ok so I think you were not talking about any of those programs but just the menu start. still since i launched combo fix again, i waited for the result and here is the new log ( in case it would change something).
I wait for your answer before doing your last instructions.
ComboFix 10-02-25.02 - Litale 28/02/2010 21:45:24.1.2 - x86
Microsoft
Windows Vista
Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3061.1690 [GMT 1:00]
Lancé depuis: c:\users\Litale\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 090303-2] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1229 [VPS 090303-2] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Litale\AppData\Local\Temp\ppcrlui_2584_2
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-01-28 au 2010-02-28 ))))))))))))))))))))))))))))))))))))
.
2010-02-28 20:55 . 2010-02-28 20:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-02-28 20:55 . 2010-02-28 20:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-27 22:46 . 2010-02-28 20:55 -------- d-----w- c:\users\Litale\AppData\Local\temp
2010-02-23 21:13 . 2010-02-23 21:13 -------- d-----w- C:\_OTL
2010-02-23 19:37 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-23 19:36 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-23 19:36 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-23 19:36 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-23 19:36 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-23 19:36 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-23 19:36 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-23 19:36 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-23 19:36 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-23 19:36 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-23 19:36 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-02-23 19:36 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-02-23 19:36 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-02-22 05:41 . 2009-10-30 10:11 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-02-22 05:41 . 2009-10-30 10:09 98600 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-02-22 05:41 . 2009-11-09 10:20 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-02-22 05:41 . 2009-10-06 15:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-02-22 05:41 . 2009-09-03 08:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-02-22 05:41 . 2010-02-22 05:41 -------- d-----w- c:\program files\Spyware Doctor
2010-02-22 05:41 . 2010-02-22 05:41 -------- d-----w- c:\program files\Common Files\PC Tools
2010-02-22 05:41 . 2010-02-22 05:41 -------- d-----w- c:\users\Litale\AppData\Roaming\PC Tools
2010-02-22 05:41 . 2010-02-22 05:41 -------- d-----w- c:\programdata\PC Tools
2010-02-22 05:02 . 2010-02-22 05:02 -------- d-----w- c:\program files\CCleaner
2010-02-09 20:31 . 2009-12-11 11:43 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-09 20:31 . 2009-12-11 11:43 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-09 20:31 . 2009-12-08 20:01 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-09 20:31 . 2009-12-08 20:01 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-28 20:11 . 2008-12-17 22:06 -------- d-----w- c:\users\Litale\AppData\Roaming\Skype
2010-02-25 06:23 . 2008-04-16 11:24 -------- d-----w- c:\program files\Java
2010-02-25 06:11 . 2008-07-29 11:12 121896 ----a-w- c:\users\Litale\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 08:16 . 2009-10-03 09:09 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-21 23:01 . 2008-12-17 22:10 -------- d-----w- c:\users\Litale\AppData\Roaming\skypePM
2010-02-18 03:06 . 2008-04-29 14:11 -------- d-----w- c:\programdata\Microsoft Help
2010-02-10 01:56 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-24 03:04 . 2008-12-17 22:06 -------- d-----r- c:\program files\Skype
2010-01-24 03:03 . 2010-01-24 03:03 -------- d-----w- c:\program files\Common Files\Skype
2010-01-24 03:03 . 2008-12-17 22:06 -------- d-----w- c:\programdata\Skype
2010-01-20 20:54 . 2009-03-04 10:59 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-19 02:10 . 2010-01-18 02:11 143976 ----a-w- c:\users\Litale\AppData\Roaming\Move Networks\uninstall.exe
2010-01-19 02:10 . 2010-01-18 02:11 -------- d-----w- c:\users\Litale\AppData\Roaming\Move Networks
2010-01-19 02:10 . 2009-10-15 00:50 5642688 ----a-w- c:\users\Litale\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
2010-01-18 02:11 . 2009-12-10 19:26 4187512 ----a-w- c:\users\Litale\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll
2010-01-06 15:38 . 2010-02-23 19:36 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-01-06 15:38 . 2010-02-23 19:36 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-01-06 15:38 . 2010-02-23 19:36 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-01-06 15:38 . 2010-02-23 19:36 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-01-04 00:26 . 2008-12-08 18:56 1 ----a-w- c:\users\Litale\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-01-03 19:51 . 2008-01-21 08:40 690868 ----a-w- c:\windows\system32\perfh00C.dat
2010-01-03 19:51 . 2008-01-21 08:40 134270 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-18 13:01 . 2010-01-22 06:51 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-12-16 11:44 . 2010-01-22 06:51 834048 ----a-w- c:\windows\system32\wininet.dll
2009-12-08 20:01 . 2010-02-09 20:30 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-08 17:26 . 2010-02-09 20:30 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-12-04 18:30 . 2010-02-09 20:30 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-04 18:29 . 2010-02-09 20:30 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-12-04 18:28 . 2010-02-09 20:30 22528 ----a-w- c:\windows\system32\msyuv.dll
2009-12-04 18:28 . 2010-02-09 20:30 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-04 18:28 . 2010-02-09 20:30 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-04 18:28 . 2010-02-09 20:30 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-04 18:28 . 2010-02-09 20:30 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-04 18:28 . 2010-02-09 20:30 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-04 18:27 . 2010-02-09 20:30 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-12-04 15:56 . 2010-02-09 20:30 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-12-04 15:56 . 2010-02-09 20:30 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-20 00:39 . 2009-11-20 00:39 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2007-01-09 191552]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-02-02 251264]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-17 490952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-05 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-05 129560]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-29 4911104]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"NDSTray.exe"="NDSTray.exe" [BU]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-11-20 30192]
"Desktop SMS"="c:\program files\IDM\Desktop SMS\DesktopSMS.exe" [2007-06-18 1507328]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-02-06 177472]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-11-18 1243088]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]
c:\users\Litale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):4e,8a,10,c6,90,46,ca,01
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2010934422-3753900080-3233031512-1000]
"EnableNotificationsRef"=dword:00000002
R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [22/02/2010 06:41 207792]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [23/09/2008 11:38 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [23/09/2008 11:38 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [23/09/2008 11:38 53328]
R2 ConfigFree Service;ConfigFree Service;c:\program files\Toshiba\ConfigFree\CFSvcs.exe [25/12/2007 12:07 40960]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [22/02/2010 06:41 359624]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\Toshiba\SMARTLogService\TosIPCSrv.exe [03/12/2007 16:03 126976]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [16/04/2008 12:54 7168]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17/11/2008 15:40 3668480]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [16/04/2008 13:11 30192]
S4 sptd;sptd;c:\windows\System32\drivers\sptd.sys [03/03/2009 16:00 717296]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
2010-02-28 c:\windows\Tasks\User_Feed_Synchronization-{9C06C2BC-B6D2-4B13-95E7-4D7DB9C296E3}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:24]
.
.
------- Examen supplémentaire -------
.
uStart Page =
hxxp://portail.free.fr/uSearchURL,(Default) =
hxxp://www.google.com/keyword/%sIE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} -
http://rover.ebay.com/rover/1/709-44555-9400-3/4IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} -
http://www.amazon.fr/exec/obidos/redirect-home?tag=Toshibafrbholink-21&site=homeFF - ProfilePath - c:\users\Litale\AppData\Roaming\Mozilla\Firefox\Profiles\v3zdxdis.default\
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\Litale\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll
FF - plugin: c:\users\Litale\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-02-28 21:55
Windows 6.0.6002 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Heure de fin: 2010-02-28 21:59:20
ComboFix-quarantined-files.txt 2010-02-28 20:59
ComboFix2.txt 2010-02-27 22:46
Avant-CF: 10 374 934 528 octets libres
Après-CF: 10 344 742 912 octets libres
- - End Of File - - 44633DA0EDEB892492DD4185DF865055