Bonjour,

deuis 3 heures j'ai un message qui apparait : " you have a security problem" avec un bouclier rouge avec ne croix blanche

Que dois je faire? aidez moi s'il vous plait !!!!!

Bonjour,

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

merci de ta reponse

voici le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:05:19, on 10/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\Program Files\Controle Parental\bin\optproxy.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\Explorer.EXE
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\UAService7.exe
I:\Program Files\Canon\CAL\CALMAIN.exe
I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
I:\Program Files\QuickTime\QTTask.exe
I:\Program Files\iTunes\iTunesHelper.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
I:\Program Files\Messenger\msmsgs.exe
I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\Program Files\iPod\bin\iPodService.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\MSN Messenger\msnmsgr.exe
I:\Program Files\MSN Messenger\usnsvc.exe
I:\DOCUME~1\Novick\LOCALS~1\Temp\video1018.cfg
I:\WINDOWS\system32\mbszsngb.exe
I:\Documents and Settings\All Users\Application Data\yfqjqfub\gpebkpsx.exe
I:\DOCUME~1\Novick\LOCALS~1\Temp\c.exe
I:\Program Files\SecureExpertCleaner\Reminder.exe
I:\Program Files\SecureExpertCleaner\SEC.exe
I:\Program Files\Internet Explorer\IEXPLORE.EXE
I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
I:\Program Files\PC-Antispy\PC-Antispy.exe
I:\Documents and Settings\Novick\Local Settings\Temporary Internet Files\Content.IE5\67711ITU\HiJackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - I:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - I:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - I:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - I:\WINDOWS\system32\msxml71.dll
O2 - BHO: PC-Antispy Site Blocker Button - {60B244BE-559D-4269-B96E-CD264D828EC9} - I:\Program Files\PC-Antispy\ASpyStBlk.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - I:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SecureExpertCleaner] I:\Program Files\SecureExpertCleaner\sec.exe
O4 - HKLM\..\Run: [Reminder] I:\Program Files\SecureExpertCleaner\Reminder.exe
O4 - HKLM\..\Run: [PC-Antispy] "I:\Program Files\PC-Antispy\PC-Antispy.exe" hide
O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "I:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "I:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AdVantage] "I:\Program Files\AdVantage\AdVantage.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "I:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [updateMgr] "I:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - HKCU\..\Run: [Steam] "I:\Program Files\Valve\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Somefox] I:\DOCUME~1\Novick\LOCALS~1\Temp\video1018.cfg.exe
O4 - HKCU\..\Run: [DscInfo] I:\WINDOWS\system32\mbszsngb.exe
O4 - HKLM\..\Policies\Explorer\Run: [J3QZJ7Q1QV] I:\Documents and Settings\All Users\Application Data\yfqjqfub\gpebkpsx.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: .security
O4 - Global Startup: .security
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - I:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - I:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - I:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://www.mayeticvillage.com/qp2.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - I:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/p [...] wflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED5E6DA4-1F95-48AD-BE36-23B2085804A0}: NameServer = 192.168.5.1
O23 - Service: Apple Mobile Device - Apple, Inc. - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - I:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - I:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Unknown owner - I:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - I:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - I:\WINDOWS\system32\UAService7.exe

--
End of file - 10634 bytes

voila, j'espere que tu pourras m'aider

Re,

Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) !

• Télécharge ComboFix (sUBs) sur ton Bureau.
• Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
• Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

donc voici le rapport :

ComboFix 08-09-05.14 - Novick 2008-09-10 18:23:11.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.245 [GMT 2:00]
Endroit: I:\Documents and Settings\Novick\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

I:\Documents and Settings\Novick\Application Data\inst.exe
I:\Program Files\akl
I:\Program Files\akl\akl.dll
I:\Program Files\akl\akl.exe
I:\Program Files\akl\uninstall.exe
I:\Program Files\akl\unsetup.exe
I:\Program Files\Inet Delivery
I:\Program Files\Inet Delivery\inetdl.exe
I:\Program Files\Inet Delivery\intdel.exe
I:\Program Files\ShoppingReport
I:\Program Files\ShoppingReport\Uninst.exe
I:\WINDOWS\a.bat
I:\WINDOWS\base64.tmp
I:\WINDOWS\bdn.com
I:\WINDOWS\FVProtect.exe
I:\WINDOWS\iTunesMusic.exe
I:\WINDOWS\mslagent
I:\WINDOWS\mslagent\2_mslagent.dll
I:\WINDOWS\mslagent\mslagent.exe
I:\WINDOWS\mslagent\uninstall.exe
I:\WINDOWS\mssecu.exe
I:\WINDOWS\system32\akttzn.exe
I:\WINDOWS\system32\anticipator.dll
I:\WINDOWS\system32\awtoolb.dll
I:\WINDOWS\system32\bdn.com
I:\WINDOWS\system32\bsva-egihsg52.exe
I:\WINDOWS\system32\dpcproxy.exe
I:\WINDOWS\system32\emesx.dll
I:\WINDOWS\system32\h@tkeysh@@k.dll
I:\WINDOWS\system32\hoproxy.dll
I:\WINDOWS\system32\hxiwlgpm.dat
I:\WINDOWS\system32\hxiwlgpm.exe
I:\WINDOWS\system32\medup012.dll
I:\WINDOWS\system32\medup020.dll
I:\WINDOWS\system32\Microsoft\backup.ftp
I:\WINDOWS\system32\Microsoft\backup.tftp
I:\WINDOWS\system32\msgp.exe
I:\WINDOWS\system32\msnbho.dll
I:\WINDOWS\system32\mssecu.exe
I:\WINDOWS\system32\msvchost.exe
I:\WINDOWS\system32\mtr2.exe
I:\WINDOWS\system32\mwin32.exe
I:\WINDOWS\system32\netode.exe
I:\WINDOWS\system32\newsd32.exe
I:\WINDOWS\system32\ps1.exe
I:\WINDOWS\system32\psof1.exe
I:\WINDOWS\system32\psoft1.exe
I:\WINDOWS\system32\regc64.dll
I:\WINDOWS\system32\regm64.dll
I:\WINDOWS\system32\Rundl1.exe
I:\WINDOWS\system32\smp
I:\WINDOWS\system32\smp\msrc.exe
I:\WINDOWS\system32\sncntr.exe
I:\WINDOWS\system32\ssurf022.dll
I:\WINDOWS\system32\ssvchost.com
I:\WINDOWS\system32\ssvchost.exe
I:\WINDOWS\system32\sysreq.exe
I:\WINDOWS\system32\taack.dat
I:\WINDOWS\system32\taack.exe
I:\WINDOWS\system32\temp#01.exe
I:\WINDOWS\system32\thun.dll
I:\WINDOWS\system32\thun32.dll
I:\WINDOWS\system32\uninstall.exe
I:\WINDOWS\system32\urlmsnlink.dat
I:\WINDOWS\system32\VBIEWER.OCX
I:\WINDOWS\system32\vbsys2.dll
I:\WINDOWS\system32\vcatchpi.dll
I:\WINDOWS\system32\winlogonpc.exe
I:\WINDOWS\system32\winsystem.exe
I:\WINDOWS\system32\WINWGPX.EXE
I:\WINDOWS\temp\perflib_perfdata_1cc.dat
I:\WINDOWS\userconfig9x.dll
I:\WINDOWS\winsystem.exe
I:\WINDOWS\zip1.tmp
I:\WINDOWS\zip2.tmp
I:\WINDOWS\zip3.tmp
I:\WINDOWS\zipped.tmp

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-08-10 to 2008-09-10 ))))))))))))))))))))))))))))))))))))
.

2008-09-10 18:36 . 2008-09-10 18:36 94,208 --a------ I:\WINDOWS\system32\clujszwv.exe
2008-09-10 17:18 . 2008-09-10 17:21 <REP> d-------- I:\Documents and Settings\Novick\Application Data\PC-Antispy
2008-09-10 17:18 . 2008-09-10 17:18 25,600 --a------ I:\WINDOWS\system32\drivers\pcantispy.sys
2008-09-10 17:18 . 2008-09-10 17:18 0 --ah----- I:\WINDOWS\.security
2008-09-10 17:16 . 2008-09-10 17:21 <REP> d-------- I:\Program Files\PC-Antispy
2008-09-10 17:13 . 2008-09-10 17:13 <REP> d-------- I:\Documents and Settings\Novick\Application Data\Logs
2008-09-10 17:03 . 2008-09-10 17:13 <REP> d-------- I:\Program Files\SecureExpertCleaner
2008-09-10 17:03 . 2008-09-10 18:20 <REP> d-------- I:\Documents and Settings\All Users\Application Data\SEC
2008-09-10 16:11 . 2008-09-10 16:11 <REP> d-------- I:\Program Files\SAV
2008-09-10 16:11 . 2008-09-10 16:11 <REP> d-------- I:\Documents and Settings\All Users\Application Data\yfqjqfub
2008-09-10 16:11 . 2008-09-10 16:11 117,252 --a------ I:\WINDOWS\system32\msxml71.dll
2008-09-10 16:11 . 2008-09-10 16:11 86,016 --a------ I:\WINDOWS\system32\mbszsngb.exe
2008-09-10 14:38 . 2008-09-10 14:38 <REP> d-------- I:\Program Files\Kristanix
2008-09-10 14:38 . 2008-09-10 14:38 <REP> d-------- I:\Documents and Settings\Novick\Application Data\Password Generator Professional
2008-09-10 14:38 . 2008-09-10 14:38 <REP> d-------- I:\Documents and Settings\All Users\Application Data\TEMP
2008-09-10 14:29 . 2008-09-10 14:29 <REP> d-------- I:\Program Files\JEDISware
2008-09-09 21:31 . 2001-09-03 07:52 766 --a------ I:\WINDOWS\win98Logo.ico
2008-09-08 14:17 . 2008-09-08 14:18 <REP> d-------- I:\Documents and Settings\client\Application Data\ShoppingReport
2008-09-08 14:13 . 2008-09-08 14:13 <REP> d-------- I:\Documents and Settings\Sasha\Application Data\ShoppingReport
2008-09-02 11:42 . 2008-07-22 00:04 245,760 --a------ I:\Program Files\Uninstall Ask Toolbar.dll
2008-09-01 20:19 . 2008-09-01 20:19 <REP> d-------- I:\Program Files\Sports Interactive
2008-09-01 11:05 . 2008-09-01 11:05 <REP> d-------- I:\Program Files\EA GAMES
2008-09-01 10:00 . 2008-09-01 10:01 <REP> d-------- I:\Documents and Settings\LocalService\Application Data\ShoppingReport
2008-09-01 00:25 . 2008-09-01 00:25 50 --a------ I:\WINDOWS\MegaManager.INI
2008-09-01 00:19 . 2008-09-01 00:24 <REP> d-------- I:\Documents and Settings\Novick\Application Data\DMCache
2008-08-31 23:56 . 2008-08-31 23:56 <REP> d-------- I:\Documents and Settings\Novick\Application Data\EmailNotifier
2008-08-31 23:56 . 2008-08-31 23:56 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Megaupload
2008-08-31 23:56 . 2008-08-31 23:56 <REP> d-------- I:\Documents and Settings\All Users\Application Data\EmailNotifier
2008-08-31 20:53 . 2008-09-09 20:01 <REP> d-------- I:\Documents and Settings\Novick\Application Data\ShoppingReport

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-10 16:36 --------- d-----w I:\Documents and Settings\Novick\Application Data\AdobeUM
2008-09-10 14:23 --------- d-----w I:\Documents and Settings\Novick\Application Data\uTorrent
2008-09-07 09:00 --------- d-----w I:\Program Files\Valve
2008-09-02 09:46 --------- d-----w I:\Program Files\AskTBar
2008-09-01 09:48 --------- d-----w I:\Program Files\GameSpy Arcade
2008-09-01 09:46 --------- d--h--w I:\Program Files\InstallShield Installation Information
2008-09-01 07:58 --------- d-----w I:\Program Files\Google
2008-08-30 14:39 --------- d-----w I:\Documents and Settings\All Users\Application Data\TrackMania
2008-07-22 01:44 --------- d-----w I:\Documents and Settings\Novick\Application Data\Vso
2008-07-22 01:44 --------- d-----w I:\Documents and Settings\Novick\Application Data\CopyToDvd
2008-07-22 01:11 47,360 ----a-w I:\WINDOWS\system32\drivers\pcouffin.sys
2008-07-22 01:11 47,360 ----a-w I:\Documents and Settings\Novick\Application Data\pcouffin.sys
2008-07-22 01:11 --------- d-----w I:\Program Files\VSO
2008-07-21 19:36 --------- d-----w I:\Program Files\PSPWare
2008-07-21 19:36 --------- d-----w I:\Program Files\NTFS Undelete
2008-07-11 21:37 --------- d-----w I:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
2007-05-17 11:12 1,714 ----a-w I:\Documents and Settings\Novick\Application Data\SAS7_000.DAT
2006-07-14 14:24 12,814,336 ----a-w I:\Program Files\windowsmediaplayer10setup.exe
2006-07-14 14:21 19,101,391 ----a-w I:\Program Files\klcodec272f.exe
2006-07-14 14:17 8,282,187 ----a-w I:\Program Files\vlc-0.8.5-win32.exe
2006-07-14 11:59 13,884,264 ----a-w I:\Program Files\AdbeRdr70_fra.exe
2006-06-03 10:04 6,844,841 ----a-w I:\Program Files\Gestionnaire_internetLB.exe
2006-05-03 21:40 5,763,072 ----a-w I:\Program Files\WindowsDefender.msi
2006-04-30 16:34 11,132,160 ----a-w I:\Program Files\Avast v2.exe
2006-04-17 21:01 1,014,477 ----a-w I:\Program Files\winRAR351.exe
2006-04-15 12:14 19,318,281 ----a-w I:\Program Files\klcodec271f.exe
2006-04-15 11:57 13,122,160 ----a-w I:\Program Files\WMplayer.exe
2006-04-15 11:43 414,197 ----a-w I:\Program Files\XviD-22032003-1.zip
2006-04-13 17:59 9,692,886 ----a-w I:\Program Files\vlc-0.8.4a-win32.exe
2006-04-13 17:58 3,594,704 ----a-w I:\Program Files\médiaplayerfull.exe
2006-04-13 10:51 15,560,008 ----a-w I:\Program Files\DivXPlay.exe
2006-04-11 19:34 11,135,463 ----a-w I:\Program Files\setup.exe
2006-04-08 20:01 1,465,856 ----a-w I:\Program Files\DSLTest.exe
2006-04-04 17:00 4,653,917 ----a-w I:\Program Files\eMule0.47a-Installer.exe
2006-04-04 15:03 278,528 ----a-w I:\Program Files\Fichiers communs\FDEUnInstaller.exe
2004-07-22 09:51 3,432,656 ----a-w I:\Program Files\ManagedDX.CAB
2004-07-19 21:58 1,156,363 ----a-w I:\Program Files\BDANT.cab
2004-07-19 21:53 976,020 ----a-w I:\Program Files\BDAXP.cab
2004-07-16 13:30 3,858 ----a-w I:\Program Files\directx redist.txt
2004-07-09 13:17 13,265,040 ----a-w I:\Program Files\dxnt.cab
2004-07-09 08:13 703,080 ----a-w I:\Program Files\BDA.cab
2004-07-09 08:13 15,493,481 ----a-w I:\Program Files\DirectX.cab
2004-07-09 03:08 472,576 ----a-w I:\Program Files\dxsetup.exe
2004-07-09 03:08 2,242,560 ----a-w I:\Program Files\dsetup32.dll
2004-07-09 02:03 62,976 ----a-w I:\Program Files\DSETUP.dll
2004-03-11 11:27 40,960 ----a-w I:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{60B244BE-559D-4269-B96E-CD264D828EC9}]
2008-09-10 17:17 208896 --a------ I:\Program Files\PC-Antispy\ASpyStBlk.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="I:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"swg"="I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-16 68856]
"MSMSGS"="I:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"DAEMON Tools Lite"="I:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-01-17 486856]
"updateMgr"="I:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Steam"="I:\Program Files\Valve\Steam\Steam.exe" [2008-09-07 1271032]
"DscInfo"="I:\WINDOWS\system32\mbszsngb.exe" [2008-09-10 86016]
"SmartProc"="I:\WINDOWS\system32\clujszwv.exe" [2008-09-10 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="I:\Program Files\QuickTime\QTTask.exe" [2008-03-28 413696]
"iTunesHelper"="I:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"SecureExpertCleaner"="I:\Program Files\SecureExpertCleaner\sec.exe" [2008-08-18 1556480]
"Reminder"="I:\Program Files\SecureExpertCleaner\Reminder.exe" [2008-08-14 480768]
"PC-Antispy"="I:\Program Files\PC-Antispy\PC-Antispy.exe" [2008-09-10 11124736]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="I:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"J3QZJ7Q1QV"="I:\Documents and Settings\All Users\Application Data\yfqjqfub\gpebkpsx.exe" [2008-09-10 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv41"= ir41_32.dll
"msacm.l3acm"= l3codecp.acm
"VIDC.PIM1"= pclepim1.dll

[HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=I:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk]
path=I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk
backup=I:\WINDOWS\pss\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
--a------ 2008-05-16 01:19 79224 I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--------- 2004-08-05 14:00 15360 I:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DNS7reminder]
--a------ 2006-06-30 04:45 1404928 I:\Program Files\Nuance\NaturallySpeaking9\Program\ereg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2006-04-09 21:57 122368 I:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
--a------ 2006-05-16 17:58 213936 I:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-03-30 10:36 267048 I:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
--a------ 2005-06-08 14:44 196608 I:\Program Files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2005-06-08 15:24 458752 I:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2005-06-08 15:14 217088 I:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 18:24 1694208 I:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-01-19 12:55 5674352 I:\Program Files\MSN Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerBar]
--------- 2004-04-21 10:26 86016 I:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 I:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-12-08 17:35 32768 I:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
--a------ 2003-09-29 16:00 155648 I:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-09-25 02:11 132496 I:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-16 10:55 68856 I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2007-01-23 22:53 185896 I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"I:\\Program Files\\Electronic Arts\\La Bataille pour la Terre du Milieu II\\game.dat"=
"I:\\Program Files\\Electronic Arts\\La Bataille pour la Terre du Milieu II\\patchget.dat"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"I:\\WINDOWS\\system32\\dpvsetup.exe"=
"I:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"I:\\Program Files\\MSN Messenger\\livecall.exe"=
"I:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"I:\\Program Files\\LimeWire\\LimeWire.exe"=
"I:\\Program Files\\uTorrent\\uTorrent.exe"=
"I:\\WINDOWS\\system32\\rtcshare.exe"=
"I:\\Program Files\\Valve\\Steam\\SteamApps\\novdjama\\condition zero\\hl.exe"=
"I:\\Program Files\\Valve\\Steam\\Steam.exe"=
"I:\\Program Files\\Pro Evolution Soccer 2008\\PES2008.exe"=
"I:\\Program Files\\iTunes\\iTunes.exe"=
"I:\\Program Files\\TmNationsForever\\TmForever.exe"=
"I:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"I:\\Documents and Settings\\Novick\\Bureau\\Documents de Novick\\Jeux\\Half-Life 2\\hl2.exe"=
"I:\\Program Files\\Valve\\Counter-Strike Source\\hl2.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)

R1 aswSP;avast! Self Protection;I:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 78416]
R1 pcantispy;pcantispy;I:\WINDOWS\system32\drivers\pcantispy.sys [2008-09-10 25600]
R2 aswFsBlk;aswFsBlk;I:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 20560]
R2 OPTENET_FILTER;Control Parental;I:\Program Files\Controle Parental\bin\optproxy.exe [2006-03-02 564400]
S3 ausbccgp;ausbccgp;I:\DOCUME~1\Novick\LOCALS~1\Temp\ausbccgp.sys [ ]
S3 Boonty Games;Boonty Games;I:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2006-12-02 69120]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;I:\WINDOWS\system32\drivers\libusb0.sys [2005-03-09 33792]
S3 SetupNTGLM7X;SetupNTGLM7X;G:\NTGLM7X.sys [ ]
S3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;I:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2006-01-09 261632]
S3 USB-100;SMC Compact USB to Ethernet converter;I:\WINDOWS\system32\DRIVERS\SMC2208.SYS [2001-09-25 27519]
S3 wacpiec;wacpiec;I:\DOCUME~1\Novick\LOCALS~1\Temp\wacpiec.sys [ ]
S3 xdiskdum;xdiskdum;I:\DOCUME~1\Novick\LOCALS~1\Temp\xdiskdum.sys [ ]
S3 ZDCndis5;ZDCndis5 Protocol Driver;I:\WINDOWS\system32\ZDCndis5.SYS [ ]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28708558-8eba-11da-8cbe-0011d893c366}]
\Shell\AutoRun\command - J:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9b6b70a-b386-11da-8d12-0011d893c366}]
\Shell\AutoRun\command - D:\LaunchU3.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
.
- - - - ORPHANS REMOVED - - - -

BHO-{140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
WebBrowser-{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - I:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
HKCU-Run-AdVantage - I:\Program Files\AdVantage\AdVantage.exe
MSConfigStartUp-DAEMON Tools - I:\Program Files\DAEMON Tools\daemon.exe
MSConfigStartUp-NBJ - I:\Program Files\Ahead\Nero BackItUp\NBJ.exe
MSConfigStartUp-NeroFilterCheck - I:\WINDOWS\system32\NeroCheck.exe
MSConfigStartUp-Savedeaf - I:\DOCUME~1\Novick\APPLIC~1\BOOKCL~1\binuploadseek.exe
MSConfigStartUp-WOOKIT - I:\Program Files\Wanadoo\Shell.exe
MSConfigStartUp-WOOTASKBARICON - I:\PROGRA~1\Wanadoo\GestMaj.exe
MSConfigStartUp-WOOWATCH - I:\PROGRA~1\Wanadoo\Watch.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - I:\Documents and Settings\Novick\Application Data\Mozilla\Firefox\Profiles\aum7sahf.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-10 18:35:35
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...


I:\WINDOWS\system32\clujszwv.exe 94208 bytes executable

Scan termin‚ avec succŠs
Les fichiers cach‚s: 1

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
I:\WINDOWS\system32\ati2evxx.exe
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\WINDOWS\system32\UAService7.exe
I:\Program Files\Canon\CAL\CALMAIN.exe
I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\WINDOWS\system32\ati2evxx.exe
I:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-09-10 18:47:43 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-10 16:47:34

Pre-Run: 6,469,722,112 octets libres
Post-Run: 10,509,746,176 octets libres

337 --- E O F --- 2008-09-09 19:59:52

verdict ? lol

up

Tu connais la patience ? J'ai le droit de sortir de chez moi hein.

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

• Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
• Afin de lancer la recherche, clic sur"Rechercher".
• Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

AIDE : Tuto en images sur MBAM

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1137
Windows 5.1.2600 Service Pack 2

11/09/2008 19:04:06
mbam-log-2008-09-11 (19-04-06).txt

Type de recherche: Examen complet (I:\|)
Eléments examinés: 280578
Temps écoulé: 1 hour(s), 42 minute(s), 31 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 12
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 34
Fichier(s) infecté(s): 63

Processus mémoire infecté(s):
I:\Program Files\SecureExpertCleaner\Reminder.exe (Rogue.SecureExpertCleaner) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
I:\Program Files\SecureExpertCleaner\mfc80.dll (Rogue.SecureExpertCleaner) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{60b244be-559d-4269-b96e-cd264d828ec9} (Rogue.PCAntispy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60b244be-559d-4269-b96e-cd264d828ec9} (Rogue.PCAntispy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\pcantispy (Rogue.PCAntispy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\pcantispy (Rogue.PCAntispy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pcantispy (Rogue.PCAntispy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\pc-antispy (Rogue.PCAntispy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3p_usecfr_is1 (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\PC-Antispy (Rogue.PCAntispy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\PC-Antispy (Rogue.PCAntispy) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dscinfo (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smartproc (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\j3qzj7q1qv (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pc-antispy (Rogue.PCAntispy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reminder (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\secureexpertcleaner (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
I:\Program Files\PC-Antispy (Rogue.PCAntispy) -> Delete on reboot.
I:\Program Files\SecureExpertCleaner (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
I:\Program Files\SecureExpertCleaner\Download (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
I:\Program Files\SecureExpertCleaner\Microsoft.VC80.CRT (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
I:\Documents and Settings\Sasha\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\Sasha\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\Sasha\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\Sasha\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\Sasha\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\Sasha\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\Novick\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\Novick\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\Novick\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\Novick\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\Novick\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\Novick\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\LocalService\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\LocalService\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
I:\Documents and Settings\LocalService\Application Data\