Bonsoir . there are some strange entries.
This one for instance:
C:\WINDOWS\SYSTEM32\WINEXPLOR.EXE
The spelling is not correct
WINEXPLOR.EXE
Let us fix a few that we know are bad.
Check these in Hjt
Close browser (Internet Explorer)
Click fix
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoit.com/direct.php?url=www.google.Fr
O4 - HKLM\..\Run: [Gator] "C:\Program Files\Gator.com\Gator\Gator.exe"
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
O4 - HKLM\..\Run: [mysoft] C:\WINDOWS\SYSTEM32\WINEXPLOR.EXE
O13 - DefaultPrefix: http://www.microsoit.com/direct.php?url=
O13 - WWW Prefix: http://www.microsoit.com/direct.php?url=
Reboot.
You have 1 registry key. The process does not show as runnng, perhaps it is a stray entry.
But :
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
That is :
nsupdate - nsupdate.exe - Process Information
Process File: nsupdate or nsupdate.exe
Process Name: Nsupdate
Description: A dialer program that dials to a site specific to adult or pornographic content.
I suggest you run an on-line scan at RAV which has the excellent detection of these nasties.
http://www.ravantivirus.com/scan/
In the middle of the page click continue without subscribing.
Next page add auto clean.
When the scan is done.
Click report and you can savi or copy and paste the results here. if you wish.
There are some unfamiliar entries to me in the log. But fix those above and run the online scan
see if you still have problems.
Post a new log here.