Soucis du a msn [Résolu]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:36:40, on 01/12/2008
Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20900)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Hijackthis\Scanner.exe
C:\WINDOWS\explorer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\pmnnnkji.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {B51ED02F-F958-426A-8B50-1B6CC498887B} - C:\WINDOWS\system32\cbXOEUop.dll
O2 - BHO: (no name) - {FEC6A4B1-BFE7-49B6-885A-6182CCC48CC2} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: pmnnnkji - C:\WINDOWS\SYSTEM32\pmnnnkji.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5220 bytes

[12/01/2008, 9:47:20] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Buddha\Bureau\VirtumundoBeGone.exe" )
[12/01/2008, 9:47:26] - Detected System Information:
[12/01/2008, 9:47:26] -  Windows Version: 5.1.2600, Service Pack 3, v.5657
[12/01/2008, 9:47:26] -  Current Username: Buddha (Admin)
[12/01/2008, 9:47:27] -  Windows is in NORMAL mode.
[12/01/2008, 9:47:27] - Searching for Browser Helper Objects:
[12/01/2008, 9:47:27] -  BHO 1: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[12/01/2008, 9:47:27] -  BHO 2: {5C255C8A-E604-49b4-9D64-90988571CECB} (Click-to-Call BHO)
[12/01/2008, 9:47:27] -  BHO 3: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} ()
[12/01/2008, 9:47:27] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2008, 9:47:27] -  Checking for HKLM\...\Winlogon\Notify\pmnnnkji
[12/01/2008, 9:47:27] -  Found: HKLM\...\Winlogon\Notify\pmnnnkji - This is probably Virtumundo.
[12/01/2008, 9:47:27] -  Assigning {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} MSEvents Object
[12/01/2008, 9:47:27] - BHO list has been changed! Starting over...
[12/01/2008, 9:47:27] -  BHO 1: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[12/01/2008, 9:47:27] -  BHO 2: {5C255C8A-E604-49b4-9D64-90988571CECB} (Click-to-Call BHO)
[12/01/2008, 9:47:27] -  BHO 3: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} (MSEvents Object)
[12/01/2008, 9:47:27] - ALERT: Found MSEvents Object!
[12/01/2008, 9:47:27] -  BHO 4: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[12/01/2008, 9:47:27] -  BHO 5: {B51ED02F-F958-426A-8B50-1B6CC498887B} ()
[12/01/2008, 9:47:27] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2008, 9:47:27] -  Checking for HKLM\...\Winlogon\Notify\cbXOEUop
[12/01/2008, 9:47:27] -  Key not found: HKLM\...\Winlogon\Notify\cbXOEUop, continuing.
[12/01/2008, 9:47:27] -  BHO 6: {FEC6A4B1-BFE7-49B6-885A-6182CCC48CC2} ()
[12/01/2008, 9:47:27] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2008, 9:47:27] -  No filename found. Continuing.
[12/01/2008, 9:47:27] - Finished Searching Browser Helper Objects
[12/01/2008, 9:47:27] - *** Detected MSEvents Object
[12/01/2008, 9:47:27] - Trying to remove MSEvents Object...
[12/01/2008, 9:47:28] -    Terminating Process: IEXPLORE.EXE
[12/01/2008, 9:47:28] -    Terminating Process: RUNDLL32.EXE
[12/01/2008, 9:47:29] -    Disabling Automatic Shell Restart
[12/01/2008, 9:47:29] -    Terminating Process: EXPLORER.EXE
[12/01/2008, 9:47:29] -    Suspending the NT Session Manager System Service
[12/01/2008, 9:47:29] -    Terminating Windows NT Logon/Logoff Manager
[12/01/2008, 9:47:29] -    Re-enabling Automatic Shell Restart
[12/01/2008, 9:47:29] -   File to disable: C:\WINDOWS\system32\pmnnnkji.dll
[12/01/2008, 9:47:29] -  Renaming C:\WINDOWS\system32\pmnnnkji.dll -> C:\WINDOWS\system32\pmnnnkji.dll.vir
[12/01/2008, 9:47:29] -  File successfully renamed!
[12/01/2008, 9:47:29] -   Removing HKLM\...\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
[12/01/2008, 9:47:29] -   Removing HKCR\CLSID\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
[12/01/2008, 9:47:29] -   Adding Kill Bit for ActiveX for GUID: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
[12/01/2008, 9:47:29] -   Deleting ATLEvents/MSEvents Registry entries
[12/01/2008, 9:47:29] -   Removing HKLM\...\Winlogon\Notify\pmnnnkji
[12/01/2008, 9:47:29] - Searching for Browser Helper Objects:
[12/01/2008, 9:47:29] -  BHO 1: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[12/01/2008, 9:47:29] -  BHO 2: {5C255C8A-E604-49b4-9D64-90988571CECB} (Click-to-Call BHO)
[12/01/2008, 9:47:29] -  BHO 3: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[12/01/2008, 9:47:29] -  BHO 4: {B51ED02F-F958-426A-8B50-1B6CC498887B} ()
[12/01/2008, 9:47:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2008, 9:47:29] -  Checking for HKLM\...\Winlogon\Notify\cbXOEUop
[12/01/2008, 9:47:29] -  Key not found: HKLM\...\Winlogon\Notify\cbXOEUop, continuing.
[12/01/2008, 9:47:29] -  BHO 5: {FEC6A4B1-BFE7-49B6-885A-6182CCC48CC2} ()
[12/01/2008, 9:47:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2008, 9:47:29] -  No filename found. Continuing.
[12/01/2008, 9:47:29] - Finished Searching Browser Helper Objects
[12/01/2008, 9:47:29] - Finishing up...
[12/01/2008, 9:47:29] - A restart is needed.
[12/01/2008, 9:47:29] - Automatic Reboot on STOP Error is not set. User will have to manually restart.
[12/01/2008, 9:47:39] - Attempting to Restart via STOP error (Blue Screen!)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:52:21, on 01/12/2008
Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20900)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Hijackthis\Scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: (no name) - {41105D6A-E251-4EED-A556-D8C7FD559BF3} - C:\WINDOWS\system32\cbXOEUop.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {FEC6A4B1-BFE7-49B6-885A-6182CCC48CC2} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5032 bytes

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1440
Windows 5.1.2600 Service Pack 3, v.5657

01/12/2008 10:44:24
mbam-log-2008-12-01 (10-44-18).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Eléments examinés: 60586
Temps écoulé: 17 minute(s), 0 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\cbXOEUop.dll (Trojan.Vundo.H) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{86ad0dfe-973a-4ff3-830b-d8419628dd54} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{86ad0dfe-973a-4ff3-830b-d8419628dd54} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\cbxoeuop -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\cbxoeuop

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:50:15, on 01/12/2008
Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20900)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\program files\valve\steam\steam.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Notepad++\notepad++.exe
C:\Hijackthis\Scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {FEC6A4B1-BFE7-49B6-885A-6182CCC48CC2} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5272 bytes

Logfile of random's system information tool 1.04 (written by random/random)
Run by Buddha at 2008-12-01 16:42:50
Microsoft Windows XP Professionnel Service Pack 3, v.5657
System drive C: has 138 GB (73%) free of 191 GB
Total RAM: 1022 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:43:03, on 01/12/2008
Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20900)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\Documents and Settings\Buddha\Bureau\Firefox\RSIT.exe
C:\Program Files\trend micro\Buddha.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {FEC6A4B1-BFE7-49B6-885A-6182CCC48CC2} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5298 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\fylojgeu.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2008-09-02 75272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEC6A4B1-BFE7-49B6-885A-6182CCC48CC2}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2008-09-09 3513344]
"Steam"=c:\program files\valve\steam\steam.exe [2008-11-02 1410296]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-10-19 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSMHelp"=1
"ForceClassicControlPanel"=1
"NoDesktopCleanupWizard"=1
"NoInstrumentation"=0
"NoResolveSearch"=1
"NoResolveTrack"=1
"NoSMBalloonTip"=1
"NoSMConfigurePrograms"=1
"NoStartMenuMFUprogramsList"=0
"NoStrCmpLogical"=0
"NoWelcomeScreen"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideRunAsVerb"=
"NoActiveDesktop"=
"NoDriveTypeAutoRun"=
"NoInstrumentation"=
"NoResolveTrack"=
"NoSetActiveDesktop"=
"NoStartMenuMFUprogramsList"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======File associations======

.reg - edit - 
.reg - open - 

======List of files/folders created in the last 2 months======

2008-12-01 14:25:22 ----A---- C:\Bug.txt
2008-12-01 14:25:21 ----A---- C:\WINDOWS\system32\cmd.execf
2008-12-01 14:25:15 ----D---- C:\32788R22FWJFW
2008-12-01 13:51:33 ----D---- C:\Program Files\trend micro
2008-12-01 13:51:30 ----D---- C:\rsit
2008-12-01 10:21:13 ----D---- C:\Documents and Settings\Buddha\Application Data\Malwarebytes
2008-12-01 10:21:07 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-01 10:21:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-01 08:49:52 ----D---- C:\Hijackthis
2008-11-30 18:55:25 ----D---- C:\VundoFix Backups
2008-11-30 18:55:25 ----A---- C:\VundoFix.txt
2008-11-30 17:13:11 ----D---- C:\MSNCleaner
2008-11-30 17:04:00 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-30 17:04:00 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-30 16:52:20 ----D---- C:\SDFix
2008-11-30 16:45:36 ----D---- C:\Program Files\Avira
2008-11-30 16:45:36 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-11-30 16:27:24 ----D---- C:\Program Files\xerox
2008-11-30 16:27:23 ----D---- C:\WINDOWS\system32\xircom
2008-11-30 16:27:23 ----D---- C:\WINDOWS\system32\oobe
2008-11-30 16:27:23 ----D---- C:\WINDOWS\srchasst
2008-11-30 16:27:23 ----D---- C:\WINDOWS\msagent
2008-11-30 16:27:23 ----D---- C:\Program Files\windows nt
2008-11-30 16:27:23 ----D---- C:\Program Files\netmeeting
2008-11-30 16:27:23 ----D---- C:\Program Files\msn gaming zone
2008-11-30 16:27:23 ----D---- C:\Program Files\movie maker
2008-11-30 16:27:23 ----D---- C:\Program Files\microsoft frontpage
2008-11-30 16:22:56 ----A---- C:\WINDOWS\msnfix.txt
2008-11-30 16:22:24 ----D---- C:\MSNFix
2008-11-30 15:38:10 ----A---- C:\WINDOWS\system32\439aa82e-.txt
2008-11-30 15:32:49 ----N---- C:\WINDOWS\SchedLgU.Txt
2008-11-30 15:32:47 ----A---- C:\WINDOWS\system32\geBqRkiG.dll
2008-11-30 15:32:45 ----A---- C:\WINDOWS\system32\pmnnnkji.dll.vir
2008-11-23 01:00:15 ----D---- C:\Program Files\iPod
2008-11-23 01:00:12 ----D---- C:\Program Files\iTunes
2008-11-23 01:00:12 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-23 00:59:21 ----D---- C:\Program Files\QuickTime
2008-11-23 00:58:14 ----SHD---- C:\Config.Msi
2008-11-17 17:28:16 ----D---- C:\Program Files\uTorrent
2008-11-17 17:28:12 ----D---- C:\Documents and Settings\Buddha\Application Data\uTorrent
2008-11-16 21:27:43 ----D---- C:\Documents and Settings\Buddha\Application Data\Apple Computer
2008-11-16 21:27:34 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2008-11-16 21:27:12 ----D---- C:\Program Files\Bonjour
2008-11-16 21:26:42 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-11-16 21:26:25 ----D---- C:\Program Files\Apple Software Update
2008-11-16 21:26:10 ----D---- C:\Program Files\Fichiers communs\Apple
2008-11-16 21:26:09 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-11-14 23:44:38 ----D---- C:\Documents and Settings\Buddha\Application Data\Acreon
2008-11-14 00:19:55 ----D---- C:\Program Files\WowCartographe
2008-11-13 17:29:50 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard
2008-11-05 19:12:51 ----D---- C:\Documents and Settings\Buddha\Application Data\Mumble
2008-11-05 19:11:55 ----D---- C:\Program Files\Mumble
2008-11-05 10:29:08 ----D---- C:\Documents and Settings\Buddha\Application Data\Notepad++
2008-11-05 09:29:44 ----D---- C:\Program Files\Fichiers communs\Blizzard Entertainment
2008-11-03 17:04:29 ----D---- C:\Documents and Settings\Buddha\Application Data\skypePM
2008-11-03 17:01:42 ----D---- C:\Documents and Settings\Buddha\Application Data\Skype
2008-11-03 17:01:15 ----D---- C:\Program Files\Skype
2008-11-03 17:01:14 ----D---- C:\Program Files\Fichiers communs\Skype
2008-11-03 17:01:03 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2008-11-03 15:19:23 ----D---- C:\Documents and Settings\Buddha\Application Data\teamspeak2
2008-11-03 15:19:12 ----D---- C:\Program Files\Teamspeak2_RC2
2008-11-02 11:05:40 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-11-02 00:24:45 ----D---- C:\Program Files\Valve
2008-11-01 22:35:06 ----D---- C:\Program Files\Messenger Plus! Live
2008-11-01 22:24:52 ----D---- C:\Program Files\Microsoft
2008-11-01 22:10:24 ----D---- C:\Program Files\Fichiers communs\Windows Live
2008-11-01 22:03:23 ----D---- C:\Program Files\World of Warcraft
2008-11-01 21:54:00 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-10-31 20:25:50 ----D---- C:\WINDOWS\nview
2008-10-31 20:25:50 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-10-31 20:25:24 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-10-31 20:25:10 ----D---- C:\NVIDIA
2008-10-31 20:09:31 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-10-31 20:08:54 ----A---- C:\WINDOWS\system32\usbui.dll
2008-10-31 20:08:13 ----SHD---- C:\WINDOWS\Installer
2008-10-31 20:08:13 ----D---- C:\Program Files\Fichiers communs\ODBC
2008-10-31 20:08:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-31 20:08:13 ----A---- C:\WINDOWS\ODBCINST.INI
2008-10-31 20:08:09 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2008-10-31 20:08:08 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-10-31 20:08:08 ----D---- C:\Program Files\Fichiers communs
2008-10-31 20:08:08 ----D---- C:\Program Files
2008-10-31 20:08:06 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-10-31 20:08:06 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-10-31 20:08:06 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-10-31 20:08:05 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-10-31 20:08:05 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-10-31 20:08:05 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-10-31 20:08:05 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-10-31 20:08:05 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-10-31 20:08:05 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-10-31 20:08:05 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-10-31 20:08:05 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-10-31 20:08:05 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-10-31 20:08:05 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-10-31 20:08:05 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-10-31 20:08:05 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-10-31 20:08:03 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-10-31 20:08:03 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-10-31 20:08:03 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-10-31 20:08:03 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-10-31 20:08:03 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-10-31 20:08:03 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-10-31 20:08:03 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-10-31 20:08:02 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-10-31 20:08:02 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-10-31 20:08:02 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-10-31 20:08:02 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-10-31 20:08:02 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-10-31 20:08:00 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-10-31 20:08:00 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-10-31 20:08:00 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-10-31 20:08:00 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-10-31 20:08:00 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-10-31 20:08:00 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-10-31 20:08:00 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-10-31 20:08:00 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-10-31 20:08:00 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-10-31 20:08:00 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-10-31 20:08:00 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-10-31 20:08:00 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-10-31 20:08:00 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-10-31 20:07:57 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-10-31 20:07:57 ----A---- C:\WINDOWS\system32\irclass.dll
2008-10-31 20:07:57 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-10-31 20:07:57 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-10-31 20:07:57 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-10-31 20:07:55 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-10-31 20:07:54 ----A---- C:\WINDOWS\system32\batt.dll
2008-10-31 20:07:54 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-10-31 20:07:53 ----A---- C:\WINDOWS\system32\storprop.dll
2008-10-31 20:07:50 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-10-31 20:07:35 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-31 20:07:35 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-31 20:07:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-31 20:05:59 ----D---- C:\Documents and Settings
2008-10-31 20:05:58 ----SHD---- C:\System Volume Information
2008-10-31 20:05:04 ----SH---- C:\boot.ini
2008-10-31 19:59:02 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-31 19:59:02 ----RSD---- C:\WINDOWS\Fonts
2008-10-31 19:59:02 ----RD---- C:\WINDOWS\Offline Web Pages
2008-10-31 19:59:02 ----D---- C:\WINDOWS\WinSxS
2008-10-31 19:59:02 ----D---- C:\WINDOWS\Web
2008-10-31 19:59:02 ----D---- C:\WINDOWS\WBEM
2008-10-31 19:59:02 ----D---- C:\WINDOWS\twain_32
2008-10-31 19:59:02 ----D---- C:\WINDOWS\Temp
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\wins
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\wbem
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\usmt
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\spool
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\ShellExt
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\Setup
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\ras
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\npp
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\mui
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\inetsrv
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\IME
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\icsxml
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\ias
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\fr-fr
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\fr
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\export
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\drivers
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\dhcp
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\config
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\3com_dmi
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\3076
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\2052
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\1054
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\1042
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\1041
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\1037
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\1036
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\1033
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\1031
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\1028
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32\1025
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system32
2008-10-31 19:59:02 ----D---- C:\WINDOWS\system
2008-10-31 19:59:02 ----D---- C:\WINDOWS\security
2008-10-31 19:59:02 ----D---- C:\WINDOWS\Resources
2008-10-31 19:59:02 ----D---- C:\WINDOWS\repair
2008-10-31 19:59:02 ----D---- C:\WINDOWS\Provisioning
2008-10-31 19:59:02 ----D---- C:\WINDOWS\PeerNet
2008-10-31 19:59:02 ----D---- C:\WINDOWS\pchealth
2008-10-31 19:59:02 ----D---- C:\WINDOWS\Network Diagnostic
2008-10-31 19:59:02 ----D---- C:\WINDOWS\mui
2008-10-31 19:59:02 ----D---- C:\WINDOWS\msapps
2008-10-31 19:59:02 ----D---- C:\WINDOWS\Media
2008-10-31 19:59:02 ----D---- C:\WINDOWS\L2Schemas
2008-10-31 19:59:02 ----D---- C:\WINDOWS\java
2008-10-31 19:59:02 ----D---- C:\WINDOWS\inf
2008-10-31 19:59:02 ----D---- C:\WINDOWS\ime
2008-10-31 19:59:02 ----D---- C:\WINDOWS\Help
2008-10-31 19:59:02 ----D---- C:\WINDOWS\Driver Cache
2008-10-31 19:59:02 ----D---- C:\WINDOWS\Debug
2008-10-31 19:59:02 ----D---- C:\WINDOWS\Cursors
2008-10-31 19:59:02 ----D---- C:\WINDOWS\Connection Wizard
2008-10-31 19:59:02 ----D---- C:\WINDOWS\Config
2008-10-31 19:59:02 ----D---- C:\WINDOWS\AppPatch
2008-10-31 19:59:02 ----D---- C:\WINDOWS\addins
2008-10-31 19:59:02 ----D---- C:\WINDOWS
2008-10-31 19:36:01 ----SHD---- C:\RECYCLER
2008-10-31 19:34:00 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-10-31 19:31:27 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-10-31 19:31:22 ----D---- C:\Program Files\Windows Live
2008-10-31 19:31:17 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-10-31 19:17:49 ----D---- C:\Documents and Settings\Buddha\Application Data\Identities
2008-10-31 19:17:41 ----HD---- C:\Program Files\Uninstall Information
2008-10-31 19:16:39 ----ASH---- C:\Documents and Settings\Buddha\Application Data\desktop.ini
2008-10-31 19:16:38 ----SD---- C:\Documents and Settings\Buddha\Application Data\Microsoft
2008-10-31 19:16:36 ----D---- C:\WINDOWS\SoftwareDistribution
2008-10-31 19:16:34 ----D---- C:\WINDOWS\Prefetch
2008-10-31 19:16:33 ----SD---- C:\WINDOWS\system32\Microsoft
2008-10-31 19:15:05 ----A---- C:\WINDOWS\system32\UnWTCC.exe
2008-10-31 19:13:44 ----RSD---- C:\WINDOWS\assembly
2008-10-31 19:13:26 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-31 19:12:46 ----A---- C:\WINDOWS\control.ini
2008-10-31 19:12:46 ----A---- C:\AUTOEXEC.BAT
2008-10-31 19:12:34 ----D---- C:\WINDOWS\system32\dllcache
2008-10-31 19:12:34 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-10-31 19:12:30 ----D---- C:\Program Files\Windows Trust
2008-10-31 19:12:26 ----D---- C:\WINDOWS\system32\LangDLLs
2008-10-31 19:12:09 ----D---- C:\Program Files\Paint.NET
2008-10-31 19:11:44 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-10-31 19:11:40 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-10-31 19:11:36 ----HD---- C:\Program Files\WindowsUpdate
2008-10-31 19:11:30 ----D---- C:\Program Files\Windows Media Connect 2
2008-10-31 19:11:18 ----A---- C:\WINDOWS\system32\desktop.ini
2008-10-31 19:11:18 ----A---- C:\WINDOWS\desktop.ini
2008-10-31 19:11:15 ----D---- C:\Program Files\Fichiers communs\Services
2008-10-31 19:11:15 ----A---- C:\WINDOWS\system32\acctres.dll
2008-10-31 19:11:13 ----SD---- C:\WINDOWS\Tasks
2008-10-31 19:11:13 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-10-31 19:11:12 ----D---- C:\Program Files\Fichiers communs\MSSoap
2008-10-31 19:11:07 ----D---- C:\Program Files\Windows Media Player
2008-10-31 19:11:07 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-31 19:11:07 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-10-31 19:11:07 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-10-31 19:11:06 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-10-31 19:11:05 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-10-31 19:11:05 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-10-31 19:11:05 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2008-10-31 19:11:05 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-10-31 19:11:05 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-10-31 19:11:04 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-10-31 19:11:04 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-10-31 19:11:03 ----D---- C:\WINDOWS\system32\Restore
2008-10-31 19:11:03 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-10-31 19:11:03 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-10-31 19:11:03 ----A---- C:\WINDOWS\system32\srclient.dll
2008-10-31 19:11:02 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-10-31 19:11:02 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-10-31 19:11:01 ----A---- C:\WINDOWS\system32\inetres.dll
2008-10-31 19:11:01 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-10-31 19:10:58 ----D---- C:\Program Files\Outlook Express
2008-10-31 19:10:58 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-10-31 19:10:58 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-10-31 19:10:57 ----A---- C:\WINDOWS\system32\mstask.dll
2008-10-31 19:10:57 ----A---- C:\WINDOWS\system32\isign32.dll
2008-10-31 19:10:57 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-10-31 19:10:57 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-10-31 19:10:57 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-10-31 19:10:51 ----D---- C:\Program Files\Fichiers communs\System
2008-10-31 19:10:50 ----D---- C:\Program Files\Internet Explorer
2008-10-31 19:10:30 ----D---- C:\Program Files\ComPlus Applications
2008-10-31 19:10:29 ----A---- C:\WINDOWS\vbaddin.ini
2008-10-31 19:10:29 ----A---- C:\WINDOWS\vb.ini
2008-10-31 19:10:27 ----D---- C:\WINDOWS\Registration
2008-10-31 19:10:20 ----D---- C:\Program Files\Notepad++
2008-10-31 19:10:19 ----D---- C:\Program Files\Unlocker
2008-10-31 19:10:18 ----D---- C:\Program Files\WTInstaller
2008-10-31 19:10:14 ----D---- C:\WINDOWS\system32\Macromed
2008-10-31 19:10:14 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-10-31 19:10:13 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-10-31 19:10:13 ----A---- C:\WINDOWS\system32\tskill.exe
2008-10-31 19:10:13 ----A---- C:\WINDOWS\system32\reset.exe
2008-10-31 19:10:13 ----A---- C:\WINDOWS\system32\getuname.dll
2008-10-31 19:10:13 ----A---- C:\WINDOWS\system32\charmap.exe
2008-10-31 19:10:13 ----A---- C:\WINDOWS\system32\calc.exe
2008-10-31 19:10:12 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-10-31 19:10:12 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-10-31 19:10:12 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-10-31 19:10:12 ----A---- C:\WINDOWS\system32\tscon.exe
2008-10-31 19:10:12 ----A---- C:\WINDOWS\system32\shadow.exe
2008-10-31 19:10:12 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-10-31 19:10:12 ----A---- C:\WINDOWS\system32\regini.exe
2008-10-31 19:10:12 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-10-31 19:10:12 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-10-31 19:10:12 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-10-31 19:10:12 ----A---- C:\WINDOWS\system32\msg.exe
2008-10-31 19:10:12 ----A---- C:\WINDOWS\system32\logoff.exe
2008-10-31 19:10:12 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-10-31 19:10:11 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-10-31 19:10:07 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-10-31 19:10:07 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-10-31 19:10:06 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-10-31 19:10:05 ----A---- C:\WINDOWS\system32\tsgqec.dll
2008-10-31 19:10:05 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2008-10-31 19:10:05 ----A---- C:\WINDOWS\system32\aaclient.dll
2008-10-31 19:10:04 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-10-31 19:10:03 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-10-31 19:10:03 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-10-31 19:10:03 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-10-31 19:10:03 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-10-31 19:10:03 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-10-31 19:10:03 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-10-31 19:10:03 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-10-31 19:10:03 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-10-31 19:10:02 ----D---- C:\WINDOWS\system32\MsDtc
2008-10-31 19:10:02 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-10-31 19:10:02 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-10-31 19:10:02 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-10-31 19:10:02 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-10-31 19:10:02 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-10-31 19:10:02 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-10-31 19:10:02 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-10-31 19:10:01 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-10-31 19:10:01 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-10-31 19:10:01 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-10-31 19:10:01 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-10-31 19:10:00 ----D---- C:\WINDOWS\system32\Com
2008-10-31 19:10:00 ----A---- C:\WINDOWS\system32\stclient.dll
2008-10-31 19:10:00 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-10-31 19:10:00 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-10-31 19:10:00 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-10-31 19:10:00 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-10-31 19:10:00 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-10-31 19:10:00 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-10-31 19:10:00 ----A---- C:\WINDOWS\system32\colbact.dll
2008-10-31 19:10:00 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-10-31 19:10:00 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-10-31 19:09:59 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-10-31 19:09:59 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-10-31 19:09:58 ----A---- C:\WINDOWS\system32\comuid.dll
2008-10-31 19:09:58 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-10-31 19:09:58 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-10-31 19:09:57 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-10-31 19:09:51 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-10-31 19:09:50 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-10-31 19:09:50 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-10-31 19:09:50 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-10-31 18:55:27 ----A---- C:\WINDOWS\system32\ChCfg.exe
2008-10-31 18:55:25 ----D---- C:\Documents and Settings\Buddha\Application Data\Macromedia
2008-10-31 18:55:24 ----D---- C:\Documents and Settings\Buddha\Application Data\Adobe
2008-10-31 18:55:04 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-10-31 18:54:59 ----D---- C:\Program Files\Realtek AC97
2008-10-31 18:54:58 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2008-10-31 18:54:58 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2008-10-31 18:54:58 ----A---- C:\WINDOWS\soundman.exe
2008-10-31 18:54:58 ----A---- C:\WINDOWS\alcupd.exe
2008-10-31 18:54:58 ----A---- C:\WINDOWS\Alcrmv.exe
2008-10-31 18:54:57 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-31 18:54:09 ----D---- C:\Program Files\Fichiers communs\InstallShield
2008-10-31 18:23:53 ----A---- C:\WINDOWS\system32\h323log.txt
2008-10-31 18:23:35 ----D---- C:\Program Files\ma-config.com
2008-10-31 18:23:35 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-10-31 18:22:20 ----D---- C:\Documents and Settings\Buddha\Application Data\Mozilla
2008-10-31 18:15:35 ----D---- C:\Program Files\CCleaner
2008-10-31 18:15:31 ----D---- C:\Program Files\Mozilla Firefox
2008-10-31 18:15:26 ----D---- C:\Program Files\WinRAR
2008-10-31 18:15:26 ----D---- C:\Documents and Settings\Buddha\Application Data\WinRAR
2008-10-19 20:37:27 ----A---- C:\WINDOWS\system32\syssetup.dll
2008-10-19 20:37:25 ----A---- C:\WINDOWS\system32\msvcrt10.dll
2008-10-19 20:37:25 ----A---- C:\WINDOWS\system32\msvcr71.dll
2008-10-19 20:37:25 ----A---- C:\WINDOWS\system32\msvcr70.dll
2008-10-19 20:37:25 ----A---- C:\WINDOWS\system32\msvcp71.dll
2008-10-19 20:37:25 ----A---- C:\WINDOWS\system32\msvcp70.dll
2008-10-19 20:37:24 ----A---- C:\WINDOWS\system32\msvci70.dll
2008-10-19 20:37:24 ----A---- C:\WINDOWS\system32\mfc71u.dll
2008-10-19 20:37:24 ----A---- C:\WINDOWS\system32\mfc71KOR.dll
2008-10-19 20:37:24 ----A---- C:\WINDOWS\system32\mfc71JPN.dll
2008-10-19 20:37:24 ----A---- C:\WINDOWS\system32\mfc71ITA.dll
2008-10-19 20:37:24 ----A---- C:\WINDOWS\system32\mfc71FRA.dll
2008-10-19 20:37:24 ----A---- C:\WINDOWS\system32\mfc71ESP.dll
2008-10-19 20:37:24 ----A---- C:\WINDOWS\system32\mfc71ENU.dll
2008-10-19 20:37:23 ----A---- C:\WINDOWS\system32\mfc71DEU.dll
2008-10-19 20:37:23 ----A---- C:\WINDOWS\system32\mfc71CHT.dll
2008-10-19 20:37:23 ----A---- C:\WINDOWS\system32\mfc71CHS.dll
2008-10-19 20:37:23 ----A---- C:\WINDOWS\system32\mfc71.dll
2008-10-19 20:37:23 ----A---- C:\WINDOWS\system32\mfc70u.dll
2008-10-19 20:37:22 ----A---- C:\WINDOWS\system32\mfc70KOR.dll
2008-10-19 20:37:22 ----A---- C:\WINDOWS\system32\mfc70JPN.dll
2008-10-19 20:37:22 ----A---- C:\WINDOWS\system32\mfc70ITA.dll
2008-10-19 20:37:22 ----A---- C:\WINDOWS\system32\mfc70FRA.dll
2008-10-19 20:37:22 ----A---- C:\WINDOWS\system32\mfc70ESP.dll
2008-10-19 20:37:22 ----A---- C:\WINDOWS\system32\mfc70ENU.dll
2008-10-19 20:37:22 ----A---- C:\WINDOWS\system32\mfc70DEU.dll
2008-10-19 20:37:22 ----A---- C:\WINDOWS\system32\mfc70CHT.dll
2008-10-19 20:37:22 ----A---- C:\WINDOWS\system32\mfc70CHS.dll
2008-10-19 20:37:22 ----A---- C:\WINDOWS\system32\mfc70.dll
2008-10-19 20:37:22 ----A---- C:\WINDOWS\system32\atl71.dll
2008-10-19 20:37:21 ----A---- C:\WINDOWS\system32\atl70.dll
2008-10-19 20:37:20 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-19 20:37:20 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-19 20:37:20 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-19 20:37:20 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-19 20:37:20 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-19 20:37:20 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-19 20:37:19 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-19 20:37:18 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-19 20:37:18 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-19 20:37:18 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\zlib1.dll
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\xcacls.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\wc.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\uniq.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\timethis.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\tee.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\tac.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\srvcheck.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\sed.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\putty.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\pmon.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\pathman.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\now.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\nl.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\logtime.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\logname.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\hlscan.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\fmt.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\env.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\dureg.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\dirname.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\creatfil.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\consume.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\comm.exe
2008-10-19 20:37:06 ----A---- C:\WINDOWS\system32\agrep.exe
2008-10-19 20:36:44 ----A---- C:\WINDOWS\system32\wiaaut.dll
2008-10-19 20:36:43 ----A---- C:\WINDOWS\system32\whois.exe
2008-10-19 20:36:43 ----A---- C:\WINDOWS\system32\whoami.exe
2008-10-19 20:36:43 ----A---- C:\WINDOWS\system32\wget.exe
2008-10-19 20:36:43 ----A---- C:\WINDOWS\system32\upx.exe
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\UnRAR.exe
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\unrar.dll
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\uni2ansi.exe
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\TrustParser.exe
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\touch.exe
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\tail.exe
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\StripReloc.exe
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\StripMyRights.exe
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\ssleay32.dll
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\split.exe
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\sleep.exe
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\showacls.exe
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\sha1deep.exe
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\setx.exe
2008-10-19 20:36:42 ----A---- C:\WINDOWS\system32\SelectAll.dll
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\sdiff.exe
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\sdelete.exe
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\rpl.exe
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\robocopy.exe
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\reschange.exe
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\qgrep.exe
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\qfecheck.exe
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\qchain.exe
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\pwd.exe
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\psicon.dll
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\permcopy.exe
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\pendmoves.exe
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\pclip.exe
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\patch.exe
2008-10-19 20:36:40 ----A---- C:\WINDOWS\system32\OGACheckControl.dll
2008-10-19 20:36:39 ----A---- C:\WINDOWS\system32\mvdir.exe
2008-10-19 20:36:39 ----A---- C:\WINDOWS\system32\mv.exe
2008-10-19 20:36:39 ----A---- C:\WINDOWS\system32\movefile.exe
2008-10-19 20:36:39 ----A---- C:\WINDOWS\system32\moricons2.dll
2008-10-19 20:36:39 ----A---- C:\WINDOWS\system32\modifyPE.exe
2008-10-19 20:36:39 ----A---- C:\WINDOWS\system32\mkisofs.exe
2008-10-19 20:36:38 ----A---- C:\WINDOWS\system32\md5deep.exe
2008-10-19 20:36:38 ----A---- C:\WINDOWS\system32\mcast.exe
2008-10-19 20:36:38 ----A---- C:\WINDOWS\system32\ltree.exe
2008-10-19 20:36:38 ----A---- C:\WINDOWS\system32\ls.exe