Problème CID avec windos vista

Bonjour, voila j'ai un problème d'affichage de pub CID que je n'arrive pas a arrété.

Alors j'ai bien un fichier nommé CID dans pannaux de configuration/gestion des programmes/CID help.
Mais je n'arrive pas a le désintaller.

j'ai déja dl COmbofix et le rapport est le suivant :

ComboFix 08-05-27.4 - Yann 2008-05-28 2:10:28.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1089 [GMT 2:00]
Endroit: C:\Users\Yann\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\Downloaded Program Files\setup.inf

.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-28 to 2008-05-28 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-27 23:43 --------- d-----w C:\Program Files\eMule
2008-05-27 23:39 --------- d-----w C:\Program Files\Steam
2008-05-24 11:52 --------- d-----w C:\Program Files\Common Files\AVSMedia
2008-05-23 14:26 --------- d-----w C:\Users\Yann\AppData\Roaming\uTorrent
2008-05-23 14:20 --------- d-----w C:\ProgramData\site link test
2008-05-23 14:20 --------- d-----w C:\ProgramData\beep axis mode free
2008-05-21 23:46 --------- d-----w C:\Users\Yann\AppData\Roaming\mIRC
2008-05-19 15:54 --------- d-----w C:\Users\Yann\AppData\Roaming\AVSMedia
2008-05-19 09:43 --------- d-----w C:\Program Files\World of Warcraft
2008-05-17 07:18 --------- d-----w C:\Program Files\Codemasters
2008-05-16 19:31 --------- d-----w C:\Program Files\mIRC
2008-05-15 23:18 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
2008-05-15 18:27 --------- d-----w C:\Program Files\Windows Live
2008-05-15 18:22 --------- d-----w C:\ProgramData\WLInstaller
2008-05-14 00:59 --------- d-----w C:\ProgramData\Microsoft Help
2008-05-14 00:59 --------- d-----w C:\Program Files\Windows Mail
2008-05-10 13:09 --------- d-----w C:\ProgramData\Media Center Programs
2008-05-10 12:44 --------- d-----w C:\Program Files\Common Files\Steam
2008-05-09 21:34 --------- d-----w C:\Users\Yann\AppData\Roaming\Turbine
2008-05-03 13:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-26 17:19 --------- d-----w C:\Program Files\PhotoFiltre
2008-04-19 05:19 --------- d-----w C:\ProgramData\NVIDIA
2008-04-18 15:44 --------- d-----w C:\ProgramData\InstallShield
2008-04-18 15:39 --------- d-----w C:\Program Files\Gpotato.eu
2008-04-18 15:39 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-04-14 23:08 --------- d-----w C:\Users\Yann\AppData\Roaming\Apple Computer
2008-04-14 23:08 --------- d-----w C:\Program Files\iTunes
2008-04-14 23:08 --------- d-----w C:\Program Files\iPod
2008-04-14 23:07 --------- d-----w C:\ProgramData\Apple Computer
2008-04-14 23:07 --------- d-----w C:\Program Files\QuickTime
2008-04-14 23:06 --------- d-----w C:\Program Files\Apple Software Update
2008-04-14 23:05 --------- d-----w C:\ProgramData\Apple
2008-04-14 23:05 --------- d-----w C:\Program Files\Common Files\Apple
2008-04-14 21:26 --------- d-----w C:\Program Files\Veoh Networks
2008-04-02 18:46 --------- d-----w C:\Program Files\MIKSOFT
2008-03-02 02:13 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-03-02 02:09 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-03-02 02:09 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-03-02 02:07 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-03-02 02:07 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-03-02 02:07 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-03-02 02:06 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-03-02 02:06 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-03-02 02:06 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-03-02 02:06 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-03-02 02:06 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-03-02 02:06 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-03-02 02:06 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-03-02 02:01 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-02-29 06:51 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-02-29 06:39 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-02-29 06:39 371,712 ----a-w C:\Windows\System32\srcore.dll
2008-02-29 06:38 313,856 ----a-w C:\Windows\System32\rstrui.exe
2008-02-29 06:38 16,384 ----a-w C:\Windows\System32\srdelayed.exe
2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-29 06:34 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll
2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2007-11-20 00:21 22,328 ----a-w C:\Users\Yann\AppData\Roaming\PnkBstrK.sys
2007-08-30 10:18 174 --sha-w C:\Program Files\desktop.ini
2007-07-22 13:25 32 ----a-r C:\Users\All Users\hash.dat
2007-07-22 13:25 32 ----a-r C:\ProgramData\hash.dat
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 04:01 1232896]
"Steam"="c:\program files\steam\steam.exe" [2008-03-28 12:23 1271032]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 00:29 165784]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-06-27 17:33 171448]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe" [2007-12-04 06:57 2494464]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 18:35 3587120]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
"blue online"="C:\ProgramData\Bib bold bold.8u5urz" [2008-05-23 16:19 335888]
"MODE FREE BIRD SURF"="C:\ProgramData\POLL TEST VC.p9qw1ut" [2008-05-23 16:20 40976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCDMon"="C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe" [2006-11-09 12:45 549376]
"Launch LGDCore"="C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-11-09 13:10 1126400]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [2005-04-13 03:48 36975]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 04:06 40048]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-09-12 05:28 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-09-12 05:28 8497696]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-09-12 05:28 81920]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"= 2 (0x2)
"DontDisplayLogonHoursWarnings"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{8C1FDE97-1986-41DA-BF82-D9702F26D632}C:\\program files\\world of warcraft\\wow-2.0.3-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.0.3-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{243E6670-221F-42FE-B07D-AC015F986985}C:\\program files\\world of warcraft\\wow-2.0.3-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.0.3-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{09E24B04-96ED-4E4B-A502-1CF8FE255DBD}C:\\program files\\world of warcraft\\wow-1.12.0-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-1.12.0-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{805164A2-6031-451F-B450-A55723D407A1}C:\\program files\\world of warcraft\\wow-1.12.0-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-1.12.0-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{01BDCDD8-328D-4E87-9229-48DF7ABFBEC9}C:\\program files\\world of warcraft\\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe"= UDP:C:\program files\world of warcraft\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe:Blizzard Downloader
"UDP Query User{4D60A0AB-C56B-4BAA-9181-9B7327847CE5}C:\\program files\\world of warcraft\\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe"= TCP:C:\program files\world of warcraft\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe:Blizzard Downloader
"TCP Query User{8CFEB43A-5085-4B01-8FD0-B2B69D384013}C:\\program files\\world of warcraft\\wow-2.0.3.6299-to-2.0.10.6448-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.0.3.6299-to-2.0.10.6448-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{14A3723D-4897-4A4F-ADCC-5ABE49D7F904}C:\\program files\\world of warcraft\\wow-2.0.3.6299-to-2.0.10.6448-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.0.3.6299-to-2.0.10.6448-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{29B68D22-4A77-4127-8527-1B7D4BEB6037}C:\\program files\\steam\\steamapps\\venatio\\day of defeat source\\hl2.exe"= UDP:C:\program files\steam\steamapps\venatio\day of defeat source\hl2.exe:hl2
"UDP Query User{BD866E44-1C57-4895-81C0-17D43A7E9A64}C:\\program files\\steam\\steamapps\\venatio\\day of defeat source\\hl2.exe"= TCP:C:\program files\steam\steamapps\venatio\day of defeat source\hl2.exe:hl2
"{96933BB0-8762-468A-93B3-8606E54E3F1E}"= UDP:C:\Program Files\uTorrent\utorrent.exe:µTorrent
"{64D731ED-F000-4498-8D6C-C805C161A670}"= TCP:C:\Program Files\uTorrent\utorrent.exe:µTorrent
"TCP Query User{256DBA96-2671-429B-93B1-DA561D64690B}C:\\program files\\world of warcraft\\wow-2.0.10.6448-to-2.0.12.6546-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.0.10.6448-to-2.0.12.6546-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{CA663BD7-E332-48AC-8A88-3BCDD0231A01}C:\\program files\\world of warcraft\\wow-2.0.10.6448-to-2.0.12.6546-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.0.10.6448-to-2.0.12.6546-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{3CB8C4E8-F514-4EB9-9656-A3C990518E1E}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{5226A56D-B5F4-43EB-9C8B-374CF41D805A}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{B0EBE8E1-CB7D-483D-B108-7133144915E4}C:\\program files\\steam\\steamapps\\venatio\\half-life\\hl.exe"= UDP:C:\program files\steam\steamapps\venatio\half-life\hl.exe:Half-Life Launcher
"UDP Query User{B3F1F46E-89A3-4A57-8F97-196E88978237}C:\\program files\\steam\\steamapps\\venatio\\half-life\\hl.exe"= TCP:C:\program files\steam\steamapps\venatio\half-life\hl.exe:Half-Life Launcher
"TCP Query User{3AD14D7B-843A-4814-BCA9-98C7F236ED46}C:\\program files\\steam\\steamapps\\venatio\\half-life 2 deathmatch\\hl2.exe"= UDP:C:\program files\steam\steamapps\venatio\half-life 2 deathmatch\hl2.exe:hl2
"UDP Query User{59366A0B-AC08-4BF4-B5CB-5BBB4B4FE4D4}C:\\program files\\steam\\steamapps\\venatio\\half-life 2 deathmatch\\hl2.exe"= TCP:C:\program files\steam\steamapps\venatio\half-life 2 deathmatch\hl2.exe:hl2
"TCP Query User{FFF8C09A-6C02-4501-A0EF-1AA979722FDA}C:\\stubinstaller.exe"= UDP:C:\stubinstaller.exe:LimeWire swarmed installer
"UDP Query User{7882538A-42B8-4061-83FA-9C06510FDDCB}C:\\stubinstaller.exe"= TCP:C:\stubinstaller.exe:LimeWire swarmed installer
"{032252A5-D58E-48A0-B813-E1FBD5F5FF09}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{895B9E9A-019D-446B-AE3D-781BFE0388F3}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{AA22095C-684F-4C93-B0A0-1F2F5719656B}C:\\program files\\steam\\steamapps\\venatio\\dedicated server\\hlds.exe"= UDP:C:\program files\steam\steamapps\venatio\dedicated server\hlds.exe:HLDS Launcher
"UDP Query User{DAD5C41E-83D2-41BA-9D69-8E5B6C7A6B4A}C:\\program files\\steam\\steamapps\\venatio\\dedicated server\\hlds.exe"= TCP:C:\program files\steam\steamapps\venatio\dedicated server\hlds.exe:HLDS Launcher
"TCP Query User{3AD92C2B-2FF6-4371-A932-CA2C6A0C636B}C:\\program files\\hlsw\\hlsw.exe"= UDP:C:\program files\hlsw\hlsw.exe:hlsw
"UDP Query User{2A1D03D0-CA04-4DE8-8C11-ABF7E790960D}C:\\program files\\hlsw\\hlsw.exe"= TCP:C:\program files\hlsw\hlsw.exe:hlsw
"TCP Query User{EC875458-59F7-4034-AA11-9E75BCC86083}C:\\program files\\steam\\steamapps\\venatio\\team fortress classic\\hl.exe"= UDP:C:\program files\steam\steamapps\venatio\team fortress classic\hl.exe:Half-Life Launcher
"UDP Query User{4210B803-19BA-4969-9B9E-195A3386FE41}C:\\program files\\steam\\steamapps\\venatio\\team fortress classic\\hl.exe"= TCP:C:\program files\steam\steamapps\venatio\team fortress classic\hl.exe:Half-Life Launcher
"TCP Query User{0A6D7B6F-5DA8-4550-AC62-C226D99A0B20}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= UDP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{54D20B77-A8CE-44BF-89FE-9A1704185F31}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= TCP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"TCP Query User{E4A3F52F-F544-4E6F-9268-69D1ACCCE284}C:\\program files\\world of warcraft\\wow-2.0.12.6546-to-2.1.0.6692-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.0.12.6546-to-2.1.0.6692-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{57FB2CE1-C7F0-4FF4-B31E-416E7C516FDA}C:\\program files\\world of warcraft\\wow-2.0.12.6546-to-2.1.0.6692-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.0.12.6546-to-2.1.0.6692-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{9C2D5EC7-14E8-4A86-ABB7-17A43501A591}C:\\program files\\world of warcraft\\wow-2.1.0.6692-to-2.1.0.6729-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{EBF1405B-D612-4FA9-9BFE-23F600C1381A}C:\\program files\\world of warcraft\\wow-2.1.0.6692-to-2.1.0.6729-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{57898633-D0A5-408E-B871-000B21B30864}C:\\program files\\world of warcraft\\wow-2.1.0.6729-to-2.1.1.6739-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.1.0.6729-to-2.1.1.6739-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{510F0BC2-E2A8-491C-9532-F6A6CFE6A06F}C:\\program files\\world of warcraft\\wow-2.1.0.6729-to-2.1.1.6739-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.1.0.6729-to-2.1.1.6739-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{429F2D1D-D5C1-4B77-94CB-3953521ED2C8}C:\\program files\\steam\\steamapps\\venatio\\counter-strike source\\hl2.exe"= UDP:C:\program files\steam\steamapps\venatio\counter-strike source\hl2.exe:hl2
"UDP Query User{DCB79CC0-37FF-4A2B-9393-215B97613734}C:\\program files\\steam\\steamapps\\venatio\\counter-strike source\\hl2.exe"= TCP:C:\program files\steam\steamapps\venatio\counter-strike source\hl2.exe:hl2
"TCP Query User{7CD2502D-C855-4011-AF62-88B61CB819D3}C:\\program files\\world of warcraft\\wow-2.1.1.6739-to-2.1.2.6803-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{3402231E-DE65-4345-9BF2-4A915BE94266}C:\\program files\\world of warcraft\\wow-2.1.1.6739-to-2.1.2.6803-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{E8611673-E043-4801-A88A-43D1A4972DD9}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{5F937D8D-2792-453A-A492-7007CD26974C}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{BB01BADA-14C7-4535-9681-8113B24DB1D0}C:\\program files\\pando networks\\pando\\pando.exe"= UDP:C:\program files\pando networks\pando\pando.exe:pando
"UDP Query User{ABFEE489-FF99-47B5-8D34-547A3F332A40}C:\\program files\\pando networks\\pando\\pando.exe"= TCP:C:\program files\pando networks\pando\pando.exe:pando
"TCP Query User{9CB81A23-D466-4665-8DA3-C6544B3B57BB}C:\\users\\yann\\appdata\\local\\temp\\is-0j7f8.tmp\\is-hb5l5.tmp"= UDP:C:\users\yann\appdata\local\temp\is-0j7f8.tmp\is-hb5l5.tmp:is-hb5l5.tmp
"UDP Query User{EB0392A5-9770-4D86-BBC3-F34EB1415BA3}C:\\users\\yann\\appdata\\local\\temp\\is-0j7f8.tmp\\is-hb5l5.tmp"= TCP:C:\users\yann\appdata\local\temp\is-0j7f8.tmp\is-hb5l5.tmp:is-hb5l5.tmp
"{3FCE26E2-0A6B-4B87-85C8-DDE41879B738}"= UDP:C:\Program Files\RhinoSoft.com\Serv-U\ServUDaemon.exe:Serv-U FTP Server
"{73F86A78-8EEF-41B9-BBD2-7BACC5DB252B}"= TCP:C:\Program Files\RhinoSoft.com\Serv-U\ServUDaemon.exe:Serv-U FTP Server
"TCP Query User{A1C8F081-5063-49E4-837F-CEDEE83B8D47}C:\\program files\\world of warcraft\\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{BF6F327D-4913-4077-A199-BA1E73E2E88A}C:\\program files\\world of warcraft\\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{8C8AD44E-35C2-4A45-A8F9-BC3451C52FC5}C:\\program files\\hlsw\\hlsw.exe"= UDP:C:\program files\hlsw\hlsw.exe:hlsw
"UDP Query User{08858B3C-8EE7-4DAB-898D-CF7526F042AA}C:\\program files\\hlsw\\hlsw.exe"= TCP:C:\program files\hlsw\hlsw.exe:hlsw
"TCP Query User{DC93FEF9-5737-46A5-AA22-2B3B4DD9474B}C:\\program files\\steam\\steamapps\\venatio\\day of defeat source\\hl2.exe"= UDP:C:\program files\steam\steamapps\venatio\day of defeat source\hl2.exe:hl2
"UDP Query User{B8CCF89F-2D03-45F0-BB13-1A947A25543B}C:\\program files\\steam\\steamapps\\venatio\\day of defeat source\\hl2.exe"= TCP:C:\program files\steam\steamapps\venatio\day of defeat source\hl2.exe:hl2
"TCP Query User{E587727E-DB12-46AB-9B61-1C71BE7AC085}C:\\program files\\electronic arts\\battlefield 2142\\bf2142pace.exe"= UDP:C:\program files\electronic arts\battlefield 2142\bf2142pace.exe:BF2142Pace
"UDP Query User{BCD11334-2898-4A0F-A951-D6E3F212C412}C:\\program files\\electronic arts\\battlefield 2142\\bf2142pace.exe"= TCP:C:\program files\electronic arts\battlefield 2142\bf2142pace.exe:BF2142Pace
"TCP Query User{9527288B-9C8C-4540-A779-1B6736346CAA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{44D0C332-8A16-4C80-B1A2-012AE77D4E41}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{CCCFB69A-CEEB-4BB0-8379-516AACB21882}C:\\program files\\electronic arts\\battlefield 2142\\bf2142pace.exe"= UDP:C:\program files\electronic arts\battlefield 2142\bf2142pace.exe:BF2142Pace
"UDP Query User{FD087185-6AE8-429E-A752-EB61F897AE88}C:\\program files\\electronic arts\\battlefield 2142\\bf2142pace.exe"= TCP:C:\program files\electronic arts\battlefield 2142\bf2142pace.exe:BF2142Pace
"TCP Query User{A7AD3723-B6DA-48FD-9198-B91D4AA49C8F}C:\\program files\\steam\\steamapps\\venatio\\day of defeat\\hl.exe"= UDP:C:\program files\steam\steamapps\venatio\day of defeat\hl.exe:Half-Life Launcher
"UDP Query User{F410BADF-56AA-4F2E-BFDD-3BD33E4C7950}C:\\program files\\steam\\steamapps\\venatio\\day of defeat\\hl.exe"= TCP:C:\program files\steam\steamapps\venatio\day of defeat\hl.exe:Half-Life Launcher
"TCP Query User{6DB8DEBD-EE64-4A37-91E8-EBFB39C4067D}C:\\program files\\world of warcraft\\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{E80CA3EC-31B7-45E6-9DDD-48150FA48565}C:\\program files\\world of warcraft\\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{D6A70649-8ECA-4074-956F-7DF53FCFD5E7}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{73086070-56B4-4808-90D7-3F8C4EACC98D}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{E0840C32-7955-417F-969E-473C0823430F}C:\\program files\\world of warcraft\\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{56B7E64C-94D8-4F8A-857A-10817DE9A9CD}C:\\program files\\world of warcraft\\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{7FFFE9F2-EBB2-4132-A1E2-E4200A4169F4}C:\\program files\\steam\\steam.exe"= UDP:C:\program files\steam\steam.exe:Steam
"UDP Query User{A564220B-4396-4668-AAE9-22D930F33299}C:\\program files\\steam\\steam.exe"= TCP:C:\program files\steam\steam.exe:Steam
"TCP Query User{C414DA61-EB34-45F0-AF25-653B99D795CC}C:\\program files\\world of warcraft\\wow-2.2.2.7318-to-2.2.3.7359-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.2.2.7318-to-2.2.3.7359-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{76A1220B-F515-4900-8A09-4C99833D85DC}C:\\program files\\world of warcraft\\wow-2.2.2.7318-to-2.2.3.7359-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.2.2.7318-to-2.2.3.7359-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{9BFFD30F-199E-430D-9FA1-63DDC14C5D33}C:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{A9600260-E17D-4FE2-ABCB-2CB08D310813}C:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{D5E5F7E4-D77F-4F97-8A19-201514B0899A}C:\\program files\\sopcast\\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{D3102B72-0B2A-4D79-B985-DA9E5DE9D5B2}C:\\program files\\sopcast\\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"{E2CD49F3-0BE5-461F-A285-584B61CF92F5}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{28D9A0F2-EA01-4741-885A-02CDDAD108EB}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{A1B0FF32-AC7D-40E6-AB44-214F22D6CF13}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{E0F66024-1BD7-4DD3-8DF8-D5B6C6CC6A90}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{725EC9C1-4B53-4EA3-9DDA-2FC823C1D675}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{5A85A3B4-6D44-4505-B716-5D7AB77BF219}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{67993E90-569D-498B-B439-284C94A7CE1D}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{302B645A-4514-4F5B-9D4B-FA1C479C532C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{82AFF952-CC26-44B4-8ED8-4E83D8C7B938}C:\\program files\\media player classic\\mplayerc.exe"= UDP:C:\program files\media player classic\mplayerc.exe:Media Player Classic
"UDP Query User{67FCAD52-0B5D-4D1F-80AA-67739AFF3DA8}C:\\program files\\media player classic\\mplayerc.exe"= TCP:C:\program files\media player classic\mplayerc.exe:Media Player Classic
"TCP Query User{14DAC6BD-3474-4034-9BCB-719A4C329182}C:\\program files\\world of warcraft\\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{5EAE56FC-7CBD-447E-BB15-3F471017C5FB}C:\\program files\\world of warcraft\\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe:Blizzard Downloader
"{38E3F035-AAE3-4E47-9DF7-1B4B66F0B30C}"= UDP:C:\Program Files\Gears of War\Binaries\WarGame-G4WLive.exe:Gears of War
"{E8321947-7EB7-40F5-8F37-2AE734F78C58}"= TCP:C:\Program Files\Gears of War\Binaries\WarGame-G4WLive.exe:Gears of War
"{03888830-63D0-4F61-9560-F2E6644EB4D8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{EB4A061C-546E-47D3-859E-E978E85AD6A5}C:\\program files\\activision value\\soldier of fortune payback\\sof3.exe"= UDP:C:\program files\activision value\soldier of fortune payback\sof3.exe:sof3
"UDP Query User{AF745E15-25C7-4DC4-8208-F9DC25FBAE60}C:\\program files\\activision value\\soldier of fortune payback\\sof3.exe"= TCP:C:\program files\activision value\soldier of fortune payback\sof3.exe:sof3
"{DF13DE40-D043-41DA-A7BC-5D13518E5586}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{EBC155A4-079C-4F9A-A7E0-402CACD1FA9B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{80206635-2039-49F3-884F-E6814D978C88}C:\\program files\\goa\\gunbound\\gunbound.gme"= UDP:C:\program files\goa\gunbound\gunbound.gme:GunBound
"UDP Query User{8500E7CA-C919-48D4-B71F-AB28B3C29D02}C:\\program files\\goa\\gunbound\\gunbound.gme"= TCP:C:\program files\goa\gunbound\gunbound.gme:GunBound
"{C5A3494F-0F3B-412E-8F61-5720F39F35CC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{98D9CD58-6978-458E-B5AD-9B0F99C83865}C:\\program files\\gears of war\\binaries\\wargame-g4wlive.exe"= UDP:C:\program files\gears of war\binaries\wargame-g4wlive.exe:Gears Of War
"UDP Query User{1D45AA43-6E1E-4DF4-9EB4-5E96BDF7F0EE}C:\\program files\\gears of war\\binaries\\wargame-g4wlive.exe"= TCP:C:\program files\gears of war\binaries\wargame-g4wlive.exe:Gears Of War
"TCP Query User{5526E62D-B6C7-4609-B5A5-DEA84219D4F2}C:\\program files\\thq\\dawn of war\\w40k.exe"= UDP:C:\program files\thq\dawn of war\w40k.exe:W40K
"UDP Query User{61621875-4E96-4ED6-9A20-626572095372}C:\\program files\\thq\\dawn of war\\w40k.exe"= TCP:C:\program files\thq\dawn of war\w40k.exe:W40K
"TCP Query User{7907356D-86C6-4796-9CB2-31A7EF995F20}C:\\typsoft ftp server\\ftpserv.exe"= UDP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
"UDP Query User{23926C39-EB5B-4B96-A15A-2A0AD42B3D1B}C:\\typsoft ftp server\\ftpserv.exe"= TCP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
"{785CAFDD-E15F-4CEF-9E74-59BDE2911664}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{6D23A8DE-61AE-43B0-B80A-2D97BA3C28A9}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{38E58FFB-C274-4559-BCCB-6CC723C94ECB}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{220194A5-BBA4-454C-82F0-F011F58B77CD}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{6FB90D75-9C54-4F83-8988-1C367C4A368C}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{FBE82FE9-9AA8-4654-9DA9-A1A89EE3D435}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{B98634D1-BF49-4BCA-8F9A-5B48A943D8FA}C:\\program files\\codemasters\\le seigneur des anneaux online\\lotroclient.exe"= UDP:C:\program files\codemasters\le seigneur des anneaux online\lotroclient.exe:lotroclient
"UDP Query User{BCEB9BDF-DD97-4E48-BD7D-A15915D14F80}C:\\program files\\codemasters\\le seigneur des anneaux online\\lotroclient.exe"= TCP:C:\program files\codemasters\le seigneur des anneaux online\lotroclient.exe:lotroclient
"{99E16FA9-6B76-49D5-8D5A-38F2E45705ED}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{46B42DAB-C738-474C-97B9-A4DBC1654D9C}C:\\program files\\mirc\\mirc.exe"= UDP:C:\program files\mirc\mirc.exe:mIRC
"UDP Query User{94EC46BD-BE07-4E0D-B518-769602A1A47E}C:\\program files\\mirc\\mirc.exe"= TCP:C:\program files\mirc\mirc.exe:mIRC
"TCP Query User{291D29D5-0355-4DCD-BD8A-C8FF9DAE6B7D}C:\\program files\\mirc\\mirc.exe"= UDP:C:\program files\mirc\mirc.exe:mIRC
"UDP Query User{A86A87EA-BE52-41EB-BBF2-A24DF968B0A0}C:\\program files\\mirc\\mirc.exe"= TCP:C:\program files\mirc\mirc.exe:mIRC
"TCP Query User{F18542EF-3D50-4E74-BB0E-ACF8110DA7C6}C:\\program files\\bitdownload\\bitdownload.exe"= UDP:C:\program files\bitdownload\bitdownload.exe:BitDownload
"UDP Query User{6A8109B1-5927-4EAB-9F67-FA140D0E05C2}C:\\program files\\bitdownload\\bitdownload.exe"= TCP:C:\program files\bitdownload\bitdownload.exe:BitDownload

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]
R3 RTL8187;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8187.sys [2007-03-30 13:32]
R3 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;C:\Windows\system32\DRIVERS\rtlprot.sys [2007-03-09 14:29]
R3 yukonwlh;Pilote miniport NDIS6.0 pour contrôleur Ethernet Marvell Yukon;C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 09:30]
S3 Asushwio;Asushwio;C:\Windows\system32\drivers\Asushwio.sys [2004-04-27 17:26]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 09:36]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-05-08 21:55]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{648785cc-10da-11dc-93f6-0018f3eaf202}]
\shell\Auto\command - G:\vcxfupngp.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\vcxfupngp.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e08081c-fd7c-11db-866e-0018f3eaf202}]
\shell\AutoRun\command - F:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d73f24a7-ddfe-11db-aba8-806e6f6e6963}]
\shell\AutoRun\command - D:\setup.exe

*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-05-27 23:27:51 C:\Windows\Tasks\RtlVistaStart.job"
- C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
"2008-05-27 21:26:13 C:\Windows\Tasks\User_Feed_Synchronization-{36E2899C-3F4C-4F92-B1BE-FA5C5F3BA3E7}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-28 02:12:49
Windows 6.0.6000 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

C:\Users\Yann\AppData\Local\Temp\~DFAF01.tmp 65536 bytes
C:\Users\Yann\AppData\Local\Temp\~DFAF76.tmp 512 bytes
C:\Users\Yann\AppData\Local\Temp\~DFB0DC.tmp 16384 bytes
C:\Users\Yann\AppData\Local\Temp\~DFB0E4.tmp 512 bytes

Scan terminé avec succès
Les fichiers cachés: 4

**************************************************************************
.
Temps d'accomplissement: 2008-05-28 2:13:49
ComboFix-quarantined-files.txt 2008-05-28 00:13:41

Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.

276 --- E O F --- 2008-05-21 10:35:39

Malheuresemnt c'est incompréhensible pour moi.

Que doije faire ?