Fichier introuvable lors du démarrage de windows

slt à tous,
Alors de puis que j'ai supprimé quelques fichiers sur mon pc car il étaient infectées, maitenant tout fonctionne bien cependant à chaque démarrage de windows le message suivant apparait:

Erreur de chargement de C:\WINDOWS\system32\baxqqask.dll
Le module spécifié est introuvable.

Donc voila, j'attend de vous des solutions si possible pour résoudre ce problème.
Merci de bien vouloir m'aider svp
++ Maskot

Voila mon scan HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:38, on 2008-04-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SECURI~1\av_fw\backweb\7431218\Program\SERVIC~1.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\av_fw\backweb\7431218\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsqh.exe
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsrw.exe
C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\SECURI~1\av_fw\ANTI-S~1\fsaw.exe
C:\Program Files\Securitoo\av_fw\FSGUI\fsguidll.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Propriétaire\Mes documents\Setup logiciels téléchargées\Sécurité\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ec1acd9d] rundll32.exe "C:\WINDOWS\system32\baxqqask.dll",b
O4 - HKLM\..\Run: [Microsoft Updates] svehost.exe
O4 - HKLM\..\RunServices: [Microsoft Updates] svehost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Securitoo\av_fw\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Securitoo\av_fw\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Securitoo\av_fw\Anti-Spyware\ieshield.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 7587394734
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] 0_4_13.cab
O20 - Winlogon Notify: nnnnOHyw - nnnnOHyw.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 7431218) - Securitoo Portal - C:\PROGRA~1\SECURI~1\av_fw\backweb\7431218\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\7431218\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 10693 bytes

Voila le rapport de comboFix:

ComboFix 08-04-27.3 - Propriétaire 2008-04-28 15:22:20.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.484 [GMT 2:00]
Endroit: C:\Downloads\ComboFix.exe
* Création d'un nouveau point de restauration
* Resident AV is active


[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\aglwpccj.ini
C:\WINDOWS\system32\ashvqwnm.ini
C:\WINDOWS\system32\dedcnvwr.dll
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\elpsldap.ini
C:\WINDOWS\system32\ireuvqpe.dll
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pisawiun.ini
C:\WINDOWS\system32\pkgjriit.dll
C:\WINDOWS\system32\wilqotbb.ini
C:\WINDOWS\system32\wpcap.dll
.
---- Previous Run -------
.
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\dllcache\spoolsv.exe
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\svehost.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-28 to 2008-04-28 ))))))))))))))))))))))))))))))))))))
.

2008-04-27 18:19 . 2008-04-27 19:03 <REP> d-------- C:\Program Files\Steam
2008-04-27 16:40 . 2008-04-27 16:40 268 --ah----- C:\sqmdata00.sqm
2008-04-27 16:40 . 2008-04-27 16:40 244 --ah----- C:\sqmnoopt00.sqm
2008-04-27 16:00 . 2008-04-27 16:00 <REP> d-------- C:\Program Files\MSBuild
2008-04-27 16:00 . 2008-04-27 16:00 <REP> d-------- C:\Program Files\Microsoft Works
2008-04-27 15:59 . 2008-04-27 15:59 <REP> d-------- C:\Program Files\Microsoft.NET
2008-04-27 15:57 . 2008-04-27 15:57 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-04-27 15:56 . 2008-04-27 16:00 <REP> d-------- C:\WINDOWS\SHELLNEW
2008-04-27 15:55 . 2008-04-27 15:55 <REP> dr-h----- C:\MSOCache
2008-04-27 15:55 . 2008-04-28 13:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-04-27 15:48 . 2008-04-27 15:48 <REP> d-------- C:\Program Files\Alcohol Soft
2008-04-27 15:45 . 2008-04-27 17:23 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-27 13:26 . 2008-04-27 13:26 <REP> d-------- C:\Program Files\VirtualDubMOD
2008-04-27 13:24 . 2008-04-27 13:24 43,698 --a------ C:\WINDOWS\system32\xvid-uninstall.exe
2008-04-27 13:23 . 2008-04-27 13:24 <REP> d-------- C:\Program Files\AutoGK
2008-04-27 13:16 . 2008-04-27 13:23 <REP> d-------- C:\Program Files\Gabest
2008-04-27 13:16 . 2008-04-27 13:24 <REP> d-------- C:\Program Files\AviSynth 2.5
2008-04-27 13:15 . 2008-04-27 13:15 <REP> d-------- C:\Program Files\DVD Shrink
2008-04-27 13:15 . 2008-04-27 13:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-04-26 20:08 . 2008-04-26 20:08 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-26 20:08 . 2008-04-26 20:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-26 17:45 . 2008-04-26 17:45 <REP> d-------- C:\Program Files\SurfingEnhancer
2008-04-26 17:45 . 2008-03-14 16:05 385,024 --a------ C:\WINDOWS\system32\WinNB55.dll
2008-04-26 13:07 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-04-26 12:59 . 2008-04-26 13:14 <REP> d-------- C:\Program Files\Navilog1
2008-04-26 12:58 . 2008-04-28 15:20 <REP> d-------- C:\Downloads
2008-04-26 12:38 . 2008-04-26 12:38 <REP> d-------- C:\WINDOWS\Sun
2008-04-26 12:04 . 2008-04-26 12:04 3,136 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-26 12:03 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-04-26 12:03 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-04-26 12:03 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-04-26 12:03 . 2008-04-23 22:14 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-04-26 12:03 . 2008-04-23 22:14 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-04-26 12:03 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-26 12:03 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-23 07:39 . 2008-04-23 07:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-04-22 18:54 . 2008-04-22 18:54 11,264 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-04-21 18:19 . 2008-04-26 19:59 109,810 --a------ C:\WINDOWS\BMef29fe01.xml
2008-04-20 12:26 . 2008-04-28 14:43 <REP> d-------- C:\Program Files\LimeWire downloads
2008-04-20 12:26 . 2008-04-28 15:17 <REP> d-------- C:\Program Files\Incomplete
2008-04-20 12:17 . 2008-04-20 12:17 <REP> d-------- C:\Documents and Settings\Sophie\Application Data\F-Secure
2008-04-20 12:16 . 2008-04-20 12:16 <REP> d-------- C:\Documents and Settings\Sophie\Application Data\ispnews
2008-04-20 12:16 . 2008-04-20 12:16 <REP> d-------- C:\Documents and Settings\Sophie\Application Data\ATI
2008-04-20 12:15 . 2008-04-07 19:39 <REP> d--h----- C:\Documents and Settings\Sophie\Voisinage r‚seau
2008-04-20 12:15 . 2008-04-07 19:39 <REP> d--h----- C:\Documents and Settings\Sophie\Voisinage d'impression
2008-04-20 12:15 . 2008-04-07 18:22 <REP> d--h----- C:\Documents and Settings\Sophie\ModŠles
2008-04-20 12:15 . 2008-04-20 12:20 <REP> dr------- C:\Documents and Settings\Sophie\Mes documents
2008-04-20 12:15 . 2008-04-07 19:39 <REP> dr------- C:\Documents and Settings\Sophie\Menu D‚marrer
2008-04-20 12:15 . 2008-04-20 12:16 <REP> dr------- C:\Documents and Settings\Sophie\Favoris
2008-04-20 12:15 . 2008-04-28 13:35 <REP> d-------- C:\Documents and Settings\Sophie\Bureau
2008-04-20 12:15 . 2008-04-20 12:24 <REP> d-------- C:\Documents and Settings\Sophie
2008-04-20 12:15 . 2008-04-28 15:25 1,024 --ah----- C:\Documents and Settings\Sophie\ntuser.dat.LOG
2008-04-20 12:08 . 2008-04-20 12:09 <REP> d-------- C:\Program Files\VirtualDJ
2008-04-20 10:48 . 2008-04-20 12:29 <REP> d-------- C:\Program Files\LimeWire
2008-04-20 10:21 . 2008-04-20 15:26 151 --a------ C:\WINDOWS\PhotoSnapViewer.INI
2008-04-20 01:10 . 2008-04-27 19:16 116 --a------ C:\WINDOWS\NeroDigital.ini
2008-04-20 00:29 . 2008-04-20 00:29 <REP> d-------- C:\Program Files\Nero
2008-04-20 00:29 . 2008-04-20 00:30 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-04-19 23:51 . 2008-04-21 19:30 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-19 23:51 . 2008-04-21 19:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-19 23:42 . 2008-04-19 23:42 716,272 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-04-19 23:37 . 2008-04-19 23:37 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-04-19 23:36 . 2008-04-19 23:36 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-04-19 23:33 . 2008-04-19 23:33 <REP> d-------- C:\Program Files\VideoLAN
2008-04-19 22:59 . 2008-04-28 15:20 <REP> d-------- C:\Program Files\FlashGet
2008-04-19 22:24 . 2008-04-22 22:18 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-04-19 22:12 . 2008-04-22 22:13 <REP> d-------- C:\Program Files\Windows Live
2008-04-19 22:07 . 2008-04-19 22:08 <REP> d-------- C:\Program Files\Google
2008-04-19 22:07 . 2008-04-27 21:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-19 21:59 . 2008-04-19 21:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\F-Secure
2008-04-19 21:59 . 2005-11-18 17:04 70,896 --a------ C:\WINDOWS\system32\drivers\fsdfw.sys
2008-04-19 21:59 . 2005-11-18 17:04 33,584 --a------ C:\WINDOWS\system32\drivers\fsndis5.sys
2008-04-19 21:59 . 2008-04-19 21:59 1,024 --ah----- C:\Documents and Settings\Default User\ntuser.dat.LOG
2008-04-19 21:48 . 2008-04-19 21:48 118,842 -r------- C:\WINDOWS\bwUnin-6.3.3.61-7431218L.exe
2008-04-19 21:23 . 2008-04-19 21:23 <REP> d-------- C:\WINDOWS\system32\AlertModule
2008-04-19 21:23 . 2003-08-04 14:22 94,208 --a------ C:\WINDOWS\system32\W32n50.dll
2008-04-19 21:23 . 2004-08-23 14:49 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
2008-04-19 21:23 . 2005-10-06 14:55 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
2008-04-19 21:23 . 2004-08-23 14:50 32,768 --a------ C:\WINDOWS\system32\WooDial2000.dll
2008-04-19 21:23 . 2003-08-04 14:22 16,128 --------- C:\WINDOWS\system32\PCANDIS5.SYS
2008-04-19 21:22 . 2008-04-28 15:28 <REP> d-------- C:\Program Files\Wanadoo
2008-04-19 21:19 . 2008-04-19 21:33 <REP> d-------- C:\Program Files\Securitoo
2008-04-19 20:57 . 2008-04-19 20:57 <REP> d-------- C:\Program Files\Inventel
2008-04-19 20:52 . 2006-03-02 14:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-04-19 20:52 . 2008-04-19 23:36 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-04-19 20:52 . 2008-04-19 23:36 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-04-19 20:35 . 2008-04-19 20:35 <REP> d-------- C:\Program Files\Realtek AC97
2008-04-19 20:11 . 2008-04-19 20:11 <REP> d-------- C:\WINDOWS\__SkypeIEToolbar_Cache
2008-04-19 20:03 . 2001-08-23 17:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-04-19 20:03 . 2001-08-23 17:04 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-04-19 20:02 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-04-19 20:02 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-04-08 12:09 . 2008-04-19 20:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-04-08 12:02 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-04-08 12:01 . 2008-04-08 12:01 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-08 11:53 . 2008-04-08 12:00 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-04-08 11:53 . 2008-04-19 22:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-08 11:49 . 2008-04-20 12:23 <REP> d-------- C:\Program Files\Java
2008-04-08 11:49 . 2008-04-08 11:49 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-04-08 11:49 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-04-08 11:46 . 2008-04-08 11:46 <REP> d-------- C:\Documents and Settings\Propritaire
2008-04-08 11:46 . 2008-03-19 18:26 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-04-08 11:46 . 2008-03-19 18:29 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-04-08 11:44 . 2008-04-08 11:44 <REP> d-------- C:\WINDOWS\system32\Adobe
2008-04-08 11:34 . 2008-04-08 11:34 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-04-08 11:33 . 2005-07-26 20:44 27,354 --a------ C:\WINDOWS\system32\oemlogo.bmp
2008-04-08 11:33 . 2006-06-15 10:33 161 --a------ C:\WINDOWS\system32\oeminfo.ini
2008-04-08 11:11 . 2008-04-08 11:11 <REP> d-------- C:\hp
2008-04-08 11:02 . 2008-04-08 11:02 <REP> d-------- C:\WINDOWS\OPTIONS
2008-04-08 11:02 . 2008-04-08 11:02 <REP> d-------- C:\Program Files\Realtek
2008-04-08 11:02 . 2008-04-08 11:00 105,088 --a------ C:\WINDOWS\system32\drivers\Rtnicxp.sys
2008-04-08 10:59 . 2008-04-08 10:59 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-04-08 10:59 . 2008-04-08 10:59 <REP> d-------- C:\Program Files\AMD
2008-04-08 10:59 . 2006-07-01 22:42 43,520 --a------ C:\WINDOWS\system32\drivers\AmdK8.sys
2008-04-08 10:50 . 2008-04-08 10:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-04-08 10:50 . 2008-04-08 10:50 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-04-08 10:48 . 2008-03-26 12:59 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
2008-04-08 10:47 . 2008-04-08 10:49 <REP> d-------- C:\Program Files\ATI Technologies
2008-04-08 10:46 . 2008-04-08 10:46 <REP> d-------- C:\ATI
2008-04-08 10:42 . 2006-06-14 11:00 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-08 10:42 . 2006-06-14 11:00 82,944 --a--c--- C:\WINDOWS\system32\dllcache\wdmaud.sys
2008-04-08 10:42 . 2004-08-03 23:07 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2008-04-08 10:42 . 2004-08-03 23:07 52,864 --a--c--- C:\WINDOWS\system32\dllcache\dmusic.sys
2008-04-08 10:42 . 2006-08-01 15:02 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-04-08 10:42 . 2006-06-14 10:47 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-07 16:26 --------- d-----w C:\Program Files\microsoft frontpage
2008-04-07 16:24 --------- d-----w C:\Program Files\Services en ligne
2008-03-26 18:49 2,863,616 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-03-26 17:59 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-03-26 17:57 300,032 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-03-26 17:50 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-03-26 17:48 9,797,632 ----a-w C:\WINDOWS\system32\atioglx2.dll
2008-03-26 17:48 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-03-26 17:48 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-03-26 17:48 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-03-26 17:48 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-03-26 17:48 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-03-26 17:46 520,192 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-03-26 17:45 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-03-26 17:36 3,176,480 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-03-26 17:29 1,755,264 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-03-26 17:17 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-03-26 17:13 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll
2008-03-26 17:13 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-03-26 17:11 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-03-26 17:11 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-03-26 17:09 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-03-26 17:05 520,192 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-01 09:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-02-22 17:58 217544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 09:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 577536 C:\WINDOWS\soundman.exe]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
"F-Secure Manager"="C:\Program Files\Securitoo\av_fw\Common\FSM32.exe" [2005-10-26 03:51 122929]
"F-Secure TNB"="C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" [2005-07-18 16:51 700416]
"F-Secure Startup Wizard"="C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.exe" [2005-10-18 10:29 372736]
"News Service"="C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe" [2005-05-31 14:45 356352]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2005-09-25 19:11 155648]
"ec1acd9d"="C:\WINDOWS\system32\baxqqask.dll" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Microsoft Updates"="svehost.exe" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnnOHyw]
nnnnOHyw.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Securitoo\\av_fw\\backweb\\7431218\\Program\\fspex.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\FlashGet\\FlashGet.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-11-18 17:04]
R2 BackWeb Plug-in - 7431218;Antivirus Firewall;C:\PROGRA~1\SECURI~1\av_fw\backweb\7431218\Program\SERVIC~1.EXE [2008-04-19 21:49]
R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Securitoo\av_fw\Anti-Virus\Win2K\FSfilter.sys [2004-09-10 17:14]
R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Securitoo\av_fw\Anti-Virus\Win2K\FSgk.sys [2008-04-19 22:03]
R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Securitoo\av_fw\Anti-Virus\Win2K\FSrec.sys [2004-06-01 11:03]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fe9af0a0-145e-11dd-906c-001109bd6e3b}]
\Shell\AutoRun\command - J:\SETUP.EXE
\Shell\configure\command - J:\SETUP.EXE
\Shell\install\command - J:\SETUP.EXE

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-04-28 11:29:28 C:\WINDOWS\Tasks\Scheduled scanning task.job"
- C:\PROGRA~1\SECURI~1\av_fw\ANTI-V~1\fsav.exe` /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\SECURI~1\av_fw\ANTI-V~1\report.txt $C:\PROGRA~1\SECURI~1\av_fw\ANTI-V~1.SYSTEM'Tƒche ajout‚e par F-Secure Anti-Virus.
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-28 15:27:51
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 1

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32.exe
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\WINDOWS\system32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsqh.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSRW.exe
C:\Program Files\Securitoo\av_fw\FWES\program\fsdfwd.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSAV32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Wanadoo\TaskBarIcon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Securitoo\av_fw\Anti-Spyware\FSAW.exe
C:\Program Files\Securitoo\av_fw\FSGUI\fsguidll.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-28 15:30:16 - machine was rebooted [Propri‚taire]
ComboFix-quarantined-files.txt 2008-04-28 13:30:09

Pre-Run: 183,360,262,144 octets libres
Post-Run: 183,954,407,424 octets libres

288 --- E O F --- 2008-04-27 17:02:17

okk bon PC tourne bien, aucun éléments nuisibles infectées :

Malwarebytes' Anti-Malware 1.11
Version de la base de données: 686

Type de recherche: Examen complet (C:\|)
Eléments examinés: 95619
Temps écoulé: 22 minute(s), 14 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{5C0DD08C-5FD8-44CB-B92C-417BAA0088B4}\RP59\A0008555.dll (Trojan.Vundo) -> No action taken.

oui c'est bon je viens de le supprimer.
Mais donc après tout sa comment je fais pour résoudre le problème du fichier introuvable?
Encore merci!!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:57:46, on 28/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SECURI~1\av_fw\backweb\7431218\Program\SERVIC~1.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\backweb\7431218\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsqh.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsrw.exe
C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\SECURI~1\av_fw\ANTI-S~1\fsaw.exe
C:\Program Files\Securitoo\av_fw\FSGUI\fsguidll.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Propriétaire\Mes documents\Setup logiciels téléchargées\Sécurité\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ec1acd9d] rundll32.exe "C:\WINDOWS\system32\baxqqask.dll",b
O4 - HKLM\..\RunServices: [Microsoft Updates] svehost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Securitoo\av_fw\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Securitoo\av_fw\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Securitoo\av_fw\Anti-Spyware\ieshield.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 7587394734
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] 0_4_13.cab
O20 - Winlogon Notify: nnnnOHyw - nnnnOHyw.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 7431218) - Securitoo Portal - C:\PROGRA~1\SECURI~1\av_fw\backweb\7431218\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\7431218\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 10585 bytes

ComboFix 08-04-27.3 - Propriétaire 2008-04-28 20:52:28.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.427 [GMT 2:00]
Endroit: C:\Downloads\ComboFix.exe
Command switches used :: C:\Downloads\CFScript.txt
* Création d'un nouveau point de restauration
* Resident AV is active


[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]

FILE ::
C:\WINDOWS\system32\baxqqask.dll
.

((((((((((((((((((((((((((((( Fichiers créés 2008-03-28 to 2008-04-28 ))))))))))))))))))))))))))))))))))))
.

2008-04-28 15:30 . 2008-04-28 15:30 <REP> d-------- C:\Documents and Settings\PropriÚtaire
2008-04-27 18:19 . 2008-04-27 19:03 <REP> d-------- C:\Program Files\Steam
2008-04-27 16:40 . 2008-04-27 16:40 268 --ah----- C:\sqmdata00.sqm
2008-04-27 16:40 . 2008-04-27 16:40 244 --ah----- C:\sqmnoopt00.sqm
2008-04-27 16:00 . 2008-04-27 16:00 <REP> d-------- C:\Program Files\MSBuild
2008-04-27 16:00 . 2008-04-27 16:00 <REP> d-------- C:\Program Files\Microsoft Works
2008-04-27 15:59 . 2008-04-27 15:59 <REP> d-------- C:\Program Files\Microsoft.NET
2008-04-27 15:57 . 2008-04-27 15:57 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-04-27 15:56 . 2008-04-27 16:00 <REP> d-------- C:\WINDOWS\SHELLNEW
2008-04-27 15:55 . 2008-04-27 15:55 <REP> dr-h----- C:\MSOCache
2008-04-27 15:55 . 2008-04-28 13:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-04-27 15:48 . 2008-04-27 15:48 <REP> d-------- C:\Program Files\Alcohol Soft
2008-04-27 15:45 . 2008-04-27 17:23 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-27 13:26 . 2008-04-27 13:26 <REP> d-------- C:\Program Files\VirtualDubMOD
2008-04-27 13:24 . 2008-04-27 13:24 43,698 --a------ C:\WINDOWS\system32\xvid-uninstall.exe
2008-04-27 13:23 . 2008-04-27 13:24 <REP> d-------- C:\Program Files\AutoGK
2008-04-27 13:16 . 2008-04-27 13:23 <REP> d-------- C:\Program Files\Gabest
2008-04-27 13:16 . 2008-04-27 13:24 <REP> d-------- C:\Program Files\AviSynth 2.5
2008-04-27 13:15 . 2008-04-27 13:15 <REP> d-------- C:\Program Files\DVD Shrink
2008-04-27 13:15 . 2008-04-27 13:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-04-26 20:08 . 2008-04-26 20:08 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-26 20:08 . 2008-04-26 20:08 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
2008-04-26 20:08 . 2008-04-26 20:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-26 17:45 . 2008-04-26 17:45 <REP> d-------- C:\Program Files\SurfingEnhancer
2008-04-26 17:45 . 2008-03-14 16:05 385,024 --a------ C:\WINDOWS\system32\WinNB55.dll
2008-04-26 13:07 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-04-26 12:59 . 2008-04-26 13:14 <REP> d-------- C:\Program Files\Navilog1
2008-04-26 12:58 . 2008-04-28 20:52 <REP> d-------- C:\Downloads
2008-04-26 12:38 . 2008-04-26 12:38 <REP> d-------- C:\WINDOWS\Sun
2008-04-26 12:04 . 2008-04-26 12:04 3,136 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-26 12:03 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-04-26 12:03 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-04-26 12:03 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-04-26 12:03 . 2008-04-23 22:14 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-04-26 12:03 . 2008-04-23 22:14 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-04-26 12:03 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-26 12:03 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-23 07:39 . 2008-04-23 07:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-04-22 18:54 . 2008-04-22 18:54 11,264 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-04-21 18:19 . 2008-04-26 19:59 109,810 --a------ C:\WINDOWS\BMef29fe01.xml
2008-04-20 12:26 . 2008-04-28 15:35 <REP> d-------- C:\Program Files\LimeWire downloads
2008-04-20 12:26 . 2008-04-28 20:43 <REP> d-------- C:\Program Files\Incomplete
2008-04-20 12:17 . 2008-04-20 12:17 <REP> d-------- C:\Documents and Settings\Sophie\Application Data\F-Secure
2008-04-20 12:16 . 2008-04-20 12:16 <REP> d-------- C:\Documents and Settings\Sophie\Application Data\ispnews
2008-04-20 12:16 . 2008-04-20 12:16 <REP> d-------- C:\Documents and Settings\Sophie\Application Data\ATI
2008-04-20 12:15 . 2008-04-07 19:39 <REP> d--h----- C:\Documents and Settings\Sophie\Voisinage réseau
2008-04-20 12:15 . 2008-04-07 19:39 <REP> d--h----- C:\Documents and Settings\Sophie\Voisinage d'impression
2008-04-20 12:15 . 2008-04-07 18:22 <REP> d--h----- C:\Documents and Settings\Sophie\Modèles
2008-04-20 12:15 . 2008-04-20 12:20 <REP> dr------- C:\Documents and Settings\Sophie\Mes documents
2008-04-20 12:15 . 2008-04-07 19:39 <REP> dr------- C:\Documents and Settings\Sophie\Menu Démarrer
2008-04-20 12:15 . 2008-04-20 12:16 <REP> dr------- C:\Documents and Settings\Sophie\Favoris
2008-04-20 12:15 . 2008-04-28 13:35 <REP> d-------- C:\Documents and Settings\Sophie\Bureau
2008-04-20 12:15 . 2008-04-20 12:24 <REP> d-------- C:\Documents and Settings\Sophie
2008-04-20 12:15 . 2008-04-28 20:52 1,024 --ah----- C:\Documents and Settings\Sophie\ntuser.dat.LOG
2008-04-20 12:08 . 2008-04-20 12:09 <REP> d-------- C:\Program Files\VirtualDJ
2008-04-20 10:48 . 2008-04-20 12:29 <REP> d-------- C:\Program Files\LimeWire
2008-04-20 10:48 . 2008-04-28 19:45 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\LimeWire
2008-04-20 10:21 . 2008-04-20 15:26 151 --a------ C:\WINDOWS\PhotoSnapViewer.INI
2008-04-20 01:10 . 2008-04-28 17:28 116 --a------ C:\WINDOWS\NeroDigital.ini
2008-04-20 00:31 . 2008-04-20 00:31 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Ahead
2008-04-20 00:29 . 2008-04-20 00:29 <REP> d-------- C:\Program Files\Nero
2008-04-20 00:29 . 2008-04-20 00:30 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-04-19 23:51 . 2008-04-21 19:30 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-19 23:51 . 2008-04-21 19:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-19 23:42 . 2008-04-19 23:42 716,272 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-04-19 23:37 . 2008-04-19 23:37 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-04-19 23:36 . 2008-04-19 23:36 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-04-19 23:33 . 2008-04-19 23:33 <REP> d-------- C:\Program Files\VideoLAN
2008-04-19 23:33 . 2008-04-19 23:33 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\vlc
2008-04-19 22:59 . 2008-04-28 20:48 <REP> d-------- C:\Program Files\FlashGet
2008-04-19 22:24 . 2008-04-22 22:18 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-04-19 22:15 . 2008-04-19 22:15 <REP> d-------- C:\Documents and Settings\Propriétaire\Contacts
2008-04-19 22:15 . 2008-04-19 22:15 <REP> d-------- C:\Documents and Settings\Propriétaire\Contacts
2008-04-19 22:12 . 2008-04-22 22:13 <REP> d-------- C:\Program Files\Windows Live
2008-04-19 22:07 . 2008-04-19 22:08 <REP> d-------- C:\Program Files\Google
2008-04-19 22:07 . 2008-04-27 21:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-19 22:03 . 2008-04-19 22:14 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\F-Secure
2008-04-19 22:01 . 2008-04-19 22:01 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\ispnews
2008-04-19 21:59 . 2008-04-19 21:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\F-Secure
2008-04-19 21:59 . 2005-11-18 17:04 70,896 --a------ C:\WINDOWS\system32\drivers\fsdfw.sys
2008-04-19 21:59 . 2005-11-18 17:04 33,584 --a------ C:\WINDOWS\system32\drivers\fsndis5.sys
2008-04-19 21:59 . 2008-04-19 21:59 1,024 --ah----- C:\Documents and Settings\Default User\ntuser.dat.LOG
2008-04-19 21:48 . 2008-04-19 21:48 118,842 -r------- C:\WINDOWS\bwUnin-6.3.3.61-7431218L.exe
2008-04-19 21:23 . 2008-04-19 21:23 <REP> d-------- C:\WINDOWS\system32\AlertModule
2008-04-19 21:23 . 2003-08-04 14:22 94,208 --a------ C:\WINDOWS\system32\W32n50.dll
2008-04-19 21:23 . 2004-08-23 14:49 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
2008-04-19 21:23 . 2005-10-06 14:55 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
2008-04-19 21:23 . 2004-08-23 14:50 32,768 --a------ C:\WINDOWS\system32\WooDial2000.dll
2008-04-19 21:23 . 2003-08-04 14:22 16,128 --------- C:\WINDOWS\system32\PCANDIS5.SYS
2008-04-19 21:22 . 2008-04-28 20:51 <REP> d-------- C:\Program Files\Wanadoo
2008-04-19 21:19 . 2008-04-19 21:33 <REP> d-------- C:\Program Files\Securitoo
2008-04-19 20:57 . 2008-04-19 20:57 <REP> d-------- C:\Program Files\Inventel
2008-04-19 20:52 . 2006-03-02 14:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-04-19 20:52 . 2008-04-19 23:36 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-04-19 20:52 . 2008-04-19 23:36 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-04-19 20:35 . 2008-04-19 20:35 <REP> d-------- C:\Program Files\Realtek AC97
2008-04-19 20:11 . 2008-04-19 20:11 <REP> d-------- C:\WINDOWS\__SkypeIEToolbar_Cache
2008-04-19 20:03 . 2001-08-23 17:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-04-19 20:03 . 2001-08-23 17:04 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-04-19 20:02 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-04-19 20:02 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-04-08 12:09 . 2008-04-19 20:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-04-08 12:02 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-04-08 12:01 . 2008-04-08 12:01 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-08 11:53 . 2008-04-08 12:00 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-04-08 11:53 . 2008-04-19 22:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-08 11:49 . 2008-04-20 12:23 <REP> d-------- C:\Program Files\Java
2008-04-08 11:49 . 2008-04-08 11:49 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-04-08 11:49 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-04-08 11:46 . 2008-04-08 11:46 <REP> d-------- C:\Documents and Settings\Propritaire
2008-04-08 11:46 . 2008-03-19 18:26 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-04-08 11:46 . 2008-03-19 18:29 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-04-08 11:44 . 2008-04-08 11:44 <REP> d-------- C:\WINDOWS\system32\Adobe
2008-04-08 11:34 . 2008-04-08 11:34 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-04-08 11:33 . 2005-07-26 20:44 27,354 --a------ C:\WINDOWS\system32\oemlogo.bmp
2008-04-08 11:33 . 2006-06-15 10:33 161 --a------ C:\WINDOWS\system32\oeminfo.ini
2008-04-08 11:11 . 2008-04-08 11:11 <REP> d-------- C:\hp
2008-04-08 11:02 . 2008-04-08 11:02 <REP> d-------- C:\WINDOWS\OPTIONS
2008-04-08 11:02 . 2008-04-08 11:02 <REP> d-------- C:\Program Files\Realtek
2008-04-08 11:02 . 2008-04-08 11:00 105,088 --a------ C:\WINDOWS\system32\drivers\Rtnicxp.sys
2008-04-08 10:59 . 2008-04-08 10:59 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-04-08 10:59 . 2008-04-08 10:59 <REP> d-------- C:\Program Files\AMD
2008-04-08 10:59 . 2006-07-01 22:42 43,520 --a------ C:\WINDOWS\system32\drivers\AmdK8.sys
2008-04-08 10:58 . 2008-04-08 10:58 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\InstallShield
2008-04-08 10:50 . 2008-04-08 10:50 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\ATI

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-07 16:26 --------- d-----w C:\Program Files\microsoft frontpage
2008-04-07 16:24 --------- d-----w C:\Program Files\Services en ligne
2008-03-26 18:49 2,863,616 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-03-26 17:59 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-03-26 17:57 300,032 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-03-26 17:50 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-03-26 17:48 9,797,632 ----a-w C:\WINDOWS\system32\atioglx2.dll
2008-03-26 17:48 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-03-26 17:48 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-03-26 17:48 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-03-26 17:48 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-03-26 17:48 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-03-26 17:46 520,192 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-03-26 17:45 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-03-26 17:36 3,176,480 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-03-26 17:29 1,755,264 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-03-26 17:17 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-03-26 17:13 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll
2008-03-26 17:13 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-03-26 17:11 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-03-26 17:11 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-03-26 17:09 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-03-26 17:05 520,192 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-01 09:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-02-22 17:58 217544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 09:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 577536 C:\WINDOWS\soundman.exe]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
"F-Secure Manager"="C:\Program Files\Securitoo\av_fw\Common\FSM32.exe" [2005-10-26 03:51 122929]
"F-Secure TNB"="C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" [2005-07-18 16:51 700416]
"F-Secure Startup Wizard"="C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.exe" [2005-10-18 10:29 372736]
"News Service"="C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe" [2005-05-31 14:45 356352]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2005-09-25 19:11 155648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Antivirus Firewall.lnk - C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe [2008-04-19 21:49:01 32807]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-19 22:07:41 124400]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Securitoo\\av_fw\\backweb\\7431218\\Program\\fspex.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\FlashGet\\FlashGet.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-11-18 17:04]
R2 BackWeb Plug-in - 7431218;Antivirus Firewall;C:\PROGRA~1\SECURI~1\av_fw\backweb\7431218\Program\SERVIC~1.EXE [2008-04-19 21:49]
R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Securitoo\av_fw\Anti-Virus\Win2K\FSfilter.sys [2004-09-10 17:14]
R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Securitoo\av_fw\Anti-Virus\Win2K\FSgk.sys [2008-04-19 22:03]
R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Securitoo\av_fw\Anti-Virus\Win2K\FSrec.sys [2004-06-01 11:03]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-28 11:29:28 C:\WINDOWS\Tasks\Scheduled scanning task.job"
- C:\PROGRA~1\SECURI~1\av_fw\ANTI-V~1\fsav.exe` /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\SECURI~1\av_fw\ANTI-V~1\report.txt $C:\PROGRA~1\SECURI~1\av_fw\ANTI-V~1.SYSTEM'Tâche ajoutée par F-Secure Anti-Virus.
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-28 20:53:48
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 1

**************************************************************************
.
Temps d'accomplissement: 2008-04-28 20:54:23
ComboFix-quarantined-files.txt 2008-04-28 18:54:20

Pre-Run: 182,713,049,088 octets libres
Post-Run: 182,837,231,616 octets libres

231 --- E O F --- 2008-04-27 17:02:17

C'est mieux ?

T'appelles pas ça du foutage de gueule de créer deux topics et faire bosser deux helpers ?
Je lock ce sujet, pff.