Se connecter / S'enregistrer
Votre question

Probleme virus.

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Août 2008 04:26:18

Bonsoir,

Voila j'ai un soucis avec mon pc, depuis quelque temps je le trouve lent et de temps en temps une fenêtre s'ouvre pour faire la pub d'un pare feu...

voici le rapport HJT :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:26, on 2008-08-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Portrait Displays\Shared\DTSRVC.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Razer\CopperHead\razerhid.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
C:\Program Files\Razer\CopperHead\razerofa.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\tgjoduva.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\Kaos.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.games-fusion.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\CopperHead\razerhid.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AppCmdInfo] C:\WINDOWS\system32\tgjoduva.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: .security
O4 - Global Startup: .security
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O21 - SSODL: MntSys - {1B6831A1-579E-1795-5C68-049D25DD4209} - C:\Program Files\tvnbpsf\MntSys.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Fichiers communs\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9708 bytes


merci de m'aider :) 

Autres pages sur : probleme virus

26 Août 2008 12:57:44

Bonjour,

Télécharge ComboFix (de sUBs) sur ton Bureau.

  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

    Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

    Aide : Comment utiliser ComboFix.
    26 Août 2008 16:19:42

    merci bien de m'aider,

    ComboFix 08-08-25.01 - Kaos 2008-08-26 16:11:16.5 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.512 [GMT 2:00]
    Endroit: C:\Documents and Settings\Kaos\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\akl
    C:\Program Files\akl\akl.dll
    C:\Program Files\akl\akl.exe
    C:\Program Files\akl\uninstall.exe
    C:\Program Files\akl\unsetup.exe
    C:\Program Files\Inet Delivery
    C:\Program Files\Inet Delivery\inetdl.exe
    C:\Program Files\Inet Delivery\intdel.exe
    C:\WINDOWS\a.bat
    C:\WINDOWS\base64.tmp
    C:\WINDOWS\bdn.com
    C:\WINDOWS\FVProtect.exe
    C:\WINDOWS\iTunesMusic.exe
    C:\WINDOWS\mslagent
    C:\WINDOWS\mslagent\2_mslagent.dll
    C:\WINDOWS\mslagent\mslagent.exe
    C:\WINDOWS\mslagent\uninstall.exe
    C:\WINDOWS\mssecu.exe
    C:\WINDOWS\system32\akttzn.exe
    C:\WINDOWS\system32\anticipator.dll
    C:\WINDOWS\system32\awtoolb.dll
    C:\WINDOWS\system32\bdn.com
    C:\WINDOWS\system32\bsva-egihsg52.exe
    C:\WINDOWS\system32\dpcproxy.exe
    C:\WINDOWS\system32\emesx.dll
    C:\WINDOWS\system32\h@tkeysh@@k.dll
    C:\WINDOWS\system32\hoproxy.dll
    C:\WINDOWS\system32\hxiwlgpm.dat
    C:\WINDOWS\system32\hxiwlgpm.exe
    C:\WINDOWS\system32\medup012.dll
    C:\WINDOWS\system32\medup020.dll
    C:\WINDOWS\system32\msgp.exe
    C:\WINDOWS\system32\msnbho.dll
    C:\WINDOWS\system32\mssecu.exe
    C:\WINDOWS\system32\msvchost.exe
    C:\WINDOWS\system32\mtr2.exe
    C:\WINDOWS\system32\mwin32.exe
    C:\WINDOWS\system32\netode.exe
    C:\WINDOWS\system32\newsd32.exe
    C:\WINDOWS\system32\ps1.exe
    C:\WINDOWS\system32\psof1.exe
    C:\WINDOWS\system32\psoft1.exe
    C:\WINDOWS\system32\regc64.dll
    C:\WINDOWS\system32\regm64.dll
    C:\WINDOWS\system32\Rundl1.exe
    C:\WINDOWS\system32\smp
    C:\WINDOWS\system32\smp\msrc.exe
    C:\WINDOWS\system32\sncntr.exe
    C:\WINDOWS\system32\ssurf022.dll
    C:\WINDOWS\system32\ssvchost.com
    C:\WINDOWS\system32\ssvchost.exe
    C:\WINDOWS\system32\sysreq.exe
    C:\WINDOWS\system32\taack.dat
    C:\WINDOWS\system32\taack.exe
    C:\WINDOWS\system32\temp#01.exe
    C:\WINDOWS\system32\thun.dll
    C:\WINDOWS\system32\thun32.dll
    C:\WINDOWS\system32\VBIEWER.OCX
    C:\WINDOWS\system32\vbsys2.dll
    C:\WINDOWS\system32\vcatchpi.dll
    C:\WINDOWS\system32\winlogonpc.exe
    C:\WINDOWS\system32\winsystem.exe
    C:\WINDOWS\system32\WINWGPX.EXE
    C:\WINDOWS\userconfig9x.dll
    C:\WINDOWS\winsystem.exe
    C:\WINDOWS\zip1.tmp
    C:\WINDOWS\zip2.tmp
    C:\WINDOWS\zip3.tmp
    C:\WINDOWS\zipped.tmp
    D:\install.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-07-26 to 2008-08-26 ))))))))))))))))))))))))))))))))))))
    .

    2008-08-26 04:42 . 2008-08-26 04:42 3,888,054 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
    2008-08-26 04:42 . 2008-08-26 04:42 64,111 --a------ C:\WINDOWS\BricoPackUninst.cmd
    2008-08-26 04:40 . 2008-08-26 04:42 6,112 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
    2008-08-26 04:39 . 2008-08-26 04:39 <REP> d-------- C:\WINDOWS\BricoPacks
    2008-08-25 02:09 . 2008-08-25 02:09 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
    2008-08-25 02:06 . 2008-08-25 02:06 <REP> d-------- C:\Program Files\tvnbpsf
    2008-08-25 02:06 . 2008-08-25 02:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\xwhevqty
    2008-08-25 02:06 . 2008-08-25 02:06 90,112 --a------ C:\WINDOWS\system32\tgjoduva.exe
    2008-08-25 01:08 . 2008-08-25 01:18 <REP> d-------- C:\Program Files\uTorrent
    2008-08-25 01:08 . 2008-08-26 16:06 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\uTorrent
    2008-08-13 22:10 . 2008-08-13 22:16 1,374 --a------ C:\WINDOWS\imsins.BAK
    2008-08-09 23:03 . 2008-08-09 23:03 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\DivX
    2008-08-01 04:08 . 2008-08-01 04:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    2008-08-01 03:09 . 2008-08-01 03:09 <REP> d-------- C:\Program Files\Avira
    2008-08-01 03:09 . 2008-08-01 03:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-08-01 03:00 . 2008-08-01 03:01 <REP> d-------- C:\Program Files\CCleaner
    2008-07-31 22:33 . 2008-07-31 22:33 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-07-31 22:33 . 2008-07-31 22:33 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\Malwarebytes
    2008-07-31 22:33 . 2008-07-31 22:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-07-31 22:33 . 2008-07-30 20:15 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-07-31 22:33 . 2008-07-30 20:15 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-07-31 14:49 . 2008-07-31 14:49 244 --ah----- C:\sqmnoopt01.sqm
    2008-07-31 14:49 . 2008-07-31 14:49 232 --ah----- C:\sqmdata01.sqm
    2008-07-29 23:13 . 2008-07-29 23:13 <REP> d-------- C:\Deckard
    2008-07-29 18:33 . 2008-07-29 18:33 <REP> d-------- C:\Program Files\Lavasoft
    2008-07-29 18:33 . 2008-07-29 18:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-07-29 18:07 . 2008-08-25 02:14 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-07-29 18:06 . 2008-08-25 02:12 <REP> d-------- C:\Program Files\Trojan Remover
    2008-07-29 18:06 . 2008-07-29 18:06 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\Simply Super Software
    2008-07-29 18:06 . 2008-07-29 18:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
    2008-07-29 18:06 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
    2008-07-29 18:06 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
    2008-07-29 18:06 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
    2008-07-29 18:06 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
    2008-07-29 18:06 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
    2008-07-29 16:19 . 2008-08-13 22:01 959 --a------ C:\rollback.ini
    2008-07-29 16:15 . 2008-08-10 12:31 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\MailFrontier
    2008-07-29 13:36 . 2008-07-30 13:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2008-07-29 13:35 . 2008-08-26 16:14 7,490,592 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
    2008-07-29 13:35 . 2008-08-26 12:19 100,700 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
    2008-07-29 13:35 . 2008-07-09 09:05 75,248 --a------ C:\WINDOWS\zllsputility.exe
    2008-07-29 13:35 . 2008-07-09 09:05 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
    2008-07-29 13:35 . 2008-07-09 09:05 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
    2008-07-29 13:35 . 2008-07-09 09:05 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
    2008-07-29 13:35 . 2008-07-09 09:05 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
    2008-07-29 13:35 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
    2008-07-29 13:35 . 2008-08-23 17:55 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
    2008-07-29 13:34 . 2008-07-29 13:34 <REP> d-------- C:\Program Files\Zone Labs
    2008-07-29 13:33 . 2008-08-26 00:40 <REP> d-------- C:\WINDOWS\Internet Logs
    2008-07-29 00:28 . 2008-08-15 00:09 <REP> d---s---- C:\Program Files\HLSW
    2008-07-29 00:28 . 2008-08-13 16:56 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\HLSW
    2008-07-28 00:58 . 2008-07-28 00:58 25,775,585 --a------ C:\WINDOWS\VPTNFILE.435
    2008-07-28 00:58 . 2008-07-28 00:58 25,775,585 --a------ C:\WINDOWS\LPT$VPN.435
    2008-07-28 00:57 . 2008-07-28 00:58 <REP> d-------- C:\WINDOWS\AU_Temp
    2008-07-27 10:39 . 2008-07-27 10:39 0 --a------ C:\VAC2.dll
    2008-07-27 10:37 . 2008-07-27 10:37 12,288 --a------ C:\Dumper.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-08-26 02:42 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
    2008-08-25 22:48 --------- d-----w C:\Program Files\Steam
    2008-08-25 17:50 --------- d-----w C:\Program Files\WowCartographe
    2008-08-24 23:08 --------- d-----w C:\Documents and Settings\Kaos\Application Data\Azureus
    2008-08-24 11:07 --------- d-----w C:\Program Files\TuneUp Utilities 2008
    2008-08-18 21:50 --------- d-----w C:\Documents and Settings\Kaos\Application Data\LimeWire
    2008-08-15 17:48 2,827,264 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp
    2008-08-14 00:03 2,054,144 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp
    2008-08-13 23:21 --------- d-----w C:\Program Files\World of Warcraft
    2008-08-13 20:03 760,320 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp
    2008-08-13 19:37 283,648 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp
    2008-08-13 19:37 1,945,088 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp
    2008-08-13 19:21 812,032 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp
    2008-08-13 19:21 1,944,064 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp
    2008-08-13 18:52 3,108,864 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp
    2008-08-13 11:48 2,740,736 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
    2008-08-13 11:48 1,946,624 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
    2008-08-13 01:15 --------- d-----w C:\Program Files\Tortun
    2008-08-11 07:17 2,278,400 ----a-w C:\WINDOWS\Internet Logs\xDB2C0.tmp
    2008-08-10 18:19 2,788,352 ----a-w C:\WINDOWS\Internet Logs\xDB218.tmp
    2008-08-06 15:06 1,057,476 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
    2008-08-06 00:16 --------- d-----w C:\Program Files\DivX
    2008-08-05 15:19 1,320,448 ----a-w C:\WINDOWS\Internet Logs\xDB45.tmp
    2008-08-05 07:47 3,141,632 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
    2008-08-03 20:06 3,420,160 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
    2008-08-01 22:09 1,759,744 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
    2008-08-01 01:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-08-01 01:01 --------- d-----w C:\Program Files\Yahoo!
    2008-07-31 17:36 3,137,536 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
    2008-07-31 17:36 1,715,712 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
    2008-07-29 16:32 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-07-27 22:58 91,744 ----a-w C:\WINDOWS\BPMNT.dll
    2008-07-27 22:58 71,749 ----a-w C:\WINDOWS\hcextoutput.dll
    2008-07-27 22:58 333,576 ----a-w C:\WINDOWS\tsc.exe
    2008-07-27 22:58 1,213,784 ----a-w C:\WINDOWS\vsapi32.dll
    2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
    2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
    2008-07-18 14:07 --------- d-----w C:\Documents and Settings\Kaos\Application Data\Mumble
    2008-07-13 19:24 --------- d-----w C:\Program Files\Mumble
    2008-07-09 07:05 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
    2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
    2008-07-07 00:27 --------- d-----w C:\Program Files\LimeWire
    2008-07-02 23:10 --------- d-----w C:\Program Files\Azureus
    2008-07-02 15:19 355,584 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
    2008-07-01 08:34 --------- d-----w C:\Documents and Settings\Kaos\Application Data\teamspeak2
    2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
    2008-06-23 16:28 817,152 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
    2008-05-29 07:28 28,416 ----a-w C:\WINDOWS\system32\uxtuneup.dll
    2008-03-28 22:18 51,944 ----a-w C:\Documents and Settings\Kaos\Application Data\GDIPFONTCACHEV1.DAT
    .

    ------- Sigcheck -------

    2005-01-27 19:12 662016 66a10b98f18fd804236ab2d90301de04 C:\WINDOWS\$hf_mig$\KB867282\SP2QFE\wininet.dll
    2005-05-02 22:58 663040 0996b57cc2abcb271872296e98a18db2 C:\WINDOWS\$hf_mig$\KB883939\SP2QFE\wininet.dll
    2005-03-10 09:48 662016 06ad0b0f43286cd50af283762eb56763 C:\WINDOWS\$hf_mig$\KB890923\SP2QFE\wininet.dll
    2005-07-03 04:10 663552 39846b1ac2b99349272ee6e075c3b8af C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\wininet.dll
    2005-10-21 05:39 665600 d327378ceef9a141c7352691fc30a0da C:\WINDOWS\$hf_mig$\KB905915\SP2QFE\wininet.dll
    2007-10-11 01:22 825344 871ae10d6ae8877e9636ae5017953d52 C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
    2007-12-07 03:42 825344 f4fd487241d3ac291046a22cebd2cf71 C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
    2008-03-01 14:34 827392 5a0093f59b505c008ed0cee615563c72 C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
    2008-04-23 09:19 827392 78d3d2b0be6ad3e6d82ccb115cf74310 C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
    2008-06-23 17:40 827904 52589bae67dd9859724287372668690b C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
    2004-08-10 22:00 660480 58fe94ef42e074f4cad8bf02e70e6478 C:\WINDOWS\$NtUninstallKB867282$\wininet.dll
    2005-03-10 10:04 660992 ba7cda9917332a6e1faa1b46bc3ab5fd C:\WINDOWS\$NtUninstallKB883939$\wininet.dll
    2005-01-27 19:14 660992 b16b02f3c804f057dab099cc15ed0206 C:\WINDOWS\$NtUninstallKB890923$\wininet.dll
    2005-05-02 22:57 662016 ffe3e6fb8d52955a2de4c6cc765b02bc C:\WINDOWS\$NtUninstallKB896727$\wininet.dll
    2005-07-03 04:16 662528 e994e704303f07f331b03ee9ed6d9e2d C:\WINDOWS\$NtUninstallKB905915$\wininet.dll
    2006-01-09 20:02 666112 5404e2ead19d7e2a5c4086015062343c C:\WINDOWS\$NtUninstallKB912812$\wininet.dll
    2005-10-21 05:41 662528 e41e8fdf62cf20f2e2b16d800d96eb51 C:\WINDOWS\$NtUninstallKB912945$\wininet.dll
    2006-03-04 06:00 667648 241dbc4c2714b2f39afded49459ed420 C:\WINDOWS\$NtUninstallKB939653$\wininet.dll
    2007-08-22 14:57 669696 4f6a45b54d26708e2c2bf2c43d83edea C:\WINDOWS\$NtUninstallKB942615$\wininet.dll
    2007-10-11 07:59 670208 0465cde31add22f6233ffb4fe4af01cf C:\WINDOWS\ie7\wininet.dll
    2007-08-13 19:54 818688 a4a0fc92358f39538a6494c42ef99fe9 C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
    2007-10-11 01:49 824832 bc5119c53bdd48dabc628d448a3bdccb C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
    2007-12-07 04:08 824832 4fc90bece54fac81b0090b94e27bfb6b C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
    2008-03-01 14:58 826368 8e027981ddffa690d456fe18b37415a0 C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
    2008-04-23 06:16 826368 02d6aabd5f5a32c61478b5cdfe50e4a8 C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
    2008-06-23 18:28 817152 5f8a137bed66cb1150f139e4e6a6355c C:\WINDOWS\system32\wininet.dll
    2008-06-23 18:28 817152 5f8a137bed66cb1150f139e4e6a6355c C:\WINDOWS\system32\dllcache\wininet.dll

    2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
    2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
    2004-08-10 22:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
    2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe

    2007-07-30 20:19 68440 84d9a61860272d6177d46c86b8431557 C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 20:19 68440 84d9a61860272d6177d46c86b8431557 C:\WINDOWS\system32\dllcache\wuauclt.exe
    .
    ((((((((((((((((((((((((((((( snapshot@2008-07-29_23.58.28.59 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2004-08-10 20:00:00 352,256 ----a-w C:\WINDOWS\BricoPacks\SysFiles\10_cmdial32.dll
    + 2004-08-10 20:00:00 67,072 ----a-w C:\WINDOWS\BricoPacks\SysFiles\11_console.dll
    + 2004-08-10 20:00:00 165,888 ----a-w C:\WINDOWS\BricoPacks\SysFiles\12_credui.dll
    + 2007-06-13 13:22:28 1,037,312 ----a-w C:\WINDOWS\BricoPacks\SysFiles\14_explorer.exe
    + 2004-08-10 20:00:00 386,560 ----a-w C:\WINDOWS\BricoPacks\SysFiles\15_fontext.dll
    + 2004-08-10 20:00:00 768,512 ----a-w C:\WINDOWS\BricoPacks\SysFiles\17_helpctr.exe
    + 2004-08-10 20:00:00 146,944 ----a-w C:\WINDOWS\BricoPacks\SysFiles\18_hotplug.dll
    + 2004-08-10 20:00:00 98,304 ----a-w C:\WINDOWS\BricoPacks\SysFiles\2_ahui.exe
    + 2004-08-10 20:00:00 121,856 ----a-w C:\WINDOWS\BricoPacks\SysFiles\20_inetcplc.dll
    + 2004-08-10 20:00:00 157,184 ----a-w C:\WINDOWS\BricoPacks\SysFiles\23_keymgr.dll
    + 2004-08-10 20:00:00 221,696 ----a-w C:\WINDOWS\BricoPacks\SysFiles\24_logon.scr
    + 2004-08-10 20:00:00 246,784 ----a-w C:\WINDOWS\BricoPacks\SysFiles\26_migwiz.exe
    + 2004-08-10 20:00:00 216,064 ----a-w C:\WINDOWS\BricoPacks\SysFiles\28_moricons.dll
    + 2004-08-10 20:00:00 1,004,032 ----a-w C:\WINDOWS\BricoPacks\SysFiles\29_msgina.dll
    + 2008-06-24 08:28:24 3,592,192 ----a-w C:\WINDOWS\BricoPacks\SysFiles\30_mshtml.dll
    + 2004-08-10 20:00:00 347,648 ----a-w C:\WINDOWS\BricoPacks\SysFiles\31_mspaint.exe
    + 2004-08-10 20:00:00 281,600 ----a-w C:\WINDOWS\BricoPacks\SysFiles\32_mstask.dll
    + 2004-08-10 20:00:00 655,360 ----a-w C:\WINDOWS\BricoPacks\SysFiles\33_mstscax.dll
    + 2004-08-10 20:00:00 91,648 ----a-w C:\WINDOWS\BricoPacks\SysFiles\34_mydocs.dll
    + 2004-08-10 20:00:00 55,296 ----a-w C:\WINDOWS\BricoPacks\SysFiles\35_narrator.exe
    + 2004-08-10 20:00:00 144,896 ----a-w C:\WINDOWS\BricoPacks\SysFiles\37_netid.dll
    + 2005-06-21 22:01:34 1,721,344 ----a-w C:\WINDOWS\BricoPacks\SysFiles\38_netshell.dll
    + 2004-08-10 20:00:00 251,392 ----a-w C:\WINDOWS\BricoPacks\SysFiles\39_newdev.dll
    + 2004-08-10 20:00:00 28,672 ----a-w C:\WINDOWS\BricoPacks\SysFiles\4_batmeter.dll
    + 2004-08-10 20:00:00 70,656 ----a-w C:\WINDOWS\BricoPacks\SysFiles\40_notepad.exe
    + 2004-08-10 20:00:00 70,656 ----a-w C:\WINDOWS\BricoPacks\SysFiles\41_notepad.exe
    + 2004-08-10 20:00:00 145,920 ----a-w C:\WINDOWS\BricoPacks\SysFiles\42_ntshrui.dll
    + 2008-06-23 16:28:22 102,912 ----a-w C:\WINDOWS\BricoPacks\SysFiles\44_occache.dll
    + 2004-08-10 20:00:00 578,560 ----a-w C:\WINDOWS\BricoPacks\SysFiles\46_printui.dll
    + 2004-08-10 20:00:00 685,056 ----a-w C:\WINDOWS\BricoPacks\SysFiles\47_rasdlg.dll
    + 2004-08-10 20:00:00 153,088 ----a-w C:\WINDOWS\BricoPacks\SysFiles\48_regedit.exe
    + 2004-08-10 20:00:00 572,416 ----a-w C:\WINDOWS\BricoPacks\SysFiles\49_shdoclc.dll
    + 2007-10-11 05:59:18 1,024,512 ----a-w C:\WINDOWS\BricoPacks\SysFiles\5_browseui.dll
    + 2007-10-11 05:59:28 1,498,624 ----a-w C:\WINDOWS\BricoPacks\SysFiles\50_shdocvw.dll
    + 2007-10-25 16:43:25 8,516,608 ----a-w C:\WINDOWS\BricoPacks\SysFiles\51_shell32.dll
    + 2004-08-10 20:00:00 440,320 ----a-w C:\WINDOWS\BricoPacks\SysFiles\52_shimgvw.dll
    + 2007-10-11 05:59:28 474,624 ----a-w C:\WINDOWS\BricoPacks\SysFiles\53_shlwapi.dll
    + 2004-08-10 20:00:00 133,120 ----a-w C:\WINDOWS\BricoPacks\SysFiles\54_sndrec32.exe
    + 2004-08-10 20:00:00 139,264 ----a-w C:\WINDOWS\BricoPacks\SysFiles\55_sndvol32.exe
    + 2004-08-10 20:00:00 122,368 ----a-w C:\WINDOWS\BricoPacks\SysFiles\56_stobject.dll
    + 2004-08-10 20:00:00 107,520 ----a-w C:\WINDOWS\BricoPacks\SysFiles\58_sysocmgr.exe
    + 2004-08-10 20:00:00 1,005,056 ----a-w C:\WINDOWS\BricoPacks\SysFiles\59_syssetup.dll
    + 2004-08-10 20:00:00 85,504 ----a-w C:\WINDOWS\BricoPacks\SysFiles\6_cabview.dll
    + 2004-08-10 20:00:00 143,360 ----a-w C:\WINDOWS\BricoPacks\SysFiles\60_taskmgr.exe
    + 2004-08-10 20:00:00 391,168 ----a-w C:\WINDOWS\BricoPacks\SysFiles\62_themeui.dll
    + 2008-06-23 16:28:22 105,984 ----a-w C:\WINDOWS\BricoPacks\SysFiles\64_url.dll
    + 2008-06-23 16:28:23 1,159,680 ----a-w C:\WINDOWS\BricoPacks\SysFiles\65_urlmon.dll
    + 2008-06-23 16:28:23 233,472 ----a-w C:\WINDOWS\BricoPacks\SysFiles\66_webcheck.dll
    + 2004-08-10 20:00:00 438,784 ----a-w C:\WINDOWS\BricoPacks\SysFiles\67_wiaacmgr.exe
    + 2004-08-10 20:00:00 594,432 ----a-w C:\WINDOWS\BricoPacks\SysFiles\68_wiashext.dll
    + 2008-06-23 16:28:23 826,368 ----a-w C:\WINDOWS\BricoPacks\SysFiles\69_wininet.dll
    + 2004-08-10 20:00:00 115,200 ----a-w C:\WINDOWS\BricoPacks\SysFiles\7_calc.exe
    + 2004-08-10 20:00:00 773,632 ----a-w C:\WINDOWS\BricoPacks\SysFiles\70_WINNTBBU.DLL
    + 2007-03-17 13:44:47 293,376 ----a-w C:\WINDOWS\BricoPacks\SysFiles\71_winsrv.dll
    + 2007-07-30 18:19:16 53,080 ----a-w C:\WINDOWS\BricoPacks\SysFiles\73_wuauclt.exe
    + 2004-08-10 20:00:00 168,960 ----a-w C:\WINDOWS\BricoPacks\SysFiles\74_wuauclt1.exe
    + 2004-08-10 20:00:00 2,986,496 ----a-w C:\WINDOWS\BricoPacks\SysFiles\76_xpsp2res.dll
    + 2004-08-10 20:00:00 340,480 ----a-w C:\WINDOWS\BricoPacks\SysFiles\77_zipfldr.dll
    + 2004-08-10 20:00:00 515,584 ----a-w C:\WINDOWS\BricoPacks\SysFiles\78_logonui.exe
    + 2004-08-10 20:00:00 65,536 ----a-w C:\WINDOWS\BricoPacks\SysFiles\8_cleanmgr.exe
    + 2004-08-10 20:00:00 60,416 ----a-w C:\WINDOWS\BricoPacks\SysFiles\80_msimn.exe
    + 2004-08-10 20:00:00 2,534,400 ----a-w C:\WINDOWS\BricoPacks\SysFiles\81_msoeres.dll
    + 2004-08-10 20:00:00 3,555,328 ----a-w C:\WINDOWS\BricoPacks\SysFiles\82_moviemk.exe
    + 2004-08-10 20:00:00 400,896 ----a-w C:\WINDOWS\BricoPacks\SysFiles\9_cmd.exe
    + 2004-08-10 20:00:00 219,648 ----a-w C:\WINDOWS\BricoPacks\SysFiles\Ux_uxtheme.dll
    + 2001-10-18 21:51:00 46,592 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll
    + 2005-06-09 22:08:00 283,294 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\iColorFolder.dll
    + 2006-03-09 14:33:18 405,504 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\iColorFolder.exe
    + 2005-06-09 22:08:00 283,294 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\skins\Vista Inspirat\iColorFolder.dll
    + 2008-08-26 02:41:23 33,617 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\uninstall.exe
    + 2007-04-22 08:18:34 98,304 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe
    + 2004-08-10 20:00:00 457,728 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\10_cmdial32.dll
    + 2004-08-10 20:00:00 70,144 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\11_console.dll
    + 2004-08-10 20:00:00 190,976 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\12_credui.dll
    + 2007-06-13 13:22:28 979,456 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\14_explorer.exe
    + 2004-08-10 20:00:00 396,288 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\15_fontext.dll
    + 2004-08-10 20:00:00 764,928 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\17_helpctr.exe
    + 2004-08-10 20:00:00 161,792 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\18_hotplug.dll
    + 2004-08-10 20:00:00 101,376 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\2_ahui.exe
    + 2004-08-10 20:00:00 292,352 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\20_inetcplc.dll
    + 2004-08-10 20:00:00 409,600 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\23_keymgr.dll
    + 2004-08-10 20:00:00 3,128,320 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\24_logon.scr
    + 2004-08-10 20:00:00 544,768 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\26_migwiz.exe
    + 2004-08-10 20:00:00 380,416 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\28_moricons.dll
    + 2004-08-10 20:00:00 1,111,552 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\29_msgina.dll
    + 2008-06-24 08:28:24 3,865,088 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\30_mshtml.dll
    + 2004-08-10 20:00:00 444,928 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\31_mspaint.exe
    + 2004-08-10 20:00:00 328,192 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\32_mstask.dll
    + 2004-08-10 20:00:00 657,408 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\33_mstscax.dll
    + 2004-08-10 20:00:00 86,528 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\34_mydocs.dll
    + 2004-08-10 20:00:00 56,832 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\35_narrator.exe
    + 2004-08-10 20:00:00 153,088 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\37_netid.dll
    + 2005-06-21 22:01:34 2,137,088 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\38_netshell.dll
    + 2004-08-10 20:00:00 416,256 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\39_newdev.dll
    + 2004-08-10 20:00:00 28,672 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\4_batmeter.dll
    + 2004-08-10 20:00:00 156,672 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\40_notepad.exe
    + 2004-08-10 20:00:00 156,672 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\41_notepad.exe
    + 2004-08-10 20:00:00 233,984 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\42_ntshrui.dll
    + 2008-06-23 16:28:22 164,352 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\44_occache.dll
    + 2004-08-10 20:00:00 758,784 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\46_printui.dll
    + 2004-08-10 20:00:00 1,256,960 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\47_rasdlg.dll
    + 2004-08-10 20:00:00 230,912 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\48_regedit.exe
    + 2004-08-10 20:00:00 689,664 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\49_shdoclc.dll
    + 2007-10-11 05:59:18 1,022,464 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\5_browseui.dll
    + 2007-10-11 05:59:28 1,777,664 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\50_shdocvw.dll
    + 2007-10-25 16:43:25 12,930,560 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\51_shell32.dll
    + 2004-08-10 20:00:00 1,790,464 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\52_shimgvw.dll
    + 2007-10-11 05:59:28 499,200 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\53_shlwapi.dll
    + 2004-08-10 20:00:00 182,272 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\54_sndrec32.exe
    + 2004-08-10 20:00:00 152,576 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\55_sndvol32.exe
    + 2004-08-10 20:00:00 147,968 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\56_stobject.dll
    + 2004-08-10 20:00:00 183,296 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\58_sysocmgr.exe
    + 2004-08-10 20:00:00 1,261,568 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\59_syssetup.dll
    + 2004-08-10 20:00:00 83,456 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\6_cabview.dll
    + 2004-08-10 20:00:00 189,440 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\60_taskmgr.exe
    + 2004-08-10 20:00:00 393,728 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\62_themeui.dll
    + 2008-06-23 16:28:22 62,464 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\64_url.dll
    + 2008-06-23 16:28:23 1,233,408 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\65_urlmon.dll
    + 2008-06-23 16:28:23 394,240 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\66_webcheck.dll
    + 2004-08-10 20:00:00 890,880 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\67_wiaacmgr.exe
    + 2004-08-10 20:00:00 774,656 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\68_wiashext.dll
    + 2008-06-23 16:28:23 817,152 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\69_wininet.dll
    + 2004-08-10 20:00:00 118,272 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\7_calc.exe
    + 2004-08-10 20:00:00 773,120 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\70_WINNTBBU.DLL
    + 2007-03-17 13:44:47 294,400 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\71_winsrv.dll
    + 2007-07-30 18:19:16 68,440 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\73_wuauclt.exe
    + 2004-08-10 20:00:00 288,768 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\74_wuauclt1.exe
    + 2004-08-10 20:00:00 3,378,176 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\76_xpsp2res.dll
    + 2004-08-10 20:00:00 907,776 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\77_zipfldr.dll
    + 2004-08-10 20:00:00 5,650,944 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\78_logonui.exe
    + 2004-08-10 20:00:00 110,080 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\8_cleanmgr.exe
    + 2004-08-10 20:00:00 223,744 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\80_msimn.exe
    + 2004-08-10 20:00:00 2,534,400 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\81_msoeres.dll
    + 2004-08-10 20:00:00 3,676,160 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\82_moviemk.exe
    + 2004-08-10 20:00:00 428,032 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\9_cmd.exe
    + 2008-08-26 02:42:56 219,648 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\Ux_uxtheme.dll
    + 2007-04-22 10:31:50 147,456 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\Panel.exe
    + 2008-08-26 02:42:56 153,834 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
    + 2007-05-28 15:06:40 15,191 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\77_logonui.exe\UIFILE_1000.bin
    + 2006-05-21 07:49:32 881,664 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResHacker\ResHacker.exe
    + 2007-03-04 07:48:16 106,496 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Docklets\RocketClock\RocketClock.dll
    + 2007-01-01 15:23:54 1,645,320 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\gdiplus.dll
    + 2007-03-18 22:04:22 69,632 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
    + 2007-03-18 22:05:02 630,784 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    + 2007-03-18 22:04:18 69,632 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Tools\Debug.exe
    + 2007-01-01 15:24:48 6,144 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Tools\LanguageID Finder.exe
    + 2006-05-21 07:49:38 11,776 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\Tools\dialog.exe
    + 2006-05-21 07:49:38 32,610 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\Tools\refresh.exe
    + 2005-06-01 19:41:18 65,536 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    + 2006-05-21 07:43:06 1,645,320 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\gdiplus.dll
    + 2006-05-21 07:43:06 6,144 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Languages\LanguageID Finder.exe
    + 2006-05-21 07:43:06 53,248 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Plugins\iBounce\fx.dll
    + 2006-05-21 07:43:06 57,344 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Plugins\iZoom\fx.dll
    + 2006-05-21 07:43:08 180,224 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    + 2006-05-21 07:43:08 65,536 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
    + 2006-05-21 07:43:08 35,328 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Uninst.exe
    + 2007-05-28 15:06:48 155,417 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\Update.exe
    + 2006-05-21 07:43:14 53,248 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
    + 2006-05-21 07:43:14 155,648 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    + 2008-04-23 04:16:39 124,928 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\advpack.dll
    + 2008-04-23 04:16:39 347,136 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtmsft.dll
    + 2008-04-23 04:16:39 214,528 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtrans.dll
    + 2008-04-23 04:16:39 133,120 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\extmgr.dll
    + 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\icardie.dll
    + 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe
    + 2008-04-23 04:16:39 153,088 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakeng.dll
    + 2008-04-23 04:16:39 230,400 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieaksie.dll
    + 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakui.dll
    + 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieapfltr.dll
    + 2008-04-23 04:16:39 384,512 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iedkcs32.dll
    + 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll
    + 2008-04-23 04:16:39 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iernonce.dll
    + 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll
    + 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe
    + 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
    + 2008-04-23 04:16:40 27,648 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\jsproxy.dll
    + 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeeds.dll
    + 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeedsbs.dll
    + 2008-04-23 20:16:42 3,591,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtml.dll
    + 2008-04-23 04:16:40 478,208 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtmled.dll
    + 2008-04-23 04:16:40 193,024 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msrating.dll
    + 2008-04-23 04:16:40 671,232 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mstime.dll
    + 2008-04-23 04:16:40 102,912 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\occache.dll
    + 2008-04-23 04:16:40 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\pngfilt.dll
    + 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe
    + 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\updspapi.dll
    + 2008-04-23 04:16:40 105,984 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\url.dll
    + 2008-04-23 04:16:40 1,159,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\urlmon.dll
    + 2008-04-23 04:16:40 233,472 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\webcheck.dll
    - 2008-05-15 01:02:22 2,560 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\cagicon.exe
    + 2008-08-13 20:15:41 2,560 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\cagicon.exe
    - 2008-05-15 01:02:22 34,304 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\misc.exe
    + 2008-08-13 20:15:41 34,304 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\misc.exe
    - 2008-05-15 01:02:22 8,192 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe
    + 2008-08-13 20:15:41 8,192 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe
    - 2008-05-15 01:02:22 3,584 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe
    + 2008-08-13 20:15:41 3,584 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe
    - 2008-05-15 01:02:22 114,688 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
    + 2008-08-13 20:15:41 114,688 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
    - 2008-05-15 01:02:22 16,384 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe
    + 2008-08-13 20:15:41 16,384 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe
    - 2008-05-15 01:02:22 30,720 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
    + 2008-08-13 20:15:41 30,720 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
    - 2008-05-15 01:02:22 22,528 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe
    + 2008-08-13 20:15:41 22,528 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe
    - 2008-05-15 01:02:22 45,056 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
    + 2008-08-13 20:15:41 45,056 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
    - 2008-05-15 01:02:22 90,112 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
    + 2008-08-13 20:15:41 90,112 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
    - 2004-08-10 20:00:00 70,656 ----a-w C:\WINDOWS\NOTEPAD.EXE
    + 2004-08-10 20:00:00 156,672 ----a-w C:\WINDOWS\notepad.exe
    - 2004-08-10 20:00:00 768,512 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe
    + 2004-08-10 20:00:00 764,928 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
    - 2004-08-10 20:00:00 153,088 ----a-w C:\WINDOWS\regedit.exe
    + 2004-08-10 20:00:00 230,912 ----a-w C:\WINDOWS\regedit.exe
    + 2007-04-20 17:16:00 1,117,184 ----a-w C:\WINDOWS\Resources\Themes\Inspirat2\Shell\AeroBlack\Shellstyle.dll
    + 2007-04-20 17:16:00 1,117,184 ----a-w C:\WINDOWS\Resources\Themes\Inspirat2\Shell\AeroBlue\Shellstyle.dll
    + 2007-04-21 09:07:00 894,464 ----a-w C:\WINDOWS\Resources\Themes\Inspirat2\Shell\ClassicXP\Shellstyle.dll
    + 2007-04-20 17:16:00 1,117,184 ----a-w C:\WINDOWS\Resources\Themes\Inspirat2\Shell\NormalColor\Shellstyle.dll
    + 2005-08-20 09:30:00 2,085,888 ----a-w C:\WINDOWS\Resources\Themes\Vista\Shell\NormalColor\shellstyle.dll
    + 2005-08-20 11:48:00 1,201,664 ----a-w C:\WINDOWS\Resources\Themes\Vista\Shell\VISTA12\shellstyle.dll
    + 2005-08-20 09:30:00 2,085,888 ----a-w C:\WINDOWS\Resources\Themes\Vista\Shell\VISTA2\shellstyle.dll
    + 2005-08-20 11:48:00 1,201,664 ----a-w C:\WINDOWS\Resources\Themes\Vista\Shell\VISTA22\shellstyle.dll
    - 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
    + 2008-06-23 16:28:17 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
    - 2004-08-10 20:00:00 98,304 ----a-w C:\WINDOWS\system32\ahui.exe
    + 2004-08-10 20:00:00 101,376 ----a-w C:\WINDOWS\system32\ahui.exe
    - 2007-10-11 05:59:18 1,024,512 ----a-w C:\WINDOWS\system32\browseui.dll
    + 2007-10-11 05:59:18 1,022,464 ----a-w C:\WINDOWS\system32\browseui.dll
    - 2004-08-10 20:00:00 85,504 ----a-w C:\WINDOWS\system32\cabview.dll
    + 2004-08-10 20:00:00 83,456 ----a-w C:\WINDOWS\system32\cabview.dll
    - 2004-08-10 20:00:00 115,200 ----a-w C:\WINDOWS\system32\calc.exe
    + 2004-08-10 20:00:00 118,272 ----a-w C:\WINDOWS\system32\calc.exe
    - 2004-08-10 20:00:00 65,536 ----a-w C:\WINDOWS\system32\cleanmgr.exe
    + 2004-08-10 20:00:00 110,080 ----a-w C:\WINDOWS\system32\cleanmgr.exe
    - 2004-08-10 20:00:00 400,896 ----a-w C:\WINDOWS\system32\cmd.exe
    + 2004-08-10 20:00:00 428,032 ----a-w C:\WINDOWS\system32\cmd.exe
    - 2004-08-10 20:00:00 352,256 ----a-w C:\WINDOWS\system32\cmdial32.dll
    + 2004-08-10 20:00:00 457,728 ----a-w C:\WINDOWS\system32\cmdial32.dll
    - 2004-08-10 20:00:00 67,072 ----a-w C:\WINDOWS\system32\console.dll
    + 2004-08-10 20:00:00 70,144 ----a-w C:\WINDOWS\system32\console.dll
    - 2004-08-10 20:00:00 165,888 ----a-w C:\WINDOWS\system32\credui.dll
    + 2004-08-10 20:00:00 190,976 ----a-w C:\WINDOWS\system32\credui.dll
    + 2008-07-25 08:34:36 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
    + 2008-07-25 08:34:42 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
    + 2008-07-25 08:34:40 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
    + 2008-07-25 08:34:40 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
    + 2008-07-25 08:34:40 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
    + 2008-07-25 08:34:30 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    - 2008-04-23 04:16:39 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
    + 2008-06-23 16:28:17 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
    - 2004-08-10 20:00:00 98,304 -c--a-w C:\WINDOWS\system32\dllcache\ahui.exe
    + 2004-08-10 20:00:00 101,376 -c--a-w C:\WINDOWS\system32\dllcache\ahui.exe
    - 2007-10-11 05:59:18 1,024,512 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
    + 2007-10-11 05:59:18 1,022,464 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
    - 2004-08-10 20:00:00 85,504 -c--a-w C:\WINDOWS\system32\dllcache\cabview.dll
    + 2004-08-10 20:00:00 83,456 -c--a-w C:\WINDOWS\system32\dllcache\cabview.dll
    - 2004-08-10 20:00:00 115,200 -c--a-w C:\WINDOWS\system32\dllcache\calc.exe
    + 2004-08-10 20:00:00 118,272 -c--a-w C:\WINDOWS\system32\dllcache\calc.exe
    - 2004-08-10 20:00:00 65,536 -c--a-w C:\WINDOWS\system32\dllcache\cleanmgr.exe
    + 2004-08-10 20:00:00 110,080 -c--a-w C:\WINDOWS\system32\dllcache\cleanmgr.exe
    - 2004-08-10 20:00:00 400,896 -c--a-w C:\WINDOWS\system32\dllcache\cmd.exe
    + 2004-08-10 20:00:00 428,032 -c--a-w C:\WINDOWS\system32\dllcache\cmd.exe
    - 2004-08-10 20:00:00 352,256 -c--a-w C:\WINDOWS\system32\dllcache\cmdial32.dll
    + 2004-08-10 20:00:00 457,728 -c--a-w C:\WINDOWS\system32\dllcache\cmdial32.dll
    - 2004-08-10 20:00:00 67,072 -c--a-w C:\WINDOWS\system32\dllcache\console.dll
    + 2004-08-10 20:00:00 70,144 -c--a-w C:\WINDOWS\system32\dllcache\console.dll
    - 2004-08-10 20:00:00 165,888 -c--a-w C:\WINDOWS\system32\dllcache\credui.dll
    + 2004-08-10 20:00:00 190,976 -c--a-w C:\WINDOWS\system32\dllcache\credui.dll
    - 2008-04-23 04:16:39 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    + 2008-06-23 16:28:17 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    - 2008-04-23 04:16:39 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
    + 2008-06-23 16:28:17 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
    - 2005-07-26 04:39:58 243,200 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
    + 2008-07-07 20:31:48 253,952 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
    - 2008-04-23 04:16:39 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
    + 2008-06-23 16:28:17 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
    - 2004-08-10 20:00:00 386,560 -c--a-w C:\WINDOWS\system32\dllcache\fontext.dll
    + 2004-08-10 20:00:00 396,288 -c--a-w C:\WINDOWS\system32\dllcache\fontext.dll
    - 2004-08-10 20:00:00 768,512 -c--a-w C:\WINDOWS\system32\dllcache\helpctr.exe
    + 2004-08-10 20:00:00 764,928 -c--a-w C:\WINDOWS\system32\dllcache\helpctr.exe
    - 2004-08-10 20:00:00 146,944 -c--a-w C:\WINDOWS\system32\dllcache\hotplug.dll
    + 2004-08-10 20:00:00 161,792 -c--a-w C:\WINDOWS\system32\dllcache\hotplug.dll
    - 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
    + 2008-06-23 16:28:17 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
    - 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    + 2008-06-23 09:21:30 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    - 2008-04-23 04:16:39 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
    + 2008-06-23 16:28:18 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
    - 2008-04-23 04:16:39 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
    + 2008-06-23 16:28:18 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
    - 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
    + 2008-06-21 05:23:54 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
    - 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    + 2008-06-23 16:28:18 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    - 2008-04-23 04:16:39 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    + 2008-06-23 16:28:18 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    - 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
    + 2008-06-23 16:28:19 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
    - 2008-04-23 04:16:39 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
    + 2008-06-23 16:28:19 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
    - 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
    + 2008-06-23 16:28:20 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
    - 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
    + 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
    - 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
    + 2008-06-23 09:21:49 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
    - 2007-08-21 06:17:23 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
    + 2008-04-11 18:51:06 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
    - 2004-08-10 20:00:00 121,856 -c--a-w C:\WINDOWS\system32\dllcache\inetcplc.dll
    + 2004-08-10 20:00:00 292,352 -c--a-w C:\WINDOWS\system32\dllcache\inetcplc.dll
    - 2008-04-23 04:16:40 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
    + 2008-06-23 16:28:20 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
    - 2004-08-10 20:00:00 157,184 -c--a-w C:\WINDOWS\system32\dllcache\keymgr.dll
    + 2004-08-10 20:00:00 409,600 -c--a-w C:\WINDOWS\system32\dllcache\keymgr.dll
    - 2004-08-10 20:00:00 221,696 -c--a-w C:\WINDOWS\system32\dllcache\logon.scr
    + 2004-08-10 20:00:00 3,128,320 -c--a-w C:\WINDOWS\system32\dllcache\logon.scr
    - 2004-08-10 20:00:00 515,584 -c--a-w C:\WINDOWS\system32\dllcache\logonui.exe
    + 2004-08-10 20:00:00 5,650,944 -c--a-w C:\WINDOWS\system32\dllcache\logonui.exe
    - 2004-08-10 20:00:00 246,784 -c--a-w C:\WINDOWS\system32\dllcache\migwiz.exe
    + 2004-08-10 20:00:00 544,768 -c--a-w C:\WINDOWS\system32\dllcache\migwiz.exe
    - 2004-08-10 20:00:00 216,064 -c--a-w C:\WINDOWS\system32\dllcache\moricons.dll
    + 2004-08-10 20:00:00 380,416 -c--a-w C:\WINDOWS\system32\dllcache\moricons.dll
    - 2004-08-10 20:00:00 3,555,328 -c--a-w C:\WINDOWS\system32\dllcache\moviemk.exe
    + 2004-08-10 20:00:00 3,676,160 -c--a-w C:\WINDOWS\system32\dllcache\moviemk.exe
    - 2004-08-10 20:00:00 331,776 -c--a-w C:\WINDOWS\system32\dllcache\msadce.dll
    + 2008-05-01 14:31:48 331,776 -c--a-w C:\WINDOWS\system32\dllcache\msadce.dll
    - 2005-06-29 01:49:42 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
    + 2008-06-24 16:23:56 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
    - 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
    + 2008-06-23 16:28:20 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
    - 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    + 2008-06-23 16:28:20 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    - 2004-08-10 20:00:00 1,004,032 -c--a-w C:\WINDOWS\system32\dllcache\msgina.dll
    + 2004-08-10 20:00:00 1,111,552 -c--a-w C:\WINDOWS\system32\dllcache\msgina.dll
    - 2008-04-23 20:16:42 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
    + 2008-06-24 08:28:24 3,865,088 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    - 2008-04-23 04:16:40 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
    + 2008-06-23 16:28:22 477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
    - 2004-08-10 20:00:00 60,416 -c--a-w C:\WINDOWS\system32\dllcache\msimn.exe
    + 2004-08-10 20:00:00 223,744 -c--a-w C:\WINDOWS\system32\dllcache\msimn.exe
    - 2004-08-10 20:00:00 347,648 -c--a-w C:\WINDOWS\system32\dllcache\mspaint.exe
    + 2004-08-10 20:00:00 444,928 -c--a-w C:\WINDOWS\system32\dllcache\mspaint.exe
    - 2008-04-23 04:16:40 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
    + 2008-06-23 16:28:22 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
    - 2004-08-10 20:00:00 281,600 -c--a-w C:\WINDOWS\system32\dllcache\mstask.dll
    + 2004-08-10 20:00:00 328,192 -c--a-w C:\WINDOWS\system32\dllcache\mstask.dll
    - 2008-04-23 04:16:40 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
    + 2008-06-23 16:28:22 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
    - 2004-08-10 20:00:00 655,360 -c--a-w C:\WINDOWS\system32\dllcache\mstscax.dll
    + 2004-08-10 20:00:00 657,408 -c--a-w C:\WINDOWS\system32\dllcache\mstscax.dll
    - 2004-08-10 20:00:00 91,648 -c--a-w C:\WINDOWS\system32\dllcache\mydocs.dll
    + 2004-08-10 20:00:00 86,528 -c--a-w C:\WINDOWS\system32\dllcache\mydocs.dll
    - 2004-08-10 20:00:00 55,296 -c--a-w C:\WINDOWS\system32\dllcache\narrator.exe
    + 2004-08-10 20:00:00 56,832 -c--a-w C:\WINDOWS\system32\dllcache\narrator.exe
    - 2004-08-10 20:00:00 144,896 -c--a-w C:\WINDOWS\system32\dllcache\netid.dll
    + 2004-08-10 20:00:00 153,088 -c--a-w C:\WINDOWS\system32\dllcache\netid.dll
    - 2005-06-21 22:01:34 1,721,344 -c--a-w C:\WINDOWS\system32\dllcache\netshell.dll
    + 2005-06-21 22:01:34 2,137,088 -c--a-w C:\WINDOWS\system32\dllcache\netshell.dll
    - 2004-08-10 20:00:00 251,392 -c--a-w C:\WINDOWS\system32\dllcache\newdev.dll
    + 2004-08-10 20:00:00 416,256 -c--a-w C:\WINDOWS\system32\dllcache\newdev.dll
    - 2004-08-10 20:00:00 70,656 -c--a-w C:\WINDOWS\system32\dllcache\notepad.exe
    + 2004-08-10 20:00:00 156,672 -c--a-w C:\WINDOWS\system32\dllcache\notepad.exe
    - 2004-08-10 20:00:00 145,920 -c--a-w C:\WINDOWS\system32\dllcache\ntshrui.dll
    + 2004-08-10 20:00:00 233,984 -c--a-w C:\WINDOWS\system32\dllcache\ntshrui.dll
    - 2008-04-23 04:16:40 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
    + 2008-06-23 16:28:22 164,352 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
    - 2008-04-23 04:16:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    + 2008-06-23 16:28:22 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    - 2004-08-10 20:00:00 578,560 -c--a-w C:\WINDOWS\system32\dllcache\printui.dll
    + 2004-08-10 20:00:00 758,784 -c--a-w C:\WINDOWS\system32\dllcache\printui.dll
    - 2004-08-10 20:00:00 685,056 -c--a-w C:\WINDOWS\system32\dllcache\rasdlg.dll
    + 2004-08-10 20:00:00 1,256,960 -c--a-w C:\WINDOWS\system32\dllcache\rasdlg.dll
    - 2004-08-10 20:00:00 153,088 -c--a-w C:\WINDOWS\system32\dllcache\regedit.exe
    + 2004-08-10 20:00:00 230,912 -c--a-w C:\WINDOWS\system32\dllcache\regedit.exe
    - 2004-08-10 20:00:00 572,416 -c--a-w C:\WINDOWS\system32\dllcache\shdoclc.dll
    + 2004-08-10 20:00:00 689,664 -c--a-w C:\WINDOWS\system32\dllcache\shdoclc.dll
    - 2007-10-11 05:59:28 1,498,624 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
    + 2007-10-11 05:59:28 1,777,664 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
    - 2007-10-25 16:43:25 8,516,608 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
    + 2007-10-25 16:43:25 12,930,560 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
    - 2004-08-10 20:00:00 440,320 -c--a-w C:\WINDOWS\system32\dllcache\shimgvw.dll
    + 2004-08-10 20:00:00 1,790,464 -c--a-w C:\WINDOWS\system32\dllcache\shimgvw.dll
    - 2007-10-11 05:59:28 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
    + 2007-10-11 05:59:28 499,200 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
    - 2004-08-10 20:00:00 133,120 -c--a-w C:\WINDOWS\system32\dllcache\sndrec32.exe
    + 2004-08-10 20:00:00 182,272 -c--a-w C:\WINDOWS\system32\dllcache\sndrec32.exe
    - 2004-08-10 20:00:00 139,264 -c--a-w C:\WINDOWS\system32\dllcache\sndvol32.exe
    + 2004-08-10 20:00:00 152,576 -c--a-w C:\WINDOWS\system32\dllcache\sndvol32.exe
    - 2004-08-10 20:00:00 122,368 -c--a-w C:\WINDOWS\system32\dllcache\stobject.dll
    + 2004-08-10 20:00:00 147,968 -c--a-w C:\WINDOWS\system32\dllcache\stobject.dll
    - 2004-08-10 20:00:00 107,520 -c--a-w C:\WINDOWS\system32\dllcache\sysocmgr.exe
    + 2004-08-10 20:00:00 183,296 -c--a-w C:\WINDOWS\system32\dllcache\sysocmgr.exe
    - 2004-08-10 20:00:00 1,005,056 -c--a-w C:\WINDOWS\system32\dllcache\syssetup.dll
    + 2004-08-10 20:00:00 1,261,568 -c--a-w C:\WINDOWS\system32\dllcache\syssetup.dll
    - 2004-08-10 20:00:00 143,360 -c--a-w C:\WINDOWS\system32\dllcache\taskmgr.exe
    + 2004-08-10 20:00:00 189,440 -c--a-w C:\WINDOWS\system32\dllcache\taskmgr.exe
    - 2004-08-10 20:00:00 391,168 -c--a-w C:\WINDOWS\system32\dllcache\themeui.dll
    + 2004-08-10 20:00:00 393,728 -c--a-w C:\WINDOWS\system32\dllcache\themeui.dll
    - 2008-04-23 04:16:40 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
    + 2008-06-23 16:28:22 62,464 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
    - 2008-04-23 04:16:40 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
    + 2008-06-23 16:28:23 1,233,408 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    - 2004-08-10 20:00:00 219,648 -c--a-w C:\WINDOWS\system32\dllcache\uxtheme.dll
    + 2008-08-26 02:42:56 219,648 -c--a-w C:\WINDOWS\system32\dllcache\uxtheme.dll
    - 2008-04-23 04:16:40 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
    + 2008-06-23 16:28:23 394,240 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
    - 2004-08-10 20:00:00 438,784 -c--a-w C:\WINDOWS\system32\dllcache\wiaacmgr.exe
    + 2004-08-10 20:00:00 890,880 -c--a-w C:\WINDOWS\system32\dllcache\wiaacmgr.exe
    - 2004-08-10 20:00:00 594,432 -c--a-w C:\WINDOWS\system32\dllcache\wiashext.dll
    + 2004-08-10 20:00:00 774,656 -c--a-w C:\WINDOWS\system32\dllcache\wiashext.dll
    - 2004-08-10 20:00:00 773,632 -c--a-w C:\WINDOWS\system32\dllcache\winntbbu.dll
    + 2004-08-10 20:00:00 773,120 -c--a-w C:\WINDOWS\system32\dllcache\WINNTBBU.DLL
    - 2007-03-17 13:44:47 293,376 -c--a-w C:\WINDOWS\system32\dllcache\winsrv.dll
    + 2007-03-17 13:44:47 294,400 -c--a-w C:\WINDOWS\system32\dllcache\winsrv.dll
    - 2004-08-10 20:00:00 168,960 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt1.exe
    + 2004-08-10 20:00:00 288,768 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt1.exe
    - 2004-08-10 20:00:00 340,480 -c--a-w C:\WINDOWS\system32\dllcache\zipfldr.dll
    + 2004-08-10 20:00:00 907,776 -c--a-w C:\WINDOWS\system32\dllcache\zipfldr.dll
    + 2008-07-25 08:34:54 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    + 2008-07-25 08:34:46 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
    + 2008-07-25 08:34:46 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    + 2008-07-25 08:34:50 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
    + 2008-07-25 08:34:46 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    + 2008-07-25 08:34:46 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
    + 2008-07-25 08:34:46 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    + 2008-05-09 11:15:51 45,376 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
    + 2008-01-21 16:11:28 22,336 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
    + 2008-06-27 13:03:55 75,072 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
    + 2007-03-01 08:34:22 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
    + 2008-07-25 08:34:52 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
    - 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
    + 2008-06-23 16:28:17 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
    - 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
    + 2008-06-23 16:28:17 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
    - 2008-04-23 04:16:39 133,120 ------w C:\WINDOWS\system32\extmgr.dll
    + 2008-06-23 16:28:17 133,120 ------w C:\WINDOWS\system32\extmgr.dll
    - 2008-04-10 07:56:09 1,530,104 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    + 2008-08-13 11:50:14 1,530,136 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    - 2004-08-10 20:00:00 386,560 ----a-w C:\WINDOWS\system32\fontext.dll
    + 2004-08-10 20:00:00 396,288 ----a-w C:\WINDOWS\system32\fontext.dll
    - 2004-08-10 20:00:00 146,944 ----a-w C:\WINDOWS\system32\hotplug.dll
    + 2004-08-10 20:00:00 161,792 ----a-w C:\WINDOWS\system32\hotplug.dll
    - 2008-04-23 04:16:39 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
    + 2008-06-23 16:28:17 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
    - 2008-04-22 07:41:08 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
    + 2008-06-23 09:21:30 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
    - 2008-04-23 04:16:39 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
    + 2008-06-23 16:28:18 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
    - 2008-04-23 04:16:39 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
    + 2008-06-23 16:28:18 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
    - 2008-04-20 05:07:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
    + 2008-06-21 05:23:54 161,792 ------w C:\WINDOWS\system32\ieakui.dll
    - 2008-04-23 04:16:39 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
    + 2008-06-23 16:28:18 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
    - 2008-04-23 04:16:39 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
    + 2008-06-23 16:28:18 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
    - 2008-04-23 04:16:39 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
    + 2008-06-23 16:28:19 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
    - 2008-04-23 04:16:39 44,544 ------w C:\WINDOWS\system32\iernonce.dll
    + 2008-06-23 16:28:19 44,544 ------w C:\WINDOWS\system32\iernonce.dll
    - 2008-04-23 04:16:39 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
    + 2008-06-23 16:28:20 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
    - 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
    + 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
    - 2007-08-21 06:17:23 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
    + 2008-04-11 18:51:06 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
    - 2004-08-10 20:00:00 121,856 ----a-w C:\WINDOWS\system32\inetcplc.dll
    + 2004-08-10 20:00:00 292,352 ----a-w C:\WINDOWS\system32\inetcplc.dll
    - 2008-04-23 04:16:40 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
    + 2008-06-23 16:28:20 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
    - 2004-08-10 20:00:00 157,184 ----a-w C:\WINDOWS\system32\keymgr.dll
    + 2004-08-10 20:00:00 409,600 ----a-w C:\WINDOWS\system32\keymgr.dll
    - 2004-08-10 20:00:00 221,696 ----a-w C:\WINDOWS\system32\logon.scr
    + 2004-08-10 20:00:00 3,128,320 ----a-w C:\WINDOWS\system32\logon.scr
    - 2004-08-10 20:00:00 515,584 ----a-w C:\WINDOWS\system32\logonui.exe
    + 2004-08-10 20:00:00 5,650,944 ----a-w C:\WINDOWS\system32\logonui.exe
    - 2004-08-10 20:00:00 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
    + 2004-08-10 20:00:00 380,416 ----a-w C:\WINDOWS\system32\moricons.dll
    - 2008-04-23 04:16:40 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
    + 2008-06-23 16:28:20 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
    - 2008-04-23 04:16:40 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
    + 2008-06-23 16:28:20 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
    - 2004-08-10 20:00:00 1,004,032 ----a-w C:\WINDOWS\system32\msgina.dll
    + 2004-08-10 20:00:00 1,111,552 ----a-w C:\WINDOWS\system32\msgina.dll
    - 2008-04-23 20:16:42 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
    + 2008-06-24 08:28:24 3,865,088 ----a-w C:\WINDOWS\system32\mshtml.dll
    - 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
    + 2008-06-23 16:28:22 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
    - 2004-08-10 20:00:00 347,648 ----a-w C:\WINDOWS\system32\mspaint.exe
    + 2004-08-10 20:00:00 444,928 ----a-w C:\WINDOWS\system32\mspaint.exe
    - 2008-04-23 04:16:40 193,024 ------w C:\WINDOWS\system32\msrating.dll
    + 2008-06-23 16:28:22 193,024 ------w C:\WINDOWS\system32\msrating.dll
    - 2004-08-10 20:00:00 281,600 ----a-w C:\WINDOWS\system32\mstask.dll
    + 2004-08-10 20:00:00 328,192 ----a-w C:\WINDOWS\system32\mstask.dll
    - 2008-04-23 04:16:40 671,232 ------w C:\WINDOWS\system32\mstime.dll
    + 2008-06-23 16:28:22 671,232 ------w C:\WINDOWS\system32\mstime.dll
    - 2004-08-10 20:00:00 655,360 ----a-w C:\WINDOWS\system32\mstscax.dll
    + 2004-08-10 20:00:00 657,408 ----a-w C:\WINDOWS\system32\mstscax.dll
    - 2004-08-10 20:00:00 91,648 ----a-w C:\WINDOWS\system32\mydocs.dll
    + 2004-08-10 20:00:00 86,528 ----a-w C:\WINDOWS\system32\mydocs.dll
    - 2004-08-10 20:00:00 55,296 ----a-w C:\WINDOWS\system32\narrator.exe
    + 2004-08-10 20:00:00 56,832 ----a-w C:\WINDOWS\system32\narrator.exe
    - 2004-08-10 20:00:00 144,896 ----a-w C:\WINDOWS\system32\netid.dll
    + 2004-08-10 20:00:00 153,088 ----a-w C:\WINDOWS\system32\netid.dll
    - 2005-06-21 22:01:34 1,721,344 ----a-w C:\WINDOWS\system32\netshell.dll
    + 2005-06-21 22:01:34 2,137,088 ----a-w C:\WINDOWS\system32\netshell.dll
    - 2004-08-10 20:00:00 251,392 ----a-w C:\WINDOWS\system32\newdev.dll
    + 2004-08-10 20:00:00 416,256 ----a-w C:\WINDOWS\system32\newdev.dll
    - 2004-08-10 20:00:00 70,656 ----a-w C:\WINDOWS\system32\notepad.exe
    + 2004-08-10 20:00:00 156,672 ----a-w C:\WINDOWS\system32\notepad.exe
    - 2004-08-10 20:00:00 145,920 ----a-w C:\WINDOWS\system32\ntshrui.dll
    + 2004-08-10 20:00:00 233,984 ----a-w C:\WINDOWS\system32\ntshrui.dll
    - 2008-04-23 04:16:40 102,912 ------w C:\WINDOWS\system32\occache.dll
    + 2008-06-23 16:28:22 164,352 ----a-w C:\WINDOWS\system32\occache.dll
    - 2008-07-29 14:16:15 64,336 ----a-w C:\WINDOWS\system32\perfc009.dat
    + 2008-08-26 10:25:36 64,336 ----a-w C:\WINDOWS\system32\perfc009.dat
    - 2008-07-29 14:16:15 78,148 ----a-w C:\WINDOWS\system32\perfc00C.dat
    + 2008-08-26 10:25:36 78,148 ----a-w C:\WINDOWS\system32\perfc00C.dat
    - 2008-07-29 14:16:15 407,806 ----a-w C:\WINDOWS\system32\perfh009.dat
    + 2008-08-26 10:25:36 407,806 ----a-w C:\WINDOWS\system32\perfh009.dat
    - 2008-07-29 14:16:15 476,284 ----a-w C:\WINDOWS\system32\perfh00C.dat
    + 2008-08-26 10:25:36 476,284 ----a-w C:\WINDOWS\system32\perfh00C.dat
    - 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
    + 2008-06-23 16:28:22 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
    - 2004-08-10 20:00:00 578,560 ----a-w C:\WINDOWS\system32\printui.dll
    + 2004-08-10 20:00:00 758,784 ----a-w C:\WINDOWS\system32\printui.dll
    - 2007-03-07 23:51:00 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
    + 2008-07-23 16:50:48 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
    - 2004-08-10 20:00:00 685,056 ----a-w C:\WINDOWS\system32\rasdlg.dll
    + 2004-08-10 20:00:00 1,256,960 ----a-w C:\WINDOWS\system32\rasdlg.dll
    - 2004-08-10 20:00:00 572,416 ----a-w C:\WINDOWS\system32\shdoclc.dll
    + 2004-08-10 20:00:00 689,664 ----a-w C:\WINDOWS\system32\shdoclc.dll
    - 2007-10-11 05:59:28 1,498,624 ----a-w C:\WINDOWS\system32\shdocvw.dll
    + 2007-10-11 05:59:28 1,777,664 ----a-w C:\WINDOWS\system32\shdocvw.dll
    - 2007-10-25 16:43:25 8,516,608 ----a-w C:\WINDOWS\system32\shell32.dll
    + 2007-10-25 16:43:25 12,930,560 ----a-w C:\WINDOWS\system32\shell32.dll
    - 2004-08-10 20:00:00 440,320 ----a-w C:\WINDOWS\system32\shimgvw.dll
    + 2004-08-10 20:00:00 1,790,464 ----a-w C:\WINDOWS\system32\shimgvw.dll
    - 2007-10-11 05:59:28 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
    + 2007-10-11 05:59:28 499,200 ----a-w C:\WINDOWS\system32\shlwapi.dll
    - 2004-08-10 20:00:00 133,120 ----a-w C:\WINDOWS\system32\sndrec32.exe
    + 2004-08-10 20:00:00 182,272 ----a-w C:\WINDOWS\system32\sndrec32.exe
    - 2004-08-10 20:00:00 139,264 ----a-w C:\WINDOWS\system32\sndvol32.exe
    + 2004-08-10 20:00:00 152,576 ----a-w C:\WINDOWS\system32\sndvol32.exe
    - 2007-11-30 12:39:29 18,296 ------w C:\WINDOWS\system32\spmsg.dll
    + 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll
    - 2004-08-10 20:00:00 122,368 ----a-w C:\WINDOWS\system32\stobject.dll
    + 2004-08-10 20:00:00 147,968 ----a-w C:\WINDOWS\system32\stobject.dll
    - 2004-08-10 20:00:00 107,520 ----a-w C:\WINDOWS\system32\sysocmgr.exe
    + 2004-08-10 20:00:00 183,296 ----a-w C:\WINDOWS\system32\sysocmgr.exe
    - 2004-08-10 20:00:00 1,005,056 ----a-w C:\WINDOWS\system32\syssetup.dll
    + 2004-08-10 20:00:00 1,261,568 ----a-w C:\WINDOWS\system32\syssetup.dll
    - 2004-08-10 20:00:00 143,360 ----a-w C:\WINDOWS\system32\taskmgr.exe
    + 2004-08-10 20:00:00 189,440 ----a-w C:\WINDOWS\system32\taskmgr.exe
    - 2004-08-10 20:00:00 391,168 ----a-w C:\WINDOWS\system32\themeui.dll
    + 2004-08-10 20:00:00 393,728 ----a-w C:\WINDOWS\system32\themeui.dll
    - 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
    + 2008-07-14 11:09:18 62,976 ------w C:\WINDOWS\system32\tzchange.exe
    - 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
    + 2008-06-23 16:28:22 62,464 ----a-w C:\WINDOWS\system32\url.dll
    - 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
    + 2008-06-23 16:28:23 1,233,408 ----a-w C:\WINDOWS\system32\urlmon.dll
    - 2004-08-10 20:00:00 246,784 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
    + 2004-08-10 20:00:00 544,768 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
    - 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
    + 2008-06-23 16:28:23 394,240 ----a-w C:\WINDOWS\system32\webcheck.dll
    - 2004-08-10 20:00:00 438,784 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
    + 2004-08-10 20:00:00 890,880 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
    - 2004-08-10 20:00:00 594,432 ----a-w C:\WINDOWS\system32\wiashext.dll
    + 2004-08-10 20:00:00 774,656 ----a-w C:\WINDOWS\system32\wiashext.dll
    - 2004-08-10 20:00:00 773,632 ----a-w C:\WINDOWS\system32\winntbbu.dll
    + 2004-08-10 20:00:00 773,120 ----a-w C:\WINDOWS\system32\WINNTBBU.DLL
    - 2007-03-17 13:44:47 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
    + 2007-03-17 13:44:47 294,400 ----a-w C:\WINDOWS\system32\winsrv.dll
    - 2004-08-10 20:00:00 168,960 ----a-w C:\WINDOWS\system32\wuauclt1.exe
    + 2004-08-10 20:00:00 288,768 ----a-w C:\WINDOWS\system32\wuauclt1.exe
    - 2004-08-10 20:00:00 2,986,496 ----a-w C:\WINDOWS\system32\xpsp2res.dll
    + 2004-08-10 20:00:00 3,378,176 ----a-w C:\WINDOWS\system32\xpsp2res.dll
    - 2004-08-10 20:00:00 340,480 ----a-w C:\WINDOWS\system32\zipfldr.dll
    + 2004-08-10 20:00:00 907,776 ----a-w C:\WINDOWS\system32\zipfldr.dll
    - 2008-07-29 21:53:49 408,112 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\sfdb.dat
    + 2008-08-16 10:23:29 517,480 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\sfdb.dat
    - 2008-07-29 14:19:53 9,956,040 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat
    + 2008-08-13 13:15:56 9,421,282 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat
    + 2008-08-13 11:47:18 14,938,624 ----a-w C:\WINDOWS\system32\ZoneLabs\zlqrtdb.dat
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" [2008-06-20 09:23 154368]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 20:10 1688872]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 22:00 15360]
    "AppCmdInfo"="C:\WINDOWS\system32\tgjoduva.exe" [2008-08-25 02:06 90112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 15:21 2213160]
    "razer"="C:\Program Files\Razer\CopperHead\razerhid.exe" [2005-08-16 16:21 155648]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 16:57 282624]
    "TkBellExe"="C:\Program Files\Fichiers communs\Re
    Contenus similaires
    26 Août 2008 19:34:26

    Poste la fin du rapport stp.
    27 Août 2008 16:13:01

    a ouai dsl :

    ComboFix 08-08-25.01 - Kaos 2008-08-26 16:11:16.5 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.512 [GMT 2:00]
    Endroit: C:\Documents and Settings\Kaos\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\akl
    C:\Program Files\akl\akl.dll
    C:\Program Files\akl\akl.exe
    C:\Program Files\akl\uninstall.exe
    C:\Program Files\akl\unsetup.exe
    C:\Program Files\Inet Delivery
    C:\Program Files\Inet Delivery\inetdl.exe
    C:\Program Files\Inet Delivery\intdel.exe
    C:\WINDOWS\a.bat
    C:\WINDOWS\base64.tmp
    C:\WINDOWS\bdn.com
    C:\WINDOWS\FVProtect.exe
    C:\WINDOWS\iTunesMusic.exe
    C:\WINDOWS\mslagent
    C:\WINDOWS\mslagent\2_mslagent.dll
    C:\WINDOWS\mslagent\mslagent.exe
    C:\WINDOWS\mslagent\uninstall.exe
    C:\WINDOWS\mssecu.exe
    C:\WINDOWS\system32\akttzn.exe
    C:\WINDOWS\system32\anticipator.dll
    C:\WINDOWS\system32\awtoolb.dll
    C:\WINDOWS\system32\bdn.com
    C:\WINDOWS\system32\bsva-egihsg52.exe
    C:\WINDOWS\system32\dpcproxy.exe
    C:\WINDOWS\system32\emesx.dll
    C:\WINDOWS\system32\h@tkeysh@@k.dll
    C:\WINDOWS\system32\hoproxy.dll
    C:\WINDOWS\system32\hxiwlgpm.dat
    C:\WINDOWS\system32\hxiwlgpm.exe
    C:\WINDOWS\system32\medup012.dll
    C:\WINDOWS\system32\medup020.dll
    C:\WINDOWS\system32\msgp.exe
    C:\WINDOWS\system32\msnbho.dll
    C:\WINDOWS\system32\mssecu.exe
    C:\WINDOWS\system32\msvchost.exe
    C:\WINDOWS\system32\mtr2.exe
    C:\WINDOWS\system32\mwin32.exe
    C:\WINDOWS\system32\netode.exe
    C:\WINDOWS\system32\newsd32.exe
    C:\WINDOWS\system32\ps1.exe
    C:\WINDOWS\system32\psof1.exe
    C:\WINDOWS\system32\psoft1.exe
    C:\WINDOWS\system32\regc64.dll
    C:\WINDOWS\system32\regm64.dll
    C:\WINDOWS\system32\Rundl1.exe
    C:\WINDOWS\system32\smp
    C:\WINDOWS\system32\smp\msrc.exe
    C:\WINDOWS\system32\sncntr.exe
    C:\WINDOWS\system32\ssurf022.dll
    C:\WINDOWS\system32\ssvchost.com
    C:\WINDOWS\system32\ssvchost.exe
    C:\WINDOWS\system32\sysreq.exe
    C:\WINDOWS\system32\taack.dat
    C:\WINDOWS\system32\taack.exe
    C:\WINDOWS\system32\temp#01.exe
    C:\WINDOWS\system32\thun.dll
    C:\WINDOWS\system32\thun32.dll
    C:\WINDOWS\system32\VBIEWER.OCX
    C:\WINDOWS\system32\vbsys2.dll
    C:\WINDOWS\system32\vcatchpi.dll
    C:\WINDOWS\system32\winlogonpc.exe
    C:\WINDOWS\system32\winsystem.exe
    C:\WINDOWS\system32\WINWGPX.EXE
    C:\WINDOWS\userconfig9x.dll
    C:\WINDOWS\winsystem.exe
    C:\WINDOWS\zip1.tmp
    C:\WINDOWS\zip2.tmp
    C:\WINDOWS\zip3.tmp
    C:\WINDOWS\zipped.tmp
    D:\install.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-07-26 to 2008-08-26 ))))))))))))))))))))))))))))))))))))
    .

    2008-08-26 04:42 . 2008-08-26 04:42 3,888,054 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
    2008-08-26 04:42 . 2008-08-26 04:42 64,111 --a------ C:\WINDOWS\BricoPackUninst.cmd
    2008-08-26 04:40 . 2008-08-26 04:42 6,112 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
    2008-08-26 04:39 . 2008-08-26 04:39 <REP> d-------- C:\WINDOWS\BricoPacks
    2008-08-25 02:09 . 2008-08-25 02:09 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
    2008-08-25 02:06 . 2008-08-25 02:06 <REP> d-------- C:\Program Files\tvnbpsf
    2008-08-25 02:06 . 2008-08-25 02:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\xwhevqty
    2008-08-25 02:06 . 2008-08-25 02:06 90,112 --a------ C:\WINDOWS\system32\tgjoduva.exe
    2008-08-25 01:08 . 2008-08-25 01:18 <REP> d-------- C:\Program Files\uTorrent
    2008-08-25 01:08 . 2008-08-26 16:06 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\uTorrent
    2008-08-13 22:10 . 2008-08-13 22:16 1,374 --a------ C:\WINDOWS\imsins.BAK
    2008-08-09 23:03 . 2008-08-09 23:03 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\DivX
    2008-08-01 04:08 . 2008-08-01 04:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    2008-08-01 03:09 . 2008-08-01 03:09 <REP> d-------- C:\Program Files\Avira
    2008-08-01 03:09 . 2008-08-01 03:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-08-01 03:00 . 2008-08-01 03:01 <REP> d-------- C:\Program Files\CCleaner
    2008-07-31 22:33 . 2008-07-31 22:33 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-07-31 22:33 . 2008-07-31 22:33 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\Malwarebytes
    2008-07-31 22:33 . 2008-07-31 22:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-07-31 22:33 . 2008-07-30 20:15 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-07-31 22:33 . 2008-07-30 20:15 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-07-31 14:49 . 2008-07-31 14:49 244 --ah----- C:\sqmnoopt01.sqm
    2008-07-31 14:49 . 2008-07-31 14:49 232 --ah----- C:\sqmdata01.sqm
    2008-07-29 23:13 . 2008-07-29 23:13 <REP> d-------- C:\Deckard
    2008-07-29 18:33 . 2008-07-29 18:33 <REP> d-------- C:\Program Files\Lavasoft
    2008-07-29 18:33 . 2008-07-29 18:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-07-29 18:07 . 2008-08-25 02:14 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-07-29 18:06 . 2008-08-25 02:12 <REP> d-------- C:\Program Files\Trojan Remover
    2008-07-29 18:06 . 2008-07-29 18:06 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\Simply Super Software
    2008-07-29 18:06 . 2008-07-29 18:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
    2008-07-29 18:06 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
    2008-07-29 18:06 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
    2008-07-29 18:06 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
    2008-07-29 18:06 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
    2008-07-29 18:06 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
    2008-07-29 16:19 . 2008-08-13 22:01 959 --a------ C:\rollback.ini
    2008-07-29 16:15 . 2008-08-10 12:31 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\MailFrontier
    2008-07-29 13:36 . 2008-07-30 13:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2008-07-29 13:35 . 2008-08-26 16:14 7,490,592 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
    2008-07-29 13:35 . 2008-08-26 12:19 100,700 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
    2008-07-29 13:35 . 2008-07-09 09:05 75,248 --a------ C:\WINDOWS\zllsputility.exe
    2008-07-29 13:35 . 2008-07-09 09:05 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
    2008-07-29 13:35 . 2008-07-09 09:05 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
    2008-07-29 13:35 . 2008-07-09 09:05 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
    2008-07-29 13:35 . 2008-07-09 09:05 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
    2008-07-29 13:35 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
    2008-07-29 13:35 . 2008-08-23 17:55 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
    2008-07-29 13:34 . 2008-07-29 13:34 <REP> d-------- C:\Program Files\Zone Labs
    2008-07-29 13:33 . 2008-08-26 00:40 <REP> d-------- C:\WINDOWS\Internet Logs
    2008-07-29 00:28 . 2008-08-15 00:09 <REP> d---s---- C:\Program Files\HLSW
    2008-07-29 00:28 . 2008-08-13 16:56 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\HLSW
    2008-07-28 00:58 . 2008-07-28 00:58 25,775,585 --a------ C:\WINDOWS\VPTNFILE.435
    2008-07-28 00:58 . 2008-07-28 00:58 25,775,585 --a------ C:\WINDOWS\LPT$VPN.435
    2008-07-28 00:57 . 2008-07-28 00:58 <REP> d-------- C:\WINDOWS\AU_Temp
    2008-07-27 10:39 . 2008-07-27 10:39 0 --a------ C:\VAC2.dll
    2008-07-27 10:37 . 2008-07-27 10:37 12,288 --a------ C:\Dumper.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-08-26 02:42 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
    2008-08-25 22:48 --------- d-----w C:\Program Files\Steam
    2008-08-25 17:50 --------- d-----w C:\Program Files\WowCartographe
    2008-08-24 23:08 --------- d-----w C:\Documents and Settings\Kaos\Application Data\Azureus
    2008-08-24 11:07 --------- d-----w C:\Program Files\TuneUp Utilities 2008
    2008-08-18 21:50 --------- d-----w C:\Documents and Settings\Kaos\Application Data\LimeWire
    2008-08-15 17:48 2,827,264 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp
    2008-08-14 00:03 2,054,144 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp
    2008-08-13 23:21 --------- d-----w C:\Program Files\World of Warcraft
    2008-08-13 20:03 760,320 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp
    2008-08-13 19:37 283,648 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp
    2008-08-13 19:37 1,945,088 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp
    2008-08-13 19:21 812,032 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp
    2008-08-13 19:21 1,944,064 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp
    2008-08-13 18:52 3,108,864 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp
    2008-08-13 11:48 2,740,736 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
    2008-08-13 11:48 1,946,624 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
    2008-08-13 01:15 --------- d-----w C:\Program Files\Tortun
    2008-08-11 07:17 2,278,400 ----a-w C:\WINDOWS\Internet Logs\xDB2C0.tmp
    2008-08-10 18:19 2,788,352 ----a-w C:\WINDOWS\Internet Logs\xDB218.tmp
    2008-08-06 15:06 1,057,476 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
    2008-08-06 00:16 --------- d-----w C:\Program Files\DivX
    2008-08-05 15:19 1,320,448 ----a-w C:\WINDOWS\Internet Logs\xDB45.tmp
    2008-08-05 07:47 3,141,632 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
    2008-08-03 20:06 3,420,160 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
    2008-08-01 22:09 1,759,744 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
    2008-08-01 01:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-08-01 01:01 --------- d-----w C:\Program Files\Yahoo!
    2008-07-31 17:36 3,137,536 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
    2008-07-31 17:36 1,715,712 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
    2008-07-29 16:32 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-07-27 22:58 91,744 ----a-w C:\WINDOWS\BPMNT.dll
    2008-07-27 22:58 71,749 ----a-w C:\WINDOWS\hcextoutput.dll
    2008-07-27 22:58 333,576 ----a-w C:\WINDOWS\tsc.exe
    2008-07-27 22:58 1,213,784 ----a-w C:\WINDOWS\vsapi32.dll
    2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
    2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
    2008-07-18 14:07 --------- d-----w C:\Documents and Settings\Kaos\Application Data\Mumble
    2008-07-13 19:24 --------- d-----w C:\Program Files\Mumble
    2008-07-09 07:05 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
    2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
    2008-07-07 00:27 --------- d-----w C:\Program Files\LimeWire
    2008-07-02 23:10 --------- d-----w C:\Program Files\Azureus
    2008-07-02 15:19 355,584 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
    2008-07-01 08:34 --------- d-----w C:\Documents and Settings\Kaos\Application Data\teamspeak2
    2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
    2008-06-23 16:28 817,152 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
    2008-05-29 07:28 28,416 ----a-w C:\WINDOWS\system32\uxtuneup.dll
    2008-03-28 22:18 51,944 ----a-w C:\Documents and Settings\Kaos\Application Data\GDIPFONTCACHEV1.DAT
    .

    ------- Sigcheck -------

    2005-01-27 19:12 662016 66a10b98f18fd804236ab2d90301de04 C:\WINDOWS\$hf_mig$\KB867282\SP2QFE\wininet.dll
    2005-05-02 22:58 663040 0996b57cc2abcb271872296e98a18db2 C:\WINDOWS\$hf_mig$\KB883939\SP2QFE\wininet.dll
    2005-03-10 09:48 662016 06ad0b0f43286cd50af283762eb56763 C:\WINDOWS\$hf_mig$\KB890923\SP2QFE\wininet.dll
    2005-07-03 04:10 663552 39846b1ac2b99349272ee6e075c3b8af C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\wininet.dll
    2005-10-21 05:39 665600 d327378ceef9a141c7352691fc30a0da C:\WINDOWS\$hf_mig$\KB905915\SP2QFE\wininet.dll
    2007-10-11 01:22 825344 871ae10d6ae8877e9636ae5017953d52 C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
    2007-12-07 03:42 825344 f4fd487241d3ac291046a22cebd2cf71 C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
    2008-03-01 14:34 827392 5a0093f59b505c008ed0cee615563c72 C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
    2008-04-23 09:19 827392 78d3d2b0be6ad3e6d82ccb115cf74310 C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
    2008-06-23 17:40 827904 52589bae67dd9859724287372668690b C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
    2004-08-10 22:00 660480 58fe94ef42e074f4cad8bf02e70e6478 C:\WINDOWS\$NtUninstallKB867282$\wininet.dll
    2005-03-10 10:04 660992 ba7cda9917332a6e1faa1b46bc3ab5fd C:\WINDOWS\$NtUninstallKB883939$\wininet.dll
    2005-01-27 19:14 660992 b16b02f3c804f057dab099cc15ed0206 C:\WINDOWS\$NtUninstallKB890923$\wininet.dll
    2005-05-02 22:57 662016 ffe3e6fb8d52955a2de4c6cc765b02bc C:\WINDOWS\$NtUninstallKB896727$\wininet.dll
    2005-07-03 04:16 662528 e994e704303f07f331b03ee9ed6d9e2d C:\WINDOWS\$NtUninstallKB905915$\wininet.dll
    2006-01-09 20:02 666112 5404e2ead19d7e2a5c4086015062343c C:\WINDOWS\$NtUninstallKB912812$\wininet.dll
    2005-10-21 05:41 662528 e41e8fdf62cf20f2e2b16d800d96eb51 C:\WINDOWS\$NtUninstallKB912945$\wininet.dll
    2006-03-04 06:00 667648 241dbc4c2714b2f39afded49459ed420 C:\WINDOWS\$NtUninstallKB939653$\wininet.dll
    2007-08-22 14:57 669696 4f6a45b54d26708e2c2bf2c43d83edea C:\WINDOWS\$NtUninstallKB942615$\wininet.dll
    2007-10-11 07:59 670208 0465cde31add22f6233ffb4fe4af01cf C:\WINDOWS\ie7\wininet.dll
    2007-08-13 19:54 818688 a4a0fc92358f39538a6494c42ef99fe9 C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
    2007-10-11 01:49 824832 bc5119c53bdd48dabc628d448a3bdccb C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
    2007-12-07 04:08 824832 4fc90bece54fac81b0090b94e27bfb6b C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
    2008-03-01 14:58 826368 8e027981ddffa690d456fe18b37415a0 C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
    2008-04-23 06:16 826368 02d6aabd5f5a32c61478b5cdfe50e4a8 C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
    2008-06-23 18:28 817152 5f8a137bed66cb1150f139e4e6a6355c C:\WINDOWS\system32\wininet.dll
    2008-06-23 18:28 817152 5f8a137bed66cb1150f139e4e6a6355c C:\WINDOWS\system32\dllcache\wininet.dll

    2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
    2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
    2004-08-10 22:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
    2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe

    2007-07-30 20:19 68440 84d9a61860272d6177d46c86b8431557 C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 20:19 68440 84d9a61860272d6177d46c86b8431557 C:\WINDOWS\system32\dllcache\wuauclt.exe
    .
    ((((((((((((((((((((((((((((( snapshot@2008-07-29_23.58.28.59 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2004-08-10 20:00:00 352,256 ----a-w C:\WINDOWS\BricoPacks\SysFiles\10_cmdial32.dll
    + 2004-08-10 20:00:00 67,072 ----a-w C:\WINDOWS\BricoPacks\SysFiles\11_console.dll
    + 2004-08-10 20:00:00 165,888 ----a-w C:\WINDOWS\BricoPacks\SysFiles\12_credui.dll
    + 2007-06-13 13:22:28 1,037,312 ----a-w C:\WINDOWS\BricoPacks\SysFiles\14_explorer.exe
    + 2004-08-10 20:00:00 386,560 ----a-w C:\WINDOWS\BricoPacks\SysFiles\15_fontext.dll
    + 2004-08-10 20:00:00 768,512 ----a-w C:\WINDOWS\BricoPacks\SysFiles\17_helpctr.exe
    + 2004-08-10 20:00:00 146,944 ----a-w C:\WINDOWS\BricoPacks\SysFiles\18_hotplug.dll
    + 2004-08-10 20:00:00 98,304 ----a-w C:\WINDOWS\BricoPacks\SysFiles\2_ahui.exe
    + 2004-08-10 20:00:00 121,856 ----a-w C:\WINDOWS\BricoPacks\SysFiles\20_inetcplc.dll
    + 2004-08-10 20:00:00 157,184 ----a-w C:\WINDOWS\BricoPacks\SysFiles\23_keymgr.dll
    + 2004-08-10 20:00:00 221,696 ----a-w C:\WINDOWS\BricoPacks\SysFiles\24_logon.scr
    + 2004-08-10 20:00:00 246,784 ----a-w C:\WINDOWS\BricoPacks\SysFiles\26_migwiz.exe
    + 2004-08-10 20:00:00 216,064 ----a-w C:\WINDOWS\BricoPacks\SysFiles\28_moricons.dll
    + 2004-08-10 20:00:00 1,004,032 ----a-w C:\WINDOWS\BricoPacks\SysFiles\29_msgina.dll
    + 2008-06-24 08:28:24 3,592,192 ----a-w C:\WINDOWS\BricoPacks\SysFiles\30_mshtml.dll
    + 2004-08-10 20:00:00 347,648 ----a-w C:\WINDOWS\BricoPacks\SysFiles\31_mspaint.exe
    + 2004-08-10 20:00:00 281,600 ----a-w C:\WINDOWS\BricoPacks\SysFiles\32_mstask.dll
    + 2004-08-10 20:00:00 655,360 ----a-w C:\WINDOWS\BricoPacks\SysFiles\33_mstscax.dll
    + 2004-08-10 20:00:00 91,648 ----a-w C:\WINDOWS\BricoPacks\SysFiles\34_mydocs.dll
    + 2004-08-10 20:00:00 55,296 ----a-w C:\WINDOWS\BricoPacks\SysFiles\35_narrator.exe
    + 2004-08-10 20:00:00 144,896 ----a-w C:\WINDOWS\BricoPacks\SysFiles\37_netid.dll
    + 2005-06-21 22:01:34 1,721,344 ----a-w C:\WINDOWS\BricoPacks\SysFiles\38_netshell.dll
    + 2004-08-10 20:00:00 251,392 ----a-w C:\WINDOWS\BricoPacks\SysFiles\39_newdev.dll
    + 2004-08-10 20:00:00 28,672 ----a-w C:\WINDOWS\BricoPacks\SysFiles\4_batmeter.dll
    + 2004-08-10 20:00:00 70,656 ----a-w C:\WINDOWS\BricoPacks\SysFiles\40_notepad.exe
    + 2004-08-10 20:00:00 70,656 ----a-w C:\WINDOWS\BricoPacks\SysFiles\41_notepad.exe
    + 2004-08-10 20:00:00 145,920 ----a-w C:\WINDOWS\BricoPacks\SysFiles\42_ntshrui.dll
    + 2008-06-23 16:28:22 102,912 ----a-w C:\WINDOWS\BricoPacks\SysFiles\44_occache.dll
    + 2004-08-10 20:00:00 578,560 ----a-w C:\WINDOWS\BricoPacks\SysFiles\46_printui.dll
    + 2004-08-10 20:00:00 685,056 ----a-w C:\WINDOWS\BricoPacks\SysFiles\47_rasdlg.dll
    + 2004-08-10 20:00:00 153,088 ----a-w C:\WINDOWS\BricoPacks\SysFiles\48_regedit.exe
    + 2004-08-10 20:00:00 572,416 ----a-w C:\WINDOWS\BricoPacks\SysFiles\49_shdoclc.dll
    + 2007-10-11 05:59:18 1,024,512 ----a-w C:\WINDOWS\BricoPacks\SysFiles\5_browseui.dll
    + 2007-10-11 05:59:28 1,498,624 ----a-w C:\WINDOWS\BricoPacks\SysFiles\50_shdocvw.dll
    + 2007-10-25 16:43:25 8,516,608 ----a-w C:\WINDOWS\BricoPacks\SysFiles\51_shell32.dll
    + 2004-08-10 20:00:00 440,320 ----a-w C:\WINDOWS\BricoPacks\SysFiles\52_shimgvw.dll
    + 2007-10-11 05:59:28 474,624 ----a-w C:\WINDOWS\BricoPacks\SysFiles\53_shlwapi.dll
    + 2004-08-10 20:00:00 133,120 ----a-w C:\WINDOWS\BricoPacks\SysFiles\54_sndrec32.exe
    + 2004-08-10 20:00:00 139,264 ----a-w C:\WINDOWS\BricoPacks\SysFiles\55_sndvol32.exe
    + 2004-08-10 20:00:00 122,368 ----a-w C:\WINDOWS\BricoPacks\SysFiles\56_stobject.dll
    + 2004-08-10 20:00:00 107,520 ----a-w C:\WINDOWS\BricoPacks\SysFiles\58_sysocmgr.exe
    + 2004-08-10 20:00:00 1,005,056 ----a-w C:\WINDOWS\BricoPacks\SysFiles\59_syssetup.dll
    + 2004-08-10 20:00:00 85,504 ----a-w C:\WINDOWS\BricoPacks\SysFiles\6_cabview.dll
    + 2004-08-10 20:00:00 143,360 ----a-w C:\WINDOWS\BricoPacks\SysFiles\60_taskmgr.exe
    + 2004-08-10 20:00:00 391,168 ----a-w C:\WINDOWS\BricoPacks\SysFiles\62_themeui.dll
    + 2008-06-23 16:28:22 105,984 ----a-w C:\WINDOWS\BricoPacks\SysFiles\64_url.dll
    + 2008-06-23 16:28:23 1,159,680 ----a-w C:\WINDOWS\BricoPacks\SysFiles\65_urlmon.dll
    + 2008-06-23 16:28:23 233,472 ----a-w C:\WINDOWS\BricoPacks\SysFiles\66_webcheck.dll
    + 2004-08-10 20:00:00 438,784 ----a-w C:\WINDOWS\BricoPacks\SysFiles\67_wiaacmgr.exe
    + 2004-08-10 20:00:00 594,432 ----a-w C:\WINDOWS\BricoPacks\SysFiles\68_wiashext.dll
    + 2008-06-23 16:28:23 826,368 ----a-w C:\WINDOWS\BricoPacks\SysFiles\69_wininet.dll
    + 2004-08-10 20:00:00 115,200 ----a-w C:\WINDOWS\BricoPacks\SysFiles\7_calc.exe
    + 2004-08-10 20:00:00 773,632 ----a-w C:\WINDOWS\BricoPacks\SysFiles\70_WINNTBBU.DLL
    + 2007-03-17 13:44:47 293,376 ----a-w C:\WINDOWS\BricoPacks\SysFiles\71_winsrv.dll
    + 2007-07-30 18:19:16 53,080 ----a-w C:\WINDOWS\BricoPacks\SysFiles\73_wuauclt.exe
    + 2004-08-10 20:00:00 168,960 ----a-w C:\WINDOWS\BricoPacks\SysFiles\74_wuauclt1.exe
    + 2004-08-10 20:00:00 2,986,496 ----a-w C:\WINDOWS\BricoPacks\SysFiles\76_xpsp2res.dll
    + 2004-08-10 20:00:00 340,480 ----a-w C:\WINDOWS\BricoPacks\SysFiles\77_zipfldr.dll
    + 2004-08-10 20:00:00 515,584 ----a-w C:\WINDOWS\BricoPacks\SysFiles\78_logonui.exe
    + 2004-08-10 20:00:00 65,536 ----a-w C:\WINDOWS\BricoPacks\SysFiles\8_cleanmgr.exe
    + 2004-08-10 20:00:00 60,416 ----a-w C:\WINDOWS\BricoPacks\SysFiles\80_msimn.exe
    + 2004-08-10 20:00:00 2,534,400 ----a-w C:\WINDOWS\BricoPacks\SysFiles\81_msoeres.dll
    + 2004-08-10 20:00:00 3,555,328 ----a-w C:\WINDOWS\BricoPacks\SysFiles\82_moviemk.exe
    + 2004-08-10 20:00:00 400,896 ----a-w C:\WINDOWS\BricoPacks\SysFiles\9_cmd.exe
    + 2004-08-10 20:00:00 219,648 ----a-w C:\WINDOWS\BricoPacks\SysFiles\Ux_uxtheme.dll
    + 2001-10-18 21:51:00 46,592 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll
    + 2005-06-09 22:08:00 283,294 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\iColorFolder.dll
    + 2006-03-09 14:33:18 405,504 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\iColorFolder.exe
    + 2005-06-09 22:08:00 283,294 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\skins\Vista Inspirat\iColorFolder.dll
    + 2008-08-26 02:41:23 33,617 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\uninstall.exe
    + 2007-04-22 08:18:34 98,304 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe
    + 2004-08-10 20:00:00 457,728 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\10_cmdial32.dll
    + 2004-08-10 20:00:00 70,144 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\11_console.dll
    + 2004-08-10 20:00:00 190,976 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\12_credui.dll
    + 2007-06-13 13:22:28 979,456 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\14_explorer.exe
    + 2004-08-10 20:00:00 396,288 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\15_fontext.dll
    + 2004-08-10 20:00:00 764,928 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\17_helpctr.exe
    + 2004-08-10 20:00:00 161,792 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\18_hotplug.dll
    + 2004-08-10 20:00:00 101,376 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\2_ahui.exe
    + 2004-08-10 20:00:00 292,352 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\20_inetcplc.dll
    + 2004-08-10 20:00:00 409,600 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\23_keymgr.dll
    + 2004-08-10 20:00:00 3,128,320 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\24_logon.scr
    + 2004-08-10 20:00:00 544,768 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\26_migwiz.exe
    + 2004-08-10 20:00:00 380,416 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\28_moricons.dll
    + 2004-08-10 20:00:00 1,111,552 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\29_msgina.dll
    + 2008-06-24 08:28:24 3,865,088 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\30_mshtml.dll
    + 2004-08-10 20:00:00 444,928 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\31_mspaint.exe
    + 2004-08-10 20:00:00 328,192 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\32_mstask.dll
    + 2004-08-10 20:00:00 657,408 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\33_mstscax.dll
    + 2004-08-10 20:00:00 86,528 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\34_mydocs.dll
    + 2004-08-10 20:00:00 56,832 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\35_narrator.exe
    + 2004-08-10 20:00:00 153,088 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\37_netid.dll
    + 2005-06-21 22:01:34 2,137,088 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\38_netshell.dll
    + 2004-08-10 20:00:00 416,256 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\39_newdev.dll
    + 2004-08-10 20:00:00 28,672 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\4_batmeter.dll
    + 2004-08-10 20:00:00 156,672 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\40_notepad.exe
    + 2004-08-10 20:00:00 156,672 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\41_notepad.exe
    + 2004-08-10 20:00:00 233,984 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\42_ntshrui.dll
    + 2008-06-23 16:28:22 164,352 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\44_occache.dll
    + 2004-08-10 20:00:00 758,784 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\46_printui.dll
    + 2004-08-10 20:00:00 1,256,960 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\47_rasdlg.dll
    + 2004-08-10 20:00:00 230,912 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\48_regedit.exe
    + 2004-08-10 20:00:00 689,664 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\49_shdoclc.dll
    + 2007-10-11 05:59:18 1,022,464 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\5_browseui.dll
    + 2007-10-11 05:59:28 1,777,664 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\50_shdocvw.dll
    + 2007-10-25 16:43:25 12,930,560 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\51_shell32.dll
    + 2004-08-10 20:00:00 1,790,464 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\52_shimgvw.dll
    + 2007-10-11 05:59:28 499,200 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\53_shlwapi.dll
    + 2004-08-10 20:00:00 182,272 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\54_sndrec32.exe
    + 2004-08-10 20:00:00 152,576 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\55_sndvol32.exe
    + 2004-08-10 20:00:00 147,968 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\56_stobject.dll
    + 2004-08-10 20:00:00 183,296 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\58_sysocmgr.exe
    + 2004-08-10 20:00:00 1,261,568 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\59_syssetup.dll
    + 2004-08-10 20:00:00 83,456 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\6_cabview.dll
    + 2004-08-10 20:00:00 189,440 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\60_taskmgr.exe
    + 2004-08-10 20:00:00 393,728 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\62_themeui.dll
    + 2008-06-23 16:28:22 62,464 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\64_url.dll
    + 2008-06-23 16:28:23 1,233,408 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\65_urlmon.dll
    + 2008-06-23 16:28:23 394,240 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\66_webcheck.dll
    + 2004-08-10 20:00:00 890,880 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\67_wiaacmgr.exe
    + 2004-08-10 20:00:00 774,656 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\68_wiashext.dll
    + 2008-06-23 16:28:23 817,152 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\69_wininet.dll
    + 2004-08-10 20:00:00 118,272 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\7_calc.exe
    + 2004-08-10 20:00:00 773,120 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\70_WINNTBBU.DLL
    + 2007-03-17 13:44:47 294,400 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\71_winsrv.dll
    + 2007-07-30 18:19:16 68,440 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\73_wuauclt.exe
    + 2004-08-10 20:00:00 288,768 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\74_wuauclt1.exe
    + 2004-08-10 20:00:00 3,378,176 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\76_xpsp2res.dll
    + 2004-08-10 20:00:00 907,776 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\77_zipfldr.dll
    + 2004-08-10 20:00:00 5,650,944 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\78_logonui.exe
    + 2004-08-10 20:00:00 110,080 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\8_cleanmgr.exe
    + 2004-08-10 20:00:00 223,744 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\80_msimn.exe
    + 2004-08-10 20:00:00 2,534,400 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\81_msoeres.dll
    + 2004-08-10 20:00:00 3,676,160 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\82_moviemk.exe
    + 2004-08-10 20:00:00 428,032 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\9_cmd.exe
    + 2008-08-26 02:42:56 219,648 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\Ux_uxtheme.dll
    + 2007-04-22 10:31:50 147,456 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\Panel.exe
    + 2008-08-26 02:42:56 153,834 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
    + 2007-05-28 15:06:40 15,191 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\77_logonui.exe\UIFILE_1000.bin
    + 2006-05-21 07:49:32 881,664 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResHacker\ResHacker.exe
    + 2007-03-04 07:48:16 106,496 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Docklets\RocketClock\RocketClock.dll
    + 2007-01-01 15:23:54 1,645,320 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\gdiplus.dll
    + 2007-03-18 22:04:22 69,632 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
    + 2007-03-18 22:05:02 630,784 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    + 2007-03-18 22:04:18 69,632 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Tools\Debug.exe
    + 2007-01-01 15:24:48 6,144 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Tools\LanguageID Finder.exe
    + 2006-05-21 07:49:38 11,776 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\Tools\dialog.exe
    + 2006-05-21 07:49:38 32,610 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\Tools\refresh.exe
    + 2005-06-01 19:41:18 65,536 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    + 2006-05-21 07:43:06 1,645,320 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\gdiplus.dll
    + 2006-05-21 07:43:06 6,144 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Languages\LanguageID Finder.exe
    + 2006-05-21 07:43:06 53,248 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Plugins\iBounce\fx.dll
    + 2006-05-21 07:43:06 57,344 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Plugins\iZoom\fx.dll
    + 2006-05-21 07:43:08 180,224 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    + 2006-05-21 07:43:08 65,536 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
    + 2006-05-21 07:43:08 35,328 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Uninst.exe
    + 2007-05-28 15:06:48 155,417 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\Update.exe
    + 2006-05-21 07:43:14 53,248 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
    + 2006-05-21 07:43:14 155,648 ----a-w C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    + 2008-04-23 04:16:39 124,928 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\advpack.dll
    + 2008-04-23 04:16:39 347,136 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtmsft.dll
    + 2008-04-23 04:16:39 214,528 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtrans.dll
    + 2008-04-23 04:16:39 133,120 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\extmgr.dll
    + 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\icardie.dll
    + 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe
    + 2008-04-23 04:16:39 153,088 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakeng.dll
    + 2008-04-23 04:16:39 230,400 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieaksie.dll
    + 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakui.dll
    + 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieapfltr.dll
    + 2008-04-23 04:16:39 384,512 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iedkcs32.dll
    + 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll
    + 2008-04-23 04:16:39 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iernonce.dll
    + 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll
    + 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe
    + 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
    + 2008-04-23 04:16:40 27,648 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\jsproxy.dll
    + 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeeds.dll
    + 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeedsbs.dll
    + 2008-04-23 20:16:42 3,591,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtml.dll
    + 2008-04-23 04:16:40 478,208 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtmled.dll
    + 2008-04-23 04:16:40 193,024 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msrating.dll
    + 2008-04-23 04:16:40 671,232 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mstime.dll
    + 2008-04-23 04:16:40 102,912 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\occache.dll
    + 2008-04-23 04:16:40 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\pngfilt.dll
    + 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe
    + 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\updspapi.dll
    + 2008-04-23 04:16:40 105,984 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\url.dll
    + 2008-04-23 04:16:40 1,159,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\urlmon.dll
    + 2008-04-23 04:16:40 233,472 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\webcheck.dll
    - 2008-05-15 01:02:22 2,560 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\cagicon.exe
    + 2008-08-13 20:15:41 2,560 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\cagicon.exe
    - 2008-05-15 01:02:22 34,304 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\misc.exe
    + 2008-08-13 20:15:41 34,304 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\misc.exe
    - 2008-05-15 01:02:22 8,192 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe
    + 2008-08-13 20:15:41 8,192 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe
    - 2008-05-15 01:02:22 3,584 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe
    + 2008-08-13 20:15:41 3,584 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe
    - 2008-05-15 01:02:22 114,688 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
    + 2008-08-13 20:15:41 114,688 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
    - 2008-05-15 01:02:22 16,384 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe
    + 2008-08-13 20:15:41 16,384 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe
    - 2008-05-15 01:02:22 30,720 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
    + 2008-08-13 20:15:41 30,720 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
    - 2008-05-15 01:02:22 22,528 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe
    + 2008-08-13 20:15:41 22,528 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe
    - 2008-05-15 01:02:22 45,056 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
    + 2008-08-13 20:15:41 45,056 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
    - 2008-05-15 01:02:22 90,112 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
    + 2008-08-13 20:15:41 90,112 ----a-r C:\WINDOWS\Installer\{913D040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
    - 2004-08-10 20:00:00 70,656 ----a-w C:\WINDOWS\NOTEPAD.EXE
    + 2004-08-10 20:00:00 156,672 ----a-w C:\WINDOWS\notepad.exe
    - 2004-08-10 20:00:00 768,512 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe
    + 2004-08-10 20:00:00 764,928 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
    - 2004-08-10 20:00:00 153,088 ----a-w C:\WINDOWS\regedit.exe
    + 2004-08-10 20:00:00 230,912 ----a-w C:\WINDOWS\regedit.exe
    + 2007-04-20 17:16:00 1,117,184 ----a-w C:\WINDOWS\Resources\Themes\Inspirat2\Shell\AeroBlack\Shellstyle.dll
    + 2007-04-20 17:16:00 1,117,184 ----a-w C:\WINDOWS\Resources\Themes\Inspirat2\Shell\AeroBlue\Shellstyle.dll
    + 2007-04-21 09:07:00 894,464 ----a-w C:\WINDOWS\Resources\Themes\Inspirat2\Shell\ClassicXP\Shellstyle.dll
    + 2007-04-20 17:16:00 1,117,184 ----a-w C:\WINDOWS\Resources\Themes\Inspirat2\Shell\NormalColor\Shellstyle.dll
    + 2005-08-20 09:30:00 2,085,888 ----a-w C:\WINDOWS\Resources\Themes\Vista\Shell\NormalColor\shellstyle.dll
    + 2005-08-20 11:48:00 1,201,664 ----a-w C:\WINDOWS\Resources\Themes\Vista\Shell\VISTA12\shellstyle.dll
    + 2005-08-20 09:30:00 2,085,888 ----a-w C:\WINDOWS\Resources\Themes\Vista\Shell\VISTA2\shellstyle.dll
    + 2005-08-20 11:48:00 1,201,664 ----a-w C:\WINDOWS\Resources\Themes\Vista\Shell\VISTA22\shellstyle.dll
    - 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
    + 2008-06-23 16:28:17 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
    - 2004-08-10 20:00:00 98,304 ----a-w C:\WINDOWS\system32\ahui.exe
    + 2004-08-10 20:00:00 101,376 ----a-w C:\WINDOWS\system32\ahui.exe
    - 2007-10-11 05:59:18 1,024,512 ----a-w C:\WINDOWS\system32\browseui.dll
    + 2007-10-11 05:59:18 1,022,464 ----a-w C:\WINDOWS\system32\browseui.dll
    - 2004-08-10 20:00:00 85,504 ----a-w C:\WINDOWS\system32\cabview.dll
    + 2004-08-10 20:00:00 83,456 ----a-w C:\WINDOWS\system32\cabview.dll
    - 2004-08-10 20:00:00 115,200 ----a-w C:\WINDOWS\system32\calc.exe
    + 2004-08-10 20:00:00 118,272 ----a-w C:\WINDOWS\system32\calc.exe
    - 2004-08-10 20:00:00 65,536 ----a-w C:\WINDOWS\system32\cleanmgr.exe
    + 2004-08-10 20:00:00 110,080 ----a-w C:\WINDOWS\system32\cleanmgr.exe
    - 2004-08-10 20:00:00 400,896 ----a-w C:\WINDOWS\system32\cmd.exe
    + 2004-08-10 20:00:00 428,032 ----a-w C:\WINDOWS\system32\cmd.exe
    - 2004-08-10 20:00:00 352,256 ----a-w C:\WINDOWS\system32\cmdial32.dll
    + 2004-08-10 20:00:00 457,728 ----a-w C:\WINDOWS\system32\cmdial32.dll
    - 2004-08-10 20:00:00 67,072 ----a-w C:\WINDOWS\system32\console.dll
    + 2004-08-10 20:00:00 70,144 ----a-w C:\WINDOWS\system32\console.dll
    - 2004-08-10 20:00:00 165,888 ----a-w C:\WINDOWS\system32\credui.dll
    + 2004-08-10 20:00:00 190,976 ----a-w C:\WINDOWS\system32\credui.dll
    + 2008-07-25 08:34:36 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
    + 2008-07-25 08:34:42 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
    + 2008-07-25 08:34:40 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
    + 2008-07-25 08:34:40 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
    + 2008-07-25 08:34:40 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
    + 2008-07-25 08:34:30 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    - 2008-04-23 04:16:39 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
    + 2008-06-23 16:28:17 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
    - 2004-08-10 20:00:00 98,304 -c--a-w C:\WINDOWS\system32\dllcache\ahui.exe
    + 2004-08-10 20:00:00 101,376 -c--a-w C:\WINDOWS\system32\dllcache\ahui.exe
    - 2007-10-11 05:59:18 1,024,512 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
    + 2007-10-11 05:59:18 1,022,464 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
    - 2004-08-10 20:00:00 85,504 -c--a-w C:\WINDOWS\system32\dllcache\cabview.dll
    + 2004-08-10 20:00:00 83,456 -c--a-w C:\WINDOWS\system32\dllcache\cabview.dll
    - 2004-08-10 20:00:00 115,200 -c--a-w C:\WINDOWS\system32\dllcache\calc.exe
    + 2004-08-10 20:00:00 118,272 -c--a-w C:\WINDOWS\system32\dllcache\calc.exe
    - 2004-08-10 20:00:00 65,536 -c--a-w C:\WINDOWS\system32\dllcache\cleanmgr.exe
    + 2004-08-10 20:00:00 110,080 -c--a-w C:\WINDOWS\system32\dllcache\cleanmgr.exe
    - 2004-08-10 20:00:00 400,896 -c--a-w C:\WINDOWS\system32\dllcache\cmd.exe
    + 2004-08-10 20:00:00 428,032 -c--a-w C:\WINDOWS\system32\dllcache\cmd.exe
    - 2004-08-10 20:00:00 352,256 -c--a-w C:\WINDOWS\system32\dllcache\cmdial32.dll
    + 2004-08-10 20:00:00 457,728 -c--a-w C:\WINDOWS\system32\dllcache\cmdial32.dll
    - 2004-08-10 20:00:00 67,072 -c--a-w C:\WINDOWS\system32\dllcache\console.dll
    + 2004-08-10 20:00:00 70,144 -c--a-w C:\WINDOWS\system32\dllcache\console.dll
    - 2004-08-10 20:00:00 165,888 -c--a-w C:\WINDOWS\system32\dllcache\credui.dll
    + 2004-08-10 20:00:00 190,976 -c--a-w C:\WINDOWS\system32\dllcache\credui.dll
    - 2008-04-23 04:16:39 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    + 2008-06-23 16:28:17 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    - 2008-04-23 04:16:39 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
    + 2008-06-23 16:28:17 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
    - 2005-07-26 04:39:58 243,200 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
    + 2008-07-07 20:31:48 253,952 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
    - 2008-04-23 04:16:39 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
    + 2008-06-23 16:28:17 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
    - 2004-08-10 20:00:00 386,560 -c--a-w C:\WINDOWS\system32\dllcache\fontext.dll
    + 2004-08-10 20:00:00 396,288 -c--a-w C:\WINDOWS\system32\dllcache\fontext.dll
    - 2004-08-10 20:00:00 768,512 -c--a-w C:\WINDOWS\system32\dllcache\helpctr.exe
    + 2004-08-10 20:00:00 764,928 -c--a-w C:\WINDOWS\system32\dllcache\helpctr.exe
    - 2004-08-10 20:00:00 146,944 -c--a-w C:\WINDOWS\system32\dllcache\hotplug.dll
    + 2004-08-10 20:00:00 161,792 -c--a-w C:\WINDOWS\system32\dllcache\hotplug.dll
    - 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
    + 2008-06-23 16:28:17 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
    - 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    + 2008-06-23 09:21:30 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    - 2008-04-23 04:16:39 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
    + 2008-06-23 16:28:18 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
    - 2008-04-23 04:16:39 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
    + 2008-06-23 16:28:18 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
    - 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
    + 2008-06-21 05:23:54 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
    - 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    + 2008-06-23 16:28:18 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    - 2008-04-23 04:16:39 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    + 2008-06-23 16:28:18 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    - 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
    + 2008-06-23 16:28:19 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
    - 2008-04-23 04:16:39 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
    + 2008-06-23 16:28:19 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
    - 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
    + 2008-06-23 16:28:20 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
    - 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
    + 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
    - 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
    + 2008-06-23 09:21:49 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
    - 2007-08-21 06:17:23 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
    + 2008-04-11 18:51:06 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
    - 2004-08-10 20:00:00 121,856 -c--a-w C:\WINDOWS\system32\dllcache\inetcplc.dll
    + 2004-08-10 20:00:00 292,352 -c--a-w C:\WINDOWS\system32\dllcache\inetcplc.dll
    - 2008-04-23 04:16:40 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
    + 2008-06-23 16:28:20 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
    - 2004-08-10 20:00:00 157,184 -c--a-w C:\WINDOWS\system32\dllcache\keymgr.dll
    + 2004-08-10 20:00:00 409,600 -c--a-w C:\WINDOWS\system32\dllcache\keymgr.dll
    - 2004-08-10 20:00:00 221,696 -c--a-w C:\WINDOWS\system32\dllcache\logon.scr
    + 2004-08-10 20:00:00 3,128,320 -c--a-w C:\WINDOWS\system32\dllcache\logon.scr
    - 2004-08-10 20:00:00 515,584 -c--a-w C:\WINDOWS\system32\dllcache\logonui.exe
    + 2004-08-10 20:00:00 5,650,944 -c--a-w C:\WINDOWS\system32\dllcache\logonui.exe
    - 2004-08-10 20:00:00 246,784 -c--a-w C:\WINDOWS\system32\dllcache\migwiz.exe
    + 2004-08-10 20:00:00 544,768 -c--a-w C:\WINDOWS\system32\dllcache\migwiz.exe
    - 2004-08-10 20:00:00 216,064 -c--a-w C:\WINDOWS\system32\dllcache\moricons.dll
    + 2004-08-10 20:00:00 380,416 -c--a-w C:\WINDOWS\system32\dllcache\moricons.dll
    - 2004-08-10 20:00:00 3,555,328 -c--a-w C:\WINDOWS\system32\dllcache\moviemk.exe
    + 2004-08-10 20:00:00 3,676,160 -c--a-w C:\WINDOWS\system32\dllcache\moviemk.exe
    - 2004-08-10 20:00:00 331,776 -c--a-w C:\WINDOWS\system32\dllcache\msadce.dll
    + 2008-05-01 14:31:48 331,776 -c--a-w C:\WINDOWS\system32\dllcache\msadce.dll
    - 2005-06-29 01:49:42 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
    + 2008-06-24 16:23:56 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
    - 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
    + 2008-06-23 16:28:20 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
    - 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    + 2008-06-23 16:28:20 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    - 2004-08-10 20:00:00 1,004,032 -c--a-w C:\WINDOWS\system32\dllcache\msgina.dll
    + 2004-08-10 20:00:00 1,111,552 -c--a-w C:\WINDOWS\system32\dllcache\msgina.dll
    - 2008-04-23 20:16:42 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
    + 2008-06-24 08:28:24 3,865,088 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    - 2008-04-23 04:16:40 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
    + 2008-06-23 16:28:22 477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
    - 2004-08-10 20:00:00 60,416 -c--a-w C:\WINDOWS\system32\dllcache\msimn.exe
    + 2004-08-10 20:00:00 223,744 -c--a-w C:\WINDOWS\system32\dllcache\msimn.exe
    - 2004-08-10 20:00:00 347,648 -c--a-w C:\WINDOWS\system32\dllcache\mspaint.exe
    + 2004-08-10 20:00:00 444,928 -c--a-w C:\WINDOWS\system32\dllcache\mspaint.exe
    - 2008-04-23 04:16:40 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
    + 2008-06-23 16:28:22 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
    - 2004-08-10 20:00:00 281,600 -c--a-w C:\WINDOWS\system32\dllcache\mstask.dll
    + 2004-08-10 20:00:00 328,192 -c--a-w C:\WINDOWS\system32\dllcache\mstask.dll
    - 2008-04-23 04:16:40 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
    + 2008-06-23 16:28:22 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
    - 2004-08-10 20:00:00 655,360 -c--a-w C:\WINDOWS\system32\dllcache\mstscax.dll
    + 2004-08-10 20:00:00 657,408 -c--a-w C:\WINDOWS\system32\dllcache\mstscax.dll
    - 2004-08-10 20:00:00 91,648 -c--a-w C:\WINDOWS\system32\dllcache\mydocs.dll
    + 2004-08-10 20:00:00 86,528 -c--a-w C:\WINDOWS\system32\dllcache\mydocs.dll
    - 2004-08-10 20:00:00 55,296 -c--a-w C:\WINDOWS\system32\dllcache\narrator.exe
    + 2004-08-10 20:00:00 56,832 -c--a-w C:\WINDOWS\system32\dllcache\narrator.exe
    - 2004-08-10 20:00:00 144,896 -c--a-w C:\WINDOWS\system32\dllcache\netid.dll
    + 2004-08-10 20:00:00 153,088 -c--a-w C:\WINDOWS\system32\dllcache\netid.dll
    - 2005-06-21 22:01:34 1,721,344 -c--a-w C:\WINDOWS\system32\dllcache\netshell.dll
    + 2005-06-21 22:01:34 2,137,088 -c--a-w C:\WINDOWS\system32\dllcache\netshell.dll
    - 2004-08-10 20:00:00 251,392 -c--a-w C:\WINDOWS\system32\dllcache\newdev.dll
    + 2004-08-10 20:00:00 416,256 -c--a-w C:\WINDOWS\system32\dllcache\newdev.dll
    - 2004-08-10 20:00:00 70,656 -c--a-w C:\WINDOWS\system32\dllcache\notepad.exe
    + 2004-08-10 20:00:00 156,672 -c--a-w C:\WINDOWS\system32\dllcache\notepad.exe
    - 2004-08-10 20:00:00 145,920 -c--a-w C:\WINDOWS\system32\dllcache\ntshrui.dll
    + 2004-08-10 20:00:00 233,984 -c--a-w C:\WINDOWS\system32\dllcache\ntshrui.dll
    - 2008-04-23 04:16:40 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
    + 2008-06-23 16:28:22 164,352 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
    - 2008-04-23 04:16:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    + 2008-06-23 16:28:22 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    - 2004-08-10 20:00:00 578,560 -c--a-w C:\WINDOWS\system32\dllcache\printui.dll
    + 2004-08-10 20:00:00 758,784 -c--a-w C:\WINDOWS\system32\dllcache\printui.dll
    - 2004-08-10 20:00:00 685,056 -c--a-w C:\WINDOWS\system32\dllcache\rasdlg.dll
    + 2004-08-10 20:00:00 1,256,960 -c--a-w C:\WINDOWS\system32\dllcache\rasdlg.dll
    - 2004-08-10 20:00:00 153,088 -c--a-w C:\WINDOWS\system32\dllcache\regedit.exe
    + 2004-08-10 20:00:00 230,912 -c--a-w C:\WINDOWS\system32\dllcache\regedit.exe
    - 2004-08-10 20:00:00 572,416 -c--a-w C:\WINDOWS\system32\dllcache\shdoclc.dll
    + 2004-08-10 20:00:00 689,664 -c--a-w C:\WINDOWS\system32\dllcache\shdoclc.dll
    - 2007-10-11 05:59:28 1,498,624 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
    + 2007-10-11 05:59:28 1,777,664 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
    - 2007-10-25 16:43:25 8,516,608 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
    + 2007-10-25 16:43:25 12,930,560 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
    - 2004-08-10 20:00:00 440,320 -c--a-w C:\WINDOWS\system32\dllcache\shimgvw.dll
    + 2004-08-10 20:00:00 1,790,464 -c--a-w C:\WINDOWS\system32\dllcache\shimgvw.dll
    - 2007-10-11 05:59:28 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
    + 2007-10-11 05:59:28 499,200 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
    - 2004-08-10 20:00:00 133,120 -c--a-w C:\WINDOWS\system32\dllcache\sndrec32.exe
    + 2004-08-10 20:00:00 182,272 -c--a-w C:\WINDOWS\system32\dllcache\sndrec32.exe
    - 2004-08-10 20:00:00 139,264 -c--a-w C:\WINDOWS\system32\dllcache\sndvol32.exe
    + 2004-08-10 20:00:00 152,576 -c--a-w C:\WINDOWS\system32\dllcache\sndvol32.exe
    - 2004-08-10 20:00:00 122,368 -c--a-w C:\WINDOWS\system32\dllcache\stobject.dll
    + 2004-08-10 20:00:00 147,968 -c--a-w C:\WINDOWS\system32\dllcache\stobject.dll
    - 2004-08-10 20:00:00 107,520 -c--a-w C:\WINDOWS\system32\dllcache\sysocmgr.exe
    + 2004-08-10 20:00:00 183,296 -c--a-w C:\WINDOWS\system32\dllcache\sysocmgr.exe
    - 2004-08-10 20:00:00 1,005,056 -c--a-w C:\WINDOWS\system32\dllcache\syssetup.dll
    + 2004-08-10 20:00:00 1,261,568 -c--a-w C:\WINDOWS\system32\dllcache\syssetup.dll
    - 2004-08-10 20:00:00 143,360 -c--a-w C:\WINDOWS\system32\dllcache\taskmgr.exe
    + 2004-08-10 20:00:00 189,440 -c--a-w C:\WINDOWS\system32\dllcache\taskmgr.exe
    - 2004-08-10 20:00:00 391,168 -c--a-w C:\WINDOWS\system32\dllcache\themeui.dll
    + 2004-08-10 20:00:00 393,728 -c--a-w C:\WINDOWS\system32\dllcache\themeui.dll
    - 2008-04-23 04:16:40 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
    + 2008-06-23 16:28:22 62,464 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
    - 2008-04-23 04:16:40 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
    + 2008-06-23 16:28:23 1,233,408 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    - 2004-08-10 20:00:00 219,648 -c--a-w C:\WINDOWS\system32\dllcache\uxtheme.dll
    + 2008-08-26 02:42:56 219,648 -c--a-w C:\WINDOWS\system32\dllcache\uxtheme.dll
    - 2008-04-23 04:16:40 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
    + 2008-06-23 16:28:23 394,240 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
    - 2004-08-10 20:00:00 438,784 -c--a-w C:\WINDOWS\system32\dllcache\wiaacmgr.exe
    + 2004-08-10 20:00:00 890,880 -c--a-w C:\WINDOWS\system32\dllcache\wiaacmgr.exe
    - 2004-08-10 20:00:00 594,432 -c--a-w C:\WINDOWS\system32\dllcache\wiashext.dll
    + 2004-08-10 20:00:00 774,656 -c--a-w C:\WINDOWS\system32\dllcache\wiashext.dll
    - 2004-08-10 20:00:00 773,632 -c--a-w C:\WINDOWS\system32\dllcache\winntbbu.dll
    + 2004-08-10 20:00:00 773,120 -c--a-w C:\WINDOWS\system32\dllcache\WINNTBBU.DLL
    - 2007-03-17 13:44:47 293,376 -c--a-w C:\WINDOWS\system32\dllcache\winsrv.dll
    + 2007-03-17 13:44:47 294,400 -c--a-w C:\WINDOWS\system32\dllcache\winsrv.dll
    - 2004-08-10 20:00:00 168,960 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt1.exe
    + 2004-08-10 20:00:00 288,768 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt1.exe
    - 2004-08-10 20:00:00 340,480 -c--a-w C:\WINDOWS\system32\dllcache\zipfldr.dll
    + 2004-08-10 20:00:00 907,776 -c--a-w C:\WINDOWS\system32\dllcache\zipfldr.dll
    + 2008-07-25 08:34:54 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    + 2008-07-25 08:34:46 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
    + 2008-07-25 08:34:46 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    + 2008-07-25 08:34:50 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
    + 2008-07-25 08:34:46 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    + 2008-07-25 08:34:46 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
    + 2008-07-25 08:34:46 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    + 2008-05-09 11:15:51 45,376 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
    + 2008-01-21 16:11:28 22,336 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
    + 2008-06-27 13:03:55 75,072 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
    + 2007-03-01 08:34:22 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
    + 2008-07-25 08:34:52 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
    - 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
    + 2008-06-23 16:28:17 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
    - 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
    + 2008-06-23 16:28:17 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
    - 2008-04-23 04:16:39 133,120 ------w C:\WINDOWS\system32\extmgr.dll
    + 2008-06-23 16:28:17 133,120 ------w C:\WINDOWS\system32\extmgr.dll
    - 2008-04-10 07:56:09 1,530,104 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    + 2008-08-13 11:50:14 1,530,136 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    - 2004-08-10 20:00:00 386,560 ----a-w C:\WINDOWS\system32\fontext.dll
    + 2004-08-10 20:00:00 396,288 ----a-w C:\WINDOWS\system32\fontext.dll
    - 2004-08-10 20:00:00 146,944 ----a-w C:\WINDOWS\system32\hotplug.dll
    + 2004-08-10 20:00:00 161,792 ----a-w C:\WINDOWS\system32\hotplug.dll
    - 2008-04-23 04:16:39 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
    + 2008-06-23 16:28:17 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
    - 2008-04-22 07:41:08 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
    + 2008-06-23 09:21:30 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
    - 2008-04-23 04:16:39 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
    + 2008-06-23 16:28:18 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
    - 2008-04-23 04:16:39 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
    + 2008-06-23 16:28:18 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
    - 2008-04-20 05:07:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
    + 2008-06-21 05:23:54 161,792 ------w C:\WINDOWS\system32\ieakui.dll
    - 2008-04-23 04:16:39 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
    + 2008-06-23 16:28:18 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
    - 2008-04-23 04:16:39 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
    + 2008-06-23 16:28:18 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
    - 2008-04-23 04:16:39 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
    + 2008-06-23 16:28:19 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
    - 2008-04-23 04:16:39 44,544 ------w C:\WINDOWS\system32\iernonce.dll
    + 2008-06-23 16:28:19 44,544 ------w C:\WINDOWS\system32\iernonce.dll
    - 2008-04-23 04:16:39 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
    + 2008-06-23 16:28:20 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
    - 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
    + 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
    - 2007-08-21 06:17:23 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
    + 2008-04-11 18:51:06 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
    - 2004-08-10 20:00:00 121,856 ----a-w C:\WINDOWS\system32\inetcplc.dll
    + 2004-08-10 20:00:00 292,352 ----a-w C:\WINDOWS\system32\inetcplc.dll
    - 2008-04-23 04:16:40 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
    + 2008-06-23 16:28:20 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
    - 2004-08-10 20:00:00 157,184 ----a-w C:\WINDOWS\system32\keymgr.dll
    + 2004-08-10 20:00:00 409,600 ----a-w C:\WINDOWS\system32\keymgr.dll
    - 2004-08-10 20:00:00 221,696 ----a-w C:\WINDOWS\system32\logon.scr
    + 2004-08-10 20:00:00 3,128,320 ----a-w C:\WINDOWS\system32\logon.scr
    - 2004-08-10 20:00:00 515,584 ----a-w C:\WINDOWS\system32\logonui.exe
    + 2004-08-10 20:00:00 5,650,944 ----a-w C:\WINDOWS\system32\logonui.exe
    - 2004-08-10 20:00:00 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
    + 2004-08-10 20:00:00 380,416 ----a-w C:\WINDOWS\system32\moricons.dll
    - 2008-04-23 04:16:40 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
    + 2008-06-23 16:28:20 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
    - 2008-04-23 04:16:40 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
    + 2008-06-23 16:28:20 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
    - 2004-08-10 20:00:00 1,004,032 ----a-w C:\WINDOWS\system32\msgina.dll
    + 2004-08-10 20:00:00 1,111,552 ----a-w C:\WINDOWS\system32\msgina.dll
    - 2008-04-23 20:16:42 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
    + 2008-06-24 08:28:24 3,865,088 ----a-w C:\WINDOWS\system32\mshtml.dll
    - 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
    + 2008-06-23 16:28:22 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
    - 2004-08-10 20:00:00 347,648 ----a-w C:\WINDOWS\system32\mspaint.exe
    + 2004-08-10 20:00:00 444,928 ----a-w C:\WINDOWS\system32\mspaint.exe
    - 2008-04-23 04:16:40 193,024 ------w C:\WINDOWS\system32\msrating.dll
    + 2008-06-23 16:28:22 193,024 ------w C:\WINDOWS\system32\msrating.dll
    - 2004-08-10 20:00:00 281,600 ----a-w C:\WINDOWS\system32\mstask.dll
    + 2004-08-10 20:00:00 328,192 ----a-w C:\WINDOWS\system32\mstask.dll
    - 2008-04-23 04:16:40 671,232 ------w C:\WINDOWS\system32\mstime.dll
    + 2008-06-23 16:28:22 671,232 ------w C:\WINDOWS\system32\mstime.dll
    - 2004-08-10 20:00:00 655,360 ----a-w C:\WINDOWS\system32\mstscax.dll
    + 2004-08-10 20:00:00 657,408 ----a-w C:\WINDOWS\system32\mstscax.dll
    - 2004-08-10 20:00:00 91,648 ----a-w C:\WINDOWS\system32\mydocs.dll
    + 2004-08-10 20:00:00 86,528 ----a-w C:\WINDOWS\system32\mydocs.dll
    - 2004-08-10 20:00:00 55,296 ----a-w C:\WINDOWS\system32\narrator.exe
    + 2004-08-10 20:00:00 56,832 ----a-w C:\WINDOWS\system32\narrator.exe
    - 2004-08-10 20:00:00 144,896 ----a-w C:\WINDOWS\system32\netid.dll
    + 2004-08-10 20:00:00 153,088 ----a-w C:\WINDOWS\system32\netid.dll
    - 2005-06-21 22:01:34 1,721,344 ----a-w C:\WINDOWS\system32\netshell.dll
    + 2005-06-21 22:01:34 2,137,088 ----a-w C:\WINDOWS\system32\netshell.dll
    - 2004-08-10 20:00:00 251,392 ----a-w C:\WINDOWS\system32\newdev.dll
    + 2004-08-10 20:00:00 416,256 ----a-w C:\WINDOWS\system32\newdev.dll
    - 2004-08-10 20:00:00 70,656 ----a-w C:\WINDOWS\system32\notepad.exe
    + 2004-08-10 20:00:00 156,672 ----a-w C:\WINDOWS\system32\notepad.exe
    - 2004-08-10 20:00:00 145,920 ----a-w C:\WINDOWS\system32\ntshrui.dll
    + 2004-08-10 20:00:00 233,984 ----a-w C:\WINDOWS\system32\ntshrui.dll
    - 2008-04-23 04:16:40 102,912 ------w C:\WINDOWS\system32\occache.dll
    + 2008-06-23 16:28:22 164,352 ----a-w C:\WINDOWS\system32\occache.dll
    - 2008-07-29 14:16:15 64,336 ----a-w C:\WINDOWS\system32\perfc009.dat
    + 2008-08-26 10:25:36 64,336 ----a-w C:\WINDOWS\system32\perfc009.dat
    - 2008-07-29 14:16:15 78,148 ----a-w C:\WINDOWS\system32\perfc00C.dat
    + 2008-08-26 10:25:36 78,148 ----a-w C:\WINDOWS\system32\perfc00C.dat
    - 2008-07-29 14:16:15 407,806 ----a-w C:\WINDOWS\system32\perfh009.dat
    + 2008-08-26 10:25:36 407,806 ----a-w C:\WINDOWS\system32\perfh009.dat
    - 2008-07-29 14:16:15 476,284 ----a-w C:\WINDOWS\system32\perfh00C.dat
    + 2008-08-26 10:25:36 476,284 ----a-w C:\WINDOWS\system32\perfh00C.dat
    - 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
    + 2008-06-23 16:28:22 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
    - 2004-08-10 20:00:00 578,560 ----a-w C:\WINDOWS\system32\printui.dll
    + 2004-08-10 20:00:00 758,784 ----a-w C:\WINDOWS\system32\printui.dll
    - 2007-03-07 23:51:00 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
    + 2008-07-23 16:50:48 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
    - 2004-08-10 20:00:00 685,056 ----a-w C:\WINDOWS\system32\rasdlg.dll
    + 2004-08-10 20:00:00 1,256,960 ----a-w C:\WINDOWS\system32\rasdlg.dll
    - 2004-08-10 20:00:00 572,416 ----a-w C:\WINDOWS\system32\shdoclc.dll
    + 2004-08-10 20:00:00 689,664 ----a-w C:\WINDOWS\system32\shdoclc.dll
    - 2007-10-11 05:59:28 1,498,624 ----a-w C:\WINDOWS\system32\shdocvw.dll
    + 2007-10-11 05:59:28 1,777,664 ----a-w C:\WINDOWS\system32\shdocvw.dll
    - 2007-10-25 16:43:25 8,516,608 ----a-w C:\WINDOWS\system32\shell32.dll
    + 2007-10-25 16:43:25 12,930,560 ----a-w C:\WINDOWS\system32\shell32.dll
    - 2004-08-10 20:00:00 440,320 ----a-w C:\WINDOWS\system32\shimgvw.dll
    + 2004-08-10 20:00:00 1,790,464 ----a-w C:\WINDOWS\system32\shimgvw.dll
    - 2007-10-11 05:59:28 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
    + 2007-10-11 05:59:28 499,200 ----a-w C:\WINDOWS\system32\shlwapi.dll
    - 2004-08-10 20:00:00 133,120 ----a-w C:\WINDOWS\system32\sndrec32.exe
    + 2004-08-10 20:00:00 182,272 ----a-w C:\WINDOWS\system32\sndrec32.exe
    - 2004-08-10 20:00:00 139,264 ----a-w C:\WINDOWS\system32\sndvol32.exe
    + 2004-08-10 20:00:00 152,576 ----a-w C:\WINDOWS\system32\sndvol32.exe
    - 2007-11-30 12:39:29 18,296 ------w C:\WINDOWS\system32\spmsg.dll
    + 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll
    - 2004-08-10 20:00:00 122,368 ----a-w C:\WINDOWS\system32\stobject.dll
    + 2004-08-10 20:00:00 147,968 ----a-w C:\WINDOWS\system32\stobject.dll
    - 2004-08-10 20:00:00 107,520 ----a-w C:\WINDOWS\system32\sysocmgr.exe
    + 2004-08-10 20:00:00 183,296 ----a-w C:\WINDOWS\system32\sysocmgr.exe
    - 2004-08-10 20:00:00 1,005,056 ----a-w C:\WINDOWS\system32\syssetup.dll
    + 2004-08-10 20:00:00 1,261,568 ----a-w C:\WINDOWS\system32\syssetup.dll
    - 2004-08-10 20:00:00 143,360 ----a-w C:\WINDOWS\system32\taskmgr.exe
    + 2004-08-10 20:00:00 189,440 ----a-w C:\WINDOWS\system32\taskmgr.exe
    - 2004-08-10 20:00:00 391,168 ----a-w C:\WINDOWS\system32\themeui.dll
    + 2004-08-10 20:00:00 393,728 ----a-w C:\WINDOWS\system32\themeui.dll
    - 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
    + 2008-07-14 11:09:18 62,976 ------w C:\WINDOWS\system32\tzchange.exe
    - 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
    + 2008-06-23 16:28:22 62,464 ----a-w C:\WINDOWS\system32\url.dll
    - 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
    + 2008-06-23 16:28:23 1,233,408 ----a-w C:\WINDOWS\system32\urlmon.dll
    - 2004-08-10 20:00:00 246,784 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
    + 2004-08-10 20:00:00 544,768 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
    - 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
    + 2008-06-23 16:28:23 394,240 ----a-w C:\WINDOWS\system32\webcheck.dll
    - 2004-08-10 20:00:00 438,784 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
    + 2004-08-10 20:00:00 890,880 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
    - 2004-08-10 20:00:00 594,432 ----a-w C:\WINDOWS\system32\wiashext.dll
    + 2004-08-10 20:00:00 774,656 ----a-w C:\WINDOWS\system32\wiashext.dll
    - 2004-08-10 20:00:00 773,632 ----a-w C:\WINDOWS\system32\winntbbu.dll
    + 2004-08-10 20:00:00 773,120 ----a-w C:\WINDOWS\system32\WINNTBBU.DLL
    - 2007-03-17 13:44:47 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
    + 2007-03-17 13:44:47 294,400 ----a-w C:\WINDOWS\system32\winsrv.dll
    - 2004-08-10 20:00:00 168,960 ----a-w C:\WINDOWS\system32\wuauclt1.exe
    + 2004-08-10 20:00:00 288,768 ----a-w C:\WINDOWS\system32\wuauclt1.exe
    - 2004-08-10 20:00:00 2,986,496 ----a-w C:\WINDOWS\system32\xpsp2res.dll
    + 2004-08-10 20:00:00 3,378,176 ----a-w C:\WINDOWS\system32\xpsp2res.dll
    - 2004-08-10 20:00:00 340,480 ----a-w C:\WINDOWS\system32\zipfldr.dll
    + 2004-08-10 20:00:00 907,776 ----a-w C:\WINDOWS\system32\zipfldr.dll
    - 2008-07-29 21:53:49 408,112 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\sfdb.dat
    + 2008-08-16 10:23:29 517,480 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\sfdb.dat
    - 2008-07-29 14:19:53 9,956,040 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat
    + 2008-08-13 13:15:56 9,421,282 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat
    + 2008-08-13 11:47:18 14,938,624 ----a-w C:\WINDOWS\system32\ZoneLabs\zlqrtdb.dat
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" [2008-06-20 09:23 154368]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 20:10 1688872]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 22:00 15360]
    "AppCmdInfo"="C:\WINDOWS\system32\tgjoduva.exe" [2008-08-25 02:06 90112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 15:21 2213160]
    "razer"="C:\Program Files\Razer\CopperHead\razerhid.exe" [2005-08-16 16:21 155648]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 16:57 282624]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_
    27 Août 2008 16:13:48

    [2008-06-20 22:55 185896]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 09:05 919016]
    "TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-08-25 02:12 914512]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 22:00 15360]

    C:\Documents and Settings\Kaos\Menu D‚marrer\Programmes\D‚marrage\
    .security [2008-07-26 17:42:02 0]
    TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536]
    UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224]
    Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    .security [2008-07-26 17:42:03 0]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    "MntSys"= {1B6831A1-579E-1795-5C68-049D25DD4209} - C:\Program Files\tvnbpsf\MntSys.dll [2008-08-25 02:06 114688]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
    "UIHost"="C:\\Documents and Settings\\All Users\\Application Data\\TuneUp Software\\TuneUp Utilities\\WinStyler\\tu_logonui.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\World of Warcraft\\WoW-2.3.0-frFR-downloader.exe"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\WINDOWS\\system32\\dpvsetup.exe"=
    "C:\\Alerte rouge2\\Game.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
    "C:\\Program Files\\Tortun\\gui.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "C:\\Program Files\\Steam\\Steam.exe"=
    "C:\\Program Files\\HLSW\\hlsw.exe"=
    "C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

    R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2004-08-10 22:00]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-10 22:00]
    S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-01-15 10:12]
    S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 15:46]
    S3 Razerlow;Razer Copperhead Driver;C:\WINDOWS\system32\Drivers\Razerlow.sys [2005-08-09 12:50]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
    S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-07-02 17:19]
    S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 11:38]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

    2008-08-26 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
    - C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]
    .
    .
    ------- Supplementary Scan -------
    .
    FireFox -: Profile - C:\Documents and Settings\Kaos\Application Data\Mozilla\Firefox\Profiles\jje0oz78.default\
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.orange.fr/
    FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
    FF -: plugin - C:\Program Files\Yahoo!\common\npyaxmpb.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-26 16:14:03
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...


    C:\DOCUME~1\Kaos\LOCALS~1\Temp\RGIB6.tmp 7136 bytes

    Scan terminé avec succès
    Les fichiers cachés: 1

    **************************************************************************
    .
    Temps d'accomplissement: 2008-08-26 16:15:21
    ComboFix-quarantined-files.txt 2008-08-26 14:15:15
    ComboFix2.txt 2008-07-31 11:56:52
    ComboFix3.txt 2008-07-30 12:29:04
    ComboFix4.txt 2008-07-29 22:15:27
    ComboFix5.txt 2008-08-26 14:08:56

    Pre-Run: 65,666,449,408 octets libres
    Post-Run: 65,821,028,352 octets libres

    927 --- E O F --- 2008-08-13 20:17:40
    28 Août 2008 15:06:44

    Re,

    Sélectionne l'intégralité du cadre ci-dessous :

    Collect::
    C:\WINDOWS\system32\tgjoduva.exe

    Folder::
    C:\Program Files\tvnbpsf

    Registry::
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000000


  • Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
  • Enregistre le sous sur ton bureau sous le nom de CFScript.txt
  • Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :

  • Cela va relancer Combofix.
  • ComboFix créera ces fichiers sur ton Bureau :
    - Un fichier zippé nommé Submit [Date Time].zip
    - Un second fichier nommé - CF-Submit.htm
  • ComboFix peut exiger un redémarrage pour compléter son travail. Accepte.
  • Lorsque l'outil aura terminé, un rapport ComboFix.log apparaîtra à l'écran.
  • Une nouvelle fenêtre avec invite "Submit Files for further analysis" s'ouvrira. Clique "OK"
  • Ton navigateur se lancera automatiquement avec le fichier CF-Submit.htm et une fenêtre s'ouvrira :
    - Clique sur le bouton "Browse"("Parcourir") et navigue vers le fichier
    Submit [Date Time].zip qui est sur ton Bureau.
    - Clique sur le fichier afin de le sélectionner.
  • Soumets le fichier en cliquant "OK"
  • Lorsque cette opération sera complétée, tu peux supprimer ces deux fichiers qui se trouvent sur ton Bureau.
    Poste le contenu du rapport ComboFix.txt après redémarrage s'il y en a un.
    28 Août 2008 22:15:02

    ComboFix 08-08-25.01 - Kaos 2008-08-28 22:06:37.6 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.582 [GMT 2:00]
    Endroit: C:\Documents and Settings\Kaos\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Kaos\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\tvnbpsf
    C:\Program Files\tvnbpsf\MntSys.dll
    C:\WINDOWS\system32\tgjoduva.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-07-28 to 2008-08-28 ))))))))))))))))))))))))))))))))))))
    .

    2008-08-26 04:42 . 2008-08-26 04:42 3,888,054 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
    2008-08-26 04:42 . 2008-08-26 04:42 64,111 --a------ C:\WINDOWS\BricoPackUninst.cmd
    2008-08-26 04:40 . 2008-08-26 04:42 6,112 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
    2008-08-26 04:39 . 2008-08-26 04:39 <REP> d-------- C:\WINDOWS\BricoPacks
    2008-08-25 02:09 . 2008-08-25 02:09 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
    2008-08-25 02:06 . 2008-08-25 02:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\xwhevqty
    2008-08-25 01:08 . 2008-08-25 01:18 <REP> d-------- C:\Program Files\uTorrent
    2008-08-25 01:08 . 2008-08-27 23:03 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\uTorrent
    2008-08-13 22:10 . 2008-08-13 22:16 1,374 --a------ C:\WINDOWS\imsins.BAK
    2008-08-09 23:03 . 2008-08-09 23:03 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\DivX
    2008-08-01 04:08 . 2008-08-01 04:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    2008-08-01 03:09 . 2008-08-01 03:09 <REP> d-------- C:\Program Files\Avira
    2008-08-01 03:09 . 2008-08-01 03:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-08-01 03:00 . 2008-08-01 03:01 <REP> d-------- C:\Program Files\CCleaner
    2008-07-31 22:33 . 2008-07-31 22:33 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-07-31 22:33 . 2008-07-31 22:33 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\Malwarebytes
    2008-07-31 22:33 . 2008-07-31 22:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-07-31 22:33 . 2008-07-30 20:15 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-07-31 22:33 . 2008-07-30 20:15 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-07-31 14:49 . 2008-07-31 14:49 244 --ah----- C:\sqmnoopt01.sqm
    2008-07-31 14:49 . 2008-07-31 14:49 232 --ah----- C:\sqmdata01.sqm
    2008-07-29 23:13 . 2008-07-29 23:13 <REP> d-------- C:\Deckard
    2008-07-29 18:33 . 2008-07-29 18:33 <REP> d-------- C:\Program Files\Lavasoft
    2008-07-29 18:33 . 2008-07-29 18:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-07-29 18:07 . 2008-08-25 02:14 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-07-29 18:06 . 2008-08-25 02:12 <REP> d-------- C:\Program Files\Trojan Remover
    2008-07-29 18:06 . 2008-07-29 18:06 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\Simply Super Software
    2008-07-29 18:06 . 2008-07-29 18:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
    2008-07-29 18:06 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
    2008-07-29 18:06 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
    2008-07-29 18:06 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
    2008-07-29 18:06 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
    2008-07-29 18:06 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
    2008-07-29 16:19 . 2008-08-13 22:01 959 --a------ C:\rollback.ini
    2008-07-29 16:15 . 2008-08-10 12:31 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\MailFrontier
    2008-07-29 13:36 . 2008-07-30 13:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2008-07-29 13:35 . 2008-08-28 22:10 7,650,080 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
    2008-07-29 13:35 . 2008-08-26 20:18 101,972 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
    2008-07-29 13:35 . 2008-07-09 09:05 75,248 --a------ C:\WINDOWS\zllsputility.exe
    2008-07-29 13:35 . 2008-07-09 09:05 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
    2008-07-29 13:35 . 2008-07-09 09:05 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
    2008-07-29 13:35 . 2008-07-09 09:05 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
    2008-07-29 13:35 . 2008-07-09 09:05 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
    2008-07-29 13:35 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
    2008-07-29 13:35 . 2008-08-23 17:55 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
    2008-07-29 13:34 . 2008-07-29 13:34 <REP> d-------- C:\Program Files\Zone Labs
    2008-07-29 13:33 . 2008-08-28 22:01 <REP> d-------- C:\WINDOWS\Internet Logs
    2008-07-29 00:28 . 2008-08-15 00:09 <REP> d---s---- C:\Program Files\HLSW
    2008-07-29 00:28 . 2008-08-13 16:56 <REP> d-------- C:\Documents and Settings\Kaos\Application Data\HLSW
    2008-07-28 00:58 . 2008-07-28 00:58 25,775,585 --a------ C:\WINDOWS\VPTNFILE.435
    2008-07-28 00:58 . 2008-07-28 00:58 25,775,585 --a------ C:\WINDOWS\LPT$VPN.435
    2008-07-28 00:57 . 2008-07-28 00:58 <REP> d-------- C:\WINDOWS\AU_Temp

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-08-28 19:33 --------- d-----w C:\Program Files\Steam
    2008-08-28 18:57 --------- d-----w C:\Program Files\World of Warcraft
    2008-08-26 02:42 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
    2008-08-25 17:50 --------- d-----w C:\Program Files\WowCartographe
    2008-08-24 23:08 --------- d-----w C:\Documents and Settings\Kaos\Application Data\Azureus
    2008-08-24 11:07 --------- d-----w C:\Program Files\TuneUp Utilities 2008
    2008-08-18 21:50 --------- d-----w C:\Documents and Settings\Kaos\Application Data\LimeWire
    2008-08-15 17:48 2,827,264 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp
    2008-08-14 00:03 2,054,144 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp
    2008-08-13 20:03 760,320 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp
    2008-08-13 19:37 283,648 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp
    2008-08-13 19:37 1,945,088 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp
    2008-08-13 19:21 812,032 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp
    2008-08-13 19:21 1,944,064 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp
    2008-08-13 18:52 3,108,864 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp
    2008-08-13 11:48 2,740,736 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
    2008-08-13 11:48 1,946,624 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
    2008-08-13 01:15 --------- d-----w C:\Program Files\Tortun
    2008-08-11 07:17 2,278,400 ----a-w C:\WINDOWS\Internet Logs\xDB2C0.tmp
    2008-08-10 18:19 2,788,352 ----a-w C:\WINDOWS\Internet Logs\xDB218.tmp
    2008-08-06 15:06 1,057,476 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
    2008-08-06 00:16 --------- d-----w C:\Program Files\DivX
    2008-08-05 15:19 1,320,448 ----a-w C:\WINDOWS\Internet Logs\xDB45.tmp
    2008-08-05 07:47 3,141,632 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
    2008-08-03 20:06 3,420,160 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
    2008-08-01 22:09 1,759,744 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
    2008-08-01 01:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-08-01 01:01 --------- d-----w C:\Program Files\Yahoo!
    2008-07-31 17:36 3,137,536 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
    2008-07-31 17:36 1,715,712 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
    2008-07-29 16:32 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-07-27 22:58 91,744 ----a-w C:\WINDOWS\BPMNT.dll
    2008-07-27 22:58 71,749 ----a-w C:\WINDOWS\hcextoutput.dll
    2008-07-27 22:58 333,576 ----a-w C:\WINDOWS\tsc.exe
    2008-07-27 22:58 1,213,784 ----a-w C:\WINDOWS\vsapi32.dll
    2008-07-27 08:39 0 ----a-w C:\VAC2.dll
    2008-07-27 08:37 12,288 ----a-w C:\Dumper.dll
    2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
    2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
    2008-07-18 14:07 --------- d-----w C:\Documents and Settings\Kaos\Application Data\Mumble
    2008-07-13 19:24 --------- d-----w C:\Program Files\Mumble
    2008-07-09 07:05 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
    2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
    2008-07-07 00:27 --------- d-----w C:\Program Files\LimeWire
    2008-07-02 23:10 --------- d-----w C:\Program Files\Azureus
    2008-07-02 15:19 355,584 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
    2008-07-01 08:34 --------- d-----w C:\Documents and Settings\Kaos\Application Data\teamspeak2
    2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
    2008-06-23 16:28 817,152 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
    2008-05-29 07:28 28,416 ----a-w C:\WINDOWS\system32\uxtuneup.dll
    2008-03-28 22:18 51,944 ----a-w C:\Documents and Settings\Kaos\Application Data\GDIPFONTCACHEV1.DAT
    .

    ------- Sigcheck -------

    2005-01-27 19:12 662016 66a10b98f18fd804236ab2d90301de04 C:\WINDOWS\$hf_mig$\KB867282\SP2QFE\wininet.dll
    2005-05-02 22:58 663040 0996b57cc2abcb271872296e98a18db2 C:\WINDOWS\$hf_mig$\KB883939\SP2QFE\wininet.dll
    2005-03-10 09:48 662016 06ad0b0f43286cd50af283762eb56763 C:\WINDOWS\$hf_mig$\KB890923\SP2QFE\wininet.dll
    2005-07-03 04:10 663552 39846b1ac2b99349272ee6e075c3b8af C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\wininet.dll
    2005-10-21 05:39 665600 d327378ceef9a141c7352691fc30a0da C:\WINDOWS\$hf_mig$\KB905915\SP2QFE\wininet.dll
    2007-10-11 01:22 825344 871ae10d6ae8877e9636ae5017953d52 C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
    2007-12-07 03:42 825344 f4fd487241d3ac291046a22cebd2cf71 C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
    2008-03-01 14:34 827392 5a0093f59b505c008ed0cee615563c72 C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
    2008-04-23 09:19 827392 78d3d2b0be6ad3e6d82ccb115cf74310 C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
    2008-06-23 17:40 827904 52589bae67dd9859724287372668690b C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
    2004-08-10 22:00 660480 58fe94ef42e074f4cad8bf02e70e6478 C:\WINDOWS\$NtUninstallKB867282$\wininet.dll
    2005-03-10 10:04 660992 ba7cda9917332a6e1faa1b46bc3ab5fd C:\WINDOWS\$NtUninstallKB883939$\wininet.dll
    2005-01-27 19:14 660992 b16b02f3c804f057dab099cc15ed0206 C:\WINDOWS\$NtUninstallKB890923$\wininet.dll
    2005-05-02 22:57 662016 ffe3e6fb8d52955a2de4c6cc765b02bc C:\WINDOWS\$NtUninstallKB896727$\wininet.dll
    2005-07-03 04:16 662528 e994e704303f07f331b03ee9ed6d9e2d C:\WINDOWS\$NtUninstallKB905915$\wininet.dll
    2006-01-09 20:02 666112 5404e2ead19d7e2a5c4086015062343c C:\WINDOWS\$NtUninstallKB912812$\wininet.dll
    2005-10-21 05:41 662528 e41e8fdf62cf20f2e2b16d800d96eb51 C:\WINDOWS\$NtUninstallKB912945$\wininet.dll
    2006-03-04 06:00 667648 241dbc4c2714b2f39afded49459ed420 C:\WINDOWS\$NtUninstallKB939653$\wininet.dll
    2007-08-22 14:57 669696 4f6a45b54d26708e2c2bf2c43d83edea C:\WINDOWS\$NtUninstallKB942615$\wininet.dll
    2007-10-11 07:59 670208 0465cde31add22f6233ffb4fe4af01cf C:\WINDOWS\ie7\wininet.dll
    2007-08-13 19:54 818688 a4a0fc92358f39538a6494c42ef99fe9 C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
    2007-10-11 01:49 824832 bc5119c53bdd48dabc628d448a3bdccb C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
    2007-12-07 04:08 824832 4fc90bece54fac81b0090b94e27bfb6b C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
    2008-03-01 14:58 826368 8e027981ddffa690d456fe18b37415a0 C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
    2008-04-23 06:16 826368 02d6aabd5f5a32c61478b5cdfe50e4a8 C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
    2008-06-23 18:28 817152 5f8a137bed66cb1150f139e4e6a6355c C:\WINDOWS\system32\wininet.dll
    2008-06-23 18:28 817152 5f8a137bed66cb1150f139e4e6a6355c C:\WINDOWS\system32\dllcache\wininet.dll

    2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
    2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
    2004-08-10 22:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
    2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe

    2007-07-30 20:19 68440 84d9a61860272d6177d46c86b8431557 C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 20:19 68440 84d9a61860272d6177d46c86b8431557 C:\WINDOWS\system32\dllcache\wuauclt.exe
    .
    ((((((((((((((((((((((((((((( snapshot_2008-08-26_16.14.56.11 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-08-26 10:25:36 64,336 ----a-w C:\WINDOWS\system32\perfc009.dat
    + 2008-08-27 14:14:27 64,336 ----a-w C:\WINDOWS\system32\perfc009.dat
    - 2008-08-26 10:25:36 78,148 ----a-w C:\WINDOWS\system32\perfc00C.dat
    + 2008-08-27 14:14:27 78,148 ----a-w C:\WINDOWS\system32\perfc00C.dat
    - 2008-08-26 10:25:36 407,806 ----a-w C:\WINDOWS\system32\perfh009.dat
    + 2008-08-27 14:14:27 407,806 ----a-w C:\WINDOWS\system32\perfh009.dat
    - 2008-08-26 10:25:36 476,284 ----a-w C:\WINDOWS\system32\perfh00C.dat
    + 2008-08-27 14:14:27 476,284 ----a-w C:\WINDOWS\system32\perfh00C.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" [2008-06-20 09:23 154368]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 20:10 1688872]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 22:00 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 15:21 2213160]
    "razer"="C:\Program Files\Razer\CopperHead\razerhid.exe" [2005-08-16 16:21 155648]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 16:57 282624]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-06-20 22:55 185896]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 09:05 919016]
    "TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-08-25 02:12 914512]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 22:00 15360]

    C:\Documents and Settings\Kaos\Menu D‚marrer\Programmes\D‚marrage\
    .security [2008-07-26 17:42:02 0]
    TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536]
    UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224]
    Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    .security [2008-07-26 17:42:03 0]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
    "UIHost"="C:\\Documents and Settings\\All Users\\Application Data\\TuneUp Software\\TuneUp Utilities\\WinStyler\\tu_logonui.exe"

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\World of Warcraft\\WoW-2.3.0-frFR-downloader.exe"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\WINDOWS\\system32\\dpvsetup.exe"=
    "C:\\Alerte rouge2\\Game.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
    "C:\\Program Files\\Tortun\\gui.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "C:\\Program Files\\Steam\\Steam.exe"=
    "C:\\Program Files\\HLSW\\hlsw.exe"=
    "C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

    R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2004-08-10 22:00]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-10 22:00]
    S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-01-15 10:12]
    S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 15:46]
    S3 Razerlow;Razer Copperhead Driver;C:\WINDOWS\system32\Drivers\Razerlow.sys [2005-08-09 12:50]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
    S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-07-02 17:19]
    S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 11:38]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

    2008-08-28 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
    - C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]
    .
    - - - - ORPHANS REMOVED - - - -

    HKCU-Run-AppCmdInfo - C:\WINDOWS\system32\tgjoduva.exe
    SSODL-MntSys-{1B6831A1-579E-1795-5C68-049D25DD4209} - C:\Program Files\tvnbpsf\MntSys.dll



    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-28 22:10:31
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-08-28 22:12:18
    ComboFix-quarantined-files.txt 2008-08-28 20:11:59
    ComboFix2.txt 2008-08-26 14:15:21
    ComboFix3.txt 2008-07-31 11:56:52
    ComboFix4.txt 2008-07-30 12:29:04
    ComboFix5.txt 2008-08-28 20:05:50

    Pre-Run: 70,654,914,560 octets libres
    Post-Run: 70,646,304,768 octets libres

    268 --- E O F --- 2008-08-13 20:17:40
    29 Août 2008 12:19:02

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :
  • Fais redémarrer ton ordinateur en mode sans échec
    - Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
    -- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
    --- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
    ---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
    ~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
  • Comment faire démarrer son ordinateur en mode sans échec.
    29 Août 2008 18:18:11

    Malwarebytes' Anti-Malware 1.25
    Version de la base de données: 1094
    Windows 5.1.2600 Service Pack 2

    18:11:53 2008-08-29
    mbam-log-08-29-2008 (18-11-53).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 166140
    Temps écoulé: 43 minute(s), 44 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 3

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\drivers\etc\.security (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\.security (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\WINDOWS\.security (Rogue.Multiple) -> Quarantined and deleted successfully.
    29 Août 2008 18:27:10

    Re,

    Poste un nouveau rapport HijackThis.
    30 Août 2008 00:55:48

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:55, on 2008-08-30
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Portrait Displays\Shared\DTSRVC.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Razer\CopperHead\razerhid.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
    C:\Program Files\Razer\CopperHead\razerofa.exe
    C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\HJT\Kaos.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.games-fusion.net
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\CopperHead\razerhid.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: .security
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: .security
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O15 - Trusted Zone: http://www.secuser.com
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Fichiers communs\Portrait Displays\Shared\DTSRVC.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 9783 bytes
    30 Août 2008 12:14:22

    Re,

    Relance Hijackthis (clique droit -> lancer en tant qu'adminstrateur sous Vista), do a system scan only, coche ces lignes (si toujours présentes) :
    04 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

    Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
    Puis Fix Checked !


    -----------


    Plus de soucis ?
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS