Aide lecture log combofix !!!

Bonjour à tous,
Je fais appel à votre aide pour lire le log combofix, car je ne sais pas vraiment dire ce que ca donne..
En fait, suite à des manifestations bizarres sur mon pc (spam msn, fenetre system qui s'ouvrent toutes seules...)
J'ai fait une analyse hyjackthis : il y a bien des infections..
J'ai donc lancer combofix et voici le log :

Un grand merci d'avance !



ComboFix 08-09-28.05 - Rose 2008-09-30 20:40:09.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1033.18.560 [GMT 2:00]
Running from: C:\Documents and Settings\Rose\Desktop\ComboFix.exe
* Created a new restore point

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Rose\Application Data\Ultimate Cleaner
C:\Documents and Settings\Rose\Application Data\Ultimate Cleaner\settings.dat
C:\Documents and Settings\Rose\Cookies\rose@2o7[1].txt
C:\Documents and Settings\Rose\Cookies\rose@ads.pointroll[1].txt
C:\Documents and Settings\Rose\Cookies\rose@bluestreak[1].txt
C:\Documents and Settings\Rose\Cookies\rose@clickintext[1].txt
C:\Documents and Settings\Rose\Cookies\rose@edt02[1].txt
C:\Documents and Settings\Rose\Cookies\rose@ehg-dig.hitbox[1].txt
C:\Documents and Settings\Rose\Cookies\rose@ehg-nokiafin.hitbox[1].txt
C:\Documents and Settings\Rose\Cookies\rose@ehg-reed.hitbox[2].txt
C:\Documents and Settings\Rose\Cookies\rose@ems6[1].txt
C:\Documents and Settings\Rose\Cookies\rose@esearchvision[1].txt
C:\Documents and Settings\Rose\Cookies\rose@fastclick[2].txt
C:\Documents and Settings\Rose\Cookies\rose@fr.ebayrtm[2].txt
C:\Documents and Settings\Rose\Cookies\rose@linternaute[1].txt
C:\Documents and Settings\Rose\Cookies\rose@news.fr.msn[2].txt
C:\Documents and Settings\Rose\Cookies\rose@p3p0[1].txt
C:\Documents and Settings\Rose\Cookies\rose@serving-sys[1].txt
C:\Documents and Settings\Rose\Cookies\rose@specificclick[2].txt
C:\Documents and Settings\Rose\Cookies\rose@statcounter[1].txt
C:\Documents and Settings\Rose\Cookies\rose@tradedoubler[2].txt
C:\Documents and Settings\Rose\Cookies\rose@tsw0[2].txt
C:\Documents and Settings\Rose\Cookies\rose@www.transilien[2].txt
C:\Program Files\E404 Helper
C:\Program Files\E404 Helper\e404.v4.dll
C:\Program Files\E404 Helper\e404.v5.dll

.
((((((((((((((((((((((((( Files Created from 2008-08-28 to 2008-09-30 )))))))))))))))))))))))))))))))
.

2008-09-27 12:34 . 2008-09-27 12:34 244 --ah----- C:\sqmnoopt00.sqm
2008-09-27 12:34 . 2008-09-27 12:34 232 --ah----- C:\sqmdata00.sqm
2008-09-27 12:16 . 2008-09-27 12:16 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-27 12:16 . 2008-09-27 12:16 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-04 10:08 . 2008-09-04 11:02 <DIR> d-------- C:\Documents and Settings\Rose\Application Data\Nokia Multimedia Player
2008-09-04 10:04 . 2008-09-04 10:04 <DIR> d-------- C:\Documents and Settings\Rose\Application Data\NSeries
2008-09-04 10:00 . 2008-09-04 10:00 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-09-04 10:00 . 2008-09-04 10:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nokia
2008-09-04 09:58 . 2008-09-04 10:01 <DIR> d-------- C:\Documents and Settings\Rose\Application Data\Nokia
2008-09-04 09:58 . 2008-09-04 10:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-09-04 09:57 . 2008-09-04 09:57 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-09-04 09:57 . 2008-09-04 09:57 <DIR> d-------- C:\Program Files\DIFX
2008-09-04 09:57 . 2008-09-04 09:57 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-09-04 09:57 . 2008-09-04 09:58 <DIR> d-------- C:\Documents and Settings\Rose\Application Data\PC Suite
2008-09-04 09:57 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-09-04 09:57 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-09-04 09:57 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-09-04 09:57 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-09-04 09:57 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-09-04 09:56 . 2008-09-04 10:00 <DIR> d-------- C:\Program Files\Nokia
2008-09-04 09:56 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-09-01 21:33 . 2008-09-01 21:33 <DIR> d-------- C:\Documents and Settings\Rose\Application Data\EPSON
2008-09-01 21:06 . 2008-09-02 17:42 9,662 --a------ C:\WINDOWS\EPISME00.SWB
2008-08-29 05:29 . 2008-08-29 05:47 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-08-01 09:50 . 2008-08-01 09:50 <DIR> d-------- C:\Program Files\Sun

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-24 18:20 --------- d-----w C:\Program Files\Trend Micro
2008-09-04 10:30 --------- d-----w C:\Program Files\eMule
2008-08-18 14:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-01 07:50 --------- d-----w C:\Program Files\Java
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:57 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2007-06-21 17:38 30,280 -c--a-w C:\Program Files\mozilla firefox\plugins\cgpcfg.dll
2007-06-21 17:38 79,432 -c--a-w C:\Program Files\mozilla firefox\plugins\CgpCore.dll
2007-06-21 17:38 71,240 -c--a-w C:\Program Files\mozilla firefox\plugins\confmgr.dll
2007-06-21 17:38 140,872 -c--a-w C:\Program Files\mozilla firefox\plugins\ctxmui.dll
2007-06-21 17:39 38,472 -c--a-w C:\Program Files\mozilla firefox\plugins\icafile.dll
2007-06-21 17:39 46,664 -c--a-w C:\Program Files\mozilla firefox\plugins\icalogon.dll
2007-06-21 17:39 34,376 -c--a-w C:\Program Files\mozilla firefox\plugins\logging.dll
2007-06-21 17:39 685,640 -c--a-w C:\Program Files\mozilla firefox\plugins\sslsdk_b.dll
2007-06-21 17:40 30,280 -c--a-w C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-06-05 141848]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-06-05 162328]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-06-05 137752]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2007-08-01 1036288]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"OfficeScanNT Monitor"="C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" [2007-05-08 702072]
"SPC500NC_Monitor"="C:\WINDOWS\Philips\SPC500NC\Monitor.exe" [2006-11-03 319488]
"fssui"="C:\Program Files\Windows Live\Family Safety\fssui.exe" [2007-12-17 243240]
"EPSON Stylus Photo RX500"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2K1.EXE" [2003-06-02 99840]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 267048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"System Guards"="C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe" [2007-11-08 638976]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-08-02 3096576]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-02-28 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2006-02-28 C:\WINDOWS\system32\narrator.exe]

C:\Documents and Settings\Rose\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 101784]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-12-08 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"33146:TCP"= 33146:TCP:EMULE TCP
"20618:UDP"= 20618:UDP:EMULE UDP

R2 fssfltr;FssFltr;C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2007-10-17 43816]
R2 fsssvc;Windows Live OneCare Family Safety;C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2007-12-17 523816]
R2 sgSchedulerService;sgSchedulerService;C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe [2007-09-04 28672]
S3 SPC500NC;SPC 500NC Laptop Camera;C:\WINDOWS\system32\DRIVERS\SPC610NC.SYS [2007-01-19 409728]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bb68ccb2-0a15-11dd-94b3-001d0914007c}]
\Shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-MSMSGS - C:\Program Files\Messenger\msmsgs.exe
SharedTaskScheduler-{7A81DF49-1DB8-4db4-B070-AD6758ECBA2A} - C:\WINDOWS\system32\qqwg.dll


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Rose\Application Data\Mozilla\Firefox\Profiles\58u3bbgu.default\
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-30 20:41:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\DOCUME~1\Rose\LOCALS~1\Temp\RGI1B2.tmp 7075 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
Completion time: 2008-09-30 20:42:15
ComboFix-quarantined-files.txt 2008-09-30 18:42:02

Pre-Run: 1 772 883 968 bytes free
Post-Run: 2,869,645,312 octets libres

174 --- E O F --- 2008-08-18 14:32:23