Enregister le rapport

Malwarebytes' Anti-Malware 1.11
Version de la base de données: 714

Type de recherche: Examen rapide
Eléments examinés: 53897
Temps écoulé: 15 minute(s), 32 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 41
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 24

Processus mémoire infecté(s):
d:\program files\Svconr\Svconr.exe (Trojan.Clicker) -> No action taken.

Module(s) mémoire infecté(s):
d:\program files\Spcron\Spcron.dll (Adware.Agent) -> No action taken.

D:\WINDOWS\system32\{5330593b-78a1-57f8-d66c-536ca
6672d43}.dll (Trojan.Agent) -> No action taken.

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-c
bf84a3efaf6} (Adware.Agent) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr
entVersion\Explorer\Browser Helper Objects\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Adware.Agent) -> No action taken.

HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1
cac015c967d} (Adware.BHO) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{1e404d48-670a-4085-a6
a0-d195793ddd33} (Adware.BHO) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{9f593aac-ca4c-4a41-a7
ff-a00812192d61} (Adware.BHO) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{749ec66f-a838-4b38-b8e5
-e65d905fff74} (Adware.BHO) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{1e404d48-670a-4085-a6a0-d
195793ddd33} (Adware.BHO) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{3d87b50d-542a-45b6-96e9-f
03cfaa8c962} (Adware.BHO) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{3d87b50d-542a-45b6-96e9-f03cfaa8c962} (Adware.BHO) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{ceb9c60d-f0ad-4b73-a3ab-4
fc822e38d66} (Adware.BHO) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{ceb9c60d-f0ad-4b73-a3
ab-4fc822e38d66} (Adware.BHO) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{1601d447-7424-4866-8d
cc-acf98a2a41e1} (Adware.BHO) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{c3c0ec2c-2c1c-495c-9ad0
-1f0ef833d7b5} (Adware.BHO) -> No action taken.

HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3
f191ac0fe23} (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-ac
a4-949778400813} (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041
-03535909d361} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr
entVersion\Uninstall\{a394e835-c8d6-4b4b-884b-d270
9059f3be} (Trojan.Network.Monitor) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr
entVersion\Uninstall\{3877c2cd-f137-4144-bdb2-0a81
1492f920} (Trojan.Downloader) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr
entVersion\Uninstall\mysearchassistant (Adware.BHO) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr
entVersion\Uninstall\gooochi (Adware.Rotator) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{f475df48-e945-d83f-108f-8
95fa45662f1} (Trojan.Agent) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr
entVersion\Explorer\Browser Helper Objects\{f475df48-e945-d83f-108f-895fa45662f1} (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Adware.BHO) -> No action taken.
HKEY_CURRENT_USER\Software\MySidesearch (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr
entVersion\Uninstall\Deewoo Network Manager (Adware.Radio) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic
es\cmdService (Adware.CommAd) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic
es\Network Monitor (Trojan.Service) -> No action taken.

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre
ntVersion\Run\Svconr (Trojan.Clicker) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr
entVersion\Explorer\ShellExecuteHooks\{bc7d8de8-ef
3d-4f44-8b54-03759fac1367} (Trojan.Vundo) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
D:\Program Files\Network Monitor (Trojan.DNSChanger) -> No action taken.
D:\Program Files\Temporary (Trojan.Agent) -> No action taken.
D:\Program Files\Svconr (Trojan.Agent) -> No action taken.
D:\Program Files\Spcron (Trojan.Agent) -> No action taken.
D:\Documents and Settings\LocalService\Application Data\NetMon (Trojan.NetMon) -> No action taken.

Fichier(s) infecté(s):
d:\program files\Svconr\Svconr.exe (Trojan.Clicker) -> No action taken.
d:\program files\Spcron\Spcron.dll (Adware.Agent) -> No action taken.
D:\WINDOWS\system32\myss_sb.dll (Adware.BHO) -> No action taken.
D:\WINDOWS\system32\atmtd.dll (Adware.TargetSaver) -> No action taken.
D:\WINDOWS\system32\atmtd.dll._ (Adware.TargetSaver) -> No action taken.
D:\WINDOWS\system32\jownw64j.exe (Adware.ZeroSearch) -> No action taken.

D:\WINDOWS\system32\mysidesearch_sidebar_uninstall
.exe (Adware.BHO) -> No action taken.
D:\WINDOWS\system32\myss_sb_uninstall.exe (Adware.BHO) -> No action taken.
D:\WINDOWS\system32\qoMgDuTK.dll (Trojan.Vundo) -> No action taken.
D:\WINDOWS\system32\rwwnw64d.exe (Adware.ZeroSearch) -> No action taken.

D:\WINDOWS\system32\{5330593b-78a1-57f8-d66c-536ca
6672d43}.dll-uninst.exe (Adware.Rotator) -> No action taken.
D:\WINDOWS\b155.exe (Trojan.Dropper) -> No action taken.
D:\WINDOWS\b156.exe (Adware.Insider) -> No action taken.
D:\WINDOWS\mrofinu1000106.exe (Trojan.Downloader) -> No action taken.
D:\WINDOWS\mrofinu1188.exe (Trojan.Downloader) -> No action taken.
D:\WINDOWS\uninstall_nmon.vbs (Malware.Trace) -> No action taken.
D:\Documents and Settings\Mickael.ADMIN-655D20B3D\Local Settings\Temp\tmp45.tmp (Trojan.Agent) -> No action taken.
D:\Documents and Settings\Papa\Local Settings\Temporary Internet Files\Content.IE5\IG71TW8N\css4[1] (Trojan.Vundo) -> No action taken.
D:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt (Trojan.NetMon) -> No action taken.
D:\Documents and Settings\LocalService\Application Data\NetMon\log.txt (Trojan.NetMon) -> No action taken.

D:\WINDOWS\system32\{5330593b-78a1-57f8-d66c-536ca
6672d43}.dll (Trojan.Agent) -> No action taken.
D:\WINDOWS\system32\pac.txt (Malware.Trace) -> No action taken.
D:\WINDOWS\system32\msnav32.ax (Malware.Trace) -> No action taken.
D:\WINDOWS\system32\zxdnt3d.cfg (Malware.Trace) -> No action taken.

C'est bon tu peux tout supprimer

Bon je redémarre et après c'est fini ?

Non Aprés il faut que tu fasse attention

Pas de sites cehlou et tout et tout

oui, et fais nous un petit rapport HJT (et je te conseille vivement de changer d'antivirus, avast est largement plus mauvais qu'antivir, gratuit lui aussi

En faite j'ai installé avast hier parce que j'ai eu un autres pb ya deux semaine (l'ordi c'est reformatétout seul ) et comme chui partit ces 2 semaines ba en revenat j'ai installé sa

Bon je vais voir pour antivir.

Sinon merci de ton aide

Voila :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:33:59, on 04/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Logitech\Desktop
Messenger\8876480\Program\LogitechDesktopMessenger
.exe
D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
D:\Program Files\Club-Internet\Le Compagnon Club\bin\lecompagnonclub.exe
D:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
D:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\PnkBstrB.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 -
HKCU\Software\Microsoft\Windows\CurrentVersion\Int
ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = D:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop
Messenger\8876480\Program\LogitechDesktopMessenger
.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1208621345531
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_13.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab?AuthParam=1208725699_8d5782b0f2aa8889e141fa68c19453db&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop
Messenger\8876480\Program\GAPlugProtocol-8876480.d
ll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - D:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 6680 bytes

Je vais y aller , si tu as d'autres choses a signaler, dis le moi stp.

c'est bon, t'es plus infecté

-> No action taken.

Refais une analyse avec MAM et supprime les objets infectieux !!