Merci,
J'ai fait ce que tu m'as dit et voici le résultat :

Logfile of random's system information tool 1.06 (written by random/random)
Run by valerie at 2009-04-23 12:40:26
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 160 GB (55%) free of 293 GB
Total RAM: 3069 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:40:53, on 23/04/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\valerie\AppData\Roaming\eoRezo\SoftwareUpdate\Softw­areUpdateHP.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\hp\kbd\kbd.exe
C:\Users\valerie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGELGIOW\RSIT[1].exe
C:\Program Files\trend micro\valerie.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\valerie\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Pareto_Update] C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/...
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
End of file - 10093 bytes

======Scheduled tasks folder======

C:\Windows\tasks\DriverCure.job
C:\Windows\tasks\ParetoLogic Registration.job
C:\Windows\tasks\ParetoLogic Update Version2.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-04-09 688128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06 61808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-04-07 501400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}]
EoBHO Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll [2008-11-18 42792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\kb128\SearchSettings.dll [2009-04-09 1091584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-04-09 688128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-04-17 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-04-17 92704]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02 75008]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [2007-04-07 132760]
"HP Software Update"=c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"SystrayORAHSS"=C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [2006-12-12 90112]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"EoEngine"=C:\Program Files\EoRezo\EoEngine.exe [2009-02-23 472872]
"fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-02-06 454000]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-03-12 342312]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2009-04-09 970240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SoftwareHelper"=C:\Users\valerie\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [2008-12-09 368224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Pareto_Update"=C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2008-02-22 189808]
"Steam"=C:\Program Files\Steam\Steam.exe [2009-02-14 1410296]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-04-23 12:40:26 ----D---- C:\rsit
2009-04-23 12:40:26 ----D---- C:\Program Files\trend micro
2009-04-21 14:32:24 ----D---- C:\Program Files\CCleaner
2009-04-20 16:53:35 ----D---- C:\Program Files\Alchemy Mindworks
2009-04-20 13:54:44 ----D---- C:\Users\valerie\AppData\Roaming\PeerNetworking
2009-04-19 21:30:36 ----D---- C:\Program Files\eMule Acceleration Patch
2009-04-19 20:50:56 ----D---- C:\Program Files\Search Settings
2009-04-19 20:50:43 ----D---- C:\Program Files\Dealio Toolbar
2009-04-19 20:49:39 ----A---- C:\Windows\system32\MSVCRTD.DLL
2009-04-19 20:49:39 ----A---- C:\Windows\system32\MSVCP60D.DLL
2009-04-19 20:49:36 ----A---- C:\Windows\system32\WMAFile.dll
2009-04-19 20:49:36 ----A---- C:\Windows\system32\AudPlayer.dll
2009-04-19 20:49:36 ----A---- C:\Windows\system32\AudioVisu.dll
2009-04-19 20:49:36 ----A---- C:\Windows\system32\AudioRecord.dll
2009-04-19 20:49:36 ----A---- C:\Windows\system32\AudioInfos.dll
2009-04-19 20:49:36 ----A---- C:\Windows\system32\AudFile.dll
2009-04-19 20:49:36 ----A---- C:\Windows\system32\AudDisplay.dll
2009-04-19 20:49:35 ----A---- C:\Windows\system32\VB6STKIT.DLL
2009-04-19 20:49:35 ----A---- C:\Windows\system32\VB6FR.DLL
2009-04-19 20:49:35 ----A---- C:\Windows\system32\TABCTFR.DLL
2009-04-19 20:49:35 ----A---- C:\Windows\system32\MSCMCFR.DLL
2009-04-19 20:49:35 ----A---- C:\Windows\system32\Mscc2fr.dll
2009-04-19 20:49:35 ----A---- C:\Windows\system32\inetfr.DLL
2009-04-19 20:49:35 ----A---- C:\Windows\system32\CMDLGFR.DLL
2009-04-19 20:49:35 ----A---- C:\Windows\system32\AudDesign.dll
2009-04-19 20:49:34 ----D---- C:\Program Files\Free Audio Pack
2009-04-19 20:49:34 ----A---- C:\Windows\system32\lame_enc.dll
2009-04-19 18:19:02 ----D---- C:\Program Files\THOMSON mp3PRO Audio Player
2009-04-19 18:18:47 ----A---- C:\Windows\IsUninst.exe
2009-04-16 17:56:06 ----A---- C:\Windows\system32\winhttp.dll
2009-04-16 17:56:04 ----A---- C:\Windows\system32\xolehlp.dll
2009-04-16 17:56:04 ----A---- C:\Windows\system32\msdtcprx.dll
2009-04-16 17:55:56 ----A---- C:\Windows\system32\rpcss.dll
2009-04-16 17:55:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-04-16 17:55:56 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-04-16 17:55:55 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-04-16 17:55:54 ----A---- C:\Windows\system32\sdohlp.dll
2009-04-16 17:55:54 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-04-16 17:55:54 ----A---- C:\Windows\system32\iasrecst.dll
2009-04-16 17:55:54 ----A---- C:\Windows\system32\iashost.exe
2009-04-16 17:55:54 ----A---- C:\Windows\system32\iasdatastore.dll
2009-04-16 17:55:54 ----A---- C:\Windows\system32\iasads.dll
2009-04-16 17:55:51 ----A---- C:\Windows\system32\lsasrv.dll
2009-04-16 17:55:50 ----A---- C:\Windows\system32\secur32.dll
2009-04-16 17:55:50 ----A---- C:\Windows\system32\kernel32.dll
2009-04-16 17:55:50 ----A---- C:\Windows\system32\apilogen.dll
2009-04-16 17:55:50 ----A---- C:\Windows\system32\amxread.dll
2009-04-16 17:55:44 ----A---- C:\Windows\system32\mshtml.dll
2009-04-16 17:55:43 ----A---- C:\Windows\system32\ieframe.dll
2009-04-16 17:55:42 ----A---- C:\Windows\system32\urlmon.dll
2009-04-16 17:55:41 ----A---- C:\Windows\system32\wininet.dll
2009-04-16 17:55:41 ----A---- C:\Windows\system32\msfeeds.dll
2009-04-16 17:55:41 ----A---- C:\Windows\system32\iertutil.dll
2009-04-16 17:55:41 ----A---- C:\Windows\system32\iedkcs32.dll
2009-04-16 17:55:40 ----A---- C:\Windows\system32\occache.dll
2009-04-16 17:55:40 ----A---- C:\Windows\system32\ieUnatt.exe
2009-04-16 17:55:40 ----A---- C:\Windows\system32\ieencode.dll
2009-04-16 17:55:40 ----A---- C:\Windows\system32\ieaksie.dll
2009-04-16 17:55:39 ----A---- C:\Windows\system32\mstime.dll
2009-04-16 17:55:39 ----A---- C:\Windows\system32\jsproxy.dll
2009-04-13 11:40:32 ----D---- C:\ProgramData\MumboJumbo
2009-04-12 20:16:55 ----D---- C:\Users\valerie\AppData\Roaming\funkitron
2009-04-11 15:53:25 ----D---- C:\Program Files\Adobe

======List of files/folders modified in the last 1 months======

2009-04-23 12:40:45 ----D---- C:\Windows\Temp
2009-04-23 12:40:26 ----D---- C:\Program Files
2009-04-23 12:36:38 ----D---- C:\Program Files\Steam
2009-04-23 11:48:13 ----D---- C:\Windows\System32
2009-04-23 11:48:13 ----D---- C:\Windows\inf
2009-04-23 11:48:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-04-22 22:29:29 ----D---- C:\Windows\system32\LogFiles
2009-04-22 19:22:01 ----SHD---- C:\System Volume Information
2009-04-22 12:53:37 ----D---- C:\Program Files\Mozilla Firefox
2009-04-22 10:42:52 ----A---- C:\ExtractLog.txt
2009-04-22 10:33:54 ----D---- C:\Windows\Prefetch
2009-04-22 10:31:41 ----D---- C:\Windows
2009-04-21 21:47:03 ----D---- C:\Program Files\eMule
2009-04-21 14:35:25 ----D---- C:\Windows\Debug
2009-04-21 12:34:58 ----SHD---- C:\Windows\Installer
2009-04-21 12:01:26 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-20 22:01:58 ----AD---- C:\ProgramData\TEMP
2009-04-20 21:59:30 ----D---- C:\Windows\system32\drivers
2009-04-20 21:50:12 ----D---- C:\Users\valerie\AppData\Roaming\dvdcss
2009-04-20 21:29:04 ----D---- C:\Program Files\Common Files\Steam
2009-04-20 14:44:12 ----D---- C:\Windows\system32\Tasks
2009-04-20 14:25:16 ----D---- C:\Windows\system32\catroot2
2009-04-20 14:04:11 ----D---- C:\ProgramData\Microsoft
2009-04-19 20:50:50 ----D---- C:\Windows\winsxs
2009-04-17 21:15:48 ----D---- C:\Windows\system32\catroot
2009-04-17 21:13:52 ----D---- C:\Windows\system32\wbem
2009-04-17 21:13:52 ----D---- C:\Windows\system32\manifeststore
2009-04-17 21:13:52 ----D---- C:\Windows\AppPatch
2009-04-17 21:13:52 ----D---- C:\Program Files\Windows Mail
2009-04-17 21:13:51 ----D---- C:\Program Files\Internet Explorer
2009-04-17 18:56:47 ----A---- C:\Windows\win.ini
2009-04-13 11:40:32 ----D---- C:\ProgramData
2009-04-12 15:20:43 ----D---- C:\ProgramData\WildTangent
2009-04-11 15:53:31 ----D---- C:\ProgramData\Adobe
2009-04-11 15:53:26 ----D---- C:\Program Files\Common Files\Adobe
2009-04-06 16:57:24 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R2 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-07-03 2152088]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2008-02-26 493568]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-05-21 1049760]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-04-17 7436384]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 nvsmu;nvsmu; C:\Windows\system32\drivers\nvsmu.sys [2008-05-22 15360]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2006-12-12 57344]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-02 94208]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-04-17 196608]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2008-03-29 165416]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-04-20 322032]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-04-23 12:40:54

======Uninstall list======

-->"C:\Program Files\HP Games\7 Wonders of the Ancient World\Uninstall.exe"
-->"C:\Program Files\HP Games\Arctic Quest 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Build-a-lot\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest Solitaire\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Magic Academy\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Adventures\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
-->"C:\Program Files\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
-->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"
-->"C:\Program Files\HP Games\The Treasures of Montezuma\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - Chapter 2 - The Lost Children\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
-->C:\Program Files\OrangeHSS\Uninstall\Bas_Debit_CustoUpdate\Shell.exe MainUninstall.shl
-->MsiExec /X{AC54E544-3E42-443C-A91D-A00A6974C592}
7 Wonders 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/15900
7-Zip 4.62-->"C:\Program Files\7-Zip\Uninstall.exe"
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Age of Chivalry Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/17515
Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assassin's Creed-->"C:\Program Files\Steam\steam.exe" steam://uninstall/15100
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVS Update Manager 1.0 (Update Version)-->"C:\Program Files\AVS4YOU\AVSUpdateManger\unins000.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Burnout Paradise: The Ultimate Box-->"C:\Program Files\Steam\steam.exe" steam://uninstall/24740
Call of Duty: World at War-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10090
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Condition Zero Deleted Scenes-->"C:\Program Files\Steam\steam.exe" steam://uninstall/100
Condition Zero-->"C:\Program Files\Steam\steam.exe" steam://uninstall/80
Counter-Strike Steamworks Beta-->"C:\Program Files\Steam\steam.exe" steam://uninstall/150
Counter-Strike(TM)-->MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
Counter-Strike-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10
CyberLink DVD Suite Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" -uninstall
D.I.P.R.I.P. Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/17535
D.I.P.R.I.P. Dev-->"C:\Program Files\Steam\steam.exe" steam://uninstall/31400
Dark Messiah Might and Magic Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/2145
Day of Defeat: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/300
Day of Defeat-->"C:\Program Files\Steam\steam.exe" steam://uninstall/30
Dealio Toolbar v4.0-->MsiExec.exe /X{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
Deathmatch Classic-->"C:\Program Files\Steam\steam.exe" steam://uninstall/40
Decal Converter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BB207D6-0E1E-11D5-9B6A-00C04F7EC248}\Setup.exe"
Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/5
Dystopia Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/17585
eoEngine 9.1-->"C:\Program Files\EoRezo\unins000.exe"
Eternal-Silence Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/17555
Express Burn-->C:\Program Files\NCH Swift Sound\ExpressBurn\uninst.exe
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Favorit-->c:\users\valerie\appdata\local\ecqomdbq.bat
Free Mp3 Wma Converter V 1.81-->"C:\Program Files\Free Audio Pack\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Garry's Mod-->"C:\Program Files\Steam\steam.exe" steam://uninstall/4000
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Grand Theft Auto IV-->"C:\Program Files\Steam\steam.exe" steam://uninstall/12210
GTR Evolution Demo Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/8730
Half-Life 2: Deathmatch-->"C:\Program Files\Steam\steam.exe" steam://uninstall/320
Half-Life 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/220
Half-Life Deathmatch: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/360
Half-Life: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/280
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}\setup.exe" -l0x9 -removeonly
HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
HP Demo-->MsiExec.exe /X{A2016015-8323-4AF8-8B3E-F56239D7D59D}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}\setup.exe" -l0x9 -removeonly
HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
HP Recovery Manager RSS-->MsiExec.exe /X{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}
HP Total Care Advisor-->MsiExec.exe /X{f32502b5-5b64-4882-bf61-77f23edcac4f}
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Insurgency Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/17705
iTunes-->MsiExec.exe /I{C26B06A9-27BB-45B0-9873-9C623EC2BA38}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Juiced 2: Hot Import Nights-->"C:\Program Files\Steam\steam.exe" steam://uninstall/9400
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
Left 4 Dead Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/510
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Midnight Club 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/12160
Midnight Outlaw 6 Hours to Sun Up-->"C:\Program Files\Steam\steam.exe" steam://uninstall/12600
Minigolf Adventures Deluxe-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10140
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Monster Trucks Nitro-->"C:\Program Files\Steam\steam.exe" steam://uninstall/16620
MotoGP 08-->"C:\Program Files\Steam\steam.exe" steam://uninstall/21610
Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}\muveesetup.exe -removeonly -runfromtemp
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
Navigateur Orange-->C:\Program Files\OrangeHSS\Uninstall\Browser\Shell.exe MainUninstall.shl
NCH Toolbox-->C:\Program Files\NCH Swift Sound\ToolBox\uninst.exe
Need for Speed: Undercover-->"C:\Program Files\Steam\steam.exe" steam://uninstall/17430
Nero 9-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX v8.10.13-->MsiExec.exe /X{AC54E544-3E42-443C-A91D-A00A6974C592}
Opposing Force-->"C:\Program Files\Steam\steam.exe" steam://uninstall/50
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Outils de diagnostic du matériel-->C:\Program Files\PC-Doctor for Windows\uninst.exe
ParetoLogic DriverCure-->MsiExec.exe /I{1E0D8F69-A6AB-4934-9B2D-159D9F97BA4A}
Pcsx2 0.9.4 Watermoose-->"C:\Program Files\Pcsx2_0.9.4\unins000.exe"
Pixillion Image Converter-->C:\Program Files\NCH Software\Pixillion\uninst.exe
Poker Superstars II-->"C:\Program Files\Steam\steam.exe" steam://uninstall/4100
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
Pyroblazer Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/21510
Python 2.5.2-->MsiExec.exe /I{6B976ADF-8AE8-434E-B282-A06C7F624D2F}
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Ricochet Infinity-->"C:\Program Files\Steam\steam.exe" steam://uninstall/7450
Ricochet: Lost Worlds-->"C:\Program Files\Steam\steam.exe" steam://uninstall/7400
Ricochet-->"C:\Program Files\Steam\steam.exe" steam://uninstall/60
Search Settings 1.2.1-->MsiExec.exe /X{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
SoftwareUpdate 1.0-->"C:\Users\valerie\AppData\Roaming\eoRezo\SoftwareUpdate\unins000.exe"
Solution de clavier multimédia amélioré-->C:\HP\KBD\Install.exe /u
SoundTap Streaming Audio Recorder-->C:\Program Files\NCH Swift Sound\SoundTap\uninst.exe
Source Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/205
SPORE Creature Creator Trial Edition-->"C:\Program Files\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
Stamp ID3 Tag Editor-->C:\Program Files\NCH Swift Sound\Stamp\uninst.exe
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
Switch Sound File Converter-->C:\Program Files\NCH Swift Sound\Switch\uninst.exe
Synergy Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/17525
Team Fortress Classic-->"C:\Program Files\Steam\steam.exe" steam://uninstall/20
THOMSON mp3PRO Audio Player-->C:\Windows\IsUninst.exe -f"C:\Program Files\THOMSON mp3PRO Audio Player\Uninst.isu"
Tomb Raider: Anniversary-->"C:\Program Files\Steam\steam.exe" steam://uninstall/8000
Tomb Raider: Legend-->"C:\Program Files\Steam\steam.exe" steam://uninstall/7000
Tomb Raider: Underworld-->"C:\Program Files\Steam\steam.exe" steam://uninstall/8140
Top Spin 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/7810
Trainz 2009 Railroad Simulator-->"C:\Program Files\Steam\steam.exe" steam://uninstall/24600
Unreal Tournament 3-->"C:\Program Files\Steam\steam.exe" steam://uninstall/13210
ValveTestApp4740-->"C:\Program Files\Steam\steam.exe" steam://uninstall/4740
VirginMega.Fr Premium-->MsiExec.exe /I{EE467474-04A8-48D5-8DDF-0F8D3A3CCBE5}
VLC media player 0.9.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WavePad Sound Editor-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Movie Maker Bêta-->MsiExec.exe /X{F874DF52-A31F-44C1-A606-EF40F1549261}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Zombie Panic! Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/17500

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AS: Spybot - Search and Destroy (disabled) (outdated)
AS: Windows Defender

======System event log======

Computer Name:
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\CdRom0 lors d'une opération de pagination.
Record Number: 78178
Source Name: cdrom
Time Written: 20090422105821.771912-000
Event Type: Avertissement
User:

Computer Name:
Event Code: 4227
Message: TCP/IP n’a pas pu établir une connexion sortante car le point de terminaison local sélectionné a été récemment utilisé pour se connecter au même point de terminaison distant. Cette erreur se produit généralement lorsque les connexions sortantes sont ouvertes et fermées à un débit élevé, provoquant l’utilisation de tous les ports locaux disponibles et obligeant TCP/IP à réutiliser un port local pour une connexion sortante. Pour réduire le risque d’altération des données, la norme TCP/IP exige qu’un laps de temps minimal s’écoule entre des connexions successives d’un point de terminaison local à un point de terminaison distant.
Record Number: 78179
Source Name: Tcpip
Time Written: 20090422105939.912312-000
Event Type: Avertissement
User:

Computer Name:
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 78195
Source Name: Tcpip
Time Written: 20090422201316.154512-000
Event Type: Avertissement
User:

Computer Name:
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 78217
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090423094341.848112-000
Event Type: Erreur
User:

Computer Name:
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 78345
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090423103630.933508-000
Event Type: Erreur
User:

=====Application event log=====

Computer Name:
Event Code: 1002
Message: Le programme explorer.exe version 6.0.6001.18164 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 1f4 Heure de début : 01c9c2b2734e2237 Heure de fin : 0
Record Number: 13320
Source Name: Application Hang
Time Written: 20090421204801.000000-000
Event Type: Erreur
User:

Computer Name:
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 13345
Source Name: Microsoft-Windows-WMI
Time Written: 20090422080612.000000-000
Event Type: Erreur
User:

Computer Name:
Event Code: 1002
Message: Le programme hl2.exe version 0.0.0.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 1264 Heure de début : 01c9c361ff8021a7 Heure de fin : 150
Record Number: 13377
Source Name: Application Hang
Time Written: 20090422155141.000000-000
Event Type: Erreur
User:

Computer Name:
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 13406
Source Name: Microsoft-Windows-WMI
Time Written: 20090423094519.000000-000
Event Type: Erreur
User:

Computer Name:
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 13435
Source Name: Microsoft-Windows-WMI
Time Written: 20090423103806.000000-000
Event Type: Erreur
User:

=====Security event log=====

Computer Name:
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 19910
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090423104052.205108-000
Event Type: Échec de l'audit
User:

Computer Name:
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 19911
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090423104052.532708-000
Event Type: Échec de l'audit
User:

Computer Name:
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 19912
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090423104052.579508-000
Event Type: Échec de l'audit
User:

Computer Name:
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 19913
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090423104052.610708-000
Event Type: Échec de l'audit
User:

Computer Name:
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 19914
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090423104052.641908-000
Event Type: Échec de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"OnlineServices"=Online Services
"Platform"=HPD
"PCBRAND"=Pavilion
"MSWorksProductCode"={3B160861-7250-451E-B5EE-8B92BF30A710}
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip

-----------------EOF-----------------

Comment Desactives la garde residente de mon antivirus et la garde de mon antispyware

Re,
je l'ai fait voici le resultat :


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2200 @ 2.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : valerie ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:286 Go (Free:156 Go)
D:\ (Local Disk) - NTFS - Total:12 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 23/04/2009|13:44 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.js
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.xul
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.dtd
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.properties
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\SearchSettingsFF.dll
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb128
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb128\res
C:\Program Files\Search Settings\kb128\SearchSettings.dll
C:\Program Files\Search Settings\kb128\SearchSettingsRes409.dll
C:\Program Files\Search Settings\kb128\temp

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.fr/"
"Default_Page_URL"="http://ie.redirect.hp.com/..."
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://ie.redirect.hp.com/..."
"Default_Page_URL"="http://ie.redirect.hp.com/..."
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"


--------------------\\ Recherche d'autres infections

C:\Program Files\Live-Player
C:\Program Files\Live-Player\data
C:\Program Files\Live-Player\SkinCrafterDll.dll
C:\Program Files\Live-Player\skins
C:\Program Files\Live-Player\sqlite3.dll
C:\Program Files\Live-Player\uninst.exe
C:\Users\valerie\AppData\Roaming\live-player
C:\Users\valerie\AppData\Roaming\live-player\flv.swf
C:\Users\valerie\AppData\Roaming\live-player\liveplayer.s3db
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Conditions g‚n‚rales.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Confidentialit‚.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\D‚sinstaller.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Website.url
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\Users\valerie\Desktop\counter-strike\[Mis … jour] Crack steam Undeathpatch [Tous les jeux CS 1.6, CSS, HL HL2, TF2...] - HaKwArA - Forum Maroc.url
C:\Users\valerie\Downloads\eMule\Incoming\Cue.Club.v1.04.no-cd.crack.teste.zip


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 23/04/2009|13:44 - Option : [1]

-----------\\ Fin du rapport a 13:44:51,15

merci de ton aide

Voici le rapports :


-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.fr/"
"Default_Page_URL"="http://ie.redirect.hp.com/..."
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Default_Page_URL"="http://ie.redirect.hp.com/..."
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"


--------------------\\ Recherche d'autres infections

C:\Program Files\Live-Player
C:\Program Files\Live-Player\data
C:\Program Files\Live-Player\SkinCrafterDll.dll
C:\Program Files\Live-Player\skins
C:\Program Files\Live-Player\sqlite3.dll
C:\Program Files\Live-Player\uninst.exe
C:\Users\valerie\AppData\Roaming\live-player
C:\Users\valerie\AppData\Roaming\live-player\flv.swf
C:\Users\valerie\AppData\Roaming\live-player\liveplayer.s3db
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Conditions g‚n‚rales.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Confidentialit‚.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\D‚sinstaller.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Website.url
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\Users\valerie\Desktop\counter-strike\[Mis … jour] Crack steam Undeathpatch [Tous les jeux CS 1.6, CSS, HL HL2, TF2...] - HaKwArA - Forum Maroc.url


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 23/04/2009|13:44 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 23/04/2009|14:19 - Option : [2]

-----------\\ Fin du rapport a 14:19:49,75

Je ne sais pas pouquoi je suis déconecté des que j'ai exécuté le programme internet explorer c'est fermé tout seul

Voici le rapport :


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2200 @ 2.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : valerie ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:286 Go (Free:156 Go)
D:\ (Local Disk) - NTFS - Total:12 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 23/04/2009|14:54 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.fr/"
"Default_Page_URL"="http://ie.redirect.hp.com/..."
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Default_Page_URL"="http://ie.redirect.hp.com/..."
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"


--------------------\\ Recherche d'autres infections

C:\Program Files\Live-Player
C:\Program Files\Live-Player\data
C:\Program Files\Live-Player\SkinCrafterDll.dll
C:\Program Files\Live-Player\skins
C:\Program Files\Live-Player\sqlite3.dll
C:\Program Files\Live-Player\uninst.exe
C:\Users\valerie\AppData\Roaming\live-player
C:\Users\valerie\AppData\Roaming\live-player\flv.swf
C:\Users\valerie\AppData\Roaming\live-player\liveplayer.s3db
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Conditions g‚n‚rales.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Confidentialit‚.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\D‚sinstaller.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Website.url
[b]==> EGDACCESS <==/b



[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 23/04/2009|13:44 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 23/04/2009|14:19 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 23/04/2009|14:44 - Option : [2]
4 - "C:\ToolBar SD\TB_4.txt" - 23/04/2009|14:54 - Option : [2]

-----------\\ Fin du rapport a 14:54:43,64

Voici le rapport :

Search Navipromo version 3.7.6 commencé le 23/04/2009 à 15:09:50,08

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2200 @ 2.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : valerie ( Administrator )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:286 Go (Free:156 Go)
D:\ (Local Disk) - NTFS - Total:12 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)


Recherche executé en mode normal


*** Recherche dossiers dans "C:\Windows" ***


*** Recherche dossiers dans "C:\Program Files" ***

...\Live-Player trouvé !

*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

...\Live-Player trouvé !

*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***


*** Recherche dossiers dans "C:\ProgramData" ***


*** Recherche dossiers dans "c:\users\valerie\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "C:\Users\valerie\AppData\Local\virtualstore\Program Files" ***



*** Recherche dossiers dans "C:\Users\valerie\AppData\Local" ***



*** Recherche dossiers dans "C:\Users\TEMP\AppData\Local" ***




*** Recherche dossiers dans "C:\Users\valerie\AppData\Roaming" ***

...\Live-Player trouvé !

*** Recherche dossiers dans "C:\Users\TEMP\appdata\roaming" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

* Recherche dans "C:\Users\valerie\AppData\Local\Microsoft" *

* Recherche dans "C:\Users\valerie\AppData\Local\virtualstore\windows\system32" *

* Recherche dans "C:\Users\valerie\AppData\Local" *

* Recherche dans "C:\Users\TEMP\AppData\Local" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!

HKEY_CURRENT_USER\Software\Lanconfig

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\Windows\system32" :


* Dans "C:\Users\valerie\AppData\Local\Microsoft" :


* Dans "C:\Users\valerie\AppData\Local\virtualstore\windows\system32" :


* Dans "C:\Users\valerie\AppData\Local" :


* Dans "C:\Users\TEMP\AppData\Local" :


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :



*** Analyse terminée le 23/04/2009 à 15:20:33,84 ***

C:\users\valerie\appdata\local\ecqomdbq.bat est toujour a l'endroit idiquée et live player avast a détecté que s'était un virus quand j'avais suprimer les nusibles avec malwarebytes

Je ne savais pas que s'était illégal

Voici le rapport :

Clean Navipromo version 3.7.6 commencé le 23/04/2009 à 17:02:35,92

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2200 @ 2.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : valerie ( Administrator )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:286 Go (Free:161 Go)
D:\ (Local Disk) - NTFS - Total:12 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)


Mode suppression automatique
avec prise en charge résultats Catchme et GNS


Nettoyage exécuté au redémarrage de l'ordinateur


*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\Windows\System32" *


* Suppression dans "C:\Users\valerie\AppData\Local\Microsoft" *


* Suppression dans "C:\Users\valerie\AppData\Local\virtualstore\windows\system32" *


* Suppression dans "C:\Users\valerie\AppData\Local" *


* Suppression dans "C:\Users\TEMP\AppData\Local" *



*** Suppression dossiers dans "C:\Windows" ***


*** Suppression dossiers dans "C:\Program Files" ***

...\Live-Player ...suppression...
...\Live-Player supprimé !


*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

...\Live-Player ...suppression...
...\Live-Player supprimé !


*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***


*** Suppression dossiers dans "C:\ProgramData" ***


*** Suppression dossiers dans c:\users\valerie\appdata\roaming\micros~1\windows\startm~1\programs ***


*** Suppression dossiers dans "C:\Users\TEMP\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Suppression dossiers dans "C:\Users\valerie\AppData\Local\virtualstore\Program Files" ***


*** Suppression dossiers dans "C:\Users\valerie\AppData\Local" ***


*** Suppression dossiers dans "C:\Users\TEMP\AppData\Local" ***


*** Suppression dossiers dans "C:\Users\valerie\AppData\Roaming" ***

...\Live-Player ...suppression...
...\Live-Player supprimé !


*** Suppression dossiers dans "C:\Users\TEMP\appdata\roaming" ***



*** Suppression fichiers ***


*** Suppression fichiers temporaires ***

Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\valerie\AppData\Local\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\Windows\system32" *


* Dans "C:\Users\valerie\AppData\Local\Microsoft" *


* Dans "C:\Users\valerie\AppData\Local\virtualstore\windows\system32" *


* Dans "C:\Users\valerie\AppData\Local" *


* Dans "C:\Users\TEMP\AppData\Local" *


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !


*** Recherche autres dossiers et fichiers connus ***



*** Nettoyage terminé le 23/04/2009 à 17:07:10,26 ***

merci de ton aide

Voici le rapport :


------- LOGFILE OF AD-REMOVER 1.1.3.3 | ONLY XP/VISTA -------

Updated by C_XX on 24/04/2009 at 12:00
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/FindyKill.Ad.Remover/

Start at: 21:27:49, 24/04/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows Vista™ Home Premium Service Pack 1 (version 6.0.6001)
Computer Name: PC-DE-VALERIE
Current User: valerie - Administrator
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)

============ Known Adwares Found ============

.
.
C:\Program Files\Conduit
C:\Users\valerie\AppData\Roaming\Mozilla\Firefox\Profiles\53­4mou0l.default\searchplugins\conduit.xml

+-----------------| Eorezo Elements Found:

HKCR\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKCR\AppID\EoRezoBHO.DLL
HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Typelib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKCU\Software\EoRezo
HKLM\Software\EoRezo
HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23F­DC6F9}
HKLM\Software\Classes\AppID\EoRezoBHO.DLL
HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19­689E5}
HKLM\Software\Classes\EoRezoBHO.EoBho
HKLM\Software\Classes\EoRezoBHO.EoBho.1
HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E105­6F87F4E}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Brow­ser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoE­ngine_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine­
.
C:\Program Files\EoRezo
C:\Users\valerie\AppData\Roaming\EoRezo
C:\Users\valerie\AppData\Roaming\Microsoft\Windows\Cookies\v­alerie@eorezo[1].txt
C:\Users\valerie\AppData\Roaming\Microsoft\Windows\Cookies\v­alerie@eorezo[2].txt

+-----------------| It's TV Elements Found:

.

+-----------------| Sweetim Elements Found:

.

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.8 ----

ProfilePath: 534mou0l.default (valerie)
.
Prefs.js: Browser.Search.DefaultEngineName: "Yahoo"
Prefs.js: Browser.Search.SelectedEngine: "Yahoo"
.
(Prefs.js) FOUND: user_pref("CT2077008.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");
(Prefs.js) FOUND: user_pref("CT2077008.CTPBaseServerUrl", "http://services.conduit.com/");
(Prefs.js) FOUND: user_pref("CT2077008.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2077008&SearchSource=2&q=");
(Prefs.js) FOUND: user_pref("CT2077008.Server", "http://users.conduit.com");
.
Invalidprefs.js: Browser.Search.DefaultEngineName: "Live Search"
Invalidprefs.js: Browser.Search.SelectedEngine: "SeeToo1.com Customized Web Search"
Invalidprefs.js: Browser.Search.DefaultUrl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2077008&SearchSource=3&q="
.
(Invalidprefs.js) FOUND: user_pref("CT2077008.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");
(Invalidprefs.js) FOUND: user_pref("CT2077008.CTPBaseServerUrl", "http://services.conduit.com/");
(Invalidprefs.js) FOUND: user_pref("CT2077008.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2077008&SearchSource=2&q=");
(Invalidprefs.js) FOUND: user_pref("CT2077008.Server", "http://users.conduit.com");
(Invalidprefs.js) FOUND: user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2077008&SearchSource=3&q=");
(Invalidprefs.js) FOUND: user_pref("browser.startup.homepage", "http://y.lo.st");
(Invalidprefs.js) FOUND: user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2077008&SearchSource=2&q=");
.
.

---- Internet Explorer Version 7.0.6001.18000 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=84&bd=Pavilion&pf=cndt
Search bar: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.google.fr/

[HKEY_USERS\S-1-5-21-2725865022-4218562442-790733810-1000\..\Internet Explorer\Main]

Default_Page_URL: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=84&bd=Pavilion&pf=cndt
Search bar: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.google.fr/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=84&bd=Pavilion&pf=cndt
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

5011 Byte(s) - C:\Ad-Report-Scan-24.04.2009.log

1 File(s) - C:\Program Files\Ad-remover\TOOLS\BACKUP
0 File(s) - C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 21:34:35 | 24/04/2009
.
+-----------------| E.O.F
.

Je suis sur un autre ordi car j'ai commencé le scan a 11h 11min est il est toujour pas fini sa affiche nettoyage en cours, veuiller patienter le temps de la suppression et aussi le chemin d'acces spécifié est introuvable, suppression adwares terminer, suppression eorezo terminer, suppression des fichiers temporaires terminer.
est-ce que c'est normale ?

C'est bon le log c'est enregistré le voici :


------- LOGFILE OF AD-REMOVER 1.1.3.3 | ONLY XP/VISTA -------

Updated by C_XX on 24/04/2009 at 12:00
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/FindyKill.Ad.Remover/

**** LIMITED TO ****

Known Adwares
Eorezo

********************

Start at: 11:11:23, 25/04/2009 | Boot mode: Normal Boot
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows Vista™ Home Premium Service Pack 1 (version 6.0.6001)
Computer Name: PC-DE-VALERIE
Current User: valerie - Administrator
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)

(!) ---- IE start pages/Tabs reset

============ Known Adwares Deleted ============

.
.
C:\Program Files\Conduit
C:\Users\valerie\AppData\Roaming\Mozilla\Firefox\Profiles\53­4mou0l.default\searchplugins\conduit.xml

+-----------------| Eorezo Elements Deleted :

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine­
HKCR\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKCR\AppID\EoRezoBHO.DLL
HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Typelib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKCU\Software\EoRezo
HKLM\Software\EoRezo
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Brow­ser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoE­ngine_is1
.
C:\Program Files\EoRezo
C:\Users\valerie\AppData\Roaming\EoRezo
C:\Users\valerie\AppData\Roaming\Microsoft\Windows\Cookies\v­alerie@eorezo[1].txt
C:\Users\valerie\AppData\Roaming\Microsoft\Windows\Cookies\v­alerie@eorezo[2].txt

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


+-----------------| Added Scan :

---- Mozilla FireFox Version 3.0.8 ----

ProfilePath: 534mou0l.default (valerie)
.
Prefs.js: Browser.Search.DefaultEngineName: "Yahoo"
Prefs.js: Browser.Search.SelectedEngine: "Yahoo"
.
.
Invalidprefs.js: Browser.Search.DefaultEngineName: "Live Search"
Invalidprefs.js: Browser.Search.SelectedEngine: "SeeToo1.com Customized Web Search"
Invalidprefs.js: Browser.Search.DefaultUrl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2077008&SearchSource=3&q="
.