Infecté par Trojandownloader/adebot

Bonjour,

Depuis deux semaines et malgré une bonne protection je me suis fais pièger par une attaque extérieure P2P...Depuis comme beaucoup j'ai des fenêtres de pub intenpestive de TrojanDownloader, de adebot, virtumonde (presque héradiqué, ne reste plus qu'un élément lors des scan spybot).

Depuis je me bats litéralement contre des spywares très coriaces...je ne compte plus les scans spybot,les démarrages en mode sans échec, les lancements de ccleaner ou smitfraud, les fix de hijack, rapport combofix...enfin je pense avoir fais de mon mieux mais là ca dépasse vraiment mes compétences...

voici donc mon Hijackthis :

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\All Users\Application Data\pcdmpmlk\twdqfkfs.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\hynelavg.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Gérard PAILLARD\Bureau\Logiciel\salutjackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [frymxins] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [BLOG] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [aqezqhug] C:\WINDOWS\system32\hynelavg.exe
O4 - HKLM\..\Policies\Explorer\Run: [zKpLiTbcyu] C:\Documents and Settings\All Users\Application Data\pcdmpmlk\twdqfkfs.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

--
End of file - 7930 bytes

Voici le rapport combofix:
ComboFix 08-04-26.3 - Gérard PAILLARD 2008-05-01 7:57:26.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.612 [GMT 2:00]
Endroit: C:\Documents and Settings\Gérard PAILLARD\Bureau\Logiciel\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.

((((((((((((((((((((((((((((( Fichiers créés 2008-04-01 to 2008-05-01 ))))))))))))))))))))))))))))))))))))
.

2008-05-01 02:13 . 2008-05-01 02:13 94,208 --a------ C:\WINDOWS\system32\zudodkfu.exe
2008-05-01 00:00 . 2008-05-01 00:00 94,208 --a------ C:\WINDOWS\system32\szsjytwd.exe
2008-04-30 22:18 . 2008-04-30 22:18 0 --a------ C:\WINDOWS\PestPatrol5.INI
2008-04-30 22:14 . 2008-04-30 22:14 <REP> d-------- C:\Program Files\CA
2008-04-30 22:04 . 2008-05-01 01:05 <REP> d-------- C:\Program Files\SpywareGuard
2008-04-30 21:36 . 2008-04-30 21:36 <REP> d-------- C:\WINDOWS\report
2008-04-30 21:36 . 2008-04-30 21:36 <REP> d-------- C:\WINDOWS\AU_Backup
2008-04-30 21:36 . 2008-04-30 21:36 35,131,189 --a------ C:\WINDOWS\VPTNFILE.247
2008-04-30 21:36 . 2008-04-30 21:36 35,131,189 --a------ C:\WINDOWS\LPT$VPN.247
2008-04-30 21:36 . 2008-04-30 21:36 1,952,563 --a------ C:\WINDOWS\tsc.ptn
2008-04-30 21:36 . 2008-04-30 21:36 1,213,784 --a------ C:\WINDOWS\vsapi32.dll
2008-04-30 21:36 . 2008-04-30 21:36 333,576 --a------ C:\WINDOWS\TSC.exe
2008-04-30 21:36 . 2008-04-30 21:36 91,744 --a------ C:\WINDOWS\BPMNT.dll
2008-04-30 21:36 . 2008-04-30 21:36 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2008-04-30 21:36 . 2008-04-30 22:00 823 --a------ C:\WINDOWS\tsc.ini
2008-04-30 21:35 . 2008-04-30 21:36 <REP> d-------- C:\WINDOWS\AU_Temp
2008-04-30 21:35 . 2008-04-30 21:35 <REP> d-------- C:\WINDOWS\AU_Log
2008-04-30 21:35 . 2008-04-30 21:35 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2008-04-30 21:35 . 2008-04-30 21:35 286,720 --a------ C:\WINDOWS\PATCH.EXE
2008-04-30 21:35 . 2008-04-30 21:35 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2008-04-30 21:35 . 2008-04-30 21:35 170 --a------ C:\WINDOWS\GetServer.ini
2008-04-28 22:39 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-04-28 20:39 . 2008-04-28 20:39 98,304 --a------ C:\WINDOWS\system32\mjqvgnwn.exe
2008-04-27 18:56 . 2008-05-01 01:37 823 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
2008-04-27 18:16 . 2008-04-27 18:19 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-04-27 18:07 . 2008-04-27 18:07 <REP> d-------- C:\Program Files\Sunbelt Software
2008-04-27 17:57 . 2008-04-27 17:57 102,400 --a------ C:\WINDOWS\system32\ulmladiz.exe
2008-04-27 17:38 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-04-27 17:38 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-04-27 15:11 . 2008-04-27 15:54 <REP> d-------- C:\Program Files\a-squared Free
2008-04-27 15:09 . 2008-04-27 15:57 <REP> d-------- C:\Program Files\SpywareBlaster
2008-04-27 15:09 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-04-27 00:03 . 2008-04-27 00:03 102,400 --a------ C:\WINDOWS\system32\kjqrmtst.exe
2008-04-26 11:33 . 2008-04-26 11:33 106,496 --a------ C:\WINDOWS\system32\tsjqhgti.exe
2008-04-26 11:30 . 2008-04-30 23:20 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-25 21:02 . 2008-04-25 21:02 102,400 --a------ C:\WINDOWS\system32\jeredilk.exe
2008-04-25 20:06 . 2007-12-04 16:44 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-04-25 19:04 . 2008-04-25 19:04 <REP> d-------- C:\Program Files\CCleaner
2008-04-25 18:53 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-04-25 18:53 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-04-25 18:53 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-04-25 18:53 . 2008-04-23 22:14 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-04-25 18:53 . 2008-04-23 22:14 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-04-25 18:53 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-25 18:53 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-25 18:53 . 2008-05-01 01:41 3,694 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-25 18:04 . 2008-04-25 18:04 <REP> d-------- C:\VundoFix Backups
2008-04-25 18:02 . 2008-04-25 18:02 94,208 --a------ C:\WINDOWS\system32\hynelavg.exe
2008-04-25 17:35 . 2008-04-25 17:35 1,503,328 ---hs---- C:\WINDOWS\system32\spavhkby.ini
2008-04-23 20:58 . 2008-04-23 22:26 1,540,617 ---hs---- C:\WINDOWS\system32\onsejiql.ini
2008-04-22 20:56 . 2008-04-23 20:56 1,540,917 ---hs---- C:\WINDOWS\system32\opvlibgt.ini
2008-04-22 20:26 . 2008-01-06 21:58 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-04-22 20:26 . 2008-01-06 21:58 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-04-22 20:26 . 2008-01-06 21:07 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-04-22 20:26 . 2008-01-06 21:58 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-04-22 20:26 . 2008-01-06 21:58 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-04-22 20:26 . 2008-01-06 21:58 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-04-22 20:26 . 2008-01-06 21:58 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-04-22 20:26 . 2008-04-22 20:26 <REP> d-------- C:\Documents and Settings\Administrateur
2008-04-22 20:26 . 2008-05-01 01:37 1,024 --ah----- C:\Documents and Settings\Administrateur\NTUSER.DAT.LOG
2008-04-22 19:58 . 2008-04-22 20:22 1,540,857 ---hs---- C:\WINDOWS\system32\qpfbjean.ini
2008-04-22 19:07 . 2008-04-22 19:07 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-22 19:07 . 2008-04-22 20:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-21 21:32 . 2008-04-21 21:32 <REP> d-------- C:\Documents and Settings\Gérard PAILLARD\Application Data\Media Player Classic
2008-04-21 20:17 . 2008-04-22 07:48 <REP> d-------- C:\Nouveau dossier
2008-04-21 18:46 . 2008-04-22 18:52 1,540,797 ---hs---- C:\WINDOWS\system32\tpmyqarh.ini
2008-04-20 19:57 . 2008-04-20 19:59 <REP> d-------- C:\Program Files\ABF software
2008-04-20 17:32 . 2008-04-20 17:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\pcdmpmlk
2008-04-20 17:32 . 2008-04-20 17:32 106,496 --a------ C:\WINDOWS\system32\zodifglc.exe
2008-04-20 17:02 . 2008-04-20 18:37 1,176 --a------ C:\WINDOWS\aolpr.ini
2008-04-20 17:01 . 2008-04-20 19:58 <REP> d-------- C:\Program Files\ElcomSoft
2008-04-20 16:20 . 2008-04-25 20:06 2,242 --a------ C:\WINDOWS\mozver.dat
2008-04-20 15:57 . 2008-04-20 16:00 <REP> d-------- C:\Program Files\eToro
2008-04-20 15:04 . 2008-04-29 20:39 <REP> d-------- C:\Program Files\Trillian
2008-04-14 20:14 . 2008-04-14 20:14 <REP> d-------- C:\Program Files\Ulead Systems
2008-04-14 20:14 . 2008-04-14 20:14 <REP> d-------- C:\Program Files\Fichiers communs\Ulead Systems
2008-04-14 20:14 . 2008-04-14 20:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-04-14 20:14 . 2008-04-07 17:15 25 --a------ C:\WINDOWS\Dpstw.sfq
2008-04-14 20:07 . 2008-04-14 20:07 <REP> d-------- C:\Documents and Settings\Gérard PAILLARD\WINDOWS
2008-04-14 20:07 . 2008-04-14 20:07 <REP> d-------- C:\Documents and Settings\Gérard PAILLARD\WINDOWS
2008-04-14 20:06 . 2008-04-14 20:11 <REP> d-------- C:\Program Files\Fichiers communs\Real
2008-04-14 20:06 . 2008-04-14 20:06 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
2008-04-14 20:06 . 2008-04-14 20:06 <REP> d-------- C:\Program Files\Dexxa
2008-04-14 20:06 . 2008-04-14 20:06 <REP> d-------- C:\My Music
2008-04-14 20:01 . 2008-04-14 20:01 <REP> d-------- C:\Program Files\ahead
2008-04-14 19:58 . 2008-04-14 19:58 <REP> d-------- C:\WINDOWS\Cache
2008-04-14 19:56 . 2007-04-09 13:23 28,040 --a------ C:\WINDOWS\system32\mdimon.dll
2008-04-14 19:56 . 2008-04-14 19:56 385 --a------ C:\WINDOWS\ODBC.INI
2008-04-14 19:55 . 2008-04-14 19:56 <REP> d-------- C:\WINDOWS\SHELLNEW
2008-04-14 19:54 . 2008-04-14 19:54 <REP> d-------- C:\Program Files\Microsoft.NET
2008-04-14 19:52 . 2008-04-14 19:52 <REP> dr-h----- C:\MSOCache
2008-04-13 21:25 . 2008-04-13 21:25 <REP> d-------- C:\Program Files\Satsuki Decoder Pack
2008-04-13 21:25 . 2008-04-13 21:25 26 --a------ C:\WINDOWS\system32\satsukidecodersettings.ini
2008-04-12 19:09 . 2008-04-12 19:09 44 --a------ C:\WINDOWS\SMWizard.INI
2008-04-12 19:01 . 2008-04-12 19:01 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-12 19:00 . 2008-05-01 07:17 <REP> d-------- C:\Program Files\eMule
2008-04-12 18:59 . 2008-04-12 18:59 <REP> d-------- C:\Program Files\Alwil Software
2008-04-12 18:58 . 2008-04-12 18:58 <REP> d-------- C:\Program Files\Lavasoft
2008-04-12 18:58 . 2008-04-12 18:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-12 18:57 . 2008-04-12 18:57 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-04-12 15:33 . 2008-04-12 15:33 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-04-12 15:33 . 2008-04-12 15:33 <REP> d-------- C:\Program Files\Free
2008-04-12 15:14 . 2008-04-12 15:14 <REP> d-------- C:\Documents and Settings\Gérard PAILLARD\Application Data\Sonic
2008-04-12 15:14 . 2008-04-12 15:14 <REP> d-------- C:\Documents and Settings\Gérard PAILLARD\Application Data\Leadertech
2008-04-03 08:40 . 2008-04-03 08:40 <REP> d-------- C:\Documents and Settings\Gérard PAILLARD\Application Data\IBM
2008-04-03 08:36 . 2008-04-12 14:58 <REP> d-------- C:\Documents and Settings\Gérard PAILLARD\Application Data\OpenOffice.org2
2008-04-03 08:34 . 2008-04-03 08:34 <REP> d-------- C:\Documents and Settings\Gérard PAILLARD\Application Data\InterVideo
2008-04-03 07:46 . 2008-01-06 21:58 <REP> d--h----- C:\Documents and Settings\Gérard PAILLARD\Voisinage réseau
2008-04-03 07:46 . 2008-01-06 21:58 <REP> d--h----- C:\Documents and Settings\Gérard PAILLARD\Voisinage réseau
2008-04-03 07:46 . 2008-01-06 21:58 <REP> d--h----- C:\Documents and Settings\Gérard PAILLARD\Voisinage d'impression
2008-04-03 07:46 . 2008-01-06 21:58 <REP> d--h----- C:\Documents and Settings\Gérard PAILLARD\Voisinage d'impression
2008-04-03 07:46 . 2008-01-06 21:07 <REP> d--h----- C:\Documents and Settings\Gérard PAILLARD\Modèles
2008-04-03 07:46 . 2008-01-06 21:07 <REP> d--h----- C:\Documents and Settings\Gérard PAILLARD\Modèles
2008-04-03 07:46 . 2008-04-27 15:11 <REP> dr------- C:\Documents and Settings\Gérard PAILLARD\Mes documents
2008-04-03 07:46 . 2008-04-27 15:11 <REP> dr------- C:\Documents and Settings\Gérard PAILLARD\Mes documents
2008-04-03 07:46 . 2008-01-06 21:58 <REP> dr------- C:\Documents and Settings\Gérard PAILLARD\Menu Démarrer
2008-04-03 07:46 . 2008-01-06 21:58 <REP> dr------- C:\Documents and Settings\Gérard PAILLARD\Menu Démarrer
2008-04-03 07:46 . 2008-04-14 20:06 <REP> dr------- C:\Documents and Settings\Gérard PAILLARD\Favoris
2008-04-03 07:46 . 2008-04-14 20:06 <REP> dr------- C:\Documents and Settings\Gérard PAILLARD\Favoris
2008-04-03 07:46 . 2008-05-01 07:44 <REP> d-------- C:\Documents and Settings\Gérard PAILLARD\Bureau
2008-04-03 07:46 . 2008-05-01 07:44 <REP> d-------- C:\Documents and Settings\Gérard PAILLARD\Bureau
2008-04-03 07:46 . 2008-05-01 01:42 <REP> d-------- C:\Documents and Settings\Gérard PAILLARD
2008-04-03 07:46 . 2008-05-01 08:01 1,024 --ah----- C:\Documents and Settings\Gérard PAILLARD\NTUSER.DAT.LOG
2008-04-03 07:46 . 2008-05-01 08:01 1,024 --ah----- C:\Documents and Settings\Gérard PAILLARD\NTUSER.DAT.LOG
2008-04-02 15:14 . 2008-04-27 17:06 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-26 22:29 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-04-14 18:14 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-12 13:17 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-04-12 13:11 --------- d-----w C:\Program Files\ThinkPad
2008-04-12 13:08 --------- d-----w C:\Program Files\Lenovo
2008-04-12 12:59 --------- d-----w C:\Program Files\OpenOffice.org 2.3
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
.

((((((((((((((((((((((((((((( snapshot@2008-05-01_ 1.07.09.64 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-30 21:59:21 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-30 23:43:07 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-04-30 21:59:34 16,384 ------w C:\WINDOWS\Temp\Perflib_Perfdata_78c.dat
+ 2008-04-30 23:43:24 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_78c.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"aqezqhug"="C:\WINDOWS\system32\hynelavg.exe" [2008-04-25 18:02 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2007-02-06 22:00 344064]
"frymxins"="C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl" [ ]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 10:11 1388544]
"TrackPointSrv"="tp4serv.exe" [2005-07-13 04:55 94208 C:\WINDOWS\system32\tp4serv.exe]
"TPHOTKEY"="C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe" [2006-10-02 11:19 94208]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 16:10 110592 C:\WINDOWS\system32\bthprops.cpl]
"AGRSMMSG"="AGRSMMSG.exe" [2003-06-27 09:53 88363 C:\WINDOWS\AGRSMMSG.exe]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2007-12-05 16:14 122880]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-05 16:14 524288]
"BMMGAG"="C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll" [2005-04-20 02:38 110592]
"BMMLREF"="C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE" [2005-04-20 02:38 20480]
"BMMMONWND"="C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll" [2005-04-20 02:38 396288]
"BLOG"="C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2005-04-20 02:38 208896]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2004-09-23 13:41 860160]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-08-06 20:03 155648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]

C:\Documents and Settings\G‚rard PAILLARD\Menu D‚marrer\Programmes\D‚marrage\
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 19:05:35 360448]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"zKpLiTbcyu"= C:\Documents and Settings\All Users\Application Data\pcdmpmlk\twdqfkfs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
notifyf2.dll 2005-07-06 00:45 28672 C:\WINDOWS\system32\notifyf2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
tphklock.dll 2005-11-30 21:16 24576 C:\WINDOWS\system32\tphklock.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.VP40"= vp4vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 10:21]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 10:21]
R1 TPPWR;TPPWR;C:\WINDOWS\system32\drivers\Tppwr.sys [2005-04-20 02:38]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-06 19:49:24 C:\WINDOWS\Tasks\BMMTask.job"
- C:\PROGRA~1\ThinkPad\UTILIT~1\BMMTASK.EXE
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-01 08:01:25
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\tphklock.dll
.
Temps d'accomplissement: 2008-05-01 8:03:55
ComboFix-quarantined-files.txt 2008-05-01 06:03:48
ComboFix2.txt 2008-04-30 23:08:08

Pre-Run: 60,847,915,008 octets libres
Post-Run: 60,836,880,384 octets libres

229 --- E O F --- 2008-04-27 16:22:44

Merci d'avance de votre aide...

Julien

Configuration: Windows XP
Firefox 2.0.0.14