hrx.ide is older than 90 days

File agen-hrp.ide is older than 90 days

File agen-hrh.ide is older than 90 days

File agen-htv.ide is older than 90 days

File agen-hqg.ide is older than 90 days

File agen-hqm.ide is older than 90 days

File agen-hqq.ide is older than 90 days

File agen-hqs.ide is older than 90 days

File agen-hqw.ide is older than 90 days

File agen-htc.ide is older than 90 days

File agen-hrf.ide is older than 90 days

File agen-hsm.ide is older than 90 days

File agen-hri.ide is older than 90 days

File agen-hrl.ide is older than 90 days

File agen-hrm.ide is older than 90 days

File agen-hro.ide is older than 90 days

File agen-hrs.ide is older than 90 days

File agen-hrw.ide is older than 90 days

File agen-hst.ide is older than 90 days

File agen-hud.ide is older than 90 days

File agen-hub.ide is older than 90 days

File agen-hty.ide is older than 90 days

File autoit-t.ide is older than 90 days

File autoit-v.ide is older than 90 days

File autor-jd.ide is older than 90 days

File autor-kl.ide is older than 90 days

File autor-jw.ide is older than 90 days

File autor-jv.ide is older than 90 days

File autor-jy.ide is older than 90 days

File autor-ju.ide is older than 90 days

File autor-ke.ide is older than 90 days

File autor-je.ide is older than 90 days

File autor-jp.ide is older than 90 days

File autor-jo.ide is older than 90 days

File autor-jm.ide is older than 90 days

File autor-jl.ide is older than 90 days

File autor-jk.ide is older than 90 days

File autor-ji.ide is older than 90 days

File autor-jf.ide is older than 90 days

File autor-kf.ide is older than 90 days

File backd-ab.ide is older than 90 days

File backsp-a.ide is older than 90 days

File backd-ac.ide is older than 90 days

File banhos-y.ide is older than 90 days

File bank-enm.ide is older than 90 days

File banhos-z.ide is older than 90 days

File bank-end.ide is older than 90 days

File bank-ene.ide is older than 90 days

File bank-eni.ide is older than 90 days

File bankd-dj.ide is older than 90 days

File bho-hc.ide is older than 90 days

File bront-dw.ide is older than 90 days

File buzus-o.ide is older than 90 days

File buzus-p.ide is older than 90 days

File click-ez.ide is older than 90 days

File delban-a.ide is older than 90 days

File delf-fbc.ide is older than 90 days

File dloa-bss.ide is older than 90 days

File dloa-btl.ide is older than 90 days

File dloa-btz.ide is older than 90 days

File dloa-bsq.ide is older than 90 days

File dload-di.ide is older than 90 days

File dload-dk.ide is older than 90 days

File dorf-bu.ide is older than 90 days

File dropr-ac.ide is older than 90 days

File dwnl-hie.ide is older than 90 days

File dwnl-hih.ide is older than 90 days

File dwnl-hht.ide is older than 90 days

File fakea-dh.ide is older than 90 days

File fakea-hq.ide is older than 90 days

File fakea-ed.ide is older than 90 days

File fakea-ho.ide is older than 90 days

File fakea-eb.ide is older than 90 days

File fakea-dm.ide is older than 90 days

File fakea-hd.ide is older than 90 days

File fakea-ht.ide is older than 90 days

File fakea-hu.ide is older than 90 days

File fakev-fy.ide is older than 90 days

File gaman-ch.ide is older than 90 days

File geezo-e.ide is older than 90 days

File gaman-ci.ide is older than 90 days

File he4hoo-g.ide is older than 90 days

File hostin-a.ide is older than 90 days

File injec-cx.ide is older than 90 days

File ircb-acn.ide is older than 90 days

File ircb-acr.ide is older than 90 days

File killa-ey.ide is older than 90 days

File linea-gc.ide is older than 90 days

File linea-fl.ide is older than 90 days

File linea-fs.ide is older than 90 days

File linea-fy.ide is older than 90 days

File linea-gk.ide is older than 90 days

File meredr-a.ide is older than 90 days

File ntroo-ea.ide is older than 90 days

File ntroo-dy.ide is older than 90 days

File ntroo-dz.ide is older than 90 days

File obfus-b.ide is older than 90 days

File offmsg-a.ide is older than 90 days

File poiso-ad.ide is older than 90 days

File pswd-gen.ide is older than 90 days

File psyme-kd.ide is older than 90 days

File psyme-jy.ide is older than 90 days

File psyme-jx.ide is older than 90 days

File psyme-jw.ide is older than 90 days

File pws-atu.ide is older than 90 days

File pws-aty.ide is older than 90 days

File pws-att.ide is older than 90 days

File pws-atr.ide is older than 90 days

File pws-atp.ide is older than 90 days

File pws-aua.ide is older than 90 days

File rexplo-d.ide is older than 90 days

File rootk-dr.ide is older than 90 days

File rootk-ds.ide is older than 90 days

File swfdlr-b.ide is older than 90 days

File tibs-uw.ide is older than 90 days

File usract-a.ide is older than 90 days

File vb-ebe.ide is older than 90 days

File wlhack-g.ide is older than 90 days

File ytkit-a.ide is older than 90 days

File zlob-aop.ide is older than 90 days

File zlob-aol.ide is older than 90 days

Using IDE file maldoc-f.ide

Using IDE file autor-om.ide

Using IDE file agen-hzb.ide

Using IDE file agen-iao.ide

Using IDE file pdfex-ac.ide

Using IDE file agen-hwu.ide

Using IDE file autor-nu.ide

Using IDE file agen-huq.ide

Using IDE file pushdo-x.ide

Using IDE file bank-eoe.ide

Using IDE file mdro-bwl.ide

Using IDE file bancb-qz.ide

Using IDE file votera-b.ide

Using IDE file swizz-oj.ide

Using IDE file poiso-ag.ide

Using IDE file pws-auf.ide

Using IDE file gimmiv-a.ide

Using IDE file sdbo-dla.ide

Using IDE file buzus-r.ide

Using IDE file start-bo.ide

Using IDE file fakea-fs.ide

Using IDE file agen-iex.ide

Using IDE file fakev-hh.ide

Using IDE file bho-hj.ide

Using IDE file dorf-bv.ide

Using IDE file zlob-aqz.ide

Using IDE file acespa-a.ide

Using IDE file agen-iec.ide

Using IDE file agen-iea.ide

Using IDE file zlob-aqu.ide

Using IDE file drop-bb.ide

Using IDE file drop-bg.ide

Using IDE file dwnl-his.ide

Using IDE file tiotua-w.ide

Using IDE file zlob-aqq.ide

Using IDE file zlob-aqj.ide

Using IDE file bho-hp.ide

Using IDE file zlob-apn.ide

Using IDE file agen-hny.ide

Using IDE file bank-ent.ide

Using IDE file agen-huf.ide

Using IDE file agen-iaz.ide

Using IDE file autor-nc.ide

Using IDE file zlob-aox.ide

Using IDE file emold-a.ide

Using IDE file agen-iam.ide

Using IDE file agen-hyv.ide

Using IDE file agen-hxb.ide

Using IDE file fakea-ei.ide

Using IDE file autor-ku.ide

Using IDE file bckd-qpt.ide

Using IDE file autor-ol.ide

Using IDE file autor-ld.ide

Using IDE file autor-ob.ide

Using IDE file cmjsp-am.ide

Using IDE file fakea-fx.ide

Using IDE file dloa-bxx.ide

Using IDE file autor-lq.ide

Using IDE file autor-lr.ide

Using IDE file autor-lt.ide

Using IDE file fakea-ev.ide

Using IDE file fakea-et.ide

Using IDE file bho-hh.ide

Using IDE file agen-hxq.ide

Using IDE file autor-nk.ide

Using IDE file autor-oa.ide

Using IDE file agen-hvm.ide

Using IDE file looke-ej.ide

Using IDE file autor-li.ide

Using IDE file banc-bep.ide

Using IDE file agen-iab.ide

Using IDE file smal-emq.ide

Using IDE file keyge-cr.ide

Using IDE file wimad-k.ide

Using IDE file autor-nr.ide

Using IDE file autor-lb.ide

Using IDE file autor-mc.ide

Using IDE file autor-ny.ide

Using IDE file autor-lf.ide

Using IDE file geezo-f.ide

Using IDE file agen-icz.ide

Using IDE file agen-ida.ide

Using IDE file agen-iaj.ide

Using IDE file maldoc-o.ide

Using IDE file autor-oo.ide

Using IDE file autor-os.ide

Using IDE file fakev-gl.ide

Using IDE file autor-ox.ide

Using IDE file ircb-acv.ide

Using IDE file autor-mo.ide

Using IDE file agen-hyo.ide

Using IDE file autor-nj.ide

Using IDE file dwnl-hkf.ide

Using IDE file dwnl-hkb.ide

Using IDE file dwnl-hjq.ide

Using IDE file dwnl-hjp.ide

Using IDE file dwnl-hjg.ide

Using IDE file agen-ign.ide

Using IDE file zbot-ar.ide

Using IDE file agen-hyc.ide

Using IDE file zlob-arf.ide

Using IDE file fakev-gf.ide

Using IDE file zlob-anz.ide

Using IDE file agen-iej.ide

Using IDE file autor-me.ide

Using IDE file mdro-bwn.ide

Using IDE file pws-auy.ide

Using IDE file onlin-bh.ide

Using IDE file boaxxe-g.ide

Using IDE file dloa-byo.ide

Using IDE file dloa-byd.ide

Using IDE file pws-aut.ide

Using IDE file dloa-bxj.ide

Using IDE file dloa-bwz.ide

Using IDE file dloa-bwr.ide

Using IDE file banlo-fz.ide

Using IDE file pdfex-w.ide

Using IDE file silly-cr.ide

Using IDE file zlob-apd.ide

Using IDE file dloa-bsb.ide

Using IDE file agen-hwd.ide

Using IDE file agen-hul.ide

Using IDE file banspy-k.ide

Using IDE file banho-ab.ide

Using IDE file agen-hur.ide

Using IDE file snpves-c.ide

Using IDE file agen-hwy.ide

Using IDE file agen-hwr.ide

Using IDE file agen-hwt.ide

Using IDE file agen-hxy.ide

Using IDE file autor-nz.ide

Using IDE file autor-mb.ide

Using IDE file autor-nt.ide

Using IDE file autor-kx.ide

Using IDE file autor-no.ide

Using IDE file autor-nn.ide

Using IDE file agen-ibh.ide

Using IDE file autor-ml.ide

Using IDE file agen-ibm.ide

Using IDE file agen-hyy.ide

Using IDE file asp-d.ide

Using IDE file auexje-a.ide

Using IDE file agen-ich.ide

Using IDE file agen-icv.ide

Using IDE file advhac-a.ide

Using IDE file autor-mf.ide

Using IDE file agen-idp.ide

Using IDE file agen-ifz.ide

Using IDE file autor-md.ide

Using IDE file arinj-a.ide

Using IDE file banc-bev.ide

Using IDE file dropr-ak.ide

Using IDE file fakev-gw.ide

Using IDE file fakea-en.ide

Using IDE file poiso-af.ide

Using IDE file imaut-d.ide

Using IDE file ifram-bh.ide

Using IDE file ifgif-a.ide

Using IDE file fakea-eh.ide

Using IDE file swizz-oy.ide

Using IDE file fanbot-m.ide

Using IDE file keylo-ku.ide

Using IDE file renos-be.ide

Using IDE file keylo-kw.ide

Using IDE file stayt-a.ide

Using IDE file skintr-d.ide

Using IDE file killa-fb.ide

Using IDE file dloa-bwo.ide

Using IDE file dloa-bxb.ide

Using IDE file fakev-gt.ide

Using IDE file kolabc-d.ide

Using IDE file fakev-gh.ide

Using IDE file wow-kd.ide

Using IDE file zlob-api.ide

Using IDE file zlob-apg.ide

Using IDE file drop-az.ide

Using IDE file malas-h.ide

Using IDE file pdfex-aa.ide

Using IDE file fakea-gi.ide

Using IDE file fakea-ft.ide

Using IDE file sdbo-dnj.ide

Using IDE file salit-an.ide

Using IDE file psw-fw.ide

Using IDE file dloa-bxp.ide

Using IDE file yahlov-a.ide

Using IDE file dwnld-e.ide

Using IDE file mourn-a.ide

Using IDE file delf-fbf.ide

Using IDE file pws-auq.ide

Using IDE file dwnl-hkh.ide

Using IDE file merein-a.ide

Using IDE file onlin-bf.ide

Using IDE file dload-ed.ide

Using IDE file bho-hw.ide

Using IDE file pws-avz.ide

Using IDE file agen-iaw.ide

Using IDE file zlob-ape.ide

Using IDE file agen-hxw.ide

Using IDE file agen-hxo.ide

Using IDE file bank-eoj.ide

Using IDE file zimeno-c.ide

Using IDE file pws-aup.ide

Using IDE file bank-e.ide

Using IDE file rootk-eb.ide

Using IDE file zipcar-b.ide

Using IDE file bank-ens.ide

Using IDE file agen-hnf.ide

Using IDE file agen-hvv.ide

Using IDE file agen-hvk.ide

Using IDE file pushdo-w.ide

Using IDE file bckd-qpz.ide

Using IDE file injec-db.ide

Using IDE file dloa-bxh.ide

Using IDE file asp-c.ide

Using IDE file agen-hzu.ide

Using IDE file agen-icw.ide

Using IDE file agen-idg.ide

Using IDE file agen-ice.ide

Using IDE file freezo-d.ide

Using IDE file freevi-a.ide

Using IDE file formad-a.ide

Using IDE file dwnl-hin.ide

Using IDE file mdro-bwv.ide

Using IDE file dwnl-hjh.ide

Using IDE file dwnl-hkc.ide

Using IDE file dwnl-hiw.ide

Using IDE file agen-ibz.ide

Using IDE file delf-fbl.ide

Using IDE file zapch-eh.ide

Using IDE file agen-iew.ide

Using IDE file agen-ifh.ide

Using IDE file fakea-iy.ide

Using IDE file dwnl-hkk.ide

Using IDE file dloa-bzl.ide

Using IDE file fakev-hi.ide

Using IDE file bancb-rb.ide

Using IDE file fakev-go.ide

Using IDE file dloa-bun.ide

Using IDE file dloa-bus.ide

Using IDE file wowpw-bf.ide

Using IDE file vb-ebj.ide

Using IDE file ambler-g.ide

Using IDE file agen-ibw.ide

Using IDE file fakeav-l.ide

Using IDE file mdro-bwg.ide

Using IDE file mdro-bwh.ide

Using IDE file dloa-bxm.ide

Using IDE file onlin-be.ide

Using IDE file autor-of.ide

Using IDE file start-bn.ide

Using IDE file autor-ow.ide

Using IDE file agen-hym.ide

Using IDE file dloa-byq.ide

Using IDE file fakea-fp.ide

Using IDE file dload-ef.ide

Using IDE file agen-ias.ide

Using IDE file autor-pb.ide

Using IDE file autor-lz.ide

Using IDE file ms0806-a.ide

Using IDE file autor-ly.ide

Using IDE file obfjs-bd.ide

Using IDE file obfjs-bf.ide

Using IDE file delpdl-c.ide

Using IDE file dloa-bwh.ide

Using IDE file zlob-aqd.ide

Using IDE file swfdlr-c.ide

Using IDE file meredr-b.ide

Using IDE file jolly-a.ide

Using IDE file autor-lj.ide

Using IDE file autor-ln.ide

Using IDE file fanbot-l.ide

Using IDE file autor-oz.ide

Using IDE file legm-arx.ide

Using IDE file zlob-apa.ide

Using IDE file smal-emr.ide

Using IDE file tileb-kz.ide

Using IDE file fakeal-a.ide

Using IDE file linea-go.ide

Using IDE file bdoo-apw.ide

Using IDE file bho-ig.ide

Using IDE file zbot-ax.ide

Using IDE file vb-ebr.ide

Using IDE file agen-igy.ide

Using IDE file agen-ihp.ide

Using IDE file autor-pg.ide

Using IDE file vapsu-ad.ide

Using IDE file sasan-k.ide

Using IDE file zlob-arg.ide

Using IDE file zbot-ay.ide

Using IDE file autor-pf.ide

Using IDE file rbot-gxf.ide

Using IDE file autor-pe.ide

Using IDE file banlo-ga.ide

Using IDE file autor-pm.ide

Using IDE file autor-pl.ide

Using IDE file autor-pi.ide

Using IDE file r0x4h-a.ide

Using IDE file fakea-gs.ide

Using IDE file rootk-ef.ide

Using IDE file dloa-caj.ide

Using IDE file cryptb-a.ide

Using IDE file click-fd.ide

Using IDE file pushd-aa.ide

Using IDE file qhosts-c.ide

Using IDE file tibs-uy.ide

Using IDE file ircb-adb.ide

Using IDE file yahlov-c.ide

Using IDE file corefl-f.ide

Using IDE file bckd-qqr.ide

Using IDE file autoi-ai.ide

Using IDE file bank-eot.ide

Using IDE file dloa-cbf.ide

Using IDE file jeff-a.ide

Using IDE file bravo-j.ide

Using IDE file bank-eor.ide

Using IDE file sdbo-dnp.ide

Using IDE file sohan-bp.ide

Using IDE file impair-a.ide

Using IDE file kukoo-d.ide

Using IDE file autor-rd.ide

Using IDE file fakev-hv.ide

Using IDE file agen-ikf.ide

Using IDE file autor-qz.ide

Using IDE file bho-ir.ide

Using IDE file agen-ihx.ide

Using IDE file autor-qx.ide

Using IDE file autor-qs.ide

Using IDE file autor-rb.ide

Using IDE file autor-qp.ide

Using IDE file tiotu-ab.ide

Using IDE file fakea-gz.ide

Using IDE file mdro-bpm.ide

Using IDE file autor-qd.ide

Using IDE file autor-qc.ide

Using IDE file rbot-gxg.ide

Using IDE file autor-ry.ide

Using IDE file malas-i.ide

Using IDE file autor-rx.ide

Using IDE file hakflo-a.ide

Using IDE file psw-fz.ide

Using IDE file ircb-ade.ide

Using IDE file bank-eos.ide

Using IDE file autor-rf.ide

Using IDE file agen-ilm.ide

Using IDE file pdfjs-h.ide

Using IDE file agen-ikx.ide

Using IDE file tileb-la.ide

Using IDE file diale-fv.ide

Using IDE file agen-ijo.ide

Using IDE file rootk-eh.ide

Using IDE file agen-ikt.ide

Using IDE file pdfex-ag.ide

Using IDE file vundro-e.ide

Using IDE file agen-iku.ide

Using IDE file htaccf-a.ide

Using IDE file autor-rs.ide

Using IDE file autor-rv.ide

Using IDE file bckd-qqo.ide

Using IDE file fakeav-q.ide

Using IDE file netsk-bt.ide

Using IDE file autor-rj.ide

Using IDE file autor-rl.ide

Using IDE file dloa-cct.ide

Using IDE file dloa-ccc.ide

Using IDE file bank-eoq.ide

Using IDE file autor-re.ide

Using IDE file autor-rw.ide

Using IDE file agen-iks.ide

Using IDE file looke-ek.ide

Using IDE file autor-ri.ide

Using IDE file fakea-kf.ide

Using IDE file smal-ems.ide

Using IDE file fakea-he.ide

Using IDE file solow-j.ide

Using IDE file keylo-kz.ide

Using IDE file dloa-cbm.ide

Using IDE file autor-rg.ide

Using IDE file pdfex-ah.ide

Using IDE file agen-iii.ide

Using IDE file sohan-bm.ide

Using IDE file agen-ilh.ide

Using IDE file nebule-s.ide

Using IDE file atrn-jd.ide

Using IDE file dloa-cbl.ide

Using IDE file agen-ijn.ide

Using IDE file agen-iij.ide

Using IDE file ezio-h.ide

Using IDE file proxy-iu.ide

Using IDE file bckd-qqq.ide

Using IDE file fujac-ao.ide

Using IDE file downld-l.ide

Using IDE file tometa-k.ide

Using IDE file tiotua-y.ide

Using IDE file agen-iio.ide

Using IDE file bdoo-ara.ide

Using IDE file mario-e.ide

Using IDE file autor-qy.ide

Using IDE file mdro-bxk.ide

Using IDE file fakev-hr.ide

Using IDE file fakev-ic.ide

Using IDE file autor-qf.ide

Using IDE file autor-qk.ide

Using IDE file psw-gc.ide

Using IDE file psw-gd.ide

Using IDE file rbot-gxj.ide

Using IDE file autor-pv.ide

Using IDE file zlob-ari.ide

Using IDE file banho-ad.ide

Using IDE file fakea-kg.ide

Using IDE file drop-bn.ide

Using IDE file injec-dl.ide

Using IDE file injec-df.ide

Using IDE file injec-dg.ide

Using IDE file insom-a.ide

Using IDE file injec-dk.ide

Using IDE file fakea-jx.ide

Using IDE file autoi-at.ide

Using IDE file pws-auh.ide

Using IDE file silly-cv.ide

Using IDE file redlof-c.ide

Using IDE file bho-iv.ide

Using IDE file autoru-u.ide

Using IDE file dwnld-l.ide

Using IDE file dloa-bzi.ide

Using IDE file click-fe.ide

Using IDE file crack-q.ide

Using IDE file sdbo-dkh.ide

Using IDE file pws-awv.ide

Using IDE file dload-es.ide

Using IDE file fakea-ij.ide

Using IDE file autor-tb.ide

Using IDE file dloa-ccj.ide

Using IDE file waled-f.ide

Using IDE file bckd-qlk.ide

Using IDE file autoi-aq.ide

Using IDE file autoi-ap.ide

Using IDE file fakev-iu.ide

Using IDE file ircbo-zd.ide

Using IDE file renos-bw.ide

Using IDE file fakev-ik.ide

Using IDE file autoi-an.ide

Using IDE file fakev-ig.ide

Using IDE file fakev-ie.ide

Using IDE file fakev-je.ide

Using IDE file fakev-jc.ide

Using IDE file zapch-ei.ide

Using IDE file startp-p.ide

Using IDE file kripti-a.ide

Using IDE file agen-ing.ide

Using IDE file decdec-c.ide

Using IDE file linea-am.ide

Using IDE file linea-an.ide

Using IDE file dwnl-hfs.ide

Using IDE file bckd-qoz.ide

Using IDE file waled-d.ide

Using IDE file sohan-br.ide

Using IDE file bho-iz.ide

Using IDE file bank-emn.ide

Using IDE file poison-m.ide

Using IDE file autor-sq.ide

Using IDE file pcbk-fam.ide

Using IDE file wowp-gen.ide

Using IDE file agen-ijx.ide

Using IDE file autor-ck.ide

Using IDE file dloa-bsd.ide

Using IDE file zlob-alw.ide

Using IDE file pws-awx.ide

Using IDE file pws-aww.ide

Using IDE file expjs-c.ide

Using IDE file mdro-btj.ide

Using IDE file mdro-buy.ide

Using IDE file agen-imr.ide

Using IDE file dwnld-b.ide

Using IDE file renos-ca.ide

Using IDE file agen-ilv.ide

Using IDE file dloa-cdo.ide

Using IDE file dwnl-hmp.ide

Using IDE file pdfjs-o.ide

Using IDE file agen-iot.ide

Using IDE file tiotu-ac.ide

Using IDE file agen-iou.ide

Using IDE file dwnl-hmr.ide

Using IDE file dwnl-hme.ide

Using IDE file autor-cs.ide

Using IDE file dloa-cen.ide

Using IDE file agen-ipa.ide

Using IDE file dloa-cea.ide

Using IDE file wowpws-b.ide

Using IDE file rootk-el.ide

Using IDE file killa-fc.ide

Using IDE file fakev-ih.ide

Using IDE file waled-h.ide

Using IDE file votera-c.ide

Using IDE file injec-dq.ide

Using IDE file agen-iof.ide

Using IDE file agen-ioe.ide

Using IDE file fakev-im.ide

Using IDE file vb-dyb.ide

Using IDE file votera-d.ide

Using IDE file fakea-kt.ide

Using IDE file dloa-bya.ide

Using IDE file agen-int.ide

Using IDE file autoi-au.ide

Using IDE file autor-sd.ide

Using IDE file dloa-bob.ide

Using IDE file banc-bfa.ide

Using IDE file wimad-l.ide

Using IDE file waled-g.ide

Using IDE file perlif-a.ide

Using IDE file fakev-id.ide

Using IDE file silly-h.ide

Using IDE file downln-a.ide

Using IDE file daolno-a.ide

Using IDE file agen-imv.ide

Using IDE file dablin-a.ide

Using IDE file autoi-al.ide

Using IDE file dloa-cem.ide

Using IDE file haxdor-b.ide

Using IDE file zbot-bl.ide

Using IDE file hiloti-a.ide

Using IDE file autor-su.ide

Using IDE file clickr-h.ide

Using IDE file psw-ge.ide

Using IDE file psw-gg.ide

Using IDE file agen-ioa.ide

Using IDE file psyme-ix.ide

Using IDE file agen-imk.ide

Using IDE file agen-imf.ide

Using IDE file adcli-ev.ide

Using IDE file agen-gtc.ide

Using IDE file zbot-bu.ide

Using IDE file refpro-c.ide

Using IDE file autor-sv.ide

Using IDE file autor-sw.ide

Using IDE file agen-hii.ide

Using IDE file agen-ils.ide

Using IDE file rootk-ek.ide

Using IDE file agen-hte.ide

Using IDE file rbot-gsm.ide

Using IDE file autor-tk.ide

Using IDE file zbot-bp.ide

Using IDE file bho-jc.ide

Using IDE file adcl-gen.ide

Using IDE file bckd-qqs.ide

Using IDE file renos-cc.ide

Using IDE file rbot-gsa.ide

Using IDE file pws-axe.ide

Using IDE file fretho-a.ide

Using IDE file ntroo-eh.ide

Using IDE file agen-ioy.ide

Using IDE file agen-ioq.ide

Using IDE file bho-ix.ide

Using IDE file dloa-ccz.ide

Using IDE file agen-imc.ide

Using IDE file pwss-gen.ide

Using IDE file mariof-h.ide

Using IDE file autor-ta.ide

Using IDE file fakea-km.ide

Using IDE file autor-tc.ide

Using IDE file rbot-gsk.ide

Using IDE file agen-ink.ide

Using IDE file pushd-ab.ide

Using IDE file autor-sl.ide

Using IDE file injec-di.ide

Using IDE file confic-c.ide

Using IDE file agen-imb.ide

Using IDE file ircbo-wd.ide

Using IDE file ezio-i.ide

Using IDE file mdro-bxs.ide

Using IDE file mariof-j.ide

Using IDE file ircb-adj.ide

Using IDE file ambler-h.ide

Using IDE file renos-cb.ide

Using IDE file pws-axb.ide

Using IDE file renos-ce.ide

Using IDE file pws-axk.ide

Using IDE file waled-a.ide

Using IDE file bank-ekt.ide

Using IDE file injec-dn.ide

Using IDE file ircb-aay.ide

Using IDE file zbot-bm.ide

Using IDE file zbot-bo.ide

Using IDE file sohan-aw.ide

Using IDE file autor-tu.ide

Using IDE file waled-k.ide

Using IDE file actxhc-a.ide

Using IDE file agen-ipe.ide

Using IDE file dwnl-hnd.ide

Using IDE file swfdld-k.ide

Using IDE file autoi-av.ide

Using IDE file fakea-im.ide

Using IDE file zlob-ark.ide

Using IDE file jsredi-h.ide

Using IDE file autor-uj.ide

Using IDE file autor-ua.ide

Using IDE file agen-ipv.ide

Using IDE file autor-uk.ide

Using IDE file rootk-em.ide

Using IDE file delf-ezg.ide

Using IDE file qhost-ae.ide

Using IDE file autor-un.ide

Using IDE file vapsu-af.ide

Using IDE file kolabc-f.ide

Using IDE file injec-ds.ide

Using IDE file dwnl-hng.ide

Using IDE file silban-f.ide

Using IDE file phishk-a.ide

Using IDE file poiso-ak.ide

Using IDE file agen-iqm.ide

Using IDE file gaferm-a.ide

Using IDE file refpro-d.ide

Using IDE file bckd-qrf.ide

Using IDE file agen-iqq.ide

Using IDE file poiso-al.ide

Using IDE file sdbo-dnu.ide

Using IDE file fakev-jo.ide

Using IDE file killa-es.ide

Using IDE file mdro-byc.ide

Using IDE file bbdos-b.ide

Using IDE file confic-f.ide

Using IDE file autor-us.ide

Using IDE file fakeer-a.ide

Using IDE file rootk-eo.ide

Using IDE file fakea-iq.ide

Using IDE file agen-ira.ide

Using IDE file sdbo-dnv.ide

Using IDE file agen-irc.ide

Using IDE file fakea-le.ide

Using IDE file dwnl-hmw.ide

Using IDE file phpshe-b.ide

Using IDE file agen-irf.ide

Using IDE file autor-uz.ide

Using IDE file ircb-adk.ide

Using IDE file dwnl-hnk.ide

Using IDE file bckd-qri.ide

Using IDE file autor-vf.ide

Using IDE file autor-uh.ide

Using IDE file fujac-av.ide

Using IDE file autor-vj.ide

Using IDE file spy-bo.ide

Using IDE file injec-du.ide

Using IDE file fakea-jc.ide

Using IDE file bank-epb.ide

Using IDE file mbroot-c.ide

Using IDE file autor-vn.ide

Using IDE file fakev-jr.ide

Using IDE file autoi-ba.ide

Using IDE file injec-dv.ide

Using IDE file autor-vp.ide

Using IDE file rbot-gvn.ide

Using IDE file agen-isa.ide

Using IDE file sillyv-a.ide

Using IDE file vbdown-j.ide

Using IDE file zasran-j.ide

Using IDE file rbot-gvw.ide

Using IDE file fakea-jf.ide

Using IDE file agen-isc.ide

Using IDE file rootk-eu.ide

Using IDE file zbot-fam.ide

Using IDE file dloa-cfo.ide

Using IDE file autor-vt.ide

Using IDE file fakev-jt.ide

Using IDE file agen-isi.ide

Using IDE file fakea-lf.ide

Using IDE file agen-isl.ide

Using IDE file pdfex-ak.ide

Using IDE file autoi-bc.ide

Using IDE file autoi-bd.ide

Using IDE file ircb-adm.ide

Using IDE file fujac-aw.ide

Using IDE file mosuc-ax.ide

Using IDE file spy-bq.ide

Using IDE file fakea-jt.ide

Using IDE file mdro-byo.ide

Using IDE file jsredi-j.ide

Using IDE file fakea-ju.ide

Using IDE file autor-wb.ide

Using IDE file fakea-jw.ide

Using IDE file agen-iso.ide

Using IDE file bho-jm.ide

Using IDE file encjs-a.ide

Using IDE file bdoo-asp.ide

Using IDE file autoi-bf.ide

Using IDE file dloa-cfw.ide

Using IDE file autor-wk.ide

Using IDE file hack-b.ide

Using IDE file fakea-kc.ide

Using IDE file fakea-lk.ide

Using IDE file pushd-ae.ide

Using IDE file agen-itd.ide

Using IDE file waled-x.ide

Using IDE file autor-wn.ide

 

Full Scanning

 

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbc2e.ht1

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbdam

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbdao

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbeam

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbeao

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbm

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbu2d.ht1

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbvmh.ht1

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\fiih.ht1

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\hp

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\hpt2i.ht1

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\rpm1mh.ht1

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\rpmh.ht1

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\safeweb\goog-black-enchashmh.ht1

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\safeweb\goog-black-urlmh.ht1

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\safeweb\goog-malware-domainmh.ht1

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\safeweb\goog-white-domainmh.ht1

Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Temp\etilqs_7dVwAkL7cNYbce9NuF4X

Could not open C:\hiberfil.sys

>>> Virus 'Mal/Packer' found in file C:\Program Files\Aprck v3\ace.dll

Removal successful

>>> Virus 'Mal/Packer' found in file C:\Program Files\Aprck v3\WinGenerics.dll

Removal successful

>>> Virus 'Mal/Packer' found in file C:\Program Files\Navilog1\gnc.exe

Removal successful

>>> Virus 'Dial/Carped-E' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542556.dll

Removal successful

>>> Virus 'Troj/Chorus-A' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542560.exe

Removal successful

>>> Virus 'Mal/Generic-A' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542561.exe

Removal successful

>>> Virus 'Troj/Chorus-A' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542567.exe

Removal successful

>>> Virus 'Troj/Chorus-A' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542589.exe

Removal successful

>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542592.exe

Removal successful

>>> Virus 'Dial/Dialer-M' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542593.dll

Removal successful

>>> Virus 'Troj/RKFuze-A' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542597.sys

Removal successful

>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1208\A0555701.dll

Removal successful

>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1208\A0555702.dll

Removal successful

>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1208\A0555703.exe

Removal successful

>>> Virus 'Mal/Generic-A' found in file C:\WINDOWS\system32\inft.dll

Removal successful

>>> Virus 'Mal/Packer' found in file C:\WINDOWS\system32\jgpsrsvc.dll

Removal successful

 

2 boot sectors swept.

32477 files swept in 1 hour, 1 minute and 35 seconds.

19 errors were encountered.

16 viruses were discovered.

16 files out of 32477 were infected.

Please send infected samples to Sophos for analysis.

For advice consult www.sophos.com, email [email protected]

or telephone +44 1235 559933

Ending Sophos Anti-Virus.

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 01:25:30, on 02/02/2009

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\crypserv.exe

C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\UAService7.exe

C:\WINDOWS\wanmpsvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\HP\KBD\KBD.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\ALCXMNTR.EXE

C:\Program Files\D-Tools\daemon.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\OrangeHSS\Launcher\Launcher.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe

C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\OrangeHSS\systray\systrayapp.exe

C:\Program Files\OrangeHSS\Deskboard\deskboard.exe

C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe

C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe

C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe

C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\System32\rundll32.exe

C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchforfree.info/?sid=u002

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr9.hpwis.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchforfree.info/browser/

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll

O1 - Hosts: 207.68.176.190 www.auto.search.msn.com

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')

O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')

O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)

O15 - Trusted Zone: http://*.mappy.com

O15 - Trusted Zone: http://*.orange.fr

O15 - Trusted Zone: http://rw.search.ke.voila.fr

O15 - Trusted Zone: http://orange.weborama.fr

O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971C.../bridge-c10.cab

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O21 - SSODL: OOYQHCoS - {4CDBC23E-E671-6894-421D-D2DC7003E3F1} - C:\WINDOWS\System32\inft.dll (file missing)

O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe

O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

 

--

End of file - 8171 bytes

 

 

@+

[Apollo]

Bonjour,

 

Il y a des restes de Norton et il doit diparaître.

 

Utilise le remover: Symantec/Norton

 

Remover Norton

 

Relance Hijackthis avec Do a system scan only et coche les cases devant les lignes suivantes: SOUS VISTA: Clic droit sur Hijackthis/exécuter en temps qu'administrateur!

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchforfree.info/?sid=u002 (http://searchforfree.info/?sid=u002)

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchforfree.info/browser/ (http://searchforfree.info/browser/)

 

Ferme toutes les applications ouvertes et les navigateurs et clique sur Fix Checked

 

Le mode sans échec est-il accessible?

 

@++

[claravik]

Bonjour Apollo

Je suis encore au taf'

Pour ce qui est de Norton j'ai appliqué la procédure à deux reprises visiblement sans résultats

Pour le démarrage en mode sans échec hélas l'échec

Par contre je n'ai plus de messages intempestifs au démarrage en mode normal

En rentrant chez moi (1h), je recommencerai la désinstallation de norton

 

A plus tard

[claravik]

RE;

J'ai de nouveau désinstallé Norton, G vérifié sur Ccleaner il n'y est plus depuis la première procédure, d'ailleur n'était il pas plus simple de désinstaller Symantec par ce dernier?

En ce qui concerne le mode sans échec c'est touyours inaccessible!!!!!! C'est un virus qui le malmène?

@++

[claravik]

Bon du coup en farfouillant, j'ai vu dans l'application data un dossier norton symantec je lai donc supprimé manuellement .

Pour ce qui concerne le mode sans échec, je suis passée par MSconfig+Boot INI+SAFE BOOT OK , le Pc redémarre il y une correction syst volume puis

F8 et voilas en mode sans échec et maintenant je le fais scan par MBAm ( je précise que je t'écris sur mon autre ordiPAKADO)

J'espère pour moi que je n'ai pas fais trop de betises

[Apollo]

Bonsoir,

 

La désinstallation de Norton par la méthode "normale" laisse toujours trainer des restes très gênants, d'où l'utilisation de l'outil spécial, qui semble-t-il, laisse encore un répertoire. (celui que tu as viré).

 

On va voir ce que raconte MBAM et le log Hijackthis qui s'ensuivra.

 

Désolé du retard mais j'étais occupé par autre-chose que le pc.

 

++