Virus Carlton et problème avec svchost.exe

Jul88 · le 23 janvier 2008

Coucou,

Alors je ne peux pas finir les manipulations car il est impossible de télécharger ATF Cleaner

J'ai essayé via plusieurs sites mais impossible d'afficher la page, impossible de le télécharger..

Que dois-je faire?

Bises

Julie

Jul88 · le 23 janvier 2008

En fait il est impossible de se connecter au site de atribune.org..

Jul88 · le 23 janvier 2008

En fait c'est bon, Angélique (modératrice) m'a donné ce lien : http://www.sendspace.com/file/kbuud2 et j'ai pu enfin télécharger ATF Cleaner.

Je t'envoi mes rapports des que c'est fait!

Merci

Jul88 · le 23 janvier 2008

Alors voila fin des manipulations, c'était long !!lol

Voici le rapport AVG AS:

---------------------------------------------------------

AVG Anti-Spyware - Rapport d'analyse

---------------------------------------------------------

+ Créé à: 23:25:10 23/01/2008

+ Résultat de l'analyse:

C:\Documents and Settings\Julie\Mes documents\Ma musique\mp3 julie\SmileyCentralPFSetup2.0.4.21-2.exe -> Dropper.Small : Nettoyé.

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP434\A0318058.exe -> Not-A-Virus.Downloader.Win32.WinFixer.z : Nettoyé.

:mozilla.181:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.27:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.32:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.467:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.470:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.500:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.532:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.614:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.759:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.776:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.58:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.

:mozilla.59:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.

:mozilla.731:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.

:mozilla.732:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.

:mozilla.100:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Adobe : Nettoyé.

:mozilla.12:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.

:mozilla.54:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.

:mozilla.485:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Coremetrics : Nettoyé.

:mozilla.566:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Dealtime : Nettoyé.

:mozilla.55:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.

:mozilla.103:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.

:mozilla.121:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.

:mozilla.768:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.

:mozilla.769:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.

:mozilla.770:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.

:mozilla.771:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.

:mozilla.82:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.

:mozilla.83:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.

:mozilla.84:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.

:mozilla.630:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Information : Nettoyé.

:mozilla.698:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.

:mozilla.562:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.

:mozilla.563:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.

:mozilla.556:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.

:mozilla.587:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.

:mozilla.588:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.

:mozilla.591:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.

:mozilla.102:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.

:mozilla.781:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.

:mozilla.122:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Pro-market : Nettoyé.

:mozilla.123:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Pro-market : Nettoyé.

:mozilla.124:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Pro-market : Nettoyé.

:mozilla.762:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Qksrv : Nettoyé.

:mozilla.765:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Qksrv : Nettoyé.

:mozilla.763:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.

:mozilla.764:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.

:mozilla.661:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.

:mozilla.725:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.

:mozilla.726:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.

:mozilla.727:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.

:mozilla.728:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.

:mozilla.729:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.

:mozilla.730:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.

:mozilla.464:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Realtracker : Nettoyé.

:mozilla.673:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.

:mozilla.705:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.706:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.707:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.708:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.709:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.710:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.711:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.712:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.713:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.714:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.715:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.716:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.112:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.113:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.114:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.115:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.116:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.117:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.411:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.

:mozilla.513:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.

:mozilla.632:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.

:mozilla.558:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Skype : Nettoyé.

:mozilla.625:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Skype : Nettoyé.

:mozilla.212:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.

:mozilla.218:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.

:mozilla.221:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.

:mozilla.575:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Starware : Nettoyé.

:mozilla.57:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.60:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.61:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.62:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.63:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.64:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.65:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.66:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.67:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.68:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.69:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.70:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.71:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.72:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.73:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.74:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.75:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.76:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.79:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.80:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.81:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.559:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.

:mozilla.560:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.

:mozilla.125:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.

:mozilla.547:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.

:mozilla.534:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.

:mozilla.681:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.

:mozilla.682:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.

:mozilla.683:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.

:mozilla.684:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.

:mozilla.685:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.

:mozilla.441:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.

:mozilla.452:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.

:mozilla.455:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.

:mozilla.421:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyé.

:mozilla.428:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyé.

:mozilla.435:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyé.

:mozilla.477:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyé.

:mozilla.38:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.

:mozilla.565:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.

:mozilla.699:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.

:mozilla.700:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.

:mozilla.701:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.

:mozilla.702:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.

:mozilla.703:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.

:mozilla.704:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.

:mozilla.49:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.

:mozilla.51:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.

:mozilla.52:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.

:mozilla.87:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.

:mozilla.88:C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\wohp29mw.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.

C:\Norman\Download(2)\NVCF0081.ZIP/Data/Bin/Nipsvc.exe -> Trojan.Wow : Nettoyé.

Fin du rapport

Et voici mon dernier rapport HIJACKTHIS:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:32:07, on 23/01/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe

c:\APPS\HIDSERVICE\HIDSERVICE.exe

C:\Norman\Npf\BIN\NPFSVICE.EXE

C:\Norman\Bin\Zanda.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.exe

c:\APPS\Powercinema\Kernel\TV\CLSched.exe

C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Apps\Powercinema\PCMService.exe

C:\Norman\bin\ZLH.EXE

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\APPS\SMP\SmpSys.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Documents and Settings\Julie\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\svchost.exe

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"

O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101w.bay101.mail.live.com/mail/re...es/MsnPUpld.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...944/mcfscan.cab

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

O23 - Service: Generic Host Process for Win-32 Service - Unknown owner - C:\WINDOWS\svchost.exe (file missing)

O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe

O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe

O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE

O23 - Service: Norman Type-R - Unknown owner - C:\Norman\Npf\BIN\NPFSVICE.EXE

O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe

O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--

End of file - 10751 bytes

Par contre j'ai toujours ce message d'erreur qui s'affiche a chaque fois que je rentre dans ma session windows, celuit dont je t'avais parlé dans mon premier message à propos de svchost.exe..

Gof · le 24 janvier 2008

Bonjor Jul88

Merci à Angelique et à Douds, j'ai vu ton sujet. Le site d'Atribune est toujours indisponible visiblement.

Alors voila fin des manipulations, c'était long !!lol

Oui, mais c'était nécessaire. Maintenant que tu sais comment faire, il faudra le faire de temps en temps.

Par contre j'ai toujours ce message d'erreur qui s'affiche a chaque fois que je rentre dans ma session windows, celuit dont je t'avais parlé dans mon premier message à propos de svchost.exe..

OUi, on te l'ôte à présent, tu ne l'auras plus

Relance un scan HijackThis

Clique sur Do a system scan only et coche les lignes ci-dessous :

F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\svchost.exe

Ferme toutes les fenêtres sauf HijackThis et Fix Checked.

Puis, toujours avec Hijackthis, choisir Open the Misc.Tools section (ferme le et ouvre le à nouveau si tu ne trouves plus cette option)

la fenêtre "Configuration" va s'ouvrir, clique sur Delete a NT service...
la fenêtre "Delete a Windows NT service" va s'ouvrir, entre dans la zone de dialogue (copie colle):

"Generic Host Process for Win-32 Service"

clique OK
Une autre fenêtre devrait s'ouvrir, donnant des informations sur le service et demandant si tu veux redémarrer.
Clique NO.

Redémarre. Tu me diras dans ton prochain post si le message au démarrage a bien disparu

Ensuite, effectue une analyse en ligne comme ceci et joins le rapport (plus un nouveau rapport HijackThis) :

Rends toi sur ESET Online Scanner : http://www.eset.com/onlinescan/

Coche la case YES, I accept the Terms Of Use
Clique sur le bouton Start
Clique maintenant sur Install button
Clique à nouveau sur Start

Les mises à jour du scan en ligne vont se faire.
Ne coche pas Remove found threats
Clique sur Scan button

Le scan va démarrer, sois patient.
Quand le scan sera terminé, clique sur Details tab
Copie colle en réponse le contenu de C:\Program Files\EsetOnlineScanner\log.txt back

Jul88 · le 24 janvier 2008

Coucou,

Alors j'ai relancer un scan Hijackthis j'ai bien cocher la ligne correspondante que tu m'as dis, j'ai réouvert et elle n'y étais plus donc c'est cool par contre toujours avec Hijackthis quand j'ai voulu faire la manip OPEN THE MISC TOOLS SECTION, delete a NT SERVICE.. dans la boite de dialogue j'ai bien mis GENERIC HOST PROCESS FOR WIN-32 SERVICE mais impossible d'allé plus loin car ca me mettait qu'il fallait désactiver ce programme, donc j'ai laisser tomber et j'ai redémarrer mon ordi..

A ma grande surprise, il n'y avait plus cette fenêtre d'erreur!! Merciiiiii!!

J'ai fais le scan avec ESET ONLINE SCANNER et voici le rapport:

a variant of IRC/SdBot trojan

C:\MSNFix\15012008_22592735.zip"ZIP"backup/W0034_jpg.zip

IRC/SdBot trojan

C:\MSNFix\15012008_22592735.zip"ZIP"backup/svchost.exe

a variant of IRC/SdBot trojan

C:\MSNFix\15012008_22592735.zip"ZIP"backup/servicestub.exe

Win32/IRCBot. AAL trojan

C:\MSNFix\15012008_22592735.zip"ZIP"backup/services.exe

a variant of IRC/SdBot trojan

C:\15012008_22592735.zip"ZIP"backup/jtvknq.exe

multiple infiltrations

C:\MSNFix\15012008_22592735.zip

Voila, alors la seule chose que je comprends c'est que 15012008 apparait dans ces 6 trojans et c'est la date a laquelle j'ai eu ce virus.

Rapport Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:26:29, on 24/01/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Apps\Powercinema\PCMService.exe

C:\Norman\bin\ZLH.EXE

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\APPS\SMP\SmpSys.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe

c:\APPS\HIDSERVICE\HIDSERVICE.exe

C:\Norman\Npf\BIN\NPFSVICE.EXE

C:\Norman\Bin\Zanda.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

c:\APPS\Powercinema\Kernel\TV\CLSched.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Norman\bin\niu.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe