Remove Win32:Rootkit-gen[Rtk], but Windows XP doesn't restart correctly.

Hello,
I follow the instructions ptovided on this link http://www.geekstogo.com/forum/Win32-Rootkit-gen-Rtk-t270702.html
Here is the OTL.TXT file:

OTL logfile created on: 08/05/2010 14:09:56 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Compaq_Propriétaire\Mes documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

958,00 Mb Total Physical Memory | 567,00 Mb Available Physical Memory | 59,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 274,12 Gb Total Space | 207,24 Gb Free Space | 75,60% Space Free | Partition Type: NTFS
Drive D: | 5,32 Gb Total Space | 0,59 Gb Free Space | 11,08% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DANISET
Current User Name: Compaq_Propriétaire
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Compaq_Propriétaire\Mes documents\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
PRC - C:\Documents and Settings\Compaq_Propriétaire\Bureau\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Documents and Settings\Compaq_Propriétaire\Bureau\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Program Files\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe ()
PRC - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe ()
PRC - C:\Program Files\CyberLink\PowerCinema\PCMService.exe (CyberLink Corp.)
PRC - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Wanadoo\TaskBarIcon.exe (France Télécom R&D)
PRC - C:\WINDOWS\system32\FTRTSVC.exe (France Telecom)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Compaq_Propriétaire\Mes documents\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\mlang.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (XCOMM) – File not found
SRV - (VSSERV) – File not found
SRV - (LIVESRV) – File not found
SRV - (avast! Web Scanner) – C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Mail Scanner) – C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Antivirus) – C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (TomTomHOMEService) – C:\Documents and Settings\Compaq_Propriétaire\Bureau\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (MSCamSvc) – C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (CLSched) CyberLink Task Scheduler (CTS) – C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe ()
SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) – C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe ()
SRV - (CyberLink Media Library Service) – C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
SRV - (IDriverT) – C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (FTRTSVC) – C:\WINDOWS\system32\FTRTSVC.exe (France Telecom)
SRV - (ose) – C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (SASKUTIL) – C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (aswTdi) – C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) – C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) – C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMon2) – C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswFsBlk) – C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (Aavmker4) – C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (SASDIFSV) – C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (lbrtfdc) – C:\WINDOWS\system32\drivers\lbrtfdc.sys (Toshiba Corp.)
DRV - (HDAudBus) – C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (Aspi32) – C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (VX1000) – C:\WINDOWS\system32\drivers\vx1000.sys (Microsoft Corporation)
DRV - (StarOpen) – C:\WINDOWS\system32\drivers\StarOpen.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) – C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Ps2) – C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (RTL8023xp) – C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (ati2mtag) – C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (SABProcEnum) – C:\WINDOWS\system32\sabprocenum.sys (SuperAdBlocker.com)
DRV - (ltmodem5) – C:\WINDOWS\system32\drivers\ltmdmnt.sys (LT)
DRV - (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) – C:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation)
DRV - (PCANDIS5) – C:\WINDOWS\system32\PCANDIS5.SYS (Printing Communications Assoc., Inc. (PCAUSA))

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pucuy.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll ()
IE - HKCU..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyServer” =

OTL.txt follow up
========== FireFox ==========

FF - prefs.js…browser.search.defaultenginename: “Google”
FF - prefs.js…browser.search.defaulturl: “http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js…browser.search.selectedEngine: “Search”
FF - prefs.js…browser.startup.homepage: “http://www.plusnetwork.com

FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.17\extensions\Components: C:\Program Files\Mozilla Firefox\components [2008/11/04 23:38:24 | 000,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.17\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/03 15:20:16 | 000,000,000 | —D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2008\tbextension

[2010/02/27 14:41:08 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Extensions
[2010/02/27 14:41:08 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Extensions\home2@tomtom.com
[2010/02/08 12:46:39 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\m8a7ty0u.default\extensions
[2009/11/21 16:43:52 | 000,000,000 | —D | M] (Microsoft .NET Framework Assistant) – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\m8a7ty0u.default\extensions{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/08 12:46:38 | 000,000,000 | —D | M] (Google Toolbar for Firefox) – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\m8a7ty0u.default\extensions{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/06/11 14:23:12 | 000,001,681 | ---- | M] () – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\m8a7ty0u.default\searchplugins\ask.uk.xml
[2010/02/07 13:38:19 | 000,000,000 | —D | M] – C:\Program Files\Mozilla Firefox\extensions
[2008/07/21 17:21:41 | 000,000,000 | —D | M] (Google Toolbar for Firefox) – C:\Program Files\Mozilla Firefox\extensions{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/11/04 23:16:52 | 000,000,000 | —D | M] – C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2008/11/04 23:38:17 | 000,067,696 | ---- | M] (Mozilla Foundation) – C:\Program Files\Mozilla Firefox\components\jar50.dll
[2008/11/04 23:38:17 | 000,054,376 | ---- | M] (Mozilla Foundation) – C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2008/11/04 23:38:17 | 000,034,952 | ---- | M] (Mozilla Foundation) – C:\Program Files\Mozilla Firefox\components\myspell.dll
[2008/11/04 23:38:17 | 000,046,720 | ---- | M] (Mozilla Foundation) – C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2008/11/04 23:38:17 | 000,172,144 | ---- | M] (Mozilla Foundation) – C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2008/11/04 23:16:51 | 000,001,529 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2008/11/04 23:16:51 | 000,001,072 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2008/11/04 23:16:51 | 000,000,760 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml
[2010/05/01 14:22:44 | 000,000,615 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\pucuy.xml
[2008/11/04 23:16:51 | 000,001,441 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2008/11/04 23:16:51 | 000,000,664 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

OTL.txt follow up
O1 HOSTS File: ([2010/05/01 16:12:50 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Toolbar Orange) - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d’aide de l’Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM..\Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - No CLSID value found.
O3 - HKLM..\Toolbar: (Toolbar Orange) - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL File not found
O3 - HKLM..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU..\Toolbar\WebBrowser: (Toolbar Orange) - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL File not found
O3 - HKCU..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM…\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM…\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe File not found
O4 - HKLM…\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM…\Run: [KernelFaultCheck] File not found
O4 - HKLM…\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM…\Run: [PCDrProfiler] File not found
O4 - HKLM…\Run: [PCMService] C:\Program Files\CyberLink\PowerCinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM…\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM…\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM…\Run: [UserFaultCheck] File not found
O4 - HKLM…\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe File not found
O4 - HKLM…\Run: [WOOWATCH] C:\Program Files\Wanadoo\Watch.exe (France Télécom R&D)
O4 - HKCU…\Run: [CreativeTaskScheduler] C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKCU…\Run: [CTSyncU.exe] C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKCU…\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU…\Run: [TomTomHOME.exe] C:\Documents and Settings\Compaq_Propriétaire\Bureau\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU…\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d’Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O8 - Extra context menu item: Google Sidewiki… - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra ‘Tools’ menuitem : Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O15 - HKCU..Trusted Domains: microsoft.com ([office] http in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game02.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

OTL.TXT follow up
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d’accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/11/23 09:21:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT – [ FAT32 ]
O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf – [ FAT32 ]
O33 - MountPoints2{6b250fd2-3751-11db-bc06-001731252d8a}\Shell\Auto\command - “” = tel.xls.exe
O33 - MountPoints2{c32fce18-7afa-11dc-befa-001731252d8a}\Shell\AutoRun\command - “” = J:\InstallTomTomHOME.exe – File not found
O34 - HKLM BootExecute: (autocheck autochk ) - File not found
O35 - HKLM..comfile [open] – “%1” %

O35 - HKLM..exefile [open] – “%1” %*
O37 - HKLM.…com [@ = comfile] – “%1” %*
O37 - HKLM.…exe [@ = exefile] – “%1” %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/10/26 18:23:32 | 000,000,000 | —D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: tdpipe.sys - Driver
SafeBootNet: tdtcp.sys - Driver
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

OTL.TXT follow up
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - “%ProgramFiles%\Outlook Express\setup50.exe” /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - “%ProgramFiles%\Outlook Express\setup50.exe” /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - “C:\WINDOWS\system32\rundll32.exe” “C:\WINDOWS\system32\iedkcs32.dll”,BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

OTL.TXT follow up
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2010/05/08 14:06:49 | 000,570,880 | ---- | C] (OldTimer Tools) – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\OTL.exe
[2010/05/01 17:55:21 | 000,000,000 | -HSD | C] – C:\Config.Msi
[2010/05/01 17:52:45 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/05/01 17:27:49 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Application Data\F-Secure
[2010/05/01 15:22:04 | 000,000,000 | —D | C] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes
[2010/05/01 15:21:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) – C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/01 15:21:57 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/01 15:21:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) – C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/01 15:21:56 | 000,000,000 | —D | C] – C:\Program Files\Malwarebytes’ Anti-Malware
[2010/05/01 14:25:52 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/05/01 14:25:37 | 000,000,000 | —D | C] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\SUPERAntiSpyware.com
[2010/05/01 14:25:37 | 000,000,000 | —D | C] – C:\Program Files\SUPERAntiSpyware
[2010/05/01 14:09:22 | 000,000,000 | —D | C] – C:\Program Files\Enigma Software Group
[2010/05/01 14:09:00 | 000,000,000 | —D | C] – C:\WINDOWS\61D3AAE1D5214CD7939B37813DE8F955.TMP
[2010/05/01 14:08:58 | 000,000,000 | —D | C] – C:\Program Files\Fichiers communs\Wise Installation Wizard
[2010/05/01 14:06:40 | 000,490,392 | ---- | C] (Enigma Software Group USA, LLC.) – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\SpyHunter-Installer.exe
[2010/05/01 13:23:45 | 000,000,000 | RH-D | C] – C:\Documents and Settings\Compaq_Propriétaire\Recent
[2010/04/22 17:07:37 | 000,000,000 | —D | C] – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\Mes fichiers reçus
[2010/04/22 17:06:39 | 000,000,000 | —D | C] – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\Mes Historiques de Conversation
[2010/04/13 13:25:55 | 000,034,688 | ---- | C] (Toshiba Corp.) – C:\WINDOWS\System32\drivers\lbrtfdc.sys
[2010/04/13 13:25:55 | 000,034,688 | ---- | C] (Toshiba Corp.) – C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010/04/13 13:25:54 | 000,008,576 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010/04/13 13:24:14 | 000,008,192 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\dllcache\changer.sys
[6 C:\WINDOWS*.tmp files → C:\WINDOWS*.tmp → ]
[512 C:\WINDOWS\System32*.tmp files → C:\WINDOWS\System32*.tmp → ]
[12 C:\WINDOWS\Fonts*.tmp files → C:\WINDOWS\Fonts*.tmp → ]
[12 C:\WINDOWS\Fonts*.tmp files → C:\WINDOWS\Fonts*.tmp → ]

========== Files - Modified Within 30 Days ==========

[2010/05/08 14:06:52 | 000,570,880 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\OTL.exe
[2010/05/08 13:50:00 | 000,001,054 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/08 13:45:09 | 000,000,188 | ---- | M] () – C:\WINDOWS\System\hpsysdrv.DAT
[2010/05/08 13:44:31 | 000,001,050 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/08 13:44:30 | 000,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT
[2010/05/08 13:44:17 | 000,001,158 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl
[2010/05/08 13:44:15 | 000,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat
[2010/05/08 13:44:13 | 1005,113,344 | -HS- | M] () – C:\hiberfil.sys
[2010/05/02 11:30:45 | 008,126,464 | -H-- | M] () – C:\Documents and Settings\Compaq_Propriétaire\NTUSER.DAT
[2010/05/02 11:30:45 | 000,000,184 | -HS- | M] () – C:\Documents and Settings\Compaq_Propriétaire\ntuser.ini
[2010/05/01 22:46:58 | 000,431,616 | ---- | M] () – C:\Documents and Settings\Compaq_Propriétaire\Bureau\liste scan avast.doc
[2010/05/01 17:53:38 | 000,001,708 | ---- | M] () – C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010/05/01 17:53:36 | 000,003,121 | ---- | M] () – C:\WINDOWS\System32\CONFIG.NT
[2010/05/01 15:22:01 | 000,000,704 | ---- | M] () – C:\Documents and Settings\All Users\Bureau\Malwarebytes’ Anti-Malware.lnk
[2010/05/01 14:25:42 | 000,000,788 | ---- | M] () – C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2010/05/01 14:06:43 | 000,490,392 | ---- | M] (Enigma Software Group USA, LLC.) – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\SpyHunter-Installer.exe
[2010/04/29 18:23:22 | 000,227,328 | ---- | M] () – C:\Documents and Settings\Compaq_Propriétaire\Bureau\Liste fichiers infectes.doc
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) – C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) – C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/22 13:39:12 | 000,042,496 | ---- | M] () – C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/14 18:47:23 | 000,038,848 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\avastSS.scr
[2010/04/14 18:47:03 | 000,153,184 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\aswBoot.exe
[2010/04/14 18:35:47 | 000,046,672 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/04/14 18:35:25 | 000,162,768 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswSP.sys
[2010/04/14 18:31:39 | 000,023,376 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/04/14 18:31:12 | 000,100,432 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/04/14 18:31:09 | 000,094,800 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswmon.sys
[2010/04/14 18:31:01 | 000,019,024 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/04/14 18:30:45 | 000,028,880 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aavmker4.sys
[6 C:\WINDOWS*.tmp files → C:\WINDOWS*.tmp → ]
[512 C:\WINDOWS\System32*.tmp files → C:\WINDOWS\System32*.tmp → ]

OTL.TXT follow up
========== Files Created - No Company Name ==========

[2010/05/01 22:46:57 | 000,431,616 | ---- | C] () – C:\Documents and Settings\Compaq_Propriétaire\Bureau\liste scan avast.doc
[2010/05/01 17:53:38 | 000,001,708 | ---- | C] () – C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010/05/01 15:22:01 | 000,000,704 | ---- | C] () – C:\Documents and Settings\All Users\Bureau\Malwarebytes’ Anti-Malware.lnk
[2010/05/01 14:25:42 | 000,000,788 | ---- | C] () – C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2010/04/29 18:23:22 | 000,227,328 | ---- | C] () – C:\Documents and Settings\Compaq_Propriétaire\Bureau\Liste fichiers infectes.doc
[2010/04/21 18:11:38 | 1005,113,344 | -HS- | C] () – C:\hiberfil.sys
[2008/02/04 18:23:10 | 000,693,792 | ---- | C] () – C:\WINDOWS\System32\OGACheckControl.DLL
[2007/11/17 20:21:00 | 000,000,121 | ---- | C] () – C:\WINDOWS\bdagent.INI
[2007/11/03 11:23:13 | 000,043,520 | ---- | C] () – C:\WINDOWS\System32\CmdLineExt03.dll
[2007/11/03 11:22:28 | 000,197,120 | ---- | C] () – C:\WINDOWS\patchw32.dll
[2007/10/21 14:59:21 | 000,000,036 | ---- | C] () – C:\WINDOWS\ANAGENE.INI
[2007/08/25 19:18:34 | 000,005,632 | ---- | C] () – C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/03/24 10:47:12 | 000,000,029 | ---- | C] () – C:\WINDOWS\DEBUGSM.INI
[2007/03/05 20:29:48 | 000,015,498 | ---- | C] () – C:\WINDOWS\VX1000.ini
[2006/11/10 19:11:46 | 000,052,858 | ---- | C] () – C:\WINDOWS\System32\interceptor.sys
[2006/09/09 14:23:52 | 000,096,768 | ---- | C] () – C:\WINDOWS\SlantAdj.dll
[2006/09/09 14:23:52 | 000,000,072 | ---- | C] () – C:\WINDOWS\System32\epDPE.ini
[2006/09/09 14:23:24 | 000,000,022 | ---- | C] () – C:\WINDOWS\System32\PICSDK.ini
[2006/09/09 14:18:04 | 000,000,025 | ---- | C] () – C:\WINDOWS\CDE RX420FG.ini
[2006/08/21 20:21:39 | 000,000,385 | ---- | C] () – C:\WINDOWS\ODBC.INI
[2006/07/27 19:28:42 | 003,596,288 | ---- | C] () – C:\WINDOWS\System32\qt-dx331.dll
[2006/07/12 00:33:49 | 000,012,288 | ---- | C] () – C:\WINDOWS\System32\DivXWMPExtType.dll
[2006/04/24 18:25:49 | 000,000,061 | ---- | C] () – C:\WINDOWS\smscfg.ini
[2006/04/24 18:06:48 | 000,028,848 | ---- | C] () – C:\WINDOWS\System32\drivers\USBkey.sys
[2006/04/24 18:02:59 | 000,013,065 | ---- | C] () – C:\WINDOWS\System32\CHODDI.SYS
[2006/04/24 18:02:53 | 000,045,056 | ---- | C] () – C:\WINDOWS\System32\hpreg.dll
[2006/04/24 17:57:28 | 000,198,144 | ---- | C] () – C:\WINDOWS\System32_psisdecd.dll
[2006/04/24 17:55:12 | 000,000,108 | ---- | C] () – C:\WINDOWS\WININIT.INI
[2006/04/24 17:48:28 | 000,003,712 | ---- | C] () – C:\WINDOWS\System32\fxsperf.ini
[2006/04/24 17:32:07 | 000,000,829 | ---- | C] () – C:\WINDOWS\orun32.ini
[2006/04/24 17:28:47 | 000,323,584 | ---- | C] () – C:\WINDOWS\System32\pythoncom22.dll
[2006/04/24 17:28:47 | 000,094,208 | ---- | C] () – C:\WINDOWS\System32\pywintypes22.dll
[2006/04/24 17:28:25 | 000,016,896 | ---- | C] () – C:\WINDOWS\System32\bcbmm.dll
[2005/12/09 16:03:52 | 000,000,000 | ---- | C] () – C:\WINDOWS\System32\px.ini
[2004/08/05 06:00:00 | 000,249,270 | ---- | C] () – C:\WINDOWS\System32_004532_.tmp.dll
[2004/08/05 06:00:00 | 000,022,040 | ---- | C] () – C:\WINDOWS\System32_004500_.tmp.dll
[2004/07/26 16:17:16 | 000,000,659 | ---- | C] () – C:\WINDOWS\System32\oeminfo.ini
[2003/04/01 10:58:02 | 000,005,260 | ---- | C] () – C:\WINDOWS\System32\OUTLPERF.INI

========== Custom Scans ==========

< %SYSTEMDRIVE%*.exe >
[2006/11/10 21:51:45 | 123,805,305 | ---- | M] (Macrovision Corporation) – C:\GDIS2007_esd_32bit_fr.exe
[2005/10/31 17:56:00 | 000,700,416 | ---- | M] (LimeWire) – C:\StubInstaller.exe

< MD5 for: AGP440.SYS >
[2004/08/05 06:00:00 | 018,779,217 | ---- | M] () .cab file – C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/08/20 21:17:25 | 023,892,017 | ---- | M] () .cab file – C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/04 23:00:00 | 018,779,217 | ---- | M] () .cab file – C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/08/20 21:17:25 | 023,892,017 | ---- | M] () .cab file – C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 – C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 – C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/05 06:00:00 | 018,779,217 | ---- | M] () .cab file – C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/08/20 21:17:25 | 023,892,017 | ---- | M] () .cab file – C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/04 23:00:00 | 018,779,217 | ---- | M] () .cab file – C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/08/20 21:17:25 | 023,892,017 | ---- | M] () .cab file – C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 – C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 – C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 – C:\WINDOWS$NtServicePackUninstall$\atapi.sys
[2004/08/05 06:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 – C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/05 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 – C:\WINDOWS$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 – C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 – C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 – C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 – C:\WINDOWS\system32\netlogon.dll
[2004/08/05 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB – C:\WINDOWS$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 – C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 – C:\WINDOWS\system32\scecli.dll
[2004/08/05 06:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC – C:\WINDOWS$NtServicePackUninstall$\scecli.dll

< %systemroot%*. /mp /s >

< %systemroot%\system32*.dll /lockedfiles >
[512 C:\WINDOWS\system32*.tmp files → C:\WINDOWS\system32*.tmp → ]

< %systemroot%\Tasks*.job /lockedfiles >

< %systemroot%\system32\drivers*.sys /lockedfiles >

< %systemroot%\System32\config*.sav >
[2004/11/23 10:11:52 | 000,094,208 | ---- | M] () – C:\WINDOWS\system32\config\default.sav
[2004/11/23 10:11:52 | 000,638,976 | ---- | M] () – C:\WINDOWS\system32\config\software.sav
< End of report >

EXTRAS.TXT FILE
OTL Extras logfile created on: 08/05/2010 14:09:56 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Compaq_Propriétaire\Mes documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

958,00 Mb Total Physical Memory | 567,00 Mb Available Physical Memory | 59,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 274,12 Gb Total Space | 207,24 Gb Free Space | 75,60% Space Free | Partition Type: NTFS
Drive D: | 5,32 Gb Total Space | 0,59 Gb Free Space | 11,08% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DANISET
Current User Name: Compaq_Propriétaire
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes<key>\shell[command]\command]
batfile [open] – “%1” %*
cmdfile [open] – “%1” %*
comfile [open] – “%1” %*
exefile [open] – “%1” %*
htmlfile [edit] – “C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe” %1 (Microsoft Corporation)
htmlfile [print] – “C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe” /p %1 (Microsoft Corporation)
piffile [open] – “%1” %*
regfile [merge] – Reg Error: Key error.
scrfile [config] – “%1”
scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] – “%1” /S
txtfile [edit] – Reg Error: Key error.
Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] – “C:\Program Files\VideoLAN\VLC\vlc.exe” --started-from-file --playlist-enqueue “%1” ()
Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] – “C:\Program Files\VideoLAN\VLC\vlc.exe” --started-from-file --no-playlist-enqueue “%1” ()
Folder [open] – %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] – %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“FirstRunDisabled” = 1
“UpdatesDisableNotify” = 0
“AntiVirusOverride” = 0
“FirewallOverride” = 0
“AntiVirusDisableNotify” = 0
“FirewallDisableNotify” = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
“DisableMonitoring” = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
“EnableFirewall” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
“EnableFirewall” = 1
“DoNotAllowExceptions” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
“1900:UDP” = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
“2869:TCP” = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe” = C:\Program Files\Windows Live\Messenger\wlcsdk.exe::Enabled:Windows Live Call – (Microsoft Corporation)
“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe” = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:
:Enabled:Windows Live FolderShare – (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
“C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe” = C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe::Enabled:CyberLink PowerCinema – (CyberLink Corp.)
“C:\Program Files\CyberLink\PowerCinema\PCMService.exe” = C:\Program Files\CyberLink\PowerCinema\PCMService.exe:
:Enabled:CyberLink PowerCinema Resident Program – (CyberLink Corp.)
“C:\Program Files\AOL 9.0\waol.exe” = C:\Program Files\AOL 9.0\waol.exe::Enabled:AOL France – File not found
“C:\WINDOWS\Temp\NavBrowser.exe” = C:\WINDOWS\Temp\NavBrowser.exe:
:Disabled:NAVBrowser – File not found
“C:\Program Files\LimeWire\LimeWire.exe” = C:\Program Files\LimeWire\LimeWire.exe::Enabled:LimeWire – (Lime Wire, LLC)
“C:\Program Files\Microsoft LifeCam\LifeExp.exe” = C:\Program Files\Microsoft LifeCam\LifeExp.exe:
:Enabled:LifeExp.exe – (Microsoft Corporation)
“C:\Program Files\Microsoft LifeCam\LifeCam.exe” = C:\Program Files\Microsoft LifeCam\LifeCam.exe::Enabled:LifeCam.exe – (Microsoft Corporation)
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe” = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:
:Enabled:Windows Live Call – (Microsoft Corporation)
“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe” = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare – (Microsoft Corporation)

EXTRAS.TXT follow up
========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{075473F5-846A-448B-BCB3-104AA1760205}” = Sonic RecordNow Data
“{0BEDBD4E-2D34-47B5-9973-57E62B29307C}” = Panneau de contrôle ATI
“{109D28C7-FB38-483A-9C91-001CB59E2699}” = EPSON CardMonitor
“{17342E3B-0818-4A6F-BFF8-99476605ADD6}” = livebox
“{18455581-E099-4BA8-BC6B-F34B2F06600C}” = Google Toolbar for Internet Explorer
“{18D10072035C4515918F7E37EAFAACFC}” = AutoUpdate
“{1B2DBF55-05D4-4072-87D8-689141E262BD}” = Creative ZEN
“{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}” = CP_CalendarTemplates1
“{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
“{205C6BDD-7B73-42DE-8505-9A093F35A238}” = Outil de téléchargement Windows Live
“{2075CB0A-D26F-4DAA-B424-5079296B43BA}” = Windows Live FolderShare
“{21657574-BD54-48A2-9450-EB03B2C7FC29}” = Sonic MyDVD Plus
“{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}” = MSVCRT
“{23012310-3E05-46A5-88A9-C6CBCABCAC79}” = Amélioration de nos services
“{2318C2B1-4965-11d4-9B18-009027A5CD4F}” = Google Toolbar for Internet Explorer
“{23B35809-5E4A-4F14-8332-1CDEDDFAC089}” = CP_Package_Variety2
“{23B59ED4-C360-11D7-875B-0090CC005647}” = EPSON PRINT Image Framer Tool2.1
“{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}” = Destinations
“{2637C347-9DAD-11D6-9EA2-00055D0CA761}” = PowerCinema
“{26A24AE4-039D-4CA4-87B4-2F83216013FF}” = Java™ 6 Update 13
“{2A548002-9042-4083-A270-B67473DE1073}” = SkinsHP1
“{30465B6C-B53F-49A1-9EBA-A3F187AD502E}” = Sonic Update Manager
“{3248F0A8-6813-11D6-A77B-00B0D0150050}” = J2SE Runtime Environment 5.0 Update 5
“{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}” = Unload
“{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}” = WebFldrs XP
“{36D620AD-EEBA-4973-BA86-0C9AE6396620}” = OptionalContentQFolder
“{3B4E636E-9D65-4D67-BA61-189800823F52}” = Windows Live Communications Platform
“{3BA95526-6AE0-4B87-A62D-17187EF565FC}” = HP Boot Optimizer
“{3C137BCF-8ADC-430D-B01C-A45593AC512B}” = Microsoft LifeCam
“{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}” = RandMap
“{4041C245-7099-4C96-9738-5EBC23827B3C}” = BufferChm
“{45D707E9-F3C4-11D9-A373-0050BAE317E1}” = HP DVD Play 1.0
“{4634B21A-CC07-4396-890C-2B8168661FEA}” = Windows Live Writer
“{46ABBC54-1872-4AA3-95E2-F2C063A63F31}” = Installation Windows Live
“{494D17B5-3369-4905-8C4B-80C972C5E0FF}” = CP_Panorama1Config
“{4DA4012B-39AF-48c2-B23B-A4D570D233A6}” = cp_LightScribeConfig
“{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}” = CP_Package_Variety1
“{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}” = FullDPAppQFolder
“{54F0998F-73C8-4b51-8286-FE903C231BED}” = cp_PosterPrintConfig
“{5DD76286-9BE7-4894-A990-E905E91AC818}” = Windows Live Mail
“{65F5B7AF-3363-11D7-BB6B-00018021113F}” = EPSON PhotoQuicker3.5
“{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}” = Sonic Express Labeler
“{66C8BE35-8BBB-472B-96C7-C7C9A499F988}” = PhotoImpression 5
“{67EDD823-135A-4D59-87BD-950616D6E857}” = EPSON Copy Utility 3
“{6C11D561-620B-47DA-A693-4C597F3CDF40}” = EPSON Smart Panel
“{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}” = CP_Package_Basic1
“{770657D0-A123-3C07-8E44-1C83EC895118}” = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
“{770F1BEC-2871-4E70-B837-FB8525FFA3B1}” = Windows Live Messenger
“{79F8E1D4-36C1-439C-95FA-F695050B5B07}” = Sonic_PrimoSDK
“{7B63B2922B174135AFC0E1377DD81EC2}” = DivX Codec
“{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}” = PIF DESIGNER2.1
“{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}” = EPSON Web-To-Page
“{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}” = cp_UpdateProjectsConfig
“{8105684D-8CA6-440D-8F58-7E5FD67A499D}” = Connexion Facile à Internet
“{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}” = Windows Live Call
“{869C3062-4745-4949-B6C9-98AF24D89030}” = PhotoGallery
“{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight
“{8ADFC4160D694100B5B8A22DE9DCABD9}” = DivX Player
“{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}” = TomTom HOME Visual Studio Merge Modules
“{907B4640-266B-4A21-92FB-CD1A86CD0F63}” = RollerCoaster Tycoon 3
“{9112040C-6000-11D3-8CFE-0150048383C9}” = Microsoft Office Standard Edition 2003
“{95120000-00B9-0409-0000-0000000FF1CE}” = Microsoft Application Error Reporting
“{9A394342-4A68-4EBA-85A6-55B559F4E700}” = Microsoft .NET Framework 1.1 French Language Pack
“{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}” = CueTour
“{A059DE09-1B49-4450-B340-7AE097EC3F04}” = Microsoft Works
“{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}” = Segoe UI
“{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}” = Microsoft .NET Framework 3.0 Service Pack 2
“{A49F249F-0C91-497F-86DF-B2585E8E76B7}” = Microsoft Visual C++ 2005 Redistributable
“{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}” = Google Update Helper
“{AB5D51AE-EBC3-438D-872C-705C7C2084B0}” = DeviceManagementQFolder
“{AB708C9B-97C8-4AC9-899B-DBF226AC9382}” = Sonic RecordNow Audio
“{AC76BA86-7AD7-1036-7B44-A70000000000}” = Adobe Reader 7.0.8 - Français
“{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}” = CP_AtenaShokunin1Config
“{B12665F4-4E93-4AB4-B7FC-37053B524629}” = Sonic RecordNow Copy
“{B131E59D-202C-43C6-84C9-68F0C37541F1}” = Galerie de photos Windows Live
“{B13A7C41581B411290FBC0395694E2A9}” = DivX Converter
“{B57F2FF0-5A25-4332-B503-4592B370C02F}” = CP_Package_Variety3
“{B7050CBDB2504B34BC2A9CA0A692CC29}” = DivX Web Player
“{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}” = cp_OnlineProjectsConfig
“{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}” = Microsoft .NET Framework 2.0 Service Pack 2
“{C48817E7-AA05-4151-A99D-1E1E550CE801}” = EPSON PhotoStarter3.1
“{C4A4722E-79F9-417C-BD72-8D359A090C97}” = Samsung PC Studio 3
“{C514C594-23AA-4F13-A070-DB8BDB27594F}” = Windows Live Mail
“{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}” = Microsoft .NET Framework 1.1
“{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}” = SUPERAntiSpyware Free Edition
“{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}” = Microsoft .NET Framework 3.5 SP1
“{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}” = Assistant de connexion Windows Live
“{DA15D535-5E1D-4076-B520-8571346D6238}” = Norton™ Security Scan
“{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}” = HpSdpAppCoreApp
“{E2DFE069-083E-4631-9B6C-43C48E991DE5}” = Junk Mail filter update
“{E3A54A70-1CFA-4D79-ACD6-5AA2A98C212F}” = Samsung PC Studio 3
“{E89B484C-B913-49A0-959B-89E836001658}” = GEAR 32bit Driver Installer
“{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}” = Samsung PC Studio 3 USB Driver Installer
“{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}” = ScanToWeb
“{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}” = Adobe Flash Player 10 Plugin
“{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}” = HP Software Update
“{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}” = Microsoft SQL Server 2005 Compact Edition [ENU]
“{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}” = Microsoft Choice Guard
“{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}” = Realtek High Definition Audio Driver
“{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}” = InstantShareDevices
“8461-7759-5462-8226” = Vuze
“Adobe Flash Player ActiveX” = Adobe Flash Player 10 ActiveX
“Adobe Shockwave Player” = Adobe Shockwave Player
Ask.com Search Assistant” = Ask.com Search Assistant 1.0.1
“ATI Display Driver” = ATI Display Driver
“AudibleManager” = AudibleManager
“avast5” = avast! Free Antivirus
“Creative Software AutoUpdate” = Creative Software AutoUpdate
“DivX Content Uploader” = DivX Content Uploader
“EPSON Printer and Utilities” = EPSON Logiciel imprimante
“EPSON Scanner” = EPSON Scan
“ESPRX420 Guide de réf.” = ESPRX420 Guide de réf.
“ESPRX420 Guide des logiciels” = ESPRX420 Guide des logiciels
“FranceTelecomUninstall_FTBrowser” = Navigateur Orange
“GestionnaireInternet.exe” = Gestionnaire Internet
“HP Imaging Device Functions” = HP Imaging Device Functions 6.0
“HP Photo & Imaging” = HP Photosmart Premier Software 6.0
“IDNMitigationAPIs” = Microsoft Internationalized Domain Names Mitigation APIs
“ie7” = Windows Internet Explorer 7
“ie8” = Windows Internet Explorer 8
“InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}” = Amélioration de nos services
“InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}” = Connexion Facile à Internet
“LimeWire” = LimeWire 5.2.13
“Magic Academy Deluxe” = Magic Academy Deluxe
“Malwarebytes’ Anti-Malware_is1” = Malwarebytes’ Anti-Malware
“Messenger Plus! Live” = Messenger Plus! Live & Sponsor (CiD)
“Microsoft .NET Framework 1.1 (1033)” = Microsoft .NET Framework 1.1
“Microsoft .NET Framework 3.5 SP1” = Microsoft .NET Framework 3.5 SP1
“Mozilla Firefox (2.0.0.17)” = Mozilla Firefox (2.0.0.17)
“MSCompPackV1” = Microsoft Compression Client Pack 1.0 for Windows XP
“MSNINST” = MSN
“NLSDownlevelMapping” = Microsoft National Language Support Downlevel APIs

EXTRAS.TXT follow up
“PC-Doctor 5 for Windows” = PC-Doctor 5 for Windows
“PS2” = PS2
“Python 2.2.3” = Python 2.2.3
“pywin32-py2.2” = Python 2.2 pywin32 extensions (build 203)
“RealPlayer 6.0” = RealPlayer
“SAMSUNG CDMA Modem” = SAMSUNG CDMA Modem Driver Set
“SAMSUNG Mobile Composite Device” = SAMSUNG Mobile Composite Device Software
“Samsung Mobile phone USB driver” = Samsung Mobile phone USB driver Software
“SAMSUNG Mobile USB Modem” = SAMSUNG Mobile USB Modem Software
“SAMSUNG Mobile USB Modem 1.0” = SAMSUNG Mobile USB Modem 1.0 Software
“ST6UNST #1” = Microméga Terminale S
“SysInfo” = Creative System Information
“TomTom HOME” = TomTom HOME 2.7.3.1894
“VLC media player” = VLC media player 0.9.9
“wanadoo_toolbar” = toolbar orange
“WIC” = Windows Imaging Component
“Windows Media Format Runtime” = Windows Media Format 11 runtime
“Windows Media Player” = Lecteur Windows Media 11
“Windows XP Service” = Windows XP Service Pack 3
“WinLiveSuite_Wave3” = Installation Windows Live
“WMFDist11” = Windows Media Format 11 runtime
“wmp11” = Windows Media Player 11
“Wudf01000” = Microsoft User-Mode Driver Framework Feature Pack 1.0
“Yahoo! Companion” = Yahoo! Toolbar
“Yahoo! Toolbar” = Yahoo! Toolbar
“ZENcast Organizer” = ZENcast Organizer

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“Warcraft III” = Warcraft III

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/04/2010 06:50:05 | Computer Name = DANISET | Source = Google Update | ID = 20
Description =

Error - 11/04/2010 07:50:05 | Computer Name = DANISET | Source = Google Update | ID = 20
Description =

Error - 11/04/2010 08:50:06 | Computer Name = DANISET | Source = Google Update | ID = 20
Description =

Error - 12/04/2010 10:50:07 | Computer Name = DANISET | Source = Google Update | ID = 20
Description =

Error - 13/04/2010 04:50:05 | Computer Name = DANISET | Source = Google Update | ID = 20
Description =

Error - 21/04/2010 13:58:49 | Computer Name = DANISET | Source = Application Error | ID = 1000
Description = Application défaillante ati2evxx.exe, version 6.14.10.4119, module
défaillant ntdll.dll, version 5.1.2600.5755, adresse de défaillance 0x00010717.

Error - 22/04/2010 02:50:05 | Computer Name = DANISET | Source = Google Update | ID = 20
Description =

Error - 22/04/2010 11:36:11 | Computer Name = DANISET | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 22/04/2010 11:36:17 | Computer Name = DANISET | Source = Application Hang | ID = 1001
Description = Détecteur d’erreurs 1180947459.

Error - 01/05/2010 16:50:05 | Computer Name = DANISET | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 02/05/2010 04:12:57 | Computer Name = DANISET | Source = Service Control Manager | ID = 7001
Description = Le service CyberLink Task Scheduler (CTS) dépend du service CyberLink
Background Capture Service (CBCS) qui n’a pas pu démarrer en raison de l’erreur :
%%1070

Error - 02/05/2010 04:12:57 | Computer Name = DANISET | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
charger : bdftdif

Error - 02/05/2010 04:14:59 | Computer Name = DANISET | Source = DCOM | ID = 10010
Description = Le serveur {3FD8285E-1F88-4BEB-9D38-4205F8D965E5} ne s’est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 08/05/2010 07:44:49 | Computer Name = DANISET | Source = Service Control Manager | ID = 7000
Description = Le service BitDefender Communicator n’a pas pu démarrer en raison
de l’erreur : %%3

Error - 08/05/2010 07:44:49 | Computer Name = DANISET | Source = Service Control Manager | ID = 7001
Description = Le service BitDefender Desktop Update Service dépend du service BitDefender
Communicator qui n’a pas pu démarrer en raison de l’erreur : %%3

Error - 08/05/2010 07:44:49 | Computer Name = DANISET | Source = Service Control Manager | ID = 7001
Description = Le service BitDefender Virus Shield dépend du service BitDefender
Communicator qui n’a pas pu démarrer en raison de l’erreur : %%3

Error - 08/05/2010 07:46:01 | Computer Name = DANISET | Source = Service Control Manager | ID = 7022
Description = Le service CyberLink Background Capture Service (CBCS) est en attente
de démarrage.

Error - 08/05/2010 07:46:01 | Computer Name = DANISET | Source = Service Control Manager | ID = 7001
Description = Le service CyberLink Task Scheduler (CTS) dépend du service CyberLink
Background Capture Service (CBCS) qui n’a pas pu démarrer en raison de l’erreur :
%%1070

Error - 08/05/2010 07:46:01 | Computer Name = DANISET | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
charger : bdftdif

Error - 08/05/2010 07:48:02 | Computer Name = DANISET | Source = DCOM | ID = 10010
Description = Le serveur {3FD8285E-1F88-4BEB-9D38-4205F8D965E5} ne s’est pas enregistré
sur DCOM avant la fin du temps imparti.

< End of report >

There is an easier way to do this, down in left corner: Additional options > Attach

Hi what problem do you experience when you try to start windows ?

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
O3 - HKLM\..\Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - No CLSID value found.

:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

I will run the new instructions for OTL.
I run GMER as indicated, here is the log:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-08 16:51:34
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\fgrdapog.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xF1FA1C08]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xF1FA1AC4]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteKey [0xF1FA2078]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xF1FA1FA2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xF1FA169A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xF1FA1B9E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xF1FA15DA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xF1FA163E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xF1FA1CBE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRenameKey [0xF1FA2146]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xF1FA1C7E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xF1FA1DFE]
SSDT ??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xF2105900]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0xF1FAE50A]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0xF1FAE32E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0xF1FAE468]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device \FileSystem\Fastfat \FatCdrom aswSP.SYS (avast! self protection module/ALWIL Software)

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/ALWIL Software)

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

---- EOF - GMER 1.0.15 ----

Here is the log after Run fixes OTL
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\{381FFDE8-2394-4f90-B10D-FC6124A40F8C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{381FFDE8-2394-4f90-B10D-FC6124A40F8C}\ not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: All Users

User: Compaq_Propriétaire

User: Compaq_Propriétaire
->Temp folder emptied: 202606123 bytes
->Temporary Internet Files folder emptied: 109977930 bytes
->Java cache emptied: 12148375 bytes
->FireFox cache emptied: 2927820 bytes
->Flash cache emptied: 752 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 13980451 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2955269 bytes
%systemroot%\System32 .tmp files removed: 154752736 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 61142 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23970150 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 499,00 mb

[EMPTYFLASH]

User: Administrateur

User: All Users

User: Compaq_Propriétaire

User: Compaq_Propriétaire
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.4.1 log created on 05082010_192746

Files\Folders moved on Reboot…
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\WDIR45I3\1687727627@Top,Left1,Left2,Left3,Position1,Position2,Position3,x01,x02,x03,x04,x05,x06,x07,x07,x08,x09,x10,x11,x12,x13,x14,x15,x16,x17,x18,x19,x20,x21,x22,x23,x24,x25,x2[1] not found!
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\WDIR45I3\1891370773@Top,Left1,Left2,Left3,Position1,Position2,Position3,x01,x02,x03,x04,x05,x06,x07,x07,x08,x09,x10,x11,x12,x13,x14,x15,x16,x17,x18,x19,x20,x21,x22,x23,x24,x25,x2[1] not found!
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\WDIR45I3\1897879170@Top,Left1,Left2,Left3,Position1,Position2,Position3,x01,x02,x03,x04,x05,x06,x07,x07,x08,x09,x10,x11,x12,x13,x14,x15,x16,x17,x18,x19,x20,x21,x22,x23,x24,x25,x2[1] not found!
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\WDIR45I3\1952416125@Top,Left1,Left2,Left3,Position1,Position2,Position3,x01,x02,x03,x04,x05,x06,x07,x07,x08,x09,x10,x11,x12,x13,x14,x15,x16,x17,x18,x19,x20,x21,x22,x23,x24,x25,x2[1] not found!
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\STIBO527\1349828685@Top,Left1,Left2,Left3,Position1,Position2,Position3,x01,x02,x03,x04,x05,x06,x07,x07,x08,x09,x10,x11,x12,x13,x14,x15,x16,x17,x18,x19,x20,x21,x22,x23,x24,x25,x2[1] not found!
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\C9IROL6F\1279008178@Top,Left1,Left2,Left3,Position1,Position2,Position3,x01,x02,x03,x04,x05,x06,x07,x07,x08,x09,x10,x11,x12,x13,x14,x15,x16,x17,x18,x19,x20,x21,x22,x23,x24,x25,x2[1] not found!
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\C9IROL6F\1785844437@Top,Left1,Left2,Left3,Position1,Position2,Position3,x01,x02,x03,x04,x05,x06,x07,x07,x08,x09,x10,x11,x12,x13,x14,x15,x16,x17,x18,x19,x20,x21,x22,x23,x24,x25,x2[1] not found!
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\C9IROL6F\1882375932@Top,Left1,Left2,Left3,Position1,Position2,Position3,x01,x02,x03,x04,x05,x06,x07,x07,x08,x09,x10,x11,x12,x13,x14,x15,x16,x17,x18,x19,x20,x21,x22,x23,x24,x25,x2[1] not found!
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\C9IROL6F\1898693481@Top,Left1,Left2,Left3,Position1,Position2,Position3,x01,x02,x03,x04,x05,x06,x07,x07,x08,x09,x10,x11,x12,x13,x14,x15,x16,x17,x18,x19,x20,x21,x22,x23,x24,x25,x2[1] not found!
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\8X2VKXYB\1902401302@Top,Left1,Left2,Left3,Position1,Position2,Position3,x01,x02,x03,x04,x05,x06,x07,x07,x08,x09,x10,x11,x12,x13,x14,x15,x16,x17,x18,x19,x20,x21,x22,x23,x24,x25,x2[1] not found!
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\Google Toolbar\GoogleToolbarWelcome.log moved successfully.
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp~DF133C.tmp not found!
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp~DF13E4.tmp not found!
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp~DF1F32.tmp moved successfully.
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp~DF7B2.tmp not found!
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp~DF80B.tmp not found!
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp~DFB9DE.tmp moved successfully.
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp~DFFD5C.tmp not found!
File\Folder C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp~DFFDD9.tmp not found!
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\YSWI5M27\index[3].htm moved successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\YSWI5M27\read[1].html moved successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\YSWI5M27\read_unread_iframe[1].htm moved successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\IUZYYN3K\ar11=;var14=;;sz=728x90,468x60;u=id=buQDxOsbDr5BMs7Xp9CTqg_1=4_2=2_3=45520_21=5_22=2_23=2_24=2_25=1_26=45154_8=0_9=0_10=0__;ord=7280781546556505[2].htm moved successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\DI02YSR6\sendConfirmationReading_frame[1].html moved successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File\Folder C:\WINDOWS\temp_avast5_\Webshlock.txt not found!

Registry entries deleted on Reboot…

Here is the log after quick scan
OTL logfile created on: 08/05/2010 19:38:34 - Run 2
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Compaq_Propriétaire\Mes documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

958,00 Mb Total Physical Memory | 488,00 Mb Available Physical Memory | 51,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 274,12 Gb Total Space | 207,85 Gb Free Space | 75,82% Space Free | Partition Type: NTFS
Drive D: | 5,32 Gb Total Space | 0,59 Gb Free Space | 11,08% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DANISET
Current User Name: Compaq_Propriétaire
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Compaq_Propriétaire\Mes documents\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Documents and Settings\Compaq_Propriétaire\Bureau\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Documents and Settings\Compaq_Propriétaire\Bureau\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Program Files\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe ()
PRC - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe ()
PRC - C:\Program Files\CyberLink\PowerCinema\PCMService.exe (CyberLink Corp.)
PRC - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
PRC - C:\Program Files\Wanadoo\GestionnaireInternet.exe (France Télécom R&D)
PRC - C:\Program Files\Wanadoo\ComComp.exe (France Télécom R&D)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Wanadoo\Toaster.exe (France Telecom R&D)
PRC - C:\Program Files\Wanadoo\Inactivity.exe ()
PRC - C:\Program Files\Wanadoo\PollingModule.exe ()
PRC - C:\WINDOWS\system32\AlertModule\AlertModule.exe ()
PRC - C:\Program Files\Wanadoo\TaskBarIcon.exe (France Télécom R&D)
PRC - C:\WINDOWS\system32\FTRTSVC.exe (France Telecom)
PRC - C:\Program Files\Wanadoo\Watch.exe (France Télécom R&D)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Compaq_Propriétaire\Mes documents\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\mlang.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
MOD - C:\Program Files\Wanadoo\Inactivity.dll ()

========== Win32 Services (SafeList) ==========

SRV - (XCOMM) – File not found
SRV - (VSSERV) – File not found
SRV - (LIVESRV) – File not found
SRV - (avast! Web Scanner) – C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Mail Scanner) – C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Antivirus) – C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (TomTomHOMEService) – C:\Documents and Settings\Compaq_Propriétaire\Bureau\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (MSCamSvc) – C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (CLSched) CyberLink Task Scheduler (CTS) – C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe ()
SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) – C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe ()
SRV - (CyberLink Media Library Service) – C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
SRV - (IDriverT) – C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (FTRTSVC) – C:\WINDOWS\system32\FTRTSVC.exe (France Telecom)
SRV - (ose) – C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (aswTdi) – C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) – C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) – C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMon2) – C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswFsBlk) – C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (Aavmker4) – C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (SASKUTIL) – C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) – C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (lbrtfdc) – C:\WINDOWS\system32\drivers\lbrtfdc.sys (Toshiba Corp.)
DRV - (HDAudBus) – C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (Aspi32) – C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (VX1000) – C:\WINDOWS\system32\drivers\vx1000.sys (Microsoft Corporation)
DRV - (StarOpen) – C:\WINDOWS\system32\drivers\StarOpen.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) – C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Ps2) – C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (RTL8023xp) – C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (ati2mtag) – C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (SABProcEnum) – C:\WINDOWS\system32\sabprocenum.sys (SuperAdBlocker.com)
DRV - (ltmodem5) – C:\WINDOWS\system32\drivers\ltmdmnt.sys (LT)
DRV - (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) – C:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation)
DRV - (PCANDIS5) – C:\WINDOWS\system32\PCANDIS5.SYS (Printing Communications Assoc., Inc. (PCAUSA))

========== Standard Registry (SafeList) ==========

OTL.TXT follow up
========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pucuy.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll ()
IE - HKCU..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

========== FireFox ==========

FF - prefs.js…browser.search.defaultenginename: “Google”
FF - prefs.js…browser.search.defaulturl: “http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js…browser.search.selectedEngine: “Search”
FF - prefs.js…browser.startup.homepage: “http://www.plusnetwork.com

FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.17\extensions\Components: C:\Program Files\Mozilla Firefox\components [2008/11/04 23:38:24 | 000,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.17\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/03 15:20:16 | 000,000,000 | —D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2008\tbextension

[2010/02/27 14:41:08 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Extensions
[2010/02/27 14:41:08 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Extensions\home2@tomtom.com
[2010/02/08 12:46:39 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\m8a7ty0u.default\extensions
[2009/11/21 16:43:52 | 000,000,000 | —D | M] (Microsoft .NET Framework Assistant) – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\m8a7ty0u.default\extensions{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/08 12:46:38 | 000,000,000 | —D | M] (Google Toolbar for Firefox) – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\m8a7ty0u.default\extensions{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/06/11 14:23:12 | 000,001,681 | ---- | M] () – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\m8a7ty0u.default\searchplugins\ask.uk.xml
[2010/02/07 13:38:19 | 000,000,000 | —D | M] – C:\Program Files\Mozilla Firefox\extensions
[2008/07/21 17:21:41 | 000,000,000 | —D | M] (Google Toolbar for Firefox) – C:\Program Files\Mozilla Firefox\extensions{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/11/04 23:16:52 | 000,000,000 | —D | M] – C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2008/11/04 23:38:17 | 000,067,696 | ---- | M] (Mozilla Foundation) – C:\Program Files\Mozilla Firefox\components\jar50.dll
[2008/11/04 23:38:17 | 000,054,376 | ---- | M] (Mozilla Foundation) – C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2008/11/04 23:38:17 | 000,034,952 | ---- | M] (Mozilla Foundation) – C:\Program Files\Mozilla Firefox\components\myspell.dll
[2008/11/04 23:38:17 | 000,046,720 | ---- | M] (Mozilla Foundation) – C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2008/11/04 23:38:17 | 000,172,144 | ---- | M] (Mozilla Foundation) – C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2008/11/04 23:16:51 | 000,001,529 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2008/11/04 23:16:51 | 000,001,072 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2008/11/04 23:16:51 | 000,000,760 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml
[2010/05/01 14:22:44 | 000,000,615 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\pucuy.xml
[2008/11/04 23:16:51 | 000,001,441 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2008/11/04 23:16:51 | 000,000,664 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

OTL.txt follow up
O1 HOSTS File: ([2010/05/08 19:27:47 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Toolbar Orange) - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d’aide de l’Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM..\Toolbar: (Toolbar Orange) - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL File not found
O3 - HKLM..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU..\Toolbar\WebBrowser: (Toolbar Orange) - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL File not found
O3 - HKCU..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM…\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM…\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe File not found
O4 - HKLM…\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM…\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM…\Run: [PCDrProfiler] File not found
O4 - HKLM…\Run: [PCMService] C:\Program Files\CyberLink\PowerCinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM…\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM…\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM…\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe File not found
O4 - HKLM…\Run: [WOOWATCH] C:\Program Files\Wanadoo\Watch.exe (France Télécom R&D)
O4 - HKCU…\Run: [CreativeTaskScheduler] C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKCU…\Run: [CTSyncU.exe] C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKCU…\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU…\Run: [TomTomHOME.exe] C:\Documents and Settings\Compaq_Propriétaire\Bureau\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU…\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d’Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O8 - Extra context menu item: Google Sidewiki… - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra ‘Tools’ menuitem : Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O15 - HKCU..Trusted Domains: microsoft.com ([office] http in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game02.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

OTL.TXT follow up
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d’accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/11/23 09:21:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT – [ FAT32 ]
O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf – [ FAT32 ]
O33 - MountPoints2{6b250fd2-3751-11db-bc06-001731252d8a}\Shell\Auto\command - “” = tel.xls.exe
O33 - MountPoints2{c32fce18-7afa-11dc-befa-001731252d8a}\Shell\AutoRun\command - “” = J:\InstallTomTomHOME.exe – File not found
O34 - HKLM BootExecute: (autocheck autochk ) - File not found
O35 - HKLM..comfile [open] – “%1” %

O35 - HKLM..exefile [open] – “%1” %*
O37 - HKLM.…com [@ = comfile] – “%1” %*
O37 - HKLM.…exe [@ = exefile] – “%1” %*

OTL.TXT follow up
========== Files/Folders - Created Within 90 Days ==========

[2010/05/08 19:27:46 | 000,000,000 | —D | C] – C:_OTL
[2010/05/08 14:06:49 | 000,570,880 | ---- | C] (OldTimer Tools) – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\OTL.exe
[2010/05/01 17:55:21 | 000,000,000 | -HSD | C] – C:\Config.Msi
[2010/05/01 17:52:45 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/05/01 17:27:49 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Application Data\F-Secure
[2010/05/01 15:22:04 | 000,000,000 | —D | C] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes
[2010/05/01 15:21:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) – C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/01 15:21:57 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/01 15:21:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) – C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/01 15:21:56 | 000,000,000 | —D | C] – C:\Program Files\Malwarebytes’ Anti-Malware
[2010/05/01 14:25:52 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/05/01 14:25:37 | 000,000,000 | —D | C] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\SUPERAntiSpyware.com
[2010/05/01 14:25:37 | 000,000,000 | —D | C] – C:\Program Files\SUPERAntiSpyware
[2010/05/01 14:09:22 | 000,000,000 | —D | C] – C:\Program Files\Enigma Software Group
[2010/05/01 14:08:58 | 000,000,000 | —D | C] – C:\Program Files\Fichiers communs\Wise Installation Wizard
[2010/05/01 14:06:40 | 000,490,392 | ---- | C] (Enigma Software Group USA, LLC.) – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\SpyHunter-Installer.exe
[2010/05/01 13:23:45 | 000,000,000 | RH-D | C] – C:\Documents and Settings\Compaq_Propriétaire\Recent
[2010/04/22 17:07:37 | 000,000,000 | —D | C] – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\Mes fichiers reçus
[2010/04/22 17:06:39 | 000,000,000 | —D | C] – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\Mes Historiques de Conversation
[2010/03/19 10:39:10 | 000,000,000 | —D | C] – C:\Documents and Settings\Compaq_Propriétaire\Bureau\photo casio
[2010/02/27 14:41:06 | 000,000,000 | —D | C] – C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\TomTom
[2010/02/27 14:41:06 | 000,000,000 | —D | C] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\TomTom
[2010/02/27 14:40:53 | 000,000,000 | —D | C] – C:\Program Files\TomTom International B.V
[2010/02/27 14:40:34 | 000,000,000 | —D | C] – C:\Documents and Settings\Compaq_Propriétaire\Bureau\TomTom HOME 2
[2010/02/25 17:40:01 | 000,000,000 | —D | C] – C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Temp
[12 C:\WINDOWS\Fonts*.tmp files → C:\WINDOWS\Fonts*.tmp → ]
[12 C:\WINDOWS\Fonts*.tmp files → C:\WINDOWS\Fonts*.tmp → ]

========== Files - Modified Within 90 Days ==========

[2010/05/08 19:32:48 | 000,000,188 | ---- | M] () – C:\WINDOWS\System\hpsysdrv.DAT
[2010/05/08 19:29:56 | 000,001,050 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/08 19:29:56 | 000,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT
[2010/05/08 19:29:48 | 000,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat
[2010/05/08 19:29:47 | 1005,113,344 | -HS- | M] () – C:\hiberfil.sys
[2010/05/08 19:28:59 | 008,126,464 | -H-- | M] () – C:\Documents and Settings\Compaq_Propriétaire\NTUSER.DAT
[2010/05/08 19:28:59 | 000,000,184 | -HS- | M] () – C:\Documents and Settings\Compaq_Propriétaire\ntuser.ini
[2010/05/08 19:27:47 | 000,000,098 | ---- | M] () – C:\WINDOWS\System32\drivers\etc\Hosts
[2010/05/08 19:07:36 | 000,003,121 | ---- | M] () – C:\WINDOWS\System32\CONFIG.NT
[2010/05/08 17:50:30 | 000,001,054 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/08 14:50:03 | 000,284,915 | ---- | M] () – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\gmer.zip
[2010/05/08 14:06:52 | 000,570,880 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\OTL.exe
[2010/05/08 13:44:17 | 000,001,158 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl
[2010/05/06 22:59:36 | 000,165,032 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\aswBoot.exe
[2010/05/06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/05/06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswSP.sys
[2010/05/06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/05/06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/05/06 22:33:55 | 000,094,800 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswmon.sys
[2010/05/06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/05/06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/05/01 22:46:58 | 000,431,616 | ---- | M] () – C:\Documents and Settings\Compaq_Propriétaire\Bureau\liste scan avast.doc
[2010/05/01 17:53:38 | 000,001,708 | ---- | M] () – C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010/05/01 15:22:01 | 000,000,704 | ---- | M] () – C:\Documents and Settings\All Users\Bureau\Malwarebytes’ Anti-Malware.lnk
[2010/05/01 14:25:42 | 000,000,788 | ---- | M] () – C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2010/05/01 14:06:43 | 000,490,392 | ---- | M] (Enigma Software Group USA, LLC.) – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\SpyHunter-Installer.exe
[2010/04/29 18:23:22 | 000,227,328 | ---- | M] () – C:\Documents and Settings\Compaq_Propriétaire\Bureau\Liste fichiers infectes.doc
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) – C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) – C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/22 13:39:12 | 000,042,496 | ---- | M] () – C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/14 18:47:23 | 000,038,848 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\avastSS.scr
[2010/03/28 11:24:48 | 001,126,346 | ---- | M] () – C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/28 11:24:48 | 000,511,874 | ---- | M] () – C:\WINDOWS\System32\perfh00C.dat
[2010/03/28 11:24:48 | 000,442,466 | ---- | M] () – C:\WINDOWS\System32\perfh009.dat
[2010/03/28 11:24:48 | 000,085,396 | ---- | M] () – C:\WINDOWS\System32\perfc00C.dat
[2010/03/28 11:24:48 | 000,071,732 | ---- | M] () – C:\WINDOWS\System32\perfc009.dat
[2010/03/26 16:00:00 | 000,000,436 | ---- | M] () – C:\WINDOWS\tasks\Norton Security Scan.job
[2010/03/10 20:05:23 | 000,000,769 | ---- | M] () – C:\WINDOWS\win.ini
[2010/03/08 12:51:06 | 000,016,618 | ---- | M] () – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\fax26253304.tif
[2010/02/28 16:06:09 | 000,000,855 | ---- | M] () – C:\Documents and Settings\Compaq_Propriétaire\Bureau\shisen.dat

OTL.TXT follow up
========== Files Created - No Company Name ==========

[2010/05/08 14:50:02 | 000,284,915 | ---- | C] () – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\gmer.zip
[2010/05/01 22:46:57 | 000,431,616 | ---- | C] () – C:\Documents and Settings\Compaq_Propriétaire\Bureau\liste scan avast.doc
[2010/05/01 17:53:38 | 000,001,708 | ---- | C] () – C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010/05/01 15:22:01 | 000,000,704 | ---- | C] () – C:\Documents and Settings\All Users\Bureau\Malwarebytes’ Anti-Malware.lnk
[2010/05/01 14:25:42 | 000,000,788 | ---- | C] () – C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2010/04/29 18:23:22 | 000,227,328 | ---- | C] () – C:\Documents and Settings\Compaq_Propriétaire\Bureau\Liste fichiers infectes.doc
[2010/04/21 18:11:38 | 1005,113,344 | -HS- | C] () – C:\hiberfil.sys
[2010/03/08 12:51:06 | 000,016,618 | ---- | C] () – C:\Documents and Settings\Compaq_Propriétaire\Mes documents\fax26253304.tif
[2008/02/04 18:23:10 | 000,693,792 | ---- | C] () – C:\WINDOWS\System32\OGACheckControl.DLL
[2007/11/17 20:21:00 | 000,000,121 | ---- | C] () – C:\WINDOWS\bdagent.INI
[2007/11/03 11:23:13 | 000,043,520 | ---- | C] () – C:\WINDOWS\System32\CmdLineExt03.dll
[2007/11/03 11:22:28 | 000,197,120 | ---- | C] () – C:\WINDOWS\patchw32.dll
[2007/10/21 14:59:21 | 000,000,036 | ---- | C] () – C:\WINDOWS\ANAGENE.INI
[2007/08/25 19:18:34 | 000,005,632 | ---- | C] () – C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/03/24 10:47:12 | 000,000,029 | ---- | C] () – C:\WINDOWS\DEBUGSM.INI
[2007/03/05 20:29:48 | 000,015,498 | ---- | C] () – C:\WINDOWS\VX1000.ini
[2006/11/10 19:11:46 | 000,052,858 | ---- | C] () – C:\WINDOWS\System32\interceptor.sys
[2006/09/09 14:23:52 | 000,096,768 | ---- | C] () – C:\WINDOWS\SlantAdj.dll
[2006/09/09 14:23:52 | 000,000,072 | ---- | C] () – C:\WINDOWS\System32\epDPE.ini
[2006/09/09 14:23:24 | 000,000,022 | ---- | C] () – C:\WINDOWS\System32\PICSDK.ini
[2006/09/09 14:18:04 | 000,000,025 | ---- | C] () – C:\WINDOWS\CDE RX420FG.ini
[2006/08/21 20:21:39 | 000,000,385 | ---- | C] () – C:\WINDOWS\ODBC.INI
[2006/07/27 19:28:42 | 003,596,288 | ---- | C] () – C:\WINDOWS\System32\qt-dx331.dll
[2006/07/12 00:33:49 | 000,012,288 | ---- | C] () – C:\WINDOWS\System32\DivXWMPExtType.dll
[2006/04/24 18:25:49 | 000,000,061 | ---- | C] () – C:\WINDOWS\smscfg.ini
[2006/04/24 18:06:48 | 000,028,848 | ---- | C] () – C:\WINDOWS\System32\drivers\USBkey.sys
[2006/04/24 18:02:59 | 000,013,065 | ---- | C] () – C:\WINDOWS\System32\CHODDI.SYS
[2006/04/24 18:02:53 | 000,045,056 | ---- | C] () – C:\WINDOWS\System32\hpreg.dll
[2006/04/24 17:57:28 | 000,198,144 | ---- | C] () – C:\WINDOWS\System32_psisdecd.dll
[2006/04/24 17:55:12 | 000,000,108 | ---- | C] () – C:\WINDOWS\WININIT.INI
[2006/04/24 17:48:28 | 000,003,712 | ---- | C] () – C:\WINDOWS\System32\fxsperf.ini
[2006/04/24 17:32:07 | 000,000,829 | ---- | C] () – C:\WINDOWS\orun32.ini
[2006/04/24 17:28:47 | 000,323,584 | ---- | C] () – C:\WINDOWS\System32\pythoncom22.dll
[2006/04/24 17:28:47 | 000,094,208 | ---- | C] () – C:\WINDOWS\System32\pywintypes22.dll
[2006/04/24 17:28:25 | 000,016,896 | ---- | C] () – C:\WINDOWS\System32\bcbmm.dll
[2005/12/09 16:03:52 | 000,000,000 | ---- | C] () – C:\WINDOWS\System32\px.ini
[2004/08/05 06:00:00 | 000,249,270 | ---- | C] () – C:\WINDOWS\System32_004532_.tmp.dll
[2004/08/05 06:00:00 | 000,022,040 | ---- | C] () – C:\WINDOWS\System32_004500_.tmp.dll
[2004/07/26 16:17:16 | 000,000,659 | ---- | C] () – C:\WINDOWS\System32\oeminfo.ini
[2003/04/01 10:58:02 | 000,005,260 | ---- | C] () – C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/05/01 17:52:45 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/07/09 15:21:12 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Application Data\Azureus
[2010/05/01 17:27:49 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Application Data\F-Secure
[2007/07/15 20:04:00 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2007/05/27 09:43:56 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Application Data\PlayFirst
[2006/09/09 14:29:01 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Application Data\UDL
[2009/11/02 18:43:29 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
[2007/05/20 12:03:18 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Application Data\Zylom
[2006/08/29 13:32:19 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\123 Free Solitaire
[2007/11/03 11:23:48 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Atari
[2009/07/14 16:24:11 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Azureus
[2007/02/14 18:40:30 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\EPSON
[2009/09/20 10:02:15 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\fretsonfire
[2006/10/09 17:47:55 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Leadertech
[2007/09/03 18:59:15 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Magic Academy
[2006/09/09 16:23:54 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\MSNInstaller
[2008/08/02 18:20:14 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\OfficeUpdate12
[2007/09/16 11:22:56 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\PlayFirst
[2007/08/25 19:27:26 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Samsung
[2007/03/24 10:47:10 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Smart Panel
[2010/02/27 14:41:06 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\TomTom
[2007/09/03 18:57:04 | 000,000,000 | —D | M] – C:\Documents and Settings\Compaq_Propriétaire\Application Data\Zylom

========== Purity Check ==========

< End of report >