Sujet Précédent Sujet Suivant

[Virus] Besoin d'aide (Backdoor & Bloodhound)

thomas_wag Messages postés 7 Statut Membre -  
thomas_wag Messages postés 7 Statut Membre -
Bonjour,

Mon ordi est infecté par 2 virus : Backdoor.IRC... et Bloodhound. Morphine.

Symantec les a détecté mais n'arrive pas ni à les éliminer ni à la mettre en quarantaine.

J'aurais besoin de votre aide !!

Merci beaucoup.
A voir également:

11 réponses

Réponse 1 / 11
thomas_wag Messages postés 7 Statut Membre
 
Bon, je me réponds à moi-même pour vous donner plus d'infos.

Les 2 virus (infos données par des messages d'alerte de Symntec Antivirus) :

Backdoor.IRC.RPCBot.C
sur les fichiers :
C:\Recycler\bin\KaHT.exe\
et
C:\System Volume Information\-restore{58...(plein de chiffre)...}\RP201\A0023253.exe\

et

Bloodhound.Morphine
sur les fichiers
C:\Windows\system32\dllcache\winser.exe\
et
C:\smss.exe\

Ensuite j'ai lu des posts dans le forum virus et j'ai téléchargé et fait un scan avec HijackThis. Voici le logfile :

Logfile of HijackThis v1.99.1
Scan saved at 18:07:27, on 16/07/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\dllcache\winser.exe
C:\WINDOWS\system32\dllcache\winmapi.exe
C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\oneclick\oneclick.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\carpserv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Toto\Mes documents\Logiciels\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/2Q00CPT/040C/bF8.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consume...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consume...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [OneClick] "C:\Program Files\oneclick\oneclick.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://www.1-click.com/common/files/installer-hidden-test.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Windows Timer (Timer) - Unknown owner - C:\WINDOWS\system32\dllcache\winser.exe
O23 - Service: winmapi - Unknown owner - C:\WINDOWS\system32\dllcache\winmapi.exe

Merci de votre aide.

Thomas
0
Réponse 2 / 11
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Salut

Télécharge la version d'évaluation d'Ewido:
https://www.avg.com/en-ww/homepage

Installe et mets à jour.

Important: Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu".

Démarre Ewido avec l'icône qui se trouve sur ton Bureau. Clique sur mise à jour, attendre la fin de cette mise à jour puis, ferme le programme.

Redémarre en mode Sans Échec (au démarrage, tapote immédiatement la touche F8, puis tu verras un écran avec choix de démarrages : choisis "Mode sans échec" avec les flèches du clavier, puis valide avec "Entrée". Choisis ton compte usuel (et non Administrateur). Relance Ewido et clique sur scanner puis sur scan complet du système.

Si des fichiers infectés sont trouvés, garde l'option par défaut Supprimer (avec la ligne "Créer des copies de sauvegarde cryptées dans la quarantaine" cochée), et coche "Effectuer cette action avec toutes les infections".

A la fin du scan, sauvegarde le rapport (Fichier/Enregistrer sous...) sur le Bureau. Redémarre en mode normal.
0
Réponse 3 / 11
thomas_wag Messages postés 7 Statut Membre
 
J'ai téléchargé la version 4.0 de Ewido.

Par contre il me proposait jamais de page "additional options", j'ai donc pas pu décocher les deux options "Install background guard" et "Install scan via context menu".

Voilà le scan obtenu :

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 23:21:24 16/07/2006

+ Scan result:

C:\WINDOWS\system32\dllcache\winmapi.exe -> Backdoor.Delf.tz : No action taken.
C:\WINDOWS\system32\dllcache\winser.exe -> Heuristic.Win32.Morphine-Crypted : No action taken.
:mozilla.46:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.50:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.51:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.52:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.53:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.54:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.55:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.131:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.132:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Toto\Cookies\toto@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.164:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.165:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.185:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.186:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.187:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.133:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.56:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Toto\Cookies\toto@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.217:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.218:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.220:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.222:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.194:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
:mozilla.20:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.62:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Estat : No action taken.
:mozilla.68:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.69:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.71:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.72:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.76:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.77:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Toto\Cookies\toto@as1.falkag[1].txt -> TrackingCookie.Falkag : No action taken.
:mozilla.215:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.216:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.213:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.214:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.17:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.197:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.198:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.199:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.200:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.254:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.255:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.160:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.161:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.236:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.57:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.58:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.61:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.63:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\Toto\Cookies\toto@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.253:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.70:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.73:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.86:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Valueclick : No action taken.
:mozilla.87:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Valueclick : No action taken.
:mozilla.102:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.103:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.104:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
C:\Documents and Settings\Toto\Cookies\toto@weborama[2].txt -> TrackingCookie.Weborama : No action taken.
:mozilla.81:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Toto\Local Settings\Temporary Internet Files\Content.IE5\OPGTQVG9\603479[1].exe -> Trojan.Dialer.q : No action taken.

::Report end

Est-ce que je dois faire autre chose ??

Merci en tout cas
0
Réponse 4 / 11
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Salut

Oui relance ewido et choisis l option supprimer
La tu as choisis no action, il faut les supprimer.

a+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 11
thomas_wag Messages postés 7 Statut Membre
 
En fait j'ai enregistré le mauvais scan. J'avais bien choisi l'action supprimer.

J'ai quand même refait la manip et je te montre le nouveau scan qu'Ewido a généré :

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 18:30:00 18/07/2006

+ Scan result:

:mozilla.10:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.11:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.8:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.9:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.43:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.48:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.36:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.12:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Toto\Cookies\toto@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.73:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.72:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.74:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.75:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.76:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.77:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.78:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.79:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Toto\Cookies\toto@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.66:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.70:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.71:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Toto\Cookies\toto@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.28:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.29:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.81:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.82:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.30:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.31:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.114:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.15:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

::Report end
---------------------------------------------------------------------

Hier, Symantec a reaffiché la présence du virus Bloodhound.Morphine mais quand j'ai fait un scan de mon ordi avec Symantec, il a rien détecté cette fois...

Comment savoir si mon ordi est bien clean ??

Merci pour ton aide en tout cas.
0
Réponse 6 / 11
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Salut

Remet un hijack this stp

a+
0
Réponse 7 / 11
thomas_wag Messages postés 7 Statut Membre
 
Voilà un nouveau Hijackthis !!

Logfile of HijackThis v1.99.1
Scan saved at 19:51:16, on 18/07/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\HPConfig.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\oneclick\oneclick.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\carpserv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Toto\Mes documents\Logiciels\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/2Q00CPT/040C/bF8.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consume...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consume...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [OneClick] "C:\Program Files\oneclick\oneclick.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://www.1-click.com/common/files/installer-hidden-test.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Windows Timer (Timer) - Unknown owner - C:\WINDOWS\system32\dllcache\winser.exe (file missing)
O23 - Service: winmapi - Unknown owner - C:\WINDOWS\system32\dllcache\winmapi.exe (file missing)
0
Réponse 8 / 11
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Salut

¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

Puis,

Rend toi sur ce site :
http://www.virustotal.com/xhtml/virustotal_en.html
Clik sur parcourir
Recherche ceci :
C:\WINDOWS\system32\dllcache\winmapi.exe
Clik send et colle le rapport stp

Et aussi celui ci:
C:\WINDOWS\system32\dllcache\winser.exe

A+
0
Réponse 9 / 11
thomas_wag Messages postés 7 Statut Membre
 
Hello,

J'ai bien fait l'étape Hijackthis.

Par contre sur http://www.virustotal.com/xhtml/virustotal_en.html puis parcourir, je trouve pas le fichier "dllcache" dans le fichier "system32"

Donc je suis bloqué...

A +
0
Réponse 10 / 11
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Salut

Lance un scan avec ewido et donne le rapport

a+
0
Réponse 11 / 11
thomas_wag Messages postés 7 Statut Membre
 
Salut,

Voilà la scan Ewido :

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:48:13 20/07/2006

+ Scan result:

:mozilla.10:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.11:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.12:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.13:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.14:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.187:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Toto\Cookies\toto@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.42:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.43:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.19:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.20:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.27:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.9:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Toto\Cookies\toto@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.166:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.167:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.168:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.134:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.53:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.92:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.93:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.94:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.95:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.96:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.97:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Toto\Cookies\toto@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.28:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.54:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.55:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.56:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.57:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.125:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.126:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.127:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.128:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.129:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.130:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.131:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.132:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.113:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.29:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.31:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.32:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Toto\Cookies\toto@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.23:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.24:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.123:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.78:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.79:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.70:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Toto\Cookies\toto@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.201:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.80:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.81:C:\Documents and Settings\Toto\Application Data\Mozilla\Firefox\Profiles\n1qvrxii.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

::Report end

Merci encore.
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
Site pour regarder animé sans virus
ShaylahScarlet -
bendrop -

1 réponse