Hola ,
Es la segunda vez que escribo, y no tengo respuesta. Por favor necesito su aseroramiento para liberarme de este problema; este es mi scaneo. Ayudenme por favor!!!!!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:56:15, on 13/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\system32\svchost.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\system32\drivers\STDSB.exe
C:\WINDOWS\system32\drivers\Icon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\tdtpevshcbpn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\eMule\eMule.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 212.150.54.250 dv-networks.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: InstaFinder_K - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL (file missing)
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\system32\drivers\STDSB.exe
O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DXDllRegExe] C:\WINDOWS\system32\dxdllreg.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [hpcmd] C:\WINDOWS\system32\spool\cmd.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [tdtpevshcbpn] C:\WINDOWS\system32\tdtpevshcbpn.exe
O4 - HKLM\..\Run: [cjknstbnvdk] C:\WINDOWS\system32\cjknstbnvdk.exe
O4 - HKCU\..\Run: [TVAgent WiFi] C:\Program Files\Assistant de connexion WiFi\Wizard\Agent_WiFi.exe
O4 - HKCU\..\Run: [Skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\linkprd.exe /res
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1071_em_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by120fd.bay120.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h30155.www3.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install3.5/installer.exe
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

Hola medialuna, te doy la bienvenida al Foro de InfoSpyware.

Paso 1- Descarga, Instala y/o actualiza estos programas: (pero no los ejecutes aun).

• ComboFix.exe
• SUPERAntiSpyware

Paso 2- Con todos los programas cerrados ejecuta el HijackThis y dale a estas entradas:


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb

O2 - BHO: InstaFinder_K - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL (file missing)

O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe

O4 - HKLM\..\Run: [hpcmd] C:\WINDOWS\system32\spool\cmd.exe

O4 - HKLM\..\Run: [tdtpevshcbpn] C:\WINDOWS\system32\tdtpevshcbpn.exe
O4 - HKLM\..\Run: [cjknstbnvdk] C:\WINDOWS\system32\cjknstbnvdk.exe

O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\linkprd.exe /res

O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1071_em_XP.cab

O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe

O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll



Paso 3- Ejecuta estas herramientas, de a una:

• SUPERAntiSpyware

Paso 4- Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

Reinicia y nos contas los resultados. junto con el reporte de CF.

Salu2

Mi salvador, el Piedra!!!!!!

Mil gracias por ayudarme, he seguido tus indicaciones, al menos internet se abrio normalmente, y hasta el momento no se abre ningun avast mensaje sospechoso. Sabes que tenia mas de 200 infecciones. Si que estaba muy enferma. Espero no haber contagiado a nadie màs!

No te habia dicho que tenia Avast como antivirus, lo he desinstalado. Es que el Superspyware reemplaza muy bien a Avast? debo dejarlo o borrarlo? Qué debo hacer con Combo fix, puedo borrarlo de mi sistema? tendré algun problema? No se si reinstalar Avast, espero tus consejos.

Este es el reporte de Combofix

ComboFix 08-02-14.1 - cécilia 2008-02-14 12:02:48.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.431 [GMT 1:00]
Endroit: C:\Program Files\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\cécilia\Application Data\MessengerSkinner
C:\Documents and Settings\cécilia\Application Data\MessengerSkinner\Userdata\languages_v2.xml
C:\Documents and Settings\cécilia\Application Data\MessengerSkinner\Userdata\pack1.cab
C:\Program Files\instant access
C:\Program Files\instant access\Center\NoCreditCard.upd
C:\Program Files\instant access\Center\sexe69.lnk
C:\Program Files\instant access\Center\sexe69.upd
C:\Program Files\instant access\Center\tray1.ico
C:\Program Files\instant access\DesktopIcons\sexe69.lnk
C:\Program Files\instant access\Multi\20061122161121\Common\module.php
C:\Program Files\instant access\Multi\20061122161121\Common\module.php_0.lo ginvis
C:\Program Files\instant access\Multi\20061122161121\dialerexe.ini
C:\Program Files\instant access\Multi\20061122161121\js\js_api_dialer.php
C:\Program Files\instant access\Multi\20061122161121\medias\button1.jpg
C:\Program Files\instant access\Multi\20061122161121\medias\button2.jpg
C:\Program Files\instant access\Multi\20061122161121\medias\button3.jpg
C:\Program Files\instant access\Multi\20061122161121\medias\button4.jpg
C:\Program Files\instant access\Multi\20061122161121\medias\dialer.ico
C:\WINDOWS\dialerexe.ini
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\drivers\Icon.exe
C:\WINDOWS\system32\nvs2.inf
c:\WINDOWS\system32\tzdfuq.dat
C:\WINDOWS\system32\tzdfuq.exe
C:\WINDOWS\system32\tzdfuq_nav.dat
C:\WINDOWS\system32\tzdfuq_navps.dat
C:\WINDOWS\tmlpcert2007

.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-14 to 2008-02-14 ))))))))))))))))))))))))))))))))))))
.

2008-02-14 12:04 . 2008-02-14 12:04 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-14 12:04 . 2008-02-14 12:04 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-14 08:42 . 2008-02-14 11:59 <REP> d-------- C:\Program Files\SUPERAntiSpyware
2008-02-14 08:42 . 2008-02-14 08:42 <REP> d-------- C:\Documents and Settings\cécilia\Application Data\SUPERAntiSpyware.com
2008-02-14 08:42 . 2008-02-14 08:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-14 08:29 . 2008-02-14 08:29 5,914,648 --a------ C:\Program Files\SUPERAntiSpyware.exe
2008-02-14 08:24 . 2008-02-14 08:24 1,597,222 --a------ C:\Program Files\ComboFix.exe
2008-02-14 03:01 . 2008-02-14 03:02 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-02-13 10:54 . 2008-02-13 10:55 22,845,992 --a------ C:\Program Files\AdbeRdr80_fr_FR.exe
2008-02-13 10:54 . 2008-02-13 10:54 867,424 --a------ C:\Program Files\GoogleToolbarInstaller_ADBx_fr_401019_signed .exe
2008-02-13 10:06 . 2008-02-13 10:08 <REP> d-------- C:\Program Files\PhotoFiltre
2008-02-13 10:05 . 2008-02-13 10:06 1,685,156 --a------ C:\Program Files\pf-setup-en.exe
2008-02-12 20:52 . 2008-02-12 20:52 <REP> d-------- C:\Documents and Settings\cécilia\System
2008-02-12 20:52 . 2008-02-12 20:52 <REP> d-------- C:\Documents and Settings\cécilia\System
2008-02-12 20:52 . 2008-02-12 20:59 <REP> d-------- C:\Documents and Settings\cécilia\Application Data\SmartDraw
2008-02-08 07:54 . 2008-02-08 07:54 <REP> d-------- C:\Documents and Settings\cécilia\Application Data\VideoEgg
2008-02-06 06:58 . 2008-02-06 06:58 <REP> d-------- C:\Program Files\Fichiers communs\DAZ
2008-02-05 17:44 . 2008-02-05 17:45 <REP> d-------- C:\Program Files\Windows Live
2008-02-05 17:44 . 2008-02-05 17:44 2,402,832 --a------ C:\Program Files\WLinstaller.exe
2008-02-05 17:41 . 2008-02-05 17:41 <REP> d-------- C:\Program Files\Trend Micro
2008-02-05 08:22 . 2008-02-05 13:26 812,344 --a------ C:\Program Files\scanner.exe
2008-02-02 23:24 . 2008-02-02 23:24 407,680 --a------ C:\Program Files\aswclnrnettoyer.exe
2008-01-31 21:20 . 2008-01-31 15:16 114,688 --a------ C:\WINDOWS\system32\cjknstbnvdk.exe
2008-01-31 21:18 . 2008-01-31 15:16 114,688 --a------ C:\WINDOWS\system32\spacm.exe
2008-01-31 21:17 . 2008-01-31 15:16 114,688 --a------ C:\WINDOWS\system32\tdtpevshcbpn.exe
2008-01-29 07:32 . 2008-01-29 07:32 283,688 --a------ C:\Program Files\EmoticonesAnimaux.exe
2008-01-27 17:52 . 2008-01-27 17:52 283,648 --a------ C:\WINDOWS\system32\rumrix.exe
2008-01-27 09:34 . 2008-01-28 10:51 300,032 --a------ C:\WINDOWS\system32\jenrhl.exe
2008-01-26 23:11 . 2008-01-26 23:11 308,736 --a------ C:\WINDOWS\system32\ifhcstlot.exe
2008-01-25 15:53 . 2008-01-25 15:53 300,032 --a------ C:\WINDOWS\system32\ugkkenhuv.exe
2008-01-24 06:42 . 2008-01-24 06:42 304,640 --a------ C:\WINDOWS\system32\xxwovs.exe
2008-01-23 21:43 . 2008-01-23 21:43 311,808 --a------ C:\WINDOWS\system32\sgfstdeacx.exe
2008-01-23 09:07 . 2008-01-23 09:07 308,224 --a------ C:\WINDOWS\system32\kuropdlci.exe
2008-01-22 18:15 . 2008-01-24 18:11 311,296 --a------ C:\WINDOWS\system32\lyrsed.exe
2008-01-22 12:16 . 2008-01-23 12:59 305,664 --a------ C:\WINDOWS\system32\tpvmwjhqew.exe
2008-01-21 20:38 . 2008-01-22 20:29 294,912 --a------ C:\WINDOWS\system32\dwlohpu.exe
2008-01-21 14:09 . 2008-01-21 14:09 299,008 --a------ C:\WINDOWS\system32\asajhbjtt.exe
2008-01-19 16:35 . 2008-01-19 16:35 312,832 --a------ C:\WINDOWS\system32\ytcjpfw.exe
2008-01-18 22:31 . 2008-01-21 11:31 317,440 --a------ C:\WINDOWS\system32\pwltyg.exe
2008-01-18 18:20 . 2008-01-19 18:17 288,256 --a------ C:\WINDOWS\system32\rqwawsnrue.exe
2008-01-18 09:54 . 2008-01-19 09:27 306,688 --a------ C:\WINDOWS\system32\pjuhuuabe.exe
2008-01-18 07:05 . 2008-01-21 07:54 313,856 --a------ C:\WINDOWS\system32\ktgcug.exe
2008-01-17 19:08 . 2008-01-17 19:26 274,432 --a------ C:\WINDOWS\system32\lfplzj.exe
2008-01-17 16:23 . 2008-01-17 16:23 <REP> d-------- C:\Program Files\Fichiers communs\Sonic
2008-01-17 08:13 . 2008-01-17 08:13 307,712 --a------ C:\WINDOWS\system32\einkuc.exe
2008-01-16 06:32 . 2008-01-16 06:32 293,888 --a------ C:\WINDOWS\system32\vvfsnpymk.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-14 10:08 --------- d-----w C:\Documents and Settings\cécilia\Application Data\OpenOffice.org2
2008-02-13 13:35 --------- d-----w C:\Documents and Settings\cécilia\Application Data\gtk-2.0
2008-02-13 09:57 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-07 15:14 --------- d-----w C:\Program Files\Sonic
2008-02-07 14:36 --------- d-----w C:\Program Files\SLD Codec Pack
2008-02-05 16:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-02 22:45 644 ----a-w C:\Program Files\aswclnrnettoyer.log
2008-01-29 06:10 --------- d-----w C:\Documents and Settings\cécilia\Application Data\Image Zone Express
2008-01-14 10:54 299,520 ----a-w C:\WINDOWS\system32\sfoujgwel.exe
2008-01-14 07:39 315,904 ----a-w C:\WINDOWS\system32\vdvoka.exe
2008-01-11 18:21 305,152 ----a-w C:\WINDOWS\system32\shdwspiold.exe
2008-01-11 05:36 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-12-31 11:04 313,344 -c--a-w C:\WINDOWS\system32\zarksvofx.exe
2007-12-30 13:42 308,736 -c--a-w C:\WINDOWS\system32\ftzhietuqe.exe
2007-12-26 14:16 --------- d-----w C:\Program Files\Fichiers communs\SureThing Shared
2007-12-26 13:33 --------- d-----w C:\Documents and Settings\cécilia\Application Data\Sonic
2007-12-26 13:30 2,338,844 -c--a-w C:\Program Files\SonyDrive_SUM29.exe
2007-12-23 07:58 302,080 -c--a-w C:\WINDOWS\system32\jmpkqj.exe
2007-12-22 19:18 --------- d-----w C:\Program Files\PatternMaker Software
2007-12-22 19:12 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-22 19:00 --------- d---a-w C:\Program Files\webserver
2007-12-22 17:28 303,616 -c--a-w C:\WINDOWS\system32\ukytkkghfs.exe
2007-12-22 14:08 306,688 -c--a-w C:\WINDOWS\system32\huqyfxq.exe
2007-12-22 08:45 309,248 -c--a-w C:\WINDOWS\system32\lpzgnv.exe
2007-12-21 20:32 297,984 -c--a-w C:\WINDOWS\system32\xtyjuee.exe
2007-12-21 05:42 291,840 -c--a-w C:\WINDOWS\system32\vdceerqqws.exe
2007-12-20 12:34 306,176 -c--a-w C:\WINDOWS\system32\yuuvlnqgl.exe
2007-12-19 22:53 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-12-18 09:51 179,584 ------w C:\WINDOWS\system32\dllcache\mrxdav.sys
2007-12-17 08:47 308,224 -c--a-w C:\WINDOWS\system32\iaumysotl.exe
2007-12-14 10:04 293,376 -c--a-w C:\WINDOWS\system32\ormszne.exe
2007-12-13 19:01 284,160 -c--a-w C:\WINDOWS\system32\ltvaqas.exe
2007-12-13 13:51 310,784 -c--a-w C:\WINDOWS\system32\szrdiicfd.exe
2007-12-13 11:14 300,544 -c--a-w C:\WINDOWS\system32\yitplfpjhq.exe
2007-12-13 10:56 293,888 -c--a-w C:\WINDOWS\system32\tzhupfylv.exe
2007-12-13 10:53 304,640 -c--a-w C:\WINDOWS\system32\hlvdd.dll
2007-12-13 05:57 297,472 -c--a-w C:\WINDOWS\system32\shmiyg.exe
2007-12-12 09:16 300,544 -c--a-w C:\WINDOWS\system32\lchyniloj.exe
2007-12-12 02:13 286,208 -c--a-w C:\WINDOWS\system32\eijucu.exe
2007-12-11 06:43 296,960 -c--a-w C:\WINDOWS\system32\zbfuuuw.exe
2007-12-10 16:39 300,544 -c--a-w C:\WINDOWS\system32\tfcthny.exe
2007-12-10 14:43 272,384 -c--a-w C:\WINDOWS\system32\qgstnk.exe
2007-12-09 03:06 17,759,360 -c--a-w C:\Program Files\DivXInstaller.exe
2007-12-09 03:01 290,816 -c--a-w C:\WINDOWS\system32\xldaivdsy.exe
2007-12-09 02:56 25,839,688 -c--a-w C:\Program Files\wmp11-windowsxp-x86-FR-FR.exe
2007-12-08 05:08 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-12-07 10:22 295,424 -c--a-w C:\WINDOWS\system32\mvkwgi.exe
2007-12-07 08:15 299,520 -c--a-w C:\WINDOWS\system32\yqtyps.exe
2007-12-07 02:08 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-07 02:08 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-12-07 02:08 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-12-07 02:08 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-12-07 02:08 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-12-07 02:08 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-12-07 02:08 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-12-07 02:08 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-12-07 02:08 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-12-07 02:08 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-12-07 02:08 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-12-07 02:08 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-12-07 02:08 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-12-07 02:08 233,472 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-12-07 02:08 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-12-07 02:08 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-12-07 02:08 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-12-07 02:08 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-12-07 02:08 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-12-07 02:08 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
2007-12-07 02:08 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
2007-12-07 02:08 102,912 ------w C:\WINDOWS\system32\dllcache\occache.dll
2007-12-07 02:08 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-12-06 17:19 288,768 -c--a-w C:\WINDOWS\system32\yvewdjp.exe
2007-12-06 11:03 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-12-06 11:02 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-06 04:59 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-12-05 21:06 286,208 -c--a-w C:\WINDOWS\system32\xdaeunwut.exe
2007-12-05 20:41 281,600 -c--a-w C:\WINDOWS\system32\xdieweozc.exe
2007-12-04 21:51 287,744 -c--a-w C:\WINDOWS\system32\wiwnjbp.exe
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 18:41 550,912 ------w C:\WINDOWS\system32\dllcache\oleaut32.dll
2007-12-04 01:33 823,296 -c--a-w C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 01:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 01:33 802,816 -c--a-w C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 01:33 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2007-12-03 05:33 283,648 -c--a-w C:\WINDOWS\system32\suzamw.exe
2007-12-02 13:34 285,696 -c--a-w C:\WINDOWS\system32\ouikbpazv.exe
2007-12-01 22:11 291,840 -c--a-w C:\WINDOWS\system32\nwslzhetc.exe
2007-12-01 11:17 295,936 -c--a-w C:\WINDOWS\system32\xhnejxken.exe
2007-11-30 17:38 301,056 -c--a-w C:\WINDOWS\system32\cuwlveph.exe
2007-11-30 09:28 282,112 -c--a-w C:\WINDOWS\system32\fhqklrqh.exe
2007-11-29 22:30 524,288 -c--a-w C:\WINDOWS\system32\DivXsm.exe
2007-11-29 22:30 3,596,288 -c--a-w C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 22:30 200,704 -c--a-w C:\WINDOWS\system32\ssldivx.dll
2007-11-29 22:30 1,044,480 -c--a-w C:\WINDOWS\system32\libdivx.dll
2007-11-29 22:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-11-29 22:28 196,608 -c--a-w C:\WINDOWS\system32\dtu100.dll
2007-11-29 12:33 300,544 -c--a-w C:\WINDOWS\system32\seqnko.exe
2007-11-28 21:55 156,992 -c--a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"TVAgent WiFi"="C:\Program Files\Assistant de connexion WiFi\Wizard\Agent_WiFi.exe" [ ]
"Skype"="C:\APPS\skype\phone\Skype.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-11-25 22:46 68856]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.e xe" [2004-08-05 13:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT \TINTSETP.exe" [2004-08-05 13:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TIN TSETP.exe" [2004-08-05 13:00 455168]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-10 17:44 98394]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-10 17:43 688218]
"VTTimer"="VTTimer.exe" [2005-03-08 02:33 53248 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2005-09-14 12:47 167936 C:\WINDOWS\system32\VTTrayp.exe]
"STDSB"="C:\WINDOWS\system32\drivers\STDSB.exe " [2003-12-17 15:50 28672]
"SoundMan"="SOUNDMAN.EXE" [2005-08-17 17:39 90112 C:\WINDOWS\SOUNDMAN.EXE]
"DXDllRegExe"="C:\WINDOWS\system32\dxdllreg.ex e" [ ]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 21:32 53248]
"LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 16:54 127022]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [ ]
"CameraFixer"="C:\WINDOWS\CameraFixer.exe" [2005-10-03 10:23 20480]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [2005-11-04 14:05 90112]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2006-09-19 08:07 827392]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-07 23:53 286720]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 12:38 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 14:18 241664]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-19 01:01 110592]
"tdtpevshcbpn"="C:\WINDOWS\system32\tdtpevshcbpn.e xe" [2008-01-31 15:16 114688]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

C:\Documents and Settings\c‚cilia\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe [2006-01-25 17:42:22 61440]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 00:01:50 734872]
Exif Launcher.lnk - C:\Program Files\FinePixViewer\QuickDCF.exe [2002-01-09 20:53:14 200704]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 01:48:20 40048]
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2008-02-05 14:29:20 54512]

R2 MTC0007_STDSB;Scroll Bar Driver;C:\WINDOWS\system32\drivers\STDSB.sys [2005-08-25 14:00]
S2 bfaa2iqc1u;Print Spooler Service;C:\WINDOWS\system32\tdtpevshcbpn.exe [2008-01-31 15:16]
S2 STDSB;STDSB;C:\WINDOWS\system32\DRIVERS\STDSB.sys [2005-08-25 14:00]
S3 C-Dilla;C-Dilla;C:\WINDOWS\system32\drivers\CDANT.SYS []
S3 FontServer;Lectra Font Service;C:\Program Files\Lectra\IManager\bin\fontserver.exe []
S3 LpDaemon;Lectra Print Service;C:\Program Files\Lectra\IManager\bin\lpdaemon.exe []
S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;C:\WINDOWS\system32\DRIVERS\usbiad.sys [2004-07-14 01:52]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08]
S3 VPDaemon;Lectra VigiPrint Service;C:\Program Files\Lectra\VigiPrint\bin\vpdaemon.exe []
S4 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" []

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-10 20:53:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2006-09-27 15:30:35 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2008-02-14 10:07:14 C:\WINDOWS\Tasks\SDMsgUpdate (TE).job"
- C:\PROGRA~1\SMARTD~1\Messages\SDNotify.exeW-PTE -V900 -SSDU.ini -A -Mhttp://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -X
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-14 12:04:35
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

************************************************** ************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
.
Temps d'accomplissement: 2008-02-14 12:06:01
ComboFix-quarantined-files.txt 2008-02-14 11:05:47
.
2008-02-14 02:05:09 --- E O F ---


Saludos, y mil gracias

Hola, ComboFix detecto y elimino ya algunos Malwares, pero todavía le quedaron algunas cosas para sacar siguiendo estos pasos:

A) - Abrir el Notepad (Bloc de Notas)

• Ir a INICIO > EJECUTAR >
• Y ahí pones notepad.exe y ACEPTAR

B) - Ahora copia y pega estos archivos dentro del Notepad

C) - Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

D) - Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

• Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente?

Salu2

Este es el nuevo reporte. Hay un aviso que me dice que no te pare feu y que tengo que instalar uno; por el resto parece normal

ComboFix 08-02-14.1 - cécilia 2008-02-15 9:23:48.2 - NTFSx86

Endroit: C:\Program Files\ComboFix.exe
Command switches used :: C:\Documents and Settings\cécilia\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

FILE
C:\Program Files\EmoticonesAnimaux.exe
C:\WINDOWS\imsins.BAK
C:\WINDOWS\system32\asajhbjtt.exe
C:\WINDOWS\system32\cjknstbnvdk.exe
C:\WINDOWS\system32\cuwlveph.exe
C:\WINDOWS\system32\dwlohpu.exe
C:\WINDOWS\system32\eijucu.exe
C:\WINDOWS\system32\einkuc.exe
C:\WINDOWS\system32\fhqklrqh.exe
C:\WINDOWS\system32\ftzhietuqe.exe
C:\WINDOWS\system32\hlvdd.dll
C:\WINDOWS\system32\huqyfxq.exe
C:\WINDOWS\system32\iaumysotl.exe
C:\WINDOWS\system32\ifhcstlot.exe
C:\WINDOWS\system32\jenrhl.exe
C:\WINDOWS\system32\jmpkqj.exe
C:\WINDOWS\system32\ktgcug.exe
C:\WINDOWS\system32\kuropdlci.exe
C:\WINDOWS\system32\lchyniloj.exe
C:\WINDOWS\system32\lfplzj.exe
C:\WINDOWS\system32\lpzgnv.exe
C:\WINDOWS\system32\ltvaqas.exe
C:\WINDOWS\system32\lyrsed.exe
C:\WINDOWS\system32\mvkwgi.exe
C:\WINDOWS\system32\nwslzhetc.exe
C:\WINDOWS\system32\ormszne.exe
C:\WINDOWS\system32\ouikbpazv.exe
C:\WINDOWS\system32\pjuhuuabe.exe
C:\WINDOWS\system32\pwltyg.exe
C:\WINDOWS\system32\qgstnk.exe
C:\WINDOWS\system32\rqwawsnrue.exe
C:\WINDOWS\system32\rumrix.exe
C:\WINDOWS\system32\seqnko.exe
C:\WINDOWS\system32\sgfstdeacx.exe
C:\WINDOWS\system32\shdwspiold.exe
C:\WINDOWS\system32\shmiyg.exe
C:\WINDOWS\system32\spacm.exe
C:\WINDOWS\system32\suzamw.exe
C:\WINDOWS\system32\szrdiicfd.exe
C:\WINDOWS\system32\tdtpevshcbpn.exe
C:\WINDOWS\system32\tfcthny.exe
C:\WINDOWS\system32\tpvmwjhqew.exe
C:\WINDOWS\system32\tzhupfylv.exe
C:\WINDOWS\system32\ugkkenhuv.exe
C:\WINDOWS\system32\ukytkkghfs.exe
C:\WINDOWS\system32\vdceerqqws.exe
C:\WINDOWS\system32\vdvoka.exe
C:\WINDOWS\system32\vvfsnpymk.exe
C:\WINDOWS\system32\wiwnjbp.exe
C:\WINDOWS\system32\xdaeunwut.exe
C:\WINDOWS\system32\xdieweozc.exe
C:\WINDOWS\system32\xhnejxken.exe
C:\WINDOWS\system32\xldaivdsy.exe
C:\WINDOWS\system32\xtyjuee.exe
C:\WINDOWS\system32\xxwovs.exe
C:\WINDOWS\system32\yitplfpjhq.exe
C:\WINDOWS\system32\yqtyps.exe
C:\WINDOWS\system32\ytcjpfw.exe
C:\WINDOWS\system32\yuuvlnqgl.exe
C:\WINDOWS\system32\yvewdjp.exe
C:\WINDOWS\system32\zarksvofx.exe
C:\WINDOWS\system32\zbfuuuw.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\EmoticonesAnimaux.exe
C:\WINDOWS\system32\asajhbjtt.exe
C:\WINDOWS\system32\cjknstbnvdk.exe
C:\WINDOWS\system32\cuwlveph.exe
C:\WINDOWS\system32\dwlohpu.exe
C:\WINDOWS\system32\eijucu.exe
C:\WINDOWS\system32\einkuc.exe
C:\WINDOWS\system32\fhqklrqh.exe
C:\WINDOWS\system32\ftzhietuqe.exe
C:\WINDOWS\system32\hlvdd.dll
C:\WINDOWS\system32\huqyfxq.exe
C:\WINDOWS\system32\iaumysotl.exe
C:\WINDOWS\system32\ifhcstlot.exe
C:\WINDOWS\system32\jenrhl.exe
C:\WINDOWS\system32\jmpkqj.exe
C:\WINDOWS\system32\ktgcug.exe
C:\WINDOWS\system32\kuropdlci.exe
C:\WINDOWS\system32\lchyniloj.exe
C:\WINDOWS\system32\lfplzj.exe
C:\WINDOWS\system32\lpzgnv.exe
C:\WINDOWS\system32\ltvaqas.exe
C:\WINDOWS\system32\lyrsed.exe
C:\WINDOWS\system32\mvkwgi.exe
C:\WINDOWS\system32\nwslzhetc.exe
C:\WINDOWS\system32\ormszne.exe
C:\WINDOWS\system32\ouikbpazv.exe
C:\WINDOWS\system32\pjuhuuabe.exe
C:\WINDOWS\system32\pwltyg.exe
C:\WINDOWS\system32\qgstnk.exe
C:\WINDOWS\system32\rqwawsnrue.exe
C:\WINDOWS\system32\rumrix.exe
C:\WINDOWS\system32\seqnko.exe
C:\WINDOWS\system32\sgfstdeacx.exe
C:\WINDOWS\system32\shdwspiold.exe
C:\WINDOWS\system32\shmiyg.exe
C:\WINDOWS\system32\spacm.exe
C:\WINDOWS\system32\suzamw.exe
C:\WINDOWS\system32\szrdiicfd.exe
C:\WINDOWS\system32\tdtpevshcbpn.exe
C:\WINDOWS\system32\tfcthny.exe
C:\WINDOWS\system32\tpvmwjhqew.exe
C:\WINDOWS\system32\tzhupfylv.exe
C:\WINDOWS\system32\ugkkenhuv.exe
C:\WINDOWS\system32\ukytkkghfs.exe
C:\WINDOWS\system32\vdceerqqws.exe
C:\WINDOWS\system32\vdvoka.exe
C:\WINDOWS\system32\vvfsnpymk.exe
C:\WINDOWS\system32\wiwnjbp.exe
C:\WINDOWS\system32\xdaeunwut.exe
C:\WINDOWS\system32\xdieweozc.exe
C:\WINDOWS\system32\xhnejxken.exe
C:\WINDOWS\system32\xldaivdsy.exe
C:\WINDOWS\system32\xtyjuee.exe
C:\WINDOWS\system32\xxwovs.exe
C:\WINDOWS\system32\yitplfpjhq.exe
C:\WINDOWS\system32\yqtyps.exe
C:\WINDOWS\system32\ytcjpfw.exe
C:\WINDOWS\system32\yuuvlnqgl.exe
C:\WINDOWS\system32\yvewdjp.exe
C:\WINDOWS\system32\zarksvofx.exe
C:\WINDOWS\system32\zbfuuuw.exe

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-15 to 2008-02-15 ))))))))))))))))))))))))))))))))))))
.

2008-02-15 09:09 . 54,156 C:\WINDOWS\QTFont.qfn
2008-02-15 09:09 . 1,409 C:\WINDOWS\QTFont.for
2008-02-14 12:17 . 2008-02-14 12:17 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-02-14 08:42 . 2008-02-14 12:20 <REP> d-------- C:\Program Files\SUPERAntiSpyware
2008-02-14 08:42 . 2008-02-14 08:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-14 08:29 . 2008-02-14 08:29 5,914,648 --a------ C:\Program Files\SUPERAntiSpyware.exe
2008-02-14 08:24 . 2008-02-14 08:24 1,597,222 --a------ C:\Program Files\ComboFix.exe
2008-02-13 10:54 . 2008-02-13 10:55 22,845,992 --a------ C:\Program Files\AdbeRdr80_fr_FR.exe
2008-02-13 10:54 . 2008-02-13 10:54 867,424 --a------ C:\Program Files\GoogleToolbarInstaller_ADBx_fr_401019_signed .exe
2008-02-13 10:06 . 2008-02-13 10:08 <REP> d-------- C:\Program Files\PhotoFiltre
2008-02-13 10:05 . 2008-02-13 10:06 1,685,156 --a------ C:\Program Files\pf-setup-en.exe
2008-02-06 06:58 . 2008-02-06 06:58 <REP> d-------- C:\Program Files\Fichiers communs\DAZ
2008-02-05 17:44 . 2008-02-05 17:45 <REP> d-------- C:\Program Files\Windows Live
2008-02-05 17:44 . 2008-02-05 17:44 2,402,832 --a------ C:\Program Files\WLinstaller.exe
2008-02-05 17:41 . 2008-02-05 17:41 <REP> d-------- C:\Program Files\Trend Micro
2008-02-05 08:22 . 2008-02-05 13:26 812,344 --a------ C:\Program Files\scanner.exe
2008-02-02 23:24 . 2008-02-02 23:24 407,680 --a------ C:\Program Files\aswclnrnettoyer.exe
2008-01-17 16:23 . 2008-01-17 16:23 <REP> d-------- C:\Program Files\Fichiers communs\Sonic

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-15 08:09 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-14 17:32 --------- d-----w C:\Program Files\Sonic
2008-02-07 14:36 --------- d-----w C:\Program Files\SLD Codec Pack
2008-02-05 16:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-02 22:45 644 ----a-w C:\Program Files\aswclnrnettoyer.log
2007-12-26 14:16 --------- d-----w C:\Program Files\Fichiers communs\SureThing Shared
2007-12-26 13:30 2,338,844 -c--a-w C:\Program Files\SonyDrive_SUM29.exe
2007-12-22 19:18 --------- d-----w C:\Program Files\PatternMaker Software
2007-12-22 19:12 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-22 19:00 --------- d---a-w C:\Program Files\webserver
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-12-09 03:06 17,759,360 -c--a-w C:\Program Files\DivXInstaller.exe
2007-12-09 02:56 25,839,688 -c--a-w C:\Program Files\wmp11-windowsxp-x86-FR-FR.exe
2007-11-28 17:44 3,028,458 -c--a-w C:\Program Files\pmaker_7.exe
2007-11-28 00:36 649,676 -c--a-w C:\Program Files\CutterDemo.zip
2007-11-15 22:20 6,313,288 -c--a-w C:\Program Files\tvpc.exe
2007-11-11 14:48 2,585,031 -c--a-w C:\Program Files\cartefran.exe
2007-11-02 13:29 1,052,120 -c--a-w C:\Program Files\mjpegcodecv3.2.4.zip
2007-11-02 13:26 1,156,096 -c--a-w C:\Program Files\iview410_setup.exe
2007-10-31 23:35 6,652,812 -c--a-w C:\Program Files\sld.codec.pack.2.2.exe
2007-10-17 20:27 2,936,651 -c--a-w C:\Program Files\HKSetup.exe
2007-10-17 18:58 25,982 -c--a-w C:\Program Files\trid_w32.zip
2007-09-24 19:32 2,643,113 -c--a-w C:\Program Files\eMulePlus-1.2c.Installer.exe
2007-07-22 17:30 1,126,968 -c--a-w C:\Program Files\yphotos_setup_fr.exe
2007-07-14 19:27 15,505,200 -c--a-w C:\Program Files\IE7-WindowsXP-x86-enu.exe
2007-07-14 14:41 372,520 -c--a-w C:\Program Files\ymjsetup_24.exe
2007-06-28 13:33 365,464 -c--a-w C:\Program Files\emoticones1_5.exe
2007-05-15 16:10 48,976 -c--a-w C:\Program Files\.imp
2007-05-15 16:10 19,812 -c--a-w C:\Program Files\.cfg
2007-05-14 10:10 545,992 -c--a-w C:\Program Files\sgc10_gtb401019_rdr80_DLM_fr_FR.exe
2007-05-07 17:19 344 -c--a-w C:\Program Files\downloads.txt
2007-05-06 20:13 73,728 -c--a-w C:\Program Files\antiLeech.dll
2007-03-31 16:36 262,032 -c--a-w C:\Program Files\emoticones.exe
2007-02-27 21:18 1,134,172 -c--a-w C:\Program Files\wrar362es.exe
2007-02-22 20:48 13,446,648 -c--a-w C:\Program Files\setupfre.exe
2006-11-19 22:08 3,921,909 -c--a-w C:\Program Files\Tubedownloader10.exe
2006-07-18 16:09 34,178 -c--a-w C:\Program Files\changelog xtreme.txt
2006-07-09 12:52 69,632 -c--a-w C:\Program Files\antiLeech.dll.new
2006-05-25 14:52 162,304 -c--a-w C:\Program Files\unrar.dll
2006-02-11 17:54 2,871,296 -c--a-w C:\Program Files\MediaInfo.dll
2005-06-16 17:55 14,894 -c--a-w C:\Program Files\Template.eMuleSkin.ini
2005-04-27 09:23 11,304,960 -c--a-w C:\Program Files\ProfNote.exe
2005-04-14 16:14 459,040 -c--a-w C:\Program Files\AidePF6.chm
2005-04-14 16:13 167,936 -c--a-w C:\Program Files\Dzip32.dll
2005-04-14 16:13 139,264 -c--a-w C:\Program Files\Dunzip32.dll
2005-04-07 11:59 537,904 -c----w C:\Program Files\NOTE60FR
2004-01-09 15:25 489,984 -c--a-w C:\Program Files\dbghelp.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"TVAgent WiFi"="C:\Program Files\Assistant de connexion WiFi\Wizard\Agent_WiFi.exe" [ ]
"Skype"="C:\APPS\skype\phone\Skype.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-11-25 22:46 68856]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.e xe" [2004-08-05 13:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT \TINTSETP.exe" [2004-08-05 13:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TIN TSETP.exe" [2004-08-05 13:00 455168]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-10 17:44 98394]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-10 17:43 688218]
"VTTimer"="VTTimer.exe" [2005-03-08 02:33 53248 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2005-09-14 12:47 167936 C:\WINDOWS\system32\VTTrayp.exe]
"STDSB"="C:\WINDOWS\system32\drivers\STDSB.exe " [2003-12-17 15:50 28672]
"SoundMan"="SOUNDMAN.EXE" [2005-08-17 17:39 90112 C:\WINDOWS\SOUNDMAN.EXE]
"DXDllRegExe"="C:\WINDOWS\system32\dxdllreg.ex e" [ ]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 21:32 53248]
"LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 16:54 127022]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [ ]
"CameraFixer"="C:\WINDOWS\CameraFixer.exe" [2005-10-03 10:23 20480]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [2005-11-04 14:05 90112]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2006-09-19 08:07 827392]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-07 23:53 286720]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 12:38 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 14:18 241664]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-19 01:01 110592]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunServices]
"tdtpevshcbpn"="C:\WINDOWS\system32\tdtpevshcbpn.e xe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

R2 MTC0007_STDSB;Scroll Bar Driver;C:\WINDOWS\system32\drivers\STDSB.sys [2005-08-25 14:00]
S2 bfaa2iqc1u;Print Spooler Service;C:\WINDOWS\system32\tdtpevshcbpn.exe []
S2 STDSB;STDSB;C:\WINDOWS\system32\DRIVERS\STDSB.sys [2005-08-25 14:00]
S3 C-Dilla;C-Dilla;C:\WINDOWS\system32\drivers\CDANT.SYS []
S3 FontServer;Lectra Font Service;C:\Program Files\Lectra\IManager\bin\fontserver.exe []
S3 LpDaemon;Lectra Print Service;C:\Program Files\Lectra\IManager\bin\lpdaemon.exe []
S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;C:\WINDOWS\system32\DRIVERS\usbiad.sys [2004-07-14 01:52]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08]
S3 VPDaemon;Lectra VigiPrint Service;C:\Program Files\Lectra\VigiPrint\bin\vpdaemon.exe []
S4 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" []

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-02-10 20:53:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2006-09-27 15:30:35 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2008-02-15 08:28:10 C:\WINDOWS\Tasks\SDMsgUpdate (TE).job"
- C:\PROGRA~1\SMARTD~1\Messages\SDNotify.exeW-PTE -V900 -SSDU.ini -A -Mhttp://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -X
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-15 09:28:29
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\system32\slmdmsr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\system32\wscntfy.exe
.
************************************************** ************************
.
Temps d'accomplissement: 2008-02-15 9:31:12 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-15 08:31:08
ComboFix2.txt 2008-02-14 11:06:02
.
2008-02-14 02:05:09 --- E O F ---

Hola, ComboFix ya se encargo de eliminar los archivos de malwares encontrados en tu PC, por lo que tendrías que comentarnos como esta funcionado todo luego de reiniciar ?

Salu2