UC 100%
Résolu/Fermé
fleurcoi
Messages postés
179
Date d'inscription
mercredi 13 février 2008
Statut
Membre
Dernière intervention
26 août 2013
-
8 oct. 2010 à 23:24
Utilisateur anonyme - 10 oct. 2010 à 18:11
Utilisateur anonyme - 10 oct. 2010 à 18:11
43 réponses
!! vulcan
Messages postés
2119
Date d'inscription
mercredi 19 mai 2010
Statut
Membre
Dernière intervention
20 février 2015
182
Modifié par !! vulcan le 8/10/2010 à 23:36
Modifié par !! vulcan le 8/10/2010 à 23:36
slt,
Via le gestionnaire de tâche sais-tu quel est le processus qui bouffe ce % de cpu ?
avec dwm tu touches à la quantité de mémoire mais pas à l'usage CPU (2 choses distinctes) ! Est-ce lui qui te bouffes aussi le CPU ?
Voici un utilitaire qui va + loin qu'un AV, c'est un anti rootkit https://support.kaspersky.com/fr/14421
!! Vulcan
Il n'y a pas que les aigles qui atteignent les sommets, les escargots aussi, mais ils en
bavent !
Via le gestionnaire de tâche sais-tu quel est le processus qui bouffe ce % de cpu ?
avec dwm tu touches à la quantité de mémoire mais pas à l'usage CPU (2 choses distinctes) ! Est-ce lui qui te bouffes aussi le CPU ?
Voici un utilitaire qui va + loin qu'un AV, c'est un anti rootkit https://support.kaspersky.com/fr/14421
!! Vulcan
Il n'y a pas que les aigles qui atteignent les sommets, les escargots aussi, mais ils en
bavent !
guiguir68
Messages postés
640
Date d'inscription
vendredi 20 novembre 2009
Statut
Membre
Dernière intervention
21 janvier 2024
79
8 oct. 2010 à 23:29
8 oct. 2010 à 23:29
Fait un scan avec Emsisoft anti malware.
https://download.cnet.com/Emsisoft-Anti-Malware/3000-2239_4-10292236.html?part=dl-6251182&subj=dl&tag=button
(Gratuit)
https://download.cnet.com/Emsisoft-Anti-Malware/3000-2239_4-10292236.html?part=dl-6251182&subj=dl&tag=button
(Gratuit)
fleurcoi
Messages postés
179
Date d'inscription
mercredi 13 février 2008
Statut
Membre
Dernière intervention
26 août 2013
8 oct. 2010 à 23:36
8 oct. 2010 à 23:36
dans processus, celui qui est le plus élevé c'est firefox, sinon c'est explorer...
je vais donc essayer vos deux liens ..
merci
je vais donc essayer vos deux liens ..
merci
!! vulcan
Messages postés
2119
Date d'inscription
mercredi 19 mai 2010
Statut
Membre
Dernière intervention
20 février 2015
182
8 oct. 2010 à 23:54
8 oct. 2010 à 23:54
et-tu toujours près de 100 % de CPU ?, quel est le % de Firefox ? Est-ce que ça justifie selon toi le % de consommation : Exemple, plusieurs onglets ouverts, des pages en // utilisant un flash player, etc...
fleurcoi
Messages postés
179
Date d'inscription
mercredi 13 février 2008
Statut
Membre
Dernière intervention
26 août 2013
8 oct. 2010 à 23:40
8 oct. 2010 à 23:40
alors.. pour tdsskiller, il n'a rien trouvé....
emsisoft c'est complémentaire ou similaire ??
emsisoft c'est complémentaire ou similaire ??
!! vulcan
Messages postés
2119
Date d'inscription
mercredi 19 mai 2010
Statut
Membre
Dernière intervention
20 février 2015
182
8 oct. 2010 à 23:56
8 oct. 2010 à 23:56
yé ne connais pas cet antimalware, guiguir 68 svp ?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
9 oct. 2010 à 00:00
9 oct. 2010 à 00:00
bonjour
peut être un virus...
Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )
Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )
Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.
Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.
Rend toi sur Cjoint : http://www.cijoint.fr/
Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "
Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau
Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
peut être un virus...
Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )
Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )
Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.
Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.
Rend toi sur Cjoint : http://www.cijoint.fr/
Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "
Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau
Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
!! vulcan
Messages postés
2119
Date d'inscription
mercredi 19 mai 2010
Statut
Membre
Dernière intervention
20 février 2015
182
9 oct. 2010 à 00:12
9 oct. 2010 à 00:12
Tu as le sens du "timing" moment de grace, ton message a été horodaté à 00:00, le samedi...lol
fleurcoi
Messages postés
179
Date d'inscription
mercredi 13 février 2008
Statut
Membre
Dernière intervention
26 août 2013
9 oct. 2010 à 00:11
9 oct. 2010 à 00:11
bonsoir,
je n'ai pas la loupe en haut à gauche et rien qui ressemble à un icône pour scanner...
je n'ai pas la loupe en haut à gauche et rien qui ressemble à un icône pour scanner...
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
9 oct. 2010 à 00:13
9 oct. 2010 à 00:13
as tu bien lancer ZHPdiag et non ZHPfix ?
fleurcoi
Messages postés
179
Date d'inscription
mercredi 13 février 2008
Statut
Membre
Dernière intervention
26 août 2013
Modifié par fleurcoi le 9/10/2010 à 00:23
Modifié par fleurcoi le 9/10/2010 à 00:23
effectivement c'est ça...
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
9 oct. 2010 à 00:23
9 oct. 2010 à 00:23
Clique droit -> Executer en tant qu'admin
fleurcoi
Messages postés
179
Date d'inscription
mercredi 13 février 2008
Statut
Membre
Dernière intervention
26 août 2013
9 oct. 2010 à 00:36
9 oct. 2010 à 00:36
c'est long mais c'est route....
fleurcoi
Messages postés
179
Date d'inscription
mercredi 13 février 2008
Statut
Membre
Dernière intervention
26 août 2013
9 oct. 2010 à 00:38
9 oct. 2010 à 00:38
woilà :
http://www.cijoint.fr/cjlink.php?file=cj201010/cij7WEukMs.txt
http://www.cijoint.fr/cjlink.php?file=cj201010/cij7WEukMs.txt
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
9 oct. 2010 à 00:42
9 oct. 2010 à 00:42
une infection usb
1)
Téléchargez USBFIX de El Desaparecido, C_xx
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
ou
https://www.ionos.fr/?affiliate_id=77097
/!\ Utilisateur de vista et windows 7 :
ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac
/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir
Double clic sur le raccourci UsbFix présent sur le bureau .
Choisir l'option2 suppression
(d'autres options disponibles, voir le tutoriel).
Laissez travailler l'outil.
Le menu démarrer et les icônes vont disparaître.. c'est normal.
Si un message te demande de redémarrer l'ordinateur fais le ...
Au redémarrage, le fix se relance... laisses l'opération s'effectuer.
Le bloc note s'ouvre avec un rapport, envoies le dans la prochaine réponse
* Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
* Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
UsbFix peut te demander d'uploader un dossier compressé à cette adresse : https://www.ionos.fr/?affiliate_id=77097
Il est enregistré sur ton bureau.
Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.
....................
2)
DESACTIVE TON ANTIVIRUS ET TON PAREFEU SI PRESENTS !!!!!(car il est detecté a tort comme infection)
Télécharge List_Kill'em et enregistre le sur ton bureau
http://sd-4.archive-host.com/membres/up/829108531491024/Mes_Tools/List_Killem_Install.exe
double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation
Laisse coché :
Executer List_Kill'em"
une fois terminée , clic sur "terminer" et le programme se lancera seul
choisis l'option Search
laisse travailler l'outil
à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.
Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"
Rend toi sur Cjoint : http://www.cijoint.fr/
Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "
Sélectionne le rapport C:\List'em.txt
Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
Même opération pour le rapport more.txt qui se trouve sur ton bureau
si soucis avec ci joint. fr
=> utiliser https://www.cjoint.com/
=> utiliser http://ww38.toofiles.com/fr/oip/documents/txt/av.html
1)
Téléchargez USBFIX de El Desaparecido, C_xx
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
ou
https://www.ionos.fr/?affiliate_id=77097
/!\ Utilisateur de vista et windows 7 :
ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac
/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir
Double clic sur le raccourci UsbFix présent sur le bureau .
Choisir l'option2 suppression
(d'autres options disponibles, voir le tutoriel).
Laissez travailler l'outil.
Le menu démarrer et les icônes vont disparaître.. c'est normal.
Si un message te demande de redémarrer l'ordinateur fais le ...
Au redémarrage, le fix se relance... laisses l'opération s'effectuer.
Le bloc note s'ouvre avec un rapport, envoies le dans la prochaine réponse
* Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
* Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
UsbFix peut te demander d'uploader un dossier compressé à cette adresse : https://www.ionos.fr/?affiliate_id=77097
Il est enregistré sur ton bureau.
Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.
....................
2)
DESACTIVE TON ANTIVIRUS ET TON PAREFEU SI PRESENTS !!!!!(car il est detecté a tort comme infection)
Télécharge List_Kill'em et enregistre le sur ton bureau
http://sd-4.archive-host.com/membres/up/829108531491024/Mes_Tools/List_Killem_Install.exe
double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation
Laisse coché :
Executer List_Kill'em"
une fois terminée , clic sur "terminer" et le programme se lancera seul
choisis l'option Search
laisse travailler l'outil
à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.
Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"
Rend toi sur Cjoint : http://www.cijoint.fr/
Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "
Sélectionne le rapport C:\List'em.txt
Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
Même opération pour le rapport more.txt qui se trouve sur ton bureau
si soucis avec ci joint. fr
=> utiliser https://www.cjoint.com/
=> utiliser http://ww38.toofiles.com/fr/oip/documents/txt/av.html
!! vulcan
Messages postés
2119
Date d'inscription
mercredi 19 mai 2010
Statut
Membre
Dernière intervention
20 février 2015
182
9 oct. 2010 à 01:55
9 oct. 2010 à 01:55
Pour nous éclairer et partager : Tu affirmes "une infection usb" ! d'où te vient l'indice dans le log de ZHPDIAG ?
Merci
Merci
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
Modifié par moment de grace le 9/10/2010 à 02:59
Modifié par moment de grace le 9/10/2010 à 02:59
O51 - MPSK:{1d733625-dcc9-11de-96d3-001e33c4961d}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- RECYCLER\recycld.exe
O51 - MPSK:{4d592d42-4946-11df-ae16-001e33c4961d}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\f9o8o.exe
O51 - MPSK:{4d592d42-4946-11df-ae16-001e33c4961d}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\f9o8o.exe
!! vulcan
Messages postés
2119
Date d'inscription
mercredi 19 mai 2010
Statut
Membre
Dernière intervention
20 février 2015
182
Modifié par !! vulcan le 9/10/2010 à 02:16
Modifié par !! vulcan le 9/10/2010 à 02:16
merci de ta courtoisie et patience moment de grace
Aucun antivirus ou antimalware standard n'a la capacité de détecter ce genre d'infection ?
Car tout le processus que tu fais faire à fleurcoi est tout de même lourd, fastidieux et pas à la portée de tout le monde...
Aucun antivirus ou antimalware standard n'a la capacité de détecter ce genre d'infection ?
Car tout le processus que tu fais faire à fleurcoi est tout de même lourd, fastidieux et pas à la portée de tout le monde...
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
9 oct. 2010 à 02:21
9 oct. 2010 à 02:21
Aucun antivirus ou antimalware standard n'a la capacité de détecter ce genre d'infection ?
oui pour la détection, non pour la suppression
mbam n'est là que pour attraper des restes...et sera ainsi installé pour l'avenir
oui pour la détection, non pour la suppression
mbam n'est là que pour attraper des restes...et sera ainsi installé pour l'avenir
!! vulcan
Messages postés
2119
Date d'inscription
mercredi 19 mai 2010
Statut
Membre
Dernière intervention
20 février 2015
182
9 oct. 2010 à 02:55
9 oct. 2010 à 02:55
Finalement a-t-on 1 description du comportement du (des) malware ôtés justifiant la consommation élevée de CPU ?
Fleurcoi a t-elle pu constater le retour à la normale ou bien il est trop tôt et le processus de désinfection n'est pas encore terminé ?
J'ai lu que l'on pouvait "vacciner" nos périphériques amovibles, est-ce le cas ici ? Le vaccin est-il une protection absolue (comme pour les humains) ?
Fleurcoi a t-elle pu constater le retour à la normale ou bien il est trop tôt et le processus de désinfection n'est pas encore terminé ?
J'ai lu que l'on pouvait "vacciner" nos périphériques amovibles, est-ce le cas ici ? Le vaccin est-il une protection absolue (comme pour les humains) ?
fleurcoi
Messages postés
179
Date d'inscription
mercredi 13 février 2008
Statut
Membre
Dernière intervention
26 août 2013
9 oct. 2010 à 01:08
9 oct. 2010 à 01:08
déjà le rapport d'usb fix...
############################## | UsbFix 7.029 | [Suppression]
Utilisateur: fleur (Administrateur) # PC-DE-FLEUR [TOSHIBA Satellite L300D]
Mis à jour le 07/10/10 par El Desaparecido / C_XX
Lancé à 01:01:51 | 09/10/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@arx-services.com
CPU: AMD Sempron(tm) SI-40
Microsoft® Windows Vista(TM) Édition Familiale Basique (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 7.0.6002.18005
Pare-feu Windows: Activé
RAM -> 2813 Mo
C:\ (%systemdrive%) -> Disque fixe # 74 Go (37 Go libre(s) - 50%) [Vista] # NTFS
D:\ -> Disque amovible # 7 Go (2 Go libre(s) - 27%) [YOUHOU] # FAT32
E:\ -> Disque fixe # 73 Go (6 Go libre(s) - 8%) [Data] # NTFS
F:\ -> CD-ROM
G:\ -> Disque fixe # 466 Go (76 Go libre(s) - 16%) [Crop BIEn] # NTFS
################## | Éléments infectieux |
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3048859541-3971065261-4004392103-1000
Supprimé! E:\$RECYCLE.BIN\S-1-5-21-3048859541-3971065261-4004392103-1000
Supprimé! G:\$RECYCLE.BIN\S-1-5-21-3048859541-3971065261-4004392103-1000
Supprimé! G:\$RECYCLE.BIN\S-1-5-21-3278332182-136504213-3025390317-1000
Supprimé! G:\Recycler\S-1-5-21-2052111302-602609370-725345543-1003
################## | Registre |
################## | Mountpoints2 |
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{1d733625-dcc9-11de-96d3-001e33c4961d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{4d592d42-4946-11df-ae16-001e33c4961d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{57466ab7-c9b1-11de-8613-001e33c4961d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{cc922c07-a9eb-11df-aae8-001e33c4961d}
################## | Listing |
[09/10/2010 - 01:05:34 | SHD ] C:\$RECYCLE.BIN
[18/09/2006 - 23:43:36 | N | 24] C:\autoexec.bat
[24/08/2009 - 12:48:50 | D ] C:\Boot
[11/04/2009 - 08:36:36 | RASH | 333257] C:\bootmgr
[14/10/2008 - 11:19:13 | N | 8192] C:\BOOTSECT.BAK
[09/10/2010 - 01:00:34 | D ] C:\Config.Msi
[18/09/2006 - 23:43:37 | N | 10] C:\config.sys
[02/11/2006 - 14:59:44 | SHD ] C:\Documents and Settings
[20/01/2010 - 11:19:48 | D ] C:\Fraps
[09/10/2010 - 00:52:14 | ASH | 2948460544] C:\hiberfil.sys
[06/08/2009 - 17:12:40 | D ] C:\Home
[14/10/2008 - 13:32:56 | RHD ] C:\MSOCache
[09/10/2010 - 00:52:08 | ASH | 3264319488] C:\pagefile.sys
[21/01/2008 - 04:43:50 | D ] C:\PerfLogs
[09/10/2010 - 01:00:32 | D ] C:\Program Files
[09/10/2010 - 01:00:36 | HD ] C:\ProgramData
[14/10/2008 - 12:46:27 | N | 651] C:\RHDSetup.log
[02/02/2009 - 15:03:15 | N | 176] C:\SWSTAMP.TXT
[08/10/2010 - 16:33:23 | SHD ] C:\System Volume Information
[08/10/2010 - 23:39:04 | N | 60612] C:\TDSSKiller.2.4.4.0_08.10.2010_23.37.33_log.txt
[06/08/2009 - 11:08:16 | D ] C:\Toshiba
[09/10/2010 - 01:05:34 | D ] C:\UsbFix
[09/10/2010 - 01:01:59 | A | 2788] C:\UsbFix.txt
[06/08/2009 - 10:56:45 | D ] C:\Users
[09/10/2010 - 00:48:15 | D ] C:\Windows
[14/10/2008 - 13:30:04 | D ] C:\Works
[09/07/2010 - 17:50:30 | D ] D:\the congos-Congo Ashanti
[07/11/2008 - 15:08:36 | N | 4427842] D:\Busta Rhymes & Ozzy Osbourne - Iron Man [This Means War Remi.mp3
[16/07/2010 - 21:53:18 | D ] D:\arthur h
[09/07/2010 - 17:55:00 | D ] D:\chanson à texte
[09/07/2010 - 17:55:08 | D ] D:\compil rabbi des filles
[09/07/2010 - 17:55:54 | D ] D:\french
[09/07/2010 - 17:53:08 | D ] D:\Album inconnu (espagnol)(28-09-2009 21-17-11)
[19/09/2010 - 11:06:56 | D ] D:\Maudit français
[09/07/2010 - 18:01:54 | D ] D:\Noir désir - Moments rares et inédits
[09/07/2010 - 17:58:14 | D ] D:\les pascals
[09/07/2010 - 18:01:06 | D ] D:\mansfield tya
[09/07/2010 - 18:02:36 | D ] D:\Veuillez rendre L'âme (à qui elle appartient)
[09/09/2010 - 19:47:16 | D ] D:\Noir désir
[09/07/2010 - 18:02:22 | D ] D:\nwar dézir-des visages des figures
[10/07/2010 - 09:49:16 | D ] D:\1981 - Le retour de Gérard Lambert
[10/07/2010 - 09:49:24 | D ] D:\1985 - Mistral gagnant
[08/09/2010 - 16:44:50 | D ] D:\RODRIGO Y GABRIELA - 2009 - 11 . 11
[09/07/2010 - 18:03:24 | D ] D:\Rona Hartner
[09/07/2010 - 18:04:24 | D ] D:\Mule Variations
[08/09/2010 - 16:44:48 | D ] D:\RODRIGO Y GABRIELA - 2006 - rodrigo y gabriela
[09/09/2010 - 19:36:12 | D ] D:\compil matew
[16/07/2010 - 22:02:12 | D ] D:\Mr_Oizo-Lambs_Anger-WEB-2008-320
[16/07/2010 - 22:05:46 | D ] D:\Si Begg
[09/07/2010 - 18:06:08 | D ] D:\+++Makossa_And_Megablast--Kunuaka-(G-Stone)-PROMO-CD-2007-mbs
[09/07/2010 - 18:07:34 | D ] D:\Amsterdam Klezmer Band Remixed
[09/07/2010 - 18:08:28 | D ] D:\atomic_hooligan
[09/07/2010 - 18:08:38 | D ] D:\Back To Mine - Dave Seaman
[09/07/2010 - 18:08:46 | D ] D:\Backdraft
[09/07/2010 - 18:09:08 | D ] D:\Birdy Nam Nam - Manual for Successful Rioting
[09/07/2010 - 18:09:30 | D ] D:\Caravane-electro-Tziganotronic
[09/07/2010 - 17:45:34 | D ] D:\compil antoninHT
[09/07/2010 - 18:12:20 | D ] D:\con compil
[19/09/2010 - 11:16:48 | D ] D:\Dark Trip-Hop
[09/07/2010 - 18:13:30 | D ] D:\dj shadow
[09/07/2010 - 18:12:38 | D ] D:\Dead Elvis- mp3
[09/07/2010 - 18:14:52 | D ] D:\Naphtaline Disc 1
[09/07/2010 - 18:14:32 | D ] D:\Ez3kiel - Handle with care mp3
[09/07/2010 - 18:14:46 | D ] D:\Ezekiel Honig [2006] Scattered Practices [320Kbps].shared_by_RMT-Russia
[09/07/2010 - 18:14:02 | D ] D:\Mr Sushisooshamp-mp3
[09/07/2010 - 18:13:48 | D ] D:\DJ Craze mp3
[09/07/2010 - 18:17:26 | D ] D:\Roseland NYC Live
[09/07/2010 - 18:14:58 | D ] D:\Fisherspooner
[08/09/2010 - 16:57:58 | D ] D:\Dummy
[09/07/2010 - 18:15:38 | D ] D:\Massive Attack - Danny The Dog OST
[08/09/2010 - 16:56:38 | D ] D:\vs. Mad Professor_'No Protection_(1995)
[12/07/2010 - 14:51:20 | D ] D:\minimal
[09/07/2010 - 19:27:20 | D ] D:\World traveller adventure
[09/07/2010 - 18:21:34 | D ] D:\ok cowboy
[09/07/2010 - 18:20:08 | D ] D:\Infected Mushroom - 2007 - Vicious Delicious
[09/07/2010 - 18:19:28 | D ] D:\hilight tribe 2
[09/07/2010 - 18:21:14 | D ] D:\trance phil
[09/07/2010 - 18:19:20 | D ] D:\Hallucinogen - The Lone Deranger.[EAC.Lame.APE]
[09/07/2010 - 18:23:36 | D ] D:\High Tone wave digger
[09/07/2010 - 18:24:02 | D ] D:\Underground Wobble
[09/07/2010 - 18:24:50 | D ] D:\massaladosa mp3
[09/07/2010 - 18:31:52 | D ] D:\Uprising-1980
[09/07/2010 - 18:32:52 | D ] D:\Experryments At The Grass Roots Of Dub
[09/07/2010 - 18:26:44 | D ] D:\abyssinians
[09/07/2010 - 18:43:08 | D ] D:\Puppetmastaz - Creature Shock Radio
[08/09/2010 - 17:47:50 | D ] D:\2002-The Instrumental Album
[09/07/2010 - 18:46:38 | D ] D:\Prémis N'1
[08/09/2010 - 16:46:34 | D ] D:\REDBONG
[09/07/2010 - 18:46:42 | D ] D:\Ghostown
[07/09/2009 - 20:48:58 | N | 3296069] D:\Le chiffon rouge.mp3.rbs
[12/01/2007 - 10:32:46 | N | 3380553] D:\mano solo - reprise Brel.mp3
[02/06/2007 - 18:58:44 | N | 1227254] D:\Paillarde - Chansons paillardes - Mano Solo - Tripote Moi La Bite Avec Les Doigts.mp3
[26/04/2005 - 20:33:14 | N | 5519643] D:\07 - Demain_demain.mp3
[26/12/2005 - 16:14:46 | N | 4745532] D:\09 - Mattafix - Big City Life.mp3
[12/06/2007 - 13:32:20 | N | 4676799] D:\Eurithmics- Sweet Dreams.mp3
[09/07/2010 - 18:46:54 | D ] D:\Grosso Gadgetto how long do you have to wait
[09/07/2010 - 18:41:46 | D ] D:\PARIS ROCKIN'
[09/07/2010 - 18:49:12 | D ] D:\Pulp Fiction Soundtrack (by Tweety)
[05/05/2008 - 17:50:22 | N | 3702174] D:\gitan.wma
[05/05/2008 - 17:50:20 | N | 5668278] D:\manouche.wma
[05/05/2008 - 17:50:28 | N | 3720080] D:\souad massi.wma
[05/05/2008 - 17:50:24 | N | 4777854] D:\toure kounda.wma
[09/07/2010 - 18:49:58 | D ] D:\Gnawa Diffusion -mp3
[09/07/2010 - 18:49:24 | D ] D:\Ali Farka Touré with Ry Cooder- mp3
[09/07/2010 - 18:50:58 | D ] D:\medir zitun
[09/07/2010 - 18:52:40 | D ] D:\vengo de Tony Gatlif (por el_manfredy) (amorflamenco.com).rar
[05/05/2008 - 17:50:40 | N | 3224072] D:\slow.wma
[05/05/2008 - 17:50:32 | N | 3331640] D:\snatch.wma
[05/05/2008 - 17:50:26 | N | 3732032] D:\rolling stones.wma
[05/05/2008 - 17:52:00 | N | 5363480] D:\sister morphine.wma
[05/05/2008 - 17:50:38 | N | 4640384] D:\fishbone.wma
[08/09/2010 - 16:53:56 | D ] D:\FLYING POOH
[09/07/2010 - 18:59:48 | D ] D:\honeymoon killers
[20/09/2010 - 12:41:00 | D ] D:\a convertir
[06/10/2010 - 10:26:10 | N | 161572] D:\Unidialog_3348787L_1286353475436.pdf
[06/10/2010 - 20:30:30 | N | 49747] D:\Fermer Imprimer.docx
[09/10/2010 - 01:05:34 | SHD ] E:\$RECYCLE.BIN
[06/08/2009 - 20:30:57 | D ] E:\HDDRecovery
[07/09/2009 - 20:53:15 | D ] E:\LocalCDDB
[10/09/2010 - 11:41:14 | D ] E:\Musique
[06/08/2009 - 10:34:20 | SHD ] E:\System Volume Information
[09/10/2010 - 01:05:34 | SHD ] G:\$RECYCLE.BIN
[08/10/2010 - 20:12:43 | D ] G:\FliM
[10/09/2010 - 11:41:34 | D ] G:\Musique
[07/10/2010 - 08:28:11 | D ] G:\Photo
[08/09/2010 - 03:17:35 | SHD ] G:\RECYCLER
[08/09/2010 - 03:17:34 | SHD ] G:\System Volume Information
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
E:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-FLEUR.zip
https://www.ionos.fr/?affiliate_id=77097
Merci de votre contribution.
################## | E.O.F |
je continue ;)
############################## | UsbFix 7.029 | [Suppression]
Utilisateur: fleur (Administrateur) # PC-DE-FLEUR [TOSHIBA Satellite L300D]
Mis à jour le 07/10/10 par El Desaparecido / C_XX
Lancé à 01:01:51 | 09/10/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@arx-services.com
CPU: AMD Sempron(tm) SI-40
Microsoft® Windows Vista(TM) Édition Familiale Basique (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 7.0.6002.18005
Pare-feu Windows: Activé
RAM -> 2813 Mo
C:\ (%systemdrive%) -> Disque fixe # 74 Go (37 Go libre(s) - 50%) [Vista] # NTFS
D:\ -> Disque amovible # 7 Go (2 Go libre(s) - 27%) [YOUHOU] # FAT32
E:\ -> Disque fixe # 73 Go (6 Go libre(s) - 8%) [Data] # NTFS
F:\ -> CD-ROM
G:\ -> Disque fixe # 466 Go (76 Go libre(s) - 16%) [Crop BIEn] # NTFS
################## | Éléments infectieux |
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3048859541-3971065261-4004392103-1000
Supprimé! E:\$RECYCLE.BIN\S-1-5-21-3048859541-3971065261-4004392103-1000
Supprimé! G:\$RECYCLE.BIN\S-1-5-21-3048859541-3971065261-4004392103-1000
Supprimé! G:\$RECYCLE.BIN\S-1-5-21-3278332182-136504213-3025390317-1000
Supprimé! G:\Recycler\S-1-5-21-2052111302-602609370-725345543-1003
################## | Registre |
################## | Mountpoints2 |
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{1d733625-dcc9-11de-96d3-001e33c4961d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{4d592d42-4946-11df-ae16-001e33c4961d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{57466ab7-c9b1-11de-8613-001e33c4961d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{cc922c07-a9eb-11df-aae8-001e33c4961d}
################## | Listing |
[09/10/2010 - 01:05:34 | SHD ] C:\$RECYCLE.BIN
[18/09/2006 - 23:43:36 | N | 24] C:\autoexec.bat
[24/08/2009 - 12:48:50 | D ] C:\Boot
[11/04/2009 - 08:36:36 | RASH | 333257] C:\bootmgr
[14/10/2008 - 11:19:13 | N | 8192] C:\BOOTSECT.BAK
[09/10/2010 - 01:00:34 | D ] C:\Config.Msi
[18/09/2006 - 23:43:37 | N | 10] C:\config.sys
[02/11/2006 - 14:59:44 | SHD ] C:\Documents and Settings
[20/01/2010 - 11:19:48 | D ] C:\Fraps
[09/10/2010 - 00:52:14 | ASH | 2948460544] C:\hiberfil.sys
[06/08/2009 - 17:12:40 | D ] C:\Home
[14/10/2008 - 13:32:56 | RHD ] C:\MSOCache
[09/10/2010 - 00:52:08 | ASH | 3264319488] C:\pagefile.sys
[21/01/2008 - 04:43:50 | D ] C:\PerfLogs
[09/10/2010 - 01:00:32 | D ] C:\Program Files
[09/10/2010 - 01:00:36 | HD ] C:\ProgramData
[14/10/2008 - 12:46:27 | N | 651] C:\RHDSetup.log
[02/02/2009 - 15:03:15 | N | 176] C:\SWSTAMP.TXT
[08/10/2010 - 16:33:23 | SHD ] C:\System Volume Information
[08/10/2010 - 23:39:04 | N | 60612] C:\TDSSKiller.2.4.4.0_08.10.2010_23.37.33_log.txt
[06/08/2009 - 11:08:16 | D ] C:\Toshiba
[09/10/2010 - 01:05:34 | D ] C:\UsbFix
[09/10/2010 - 01:01:59 | A | 2788] C:\UsbFix.txt
[06/08/2009 - 10:56:45 | D ] C:\Users
[09/10/2010 - 00:48:15 | D ] C:\Windows
[14/10/2008 - 13:30:04 | D ] C:\Works
[09/07/2010 - 17:50:30 | D ] D:\the congos-Congo Ashanti
[07/11/2008 - 15:08:36 | N | 4427842] D:\Busta Rhymes & Ozzy Osbourne - Iron Man [This Means War Remi.mp3
[16/07/2010 - 21:53:18 | D ] D:\arthur h
[09/07/2010 - 17:55:00 | D ] D:\chanson à texte
[09/07/2010 - 17:55:08 | D ] D:\compil rabbi des filles
[09/07/2010 - 17:55:54 | D ] D:\french
[09/07/2010 - 17:53:08 | D ] D:\Album inconnu (espagnol)(28-09-2009 21-17-11)
[19/09/2010 - 11:06:56 | D ] D:\Maudit français
[09/07/2010 - 18:01:54 | D ] D:\Noir désir - Moments rares et inédits
[09/07/2010 - 17:58:14 | D ] D:\les pascals
[09/07/2010 - 18:01:06 | D ] D:\mansfield tya
[09/07/2010 - 18:02:36 | D ] D:\Veuillez rendre L'âme (à qui elle appartient)
[09/09/2010 - 19:47:16 | D ] D:\Noir désir
[09/07/2010 - 18:02:22 | D ] D:\nwar dézir-des visages des figures
[10/07/2010 - 09:49:16 | D ] D:\1981 - Le retour de Gérard Lambert
[10/07/2010 - 09:49:24 | D ] D:\1985 - Mistral gagnant
[08/09/2010 - 16:44:50 | D ] D:\RODRIGO Y GABRIELA - 2009 - 11 . 11
[09/07/2010 - 18:03:24 | D ] D:\Rona Hartner
[09/07/2010 - 18:04:24 | D ] D:\Mule Variations
[08/09/2010 - 16:44:48 | D ] D:\RODRIGO Y GABRIELA - 2006 - rodrigo y gabriela
[09/09/2010 - 19:36:12 | D ] D:\compil matew
[16/07/2010 - 22:02:12 | D ] D:\Mr_Oizo-Lambs_Anger-WEB-2008-320
[16/07/2010 - 22:05:46 | D ] D:\Si Begg
[09/07/2010 - 18:06:08 | D ] D:\+++Makossa_And_Megablast--Kunuaka-(G-Stone)-PROMO-CD-2007-mbs
[09/07/2010 - 18:07:34 | D ] D:\Amsterdam Klezmer Band Remixed
[09/07/2010 - 18:08:28 | D ] D:\atomic_hooligan
[09/07/2010 - 18:08:38 | D ] D:\Back To Mine - Dave Seaman
[09/07/2010 - 18:08:46 | D ] D:\Backdraft
[09/07/2010 - 18:09:08 | D ] D:\Birdy Nam Nam - Manual for Successful Rioting
[09/07/2010 - 18:09:30 | D ] D:\Caravane-electro-Tziganotronic
[09/07/2010 - 17:45:34 | D ] D:\compil antoninHT
[09/07/2010 - 18:12:20 | D ] D:\con compil
[19/09/2010 - 11:16:48 | D ] D:\Dark Trip-Hop
[09/07/2010 - 18:13:30 | D ] D:\dj shadow
[09/07/2010 - 18:12:38 | D ] D:\Dead Elvis- mp3
[09/07/2010 - 18:14:52 | D ] D:\Naphtaline Disc 1
[09/07/2010 - 18:14:32 | D ] D:\Ez3kiel - Handle with care mp3
[09/07/2010 - 18:14:46 | D ] D:\Ezekiel Honig [2006] Scattered Practices [320Kbps].shared_by_RMT-Russia
[09/07/2010 - 18:14:02 | D ] D:\Mr Sushisooshamp-mp3
[09/07/2010 - 18:13:48 | D ] D:\DJ Craze mp3
[09/07/2010 - 18:17:26 | D ] D:\Roseland NYC Live
[09/07/2010 - 18:14:58 | D ] D:\Fisherspooner
[08/09/2010 - 16:57:58 | D ] D:\Dummy
[09/07/2010 - 18:15:38 | D ] D:\Massive Attack - Danny The Dog OST
[08/09/2010 - 16:56:38 | D ] D:\vs. Mad Professor_'No Protection_(1995)
[12/07/2010 - 14:51:20 | D ] D:\minimal
[09/07/2010 - 19:27:20 | D ] D:\World traveller adventure
[09/07/2010 - 18:21:34 | D ] D:\ok cowboy
[09/07/2010 - 18:20:08 | D ] D:\Infected Mushroom - 2007 - Vicious Delicious
[09/07/2010 - 18:19:28 | D ] D:\hilight tribe 2
[09/07/2010 - 18:21:14 | D ] D:\trance phil
[09/07/2010 - 18:19:20 | D ] D:\Hallucinogen - The Lone Deranger.[EAC.Lame.APE]
[09/07/2010 - 18:23:36 | D ] D:\High Tone wave digger
[09/07/2010 - 18:24:02 | D ] D:\Underground Wobble
[09/07/2010 - 18:24:50 | D ] D:\massaladosa mp3
[09/07/2010 - 18:31:52 | D ] D:\Uprising-1980
[09/07/2010 - 18:32:52 | D ] D:\Experryments At The Grass Roots Of Dub
[09/07/2010 - 18:26:44 | D ] D:\abyssinians
[09/07/2010 - 18:43:08 | D ] D:\Puppetmastaz - Creature Shock Radio
[08/09/2010 - 17:47:50 | D ] D:\2002-The Instrumental Album
[09/07/2010 - 18:46:38 | D ] D:\Prémis N'1
[08/09/2010 - 16:46:34 | D ] D:\REDBONG
[09/07/2010 - 18:46:42 | D ] D:\Ghostown
[07/09/2009 - 20:48:58 | N | 3296069] D:\Le chiffon rouge.mp3.rbs
[12/01/2007 - 10:32:46 | N | 3380553] D:\mano solo - reprise Brel.mp3
[02/06/2007 - 18:58:44 | N | 1227254] D:\Paillarde - Chansons paillardes - Mano Solo - Tripote Moi La Bite Avec Les Doigts.mp3
[26/04/2005 - 20:33:14 | N | 5519643] D:\07 - Demain_demain.mp3
[26/12/2005 - 16:14:46 | N | 4745532] D:\09 - Mattafix - Big City Life.mp3
[12/06/2007 - 13:32:20 | N | 4676799] D:\Eurithmics- Sweet Dreams.mp3
[09/07/2010 - 18:46:54 | D ] D:\Grosso Gadgetto how long do you have to wait
[09/07/2010 - 18:41:46 | D ] D:\PARIS ROCKIN'
[09/07/2010 - 18:49:12 | D ] D:\Pulp Fiction Soundtrack (by Tweety)
[05/05/2008 - 17:50:22 | N | 3702174] D:\gitan.wma
[05/05/2008 - 17:50:20 | N | 5668278] D:\manouche.wma
[05/05/2008 - 17:50:28 | N | 3720080] D:\souad massi.wma
[05/05/2008 - 17:50:24 | N | 4777854] D:\toure kounda.wma
[09/07/2010 - 18:49:58 | D ] D:\Gnawa Diffusion -mp3
[09/07/2010 - 18:49:24 | D ] D:\Ali Farka Touré with Ry Cooder- mp3
[09/07/2010 - 18:50:58 | D ] D:\medir zitun
[09/07/2010 - 18:52:40 | D ] D:\vengo de Tony Gatlif (por el_manfredy) (amorflamenco.com).rar
[05/05/2008 - 17:50:40 | N | 3224072] D:\slow.wma
[05/05/2008 - 17:50:32 | N | 3331640] D:\snatch.wma
[05/05/2008 - 17:50:26 | N | 3732032] D:\rolling stones.wma
[05/05/2008 - 17:52:00 | N | 5363480] D:\sister morphine.wma
[05/05/2008 - 17:50:38 | N | 4640384] D:\fishbone.wma
[08/09/2010 - 16:53:56 | D ] D:\FLYING POOH
[09/07/2010 - 18:59:48 | D ] D:\honeymoon killers
[20/09/2010 - 12:41:00 | D ] D:\a convertir
[06/10/2010 - 10:26:10 | N | 161572] D:\Unidialog_3348787L_1286353475436.pdf
[06/10/2010 - 20:30:30 | N | 49747] D:\Fermer Imprimer.docx
[09/10/2010 - 01:05:34 | SHD ] E:\$RECYCLE.BIN
[06/08/2009 - 20:30:57 | D ] E:\HDDRecovery
[07/09/2009 - 20:53:15 | D ] E:\LocalCDDB
[10/09/2010 - 11:41:14 | D ] E:\Musique
[06/08/2009 - 10:34:20 | SHD ] E:\System Volume Information
[09/10/2010 - 01:05:34 | SHD ] G:\$RECYCLE.BIN
[08/10/2010 - 20:12:43 | D ] G:\FliM
[10/09/2010 - 11:41:34 | D ] G:\Musique
[07/10/2010 - 08:28:11 | D ] G:\Photo
[08/09/2010 - 03:17:35 | SHD ] G:\RECYCLER
[08/09/2010 - 03:17:34 | SHD ] G:\System Volume Information
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
E:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-FLEUR.zip
https://www.ionos.fr/?affiliate_id=77097
Merci de votre contribution.
################## | E.O.F |
je continue ;)
fleurcoi
Messages postés
179
Date d'inscription
mercredi 13 février 2008
Statut
Membre
Dernière intervention
26 août 2013
9 oct. 2010 à 01:32
9 oct. 2010 à 01:32
¤¤¤¤¤¤¤¤¤¤ List'em by g3n-h@ckm@n 2.1.0.9 ¤¤¤¤¤¤¤¤¤¤
User : fleur (Administrateurs)
Update on 04/10/2010 by g3n-h@ckm@n ::::: 21.00
Start at: 01:10:21 | 09/10/2010
AMD Sempron(tm) SI-40
Microsoft® Windows Vista(TM) Édition Familiale Basique (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 7.0.6002.18005
Windows Firewall Status : Enabled
C:\ -> Disque fixe local | 74,37 Go (37,21 Go free) [Vista] | NTFS
D:\ -> Disque amovible | 7,45 Go (2,02 Go free) [YOUHOU] | FAT32
E:\ -> Disque fixe local | 73,21 Go (5,9 Go free) [Data] | NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque fixe local | 465,76 Go (76,32 Go free) [Crop BIEn] | NTFS
H:\ -> Disque amovible
Boot: Normal
¤¤¤¤¤¤ Processes ------- Memory(Ko) ------- Priority ------ Command ------- Signer
C:\Windows\System32\smss.exe ---- 1500 Ko ---- Normal ---- \SystemRoot\System32\smss.exe ----
C:\Windows\system32\csrss.exe ---- 11204 Ko ---- Normal ---- C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 ----
C:\Windows\system32\wininit.exe ---- 10804 Ko ---- High ---- wininit.exe ----
C:\Windows\system32\csrss.exe ---- 8512 Ko ---- Normal ---- C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 ----
C:\Windows\system32\winlogon.exe ---- 13552 Ko ---- High ---- winlogon.exe ----
C:\Windows\system32\services.exe ---- 6788 Ko ---- Normal ---- C:\Windows\system32\services.exe ----
C:\Windows\system32\lsass.exe ---- 3192 Ko ---- Normal ---- C:\Windows\system32\lsass.exe ----
C:\Windows\system32\lsm.exe ---- 10628 Ko ---- Normal ---- C:\Windows\system32\lsm.exe ----
C:\Windows\system32\svchost.exe ---- 6544 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k DcomLaunch ----
C:\Windows\system32\svchost.exe ---- 6128 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k rpcss ----
C:\Windows\System32\svchost.exe ---- 12240 Ko ---- Normal ---- C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted ----
C:\Windows\System32\svchost.exe ---- 68956 Ko ---- Normal ---- C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted ----
C:\Windows\system32\svchost.exe ---- 58148 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k netsvcs ----
C:\Windows\system32\svchost.exe ---- 11632 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k LocalService ----
C:\Windows\system32\svchost.exe ---- 18728 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k NetworkService ----
C:\Program Files\Avira\AntiVir Desktop\sched.exe ---- 1084 Ko ---- Normal ---- "C:\Program Files\Avira\AntiVir Desktop\sched.exe" ----
C:\Windows\system32\svchost.exe ---- 12256 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork ----
C:\Program Files\Avira\AntiVir Desktop\avguard.exe ---- 20936 Ko ---- Normal ---- "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" ----
C:\Windows\system32\svchost.exe ---- 8504 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k hpdevmgmt ----
C:\Windows\system32\svchost.exe ---- 2508 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k HsfXAudioService ----
C:\Windows\System32\svchost.exe ---- 3036 Ko ---- Normal ---- C:\Windows\System32\svchost.exe -k HPZ12 ----
C:\Windows\System32\svchost.exe ---- 2780 Ko ---- Normal ---- C:\Windows\System32\svchost.exe -k HPZ12 ----
C:\Windows\system32\svchost.exe ---- 5020 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted ----
C:\Windows\system32\svchost.exe ---- 6720 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k imgsvc ----
C:\Windows\System32\svchost.exe ---- 2156 Ko ---- Normal ---- C:\Windows\System32\svchost.exe -k WerSvcGroup ----
C:\Windows\system32\Dwm.exe ---- 41288 Ko ---- High ---- "C:\Windows\system32\Dwm.exe" ----
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe ---- 2512 Ko ---- Normal ---- "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min ----
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe ---- 8988 Ko ---- Normal ---- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe ---- Microsoft Corporation
C:\Windows\system32\WUDFHost.exe ---- 5840 Ko ---- Normal ---- "C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-3ce9f560-35a5-44d8-a40a-5b1c93de0a68 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5cd6f290-5752-4d13-9cb4-ab93cf894042 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-522a85d3-db55-4d58-b91c-92397ac1b1e1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cdb6f739-585d-4ff3-98f0-9ce37d208541 ----
C:\Windows\system32\SearchIndexer.exe ---- 26768 Ko ---- Normal ---- C:\Windows\system32\SearchIndexer.exe /Embedding ----
C:\Windows\system32\SearchProtocolHost.exe ---- 11704 Ko ---- Idle ---- "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" ----
C:\Windows\System32\spoolsv.exe ---- 9820 Ko ---- Normal ---- C:\Windows\System32\spoolsv.exe ----
C:\Windows\system32\taskeng.exe ---- 4524 Ko ---- Normal ---- taskeng.exe {20D3911B-C762-47F3-BC0C-95676F03BC56} ----
C:\Windows\servicing\TrustedInstaller.exe ---- 8028 Ko ---- Normal ---- C:\Windows\servicing\TrustedInstaller.exe ----
C:\Windows\system32\msiexec.exe ---- 4848 Ko ---- Normal ---- C:\Windows\system32\msiexec /V ----
C:\Windows\system32\SLsvc.exe ---- 10804 Ko ---- Normal ---- C:\Windows\system32\SLsvc.exe ----
C:\Windows\Explorer.exe ---- 52016 Ko ---- Normal ---- Explorer.exe ----
C:\Program Files\Mozilla Firefox\firefox.exe ---- 87492 Ko ---- Normal ---- "C:\Program Files\Mozilla Firefox\firefox.exe" ---- Mozilla Corporation
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe ---- 7888 Ko ---- Normal ---- "C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" ---- Microsoft Corporation
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ---- 1880 Ko ---- Normal ---- "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -Embedding ---- Google Inc
C:\Windows\system32\taskeng.exe ---- 3904 Ko ---- Below Normal ---- taskeng.exe {C7834365-2EF8-430F-9042-BA7F3A798516} ----
C:\Windows\system32\taskeng.exe ---- 3872 Ko ---- Below Normal ---- taskeng.exe {79296479-1707-4B01-804B-7BB15C442F55} ----
C:\Windows\system32\SearchFilterHost.exe ---- 4224 Ko ---- Idle ---- "C:\Windows\system32\SearchFilterHost.exe" 0 612 616 624 65536 620 ----
C:\Windows\system32\cmd.exe ---- 2388 Ko ---- Normal ---- C:\Windows\system32\cmd.exe /K List'em.bat ----
C:\Windows\system32\wbem\wmiprvse.exe ---- 8568 Ko ---- Normal ---- C:\Windows\system32\wbem\wmiprvse.exe ----
C:\Windows\system32\DllHost.exe ---- 4128 Ko ---- Normal ---- C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ----
C:\Program Files\List_Kill'em\pv.exe ---- 5392 Ko ---- Normal ---- pv -o"%f ---- %m Ko ---- %p ---- %l ---- %s" ----
¤¤¤¤¤¤¤¤¤¤ Keys "Run" ¤¤¤¤¤¤¤¤¤¤
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
SpybotSD TeaTimer = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
swg = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
avgnt = "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
StartCCC = "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
NDSTray.exe = NDSTray.exe
TPwrMain = %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
RtHDVCpl = RtHDVCpl.exe
cfFncEnabler.exe = cfFncEnabler.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
@ =
¤¤¤¤¤¤¤¤¤¤ Other System Keys ¤¤¤¤¤¤¤¤¤¤
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveAutoRun = 3 (0x3)
NoDriveTypeAutoRun = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
BindDirectlyToPropertySetStorage = 0 (0x0)
NoDriveAutoRun = 3 (0x3)
NoDriveTypeAutoRun = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS =
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
Shell = Explorer.exe
Userinit = C:\Windows\system32\Userinit.exe,
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
¤¤¤¤¤¤¤¤¤¤ ActivX | COM ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]
¤¤¤¤¤¤¤¤¤¤ BHO ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
¤¤¤¤¤¤¤¤¤¤ DNS ¤¤¤¤¤¤¤¤¤¤
HKLM\SYSTEM\CS1\Services\Tcpip\..\{88DB93C5-D751-4126-BFE4-064FAD43E7CC}: NameServer=62.201.129.99 62.201.159.99
HKLM\SYSTEM\CS1\Services\Tcpip\..\{AA52AC40-7AA2-4005-80DD-B613D894E7CC}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{C03B27C1-C7E2-4D7F-94F6-087CBA6137DC}: DhcpNameServer=109.0.64.243 86.64.233.85
HKLM\SYSTEM\CS2\Services\Tcpip\..\{88DB93C5-D751-4126-BFE4-064FAD43E7CC}: NameServer=62.201.129.99 62.201.159.99
HKLM\SYSTEM\CS2\Services\Tcpip\..\{AA52AC40-7AA2-4005-80DD-B613D894E7CC}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{C03B27C1-C7E2-4D7F-94F6-087CBA6137DC}: DhcpNameServer=109.0.64.243 86.64.233.85
¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.msn.com/fr-fr
Local Page = %SystemRoot%\system32\blank.htm
Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.msn.com/fr-fr
Local Page = C:\Windows\system32\blank.htm
Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
¤¤¤¤¤ Proxy Internet Explorer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
ProxyEnable = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤ Proxy Firefox ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ TaskCache ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\Ad-Aware Update (Weekly)]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\Apple]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\GoogleUpdateTaskMachineCore]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\GoogleUpdateTaskMachineUA]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\Microsoft]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\RunAsStdUser Task for VeohWebPlayer]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\{8FF000F1-81B0-4040-8BC1-46DC84E19318}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\{EAA22F88-549F-4815-86E2-1FA28A59754C}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\{FF7FBDEE-2414-4A57-A574-4CA56B46D433}]
¤¤¤¤¤¤¤¤¤¤ IFEO ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DllNXOptions]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\IEInstal.exe]
¤¤¤¤¤¤¤¤¤¤ File Protection ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Windows File Protection]
KnownDllList = nlhtml.dll
¤¤¤¤¤¤¤¤¤¤ Safemode ¤¤¤¤¤¤¤¤¤¤
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot : OK !!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal : OK !!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network : OK !!
¤¤¤¤¤¤¤¤¤¤ Atapi.sys ¤¤¤¤¤¤¤¤¤¤
[MD5.1f05b78ab91c9075565a9d8a4b880bc4] - C:\Windows\System32\drivers\atapi.sys
[MD5.0d83c87a801a3dfcd1bf73893fe7518c] - C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[MD5.1f05b78ab91c9075565a9d8a4b880bc4] - C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[MD5.4f4fcb8b6ea06784fb6d475b7ec7300f] - C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[MD5.2d9c903dc76a66813d350a562de40ed9] - C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[MD5.2d9c903dc76a66813d350a562de40ed9] - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[MD5.0d83c87a801a3dfcd1bf73893fe7518c] - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[MD5.96dc4e1a9f90ccd489950a8935425c59] - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
[MD5.1f05b78ab91c9075565a9d8a4b880bc4] - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
¤¤¤¤¤ Reference
Win 2000_SP2 : ff953a8f08ca3f822127654375786bbe
Win 2000_SP4 : 8c718aa8c77041b3285d55a0ce980867
Win XP_32b : a64013e98426e1877cb653685c5c0009
Win XP_SP1_32b : 95b858761a00e1d4f81f79a0da019aca
Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
Vista_32b : e03e8c99d15d0381e02743c36afc7c6f
Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
Windows 7_32b : 338c86357871c167a96ab976519bf59e
Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C
¤¤¤¤¤¤¤¤¤¤ Explorer ¤¤¤¤¤¤¤¤¤¤
[MD5.d07d4c3038f3578ffce1c0237f2a1253] - C:\Windows\explorer.exe
[MD5.37440d09deae0b672a04dccf7abf06be] - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[MD5.e7156b0b74762d9de0e66bdcde06e5fb] - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[MD5.ffa764631cb70a30065c12ef8e174f9f] - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[MD5.4f554999d7d5f05daaebba7b5ba1089d] - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[MD5.50ba5850147410cde89c523ad3bc606e] - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[MD5.d07d4c3038f3578ffce1c0237f2a1253] - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
¤¤¤¤¤¤¤¤¤¤ Winlogon ¤¤¤¤¤¤¤¤¤¤
[MD5.898e7c06a350d4a1a64a9ea264d55452] - C:\Windows\System32\winlogon.exe
[MD5.c2610b6bdbefc053bbdab4f1b965cb24] - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[MD5.898e7c06a350d4a1a64a9ea264d55452] - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
¤¤¤¤¤¤¤¤¤¤ Drive ¤¤¤¤¤¤¤¤¤¤
D'fragmenteur de disque Windows
Copyright (c) 2006 Microsoft Corp.
Rapport d'analyse pour le volume C: Vista
Taille du volume = 74.37 Go
Espace libre = 37.21 Go
tendue d'espace libre la plus grande = 21.26 Go
Pourcentage de fragmentation des fichiers = 1 %
Remarqueÿ: sur les volumes NTFS, les fragments de fichiers de plus de 64ÿMo ne sont pas inclus dans les statistiques de fragmentation.
Il n'est pas n'cessaire de d'fragmenter ce volume.
¤¤¤¤¤¤¤¤¤¤ Mountpoints2 ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ First Scan ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤
[HKEY_CURRENT_USER\software\Adobe]
[HKEY_CURRENT_USER\software\AppDataLow]
[HKEY_CURRENT_USER\software\Apple Computer, Inc.]
[HKEY_CURRENT_USER\software\Astonsoft]
[HKEY_CURRENT_USER\software\ATI]
[HKEY_CURRENT_USER\software\ATI Technologies Inc.]
[HKEY_CURRENT_USER\software\Avira]
[HKEY_CURRENT_USER\software\CEC_CM_SW]
[HKEY_CURRENT_USER\software\Clients]
[HKEY_CURRENT_USER\software\Cyberlink]
[HKEY_CURRENT_USER\software\DivXNetworks]
[HKEY_CURRENT_USER\software\Gabest]
[HKEY_CURRENT_USER\software\GNU]
[HKEY_CURRENT_USER\software\Google]
[HKEY_CURRENT_USER\software\Haali]
[HKEY_CURRENT_USER\software\Hewlett-Packard]
[HKEY_CURRENT_USER\software\IM Providers]
[HKEY_CURRENT_USER\software\JavaSoft]
[HKEY_CURRENT_USER\software\Lavasoft]
[HKEY_CURRENT_USER\software\Licenses]
[HKEY_CURRENT_USER\software\Local AppWizard-Generated Applications]
[HKEY_CURRENT_USER\software\Macromedia]
[HKEY_CURRENT_USER\software\madFlac]
[HKEY_CURRENT_USER\software\MediaInfo]
[HKEY_CURRENT_USER\software\Microsoft]
[HKEY_CURRENT_USER\software\MimarSinan]
[HKEY_CURRENT_USER\software\MONOGRAM]
[HKEY_CURRENT_USER\software\Mozilla]
[HKEY_CURRENT_USER\software\MozillaPlugins]
[HKEY_CURRENT_USER\software\Netscape]
[HKEY_CURRENT_USER\software\ODBC]
[HKEY_CURRENT_USER\software\Piriform]
[HKEY_CURRENT_USER\software\Policies]
[HKEY_CURRENT_USER\software\RealNetworks]
[HKEY_CURRENT_USER\software\Realtek]
[HKEY_CURRENT_USER\software\Safer Networking Limited]
[HKEY_CURRENT_USER\software\Skype]
[HKEY_CURRENT_USER\software\Synaptics]
[HKEY_CURRENT_USER\software\TOSHIBA]
[HKEY_CURRENT_USER\software\Trolltech]
[HKEY_CURRENT_USER\software\Usbfix]
[HKEY_CURRENT_USER\software\Veoh]
[HKEY_CURRENT_USER\software\Winamp]
[HKEY_CURRENT_USER\software\WinRAR]
[HKEY_CURRENT_USER\software\WinRAR SFX]
[HKEY_CURRENT_USER\software\YahooPartnerToolbar]
[HKEY_CURRENT_USER\software\Zattoo]
[HKEY_CURRENT_USER\software\Zattoo Inc.]
[HKEY_CURRENT_USER\software\Classes]
[@ = ]
[HKEY_LOCAL_MACHINE\software\Adobe]
[HKEY_LOCAL_MACHINE\software\Agere]
[HKEY_LOCAL_MACHINE\software\America Online]
[HKEY_LOCAL_MACHINE\software\Apple Computer, Inc.]
[HKEY_LOCAL_MACHINE\software\Atheros]
[HKEY_LOCAL_MACHINE\software\ATI]
[HKEY_LOCAL_MACHINE\software\ATI Technologies]
[HKEY_LOCAL_MACHINE\software\Avira]
[HKEY_LOCAL_MACHINE\software\BVRP Software, Inc]
[HKEY_LOCAL_MACHINE\software\CCleaner]
[HKEY_LOCAL_MACHINE\software\Chicony Electronics Co.,Ltd.]
[HKEY_LOCAL_MACHINE\software\Classes]
[HKEY_LOCAL_MACHINE\software\Clients]
[HKEY_LOCAL_MACHINE\software\Codec Tweak Tool]
[HKEY_LOCAL_MACHINE\software\Conexant]
[HKEY_LOCAL_MACHINE\software\Conexant Systems]
[HKEY_LOCAL_MACHINE\software\Conexant Systems Inc ]
[HKEY_LOCAL_MACHINE\software\CXT]
[HKEY_LOCAL_MACHINE\software\Cyberlink]
[HKEY_LOCAL_MACHINE\software\DivXNetworks]
[HKEY_LOCAL_MACHINE\software\Fraps]
[HKEY_LOCAL_MACHINE\software\GNU]
[HKEY_LOCAL_MACHINE\software\Google]
[HKEY_LOCAL_MACHINE\software\HaaliMkx]
[HKEY_LOCAL_MACHINE\software\Hewlett-Packard]
[HKEY_LOCAL_MACHINE\software\InstalledOptions]
[HKEY_LOCAL_MACHINE\software\Intel]
[HKEY_LOCAL_MACHINE\software\JavaSoft]
[HKEY_LOCAL_MACHINE\software\JreMetrics]
[HKEY_LOCAL_MACHINE\software\Kit Internet Mobile Bouygues Telecom]
[HKEY_LOCAL_MACHINE\software\KLCodecPack]
[HKEY_LOCAL_MACHINE\software\Lavasoft]
[HKEY_LOCAL_MACHINE\software\Lucent]
[HKEY_LOCAL_MACHINE\software\Macromedia]
[HKEY_LOCAL_MACHINE\software\MCCI]
[HKEY_LOCAL_MACHINE\software\Microsoft]
[HKEY_LOCAL_MACHINE\software\MimarSinan]
[HKEY_LOCAL_MACHINE\software\Mozilla]
[HKEY_LOCAL_MACHINE\software\mozilla.org]
[HKEY_LOCAL_MACHINE\software\MozillaPlugins]
[HKEY_LOCAL_MACHINE\software\ODBC]
[HKEY_LOCAL_MACHINE\software\Policies]
[HKEY_LOCAL_MACHINE\software\RealNetworks]
[HKEY_LOCAL_MACHINE\software\Realtek]
[HKEY_LOCAL_MACHINE\software\Realtek Semiconductor Corp.]
[HKEY_LOCAL_MACHINE\software\Realtek USB 2.0 Card Reader]
[HKEY_LOCAL_MACHINE\software\RegisteredApplications]
[HKEY_LOCAL_MACHINE\software\RichFX]
[HKEY_LOCAL_MACHINE\software\RTLSetup]
[HKEY_LOCAL_MACHINE\software\RtWLan]
[HKEY_LOCAL_MACHINE\software\Safer Networking Limited]
[HKEY_LOCAL_MACHINE\software\Samsung]
[HKEY_LOCAL_MACHINE\software\Samsung Electronics Co., Ltd.]
[HKEY_LOCAL_MACHINE\software\Skype]
[HKEY_LOCAL_MACHINE\software\SOFTWARE]
[HKEY_LOCAL_MACHINE\software\SRS Labs]
[HKEY_LOCAL_MACHINE\software\Synaptics]
[HKEY_LOCAL_MACHINE\software\Sys Modules]
[HKEY_LOCAL_MACHINE\software\TOSHIBA]
[HKEY_LOCAL_MACHINE\software\Toshiba Tempo]
[HKEY_LOCAL_MACHINE\software\Ulead Systems]
[HKEY_LOCAL_MACHINE\software\VideoLAN]
[HKEY_LOCAL_MACHINE\software\Waves Audio]
[HKEY_LOCAL_MACHINE\software\Windows]
[HKEY_LOCAL_MACHINE\software\WinRAR]
[HKEY_LOCAL_MACHINE\software\WOW6432Node]
[HKEY_LOCAL_MACHINE\software\X-AVCSD]
[HKEY_LOCAL_MACHINE\software\Xing Technology Corp.]
¤¤¤¤¤¤¤¤¤¤ Files/folders ¤¤¤¤¤¤¤¤¤¤
Present !! : C:\ProgramData\ezsidmv.dat
Present !! : C:\ProgramData\hpzinstall.log
Present !! : C:\ProgramData\ezsidmv.dat
Present !! : C:\ProgramData\hpzinstall.log
Present !! : C:\ProgramData\ezsidmv.dat
Present !! : C:\ProgramData\hpzinstall.log
Present !! : C:\ProgramData\ezsidmv.dat
Present !! : C:\ProgramData\hpzinstall.log
Present !! : C:\Users\fleur\AppData\Local\d3d9caps.dat
Present !! : C:\Users\fleur\AppData\Local\GDIPFONTCACHEV1.DAT
¤¤¤¤¤¤¤¤¤¤ Keys :
Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}
FEATURE_BROWSER_EMULATION | svchost :
====================================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-10-09 01:30:29
Windows 6.0.6002 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
kernel: MBR read successfully
user & kernel MBR OK
¤¤¤¤¤¤¤¤¤¤ Programs ¤¤¤¤¤¤¤¤¤¤
32 Bit HP CIO Components Installer 1.0.0
AIO_CDA_ProductContext 82.0.233.000
AIO_CDA_Software 82.0.233.000
AIO_Scan 82.0.173.000
ATI Catalyst Install Manager 3.0.664.0
Adobe Flash Player 10 ActiveX 10.0.32.18
Adobe Flash Player 10 Plugin 10.0.32.18
Adobe Reader 8.2.3 - Français 8.2.3
Apple Software Update 2.1.1.116
Archiveur WinRAR
Assistant de connexion Windows Live 5.000.818.5
Atheros Driver Installation Program 5.0
Atheros Wi-Fi Protected Setup Library
Avira AntiVir Personal - Free Antivirus
BufferChm 82.0.173.000
C5100 82.0.233.000
CCC Help Chinese Standard 2008.0422.2138.36895
CCC Help Chinese Traditional 2008.0422.2138.36895
CCC Help Czech 2008.0422.2138.36895
CCC Help Danish 2008.0422.2138.36895
CCC Help Dutch 2008.0422.2138.36895
CCC Help English 2008.0422.2138.36895
CCC Help Finnish 2008.0422.2138.36895
CCC Help French 2008.0422.2138.36895
CCC Help German 2008.0422.2138.36895
CCC Help Greek 2008.0422.2138.36895
CCC Help Hungarian 2008.0422.2138.36895
CCC Help Italian 2008.0422.2138.36895
CCC Help Japanese 2008.0422.2138.36895
CCC Help Korean 2008.0422.2138.36895
CCC Help Norwegian 2008.0422.2138.36895
CCC Help Polish 2008.0422.2138.36895
CCC Help Portuguese 2008.0422.2138.36895
CCC Help Russian 2008.0422.2138.36895
CCC Help Spanish 2008.0422.2138.36895
CCC Help Swedish 2008.0422.2138.36895
CCC Help Thai 2008.0422.2138.36895
CCC Help Turkish 2008.0422.2138.36895
CCleaner (remove only)
Camera Assistant Software for Toshiba 1.7.231.1126L
Catalyst Control Center - Branding 1.00.0000
Catalyst Control Center Core Implementation 2008.0422.2139.36895
Catalyst Control Center Graphics Full Existing 2008.0422.2139.36895
Catalyst Control Center Graphics Full New 2008.0422.2139.36895
Catalyst Control Center Graphics Light 2008.0422.2139.36895
Catalyst Control Center Graphics Previews Vista 2008.0422.2139.36895
Catalyst Control Center Localization Chinese Standard 2008.0422.2139.36895
Catalyst Control Center Localization Chinese Traditional 2008.0422.2139.36895
Catalyst Control Center Localization Czech 2008.0422.2139.36895
Catalyst Control Center Localization Danish 2008.0422.2139.36895
Catalyst Control Center Localization Dutch 2008.0422.2139.36895
Catalyst Control Center Localization Finnish 2008.0422.2139.36895
Catalyst Control Center Localization French 2008.0422.2139.36895
Catalyst Control Center Localization German 2008.0422.2139.36895
Catalyst Control Center Localization Greek 2008.0422.2139.36895
Catalyst Control Center Localization Hungarian 2008.0422.2139.36895
Catalyst Control Center Localization Italian 2008.0422.2139.36895
Catalyst Control Center Localization Japanese 2008.0422.2139.36895
Catalyst Control Center Localization Korean 2008.0422.2139.36895
Catalyst Control Center Localization Norwegian 2008.0422.2139.36895
Catalyst Control Center Localization Polish 2008.0422.2139.36895
Catalyst Control Center Localization Portuguese 2008.0422.2139.36895
Catalyst Control Center Localization Russian 2008.0422.2139.36895
Catalyst Control Center Localization Spanish 2008.0422.2139.36895
Catalyst Control Center Localization Swedish 2008.0422.2139.36895
Catalyst Control Center Localization Thai 2008.0422.2139.36895
Catalyst Control Center Localization Turkish 2008.0422.2139.36895
Codeur Windows Media Série 9 9.00.3369
Codeur Windows Media Série 9
Copy 82.0.188.000
CustomerResearchQFolder 1.00.0000
DeepBurner v1.9.0.228
Destinations 82.0.173.000
DeviceManagementQFolder 1.00.0000
DocProc 8.1.0.0
DocProcQFolder 1.00.0000
Fax 82.0.188.000
Galerie de photos Windows Live 14.0.8081.709
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer 1.0.0
Google Update Helper 1.2.183.29
HDAUDIO Soft Data Fax Modem with SmartCP 7.80.2.0
HP Customer Participation Program 8.0 8.0
HP Imaging Device Functions 8.0 8.0
HP OCR Software 8.0 8.0
HP Photosmart.All-In-One Driver Software 8.0 .A 8.0
HP Solution Center 8.0 8.0
HP Update 4.000.005.006
HPProductAssistant 82.0.173.000
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) 1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) 1
Installation Windows Live 14.0.8089.726
Installation Windows Live 14.0.8089.0726
Java(TM) 6 Update 17 6.0.170
Java(TM) 6 Update 3 1.6.0.30
Java(TM) 6 Update 7 1.6.0.70
Junk Mail filter update 14.0.8089.726
K-Lite Codec Pack 5.8.0 (Full) 5.8.0
Kit Internet Mobile Bouygues Telecom 1.0.0.1
List_Kill'em
MSVCRT 14.0.1468.721
MSXML 4.0 SP2 (KB941833) 4.20.9849.0
MSXML 4.0 SP2 (KB954430) 4.20.9870.0
MSXML 4.0 SP2 (KB973688) 4.20.9876.0
Manuels TOSHIBA 7.40
MarketResearch 82.0.174.000
Microsoft .NET Framework 3.5 Language Pack SP1 - fra 3.5.30729
Microsoft .NET Framework 3.5 SP1 3.5.30729
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting 12.0.6012.5000
Microsoft Choice Guard 2.0.48.0
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (French) 2007 12.0.6425.1000
Microsoft Office Excel MUI (French) 2007 12.0.6425.1000
Microsoft Office InfoPath MUI (French) 2007 12.0.6425.1000
Microsoft Office Live Add-in 1.3 2.0.2313.0
Microsoft Office Outlook Connector 12.0.6423.1000
Microsoft Office Outlook MUI (French) 2007 12.0.6425.1000
Microsoft Office PowerPoint MUI (French) 2007 12.0.6425.1000
Microsoft Office PowerPoint Viewer 2007 (French) 12.0.6425.1000
Microsoft Office Professional Plus 2007 12.0.6425.1000
Microsoft Office Professional Plus 2007 12.0.6425.1000
Microsoft Office Proof (Arabic) 2007 12.0.6425.1000
Microsoft Office Proof (Dutch) 2007 12.0.6425.1000
Microsoft Office Proof (English) 2007 12.0.6425.1000
Microsoft Office Proof (French) 2007 12.0.6425.1000
Microsoft Office Proof (German) 2007 12.0.6425.1000
Microsoft Office Proof (Spanish) 2007 12.0.6425.1000
Microsoft Office Proofing (French) 2007 12.0.4518.1014
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (French) 2007 12.0.6425.1000
Microsoft Office Shared MUI (French) 2007 12.0.6425.1000
Microsoft Office Word MUI (French) 2007 12.0.6425.1000
Microsoft SQL Server 2005 Compact Edition [ENU] 3.1.0000
Microsoft Search Enhancement Pack 1.3.59.0
Microsoft Silverlight 4.0.50917.0
Microsoft Sync Framework Runtime Native v1.0 (x86) 1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86) 1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable 8.0.56336
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 9.0.30729
Microsoft Works 9.7.0621
Microsoft XML Parser 8.20.8730.4
Module de compatibilité pour Microsoft Office System 2007 12.0.6425.1000
Module linguistique Microsoft .NET Framework 3.5 SP1- fra
Mozilla Firefox (3.6.10) 3.6.10 (fr)
NetWaiting 2.5.52
OGA Notifier 2.0.0048.0 2.0.0048.0
Outil de téléchargement Windows Live 14.0.8014.1029
QuickTime 7.62.14.0
RealPlayer
Realtek 8169 8168 8101E 8102E Ethernet Driver 1.00.0000
Realtek High Definition Audio Driver 6.0.1.5599
Realtek USB 2.0 Card Reader
Réducteur de bruit du lecteur de CD/DVD 2.02.03
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer 1.00.0000
Samsung Samples Installer 1.00.0000
Scan 8.1.0.0
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) 1
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Skins 2008.0422.2139.36895
Skype Toolbars 1.0.4051
Skype? 4.1 4.1.179
SolutionCenter 82.0.188.000
Spybot - Search & Destroy 1.6.2
Status 82.0.173.000
Synaptics Pointing Device Driver 11.2.4.0
TOSHIBA Assist 2.01.04
TOSHIBA ConfigFree 7.2.13
TOSHIBA DVD PLAYER 1.30.12
TOSHIBA Disc Creator 2.0.1.3
TOSHIBA Extended Tiles for Windows Mobility Center 1.01.00
TOSHIBA Extended Tiles for Windows Mobility Center 1.01.00
TOSHIBA Face Recognition 2.0.17.32
TOSHIBA Face Recognition 2.0.17.32
TOSHIBA Hardware Setup 2.00.08
TOSHIBA Recovery Disc Creator 2.0.0.1b
TOSHIBA Supervisor Password 2.00.04
TOSHIBA Value Added Package 1.1.19
TOSHIBA Value Added Package 1.1.19
TRDCReminder 1.00.0015
TRDCReminder 1.00.0015
TRORDCLauncher 1.0.0.1
TRORDCLauncher 1.0.0.1
Toolbox 82.0.173.000
Toshiba Online Product Information 1.00.0012
Toshiba TEMPRO 1.2
TrayApp 82.0.188.000
UnloadSupport 1.00.0000
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) 1
Update for Outlook 2007 Junk Email Filter (kb2291599)
UsbFix By El Desaparecido & C_XX
VLC media player 1.0.3 1.0.3
Veoh Web Player 1.1.6.1160
Visual C++ 2008 x86 Runtime - (v9.0.30729) 9.0.30729
Visual C++ 2008 x86 Runtime - v9.0.30729.01 9.0.30729.01
WebReg 82.0.173.000
Windows Live Call 14.0.8064.0206
Windows Live Communications Platform 14.0.8064.206
Windows Live FolderShare 14.0.8089.726
Windows Live Mail 14.0.8089.0726
Windows Live Messenger 14.0.8089.0726
Windows Live Movie Maker 14.0.8091.0730
Windows Live Toolbar 14.0.8064.206
Windows Live Writer 14.0.8089.0726
Windows Media Player Firefox Plugin 1.0.0.8
ZHPDiag 1.26 1.26
c5100_Help 82.0.233.000
ccc-core-static 2008.0422.2139.36895
ccc-utility 2008.0422.2139.36895
eSupportQFolder 1.00.0000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
cval = 1 (0x1)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
End of scan : 1:31:21,23
User : fleur (Administrateurs)
Update on 04/10/2010 by g3n-h@ckm@n ::::: 21.00
Start at: 01:10:21 | 09/10/2010
AMD Sempron(tm) SI-40
Microsoft® Windows Vista(TM) Édition Familiale Basique (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 7.0.6002.18005
Windows Firewall Status : Enabled
C:\ -> Disque fixe local | 74,37 Go (37,21 Go free) [Vista] | NTFS
D:\ -> Disque amovible | 7,45 Go (2,02 Go free) [YOUHOU] | FAT32
E:\ -> Disque fixe local | 73,21 Go (5,9 Go free) [Data] | NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque fixe local | 465,76 Go (76,32 Go free) [Crop BIEn] | NTFS
H:\ -> Disque amovible
Boot: Normal
¤¤¤¤¤¤ Processes ------- Memory(Ko) ------- Priority ------ Command ------- Signer
C:\Windows\System32\smss.exe ---- 1500 Ko ---- Normal ---- \SystemRoot\System32\smss.exe ----
C:\Windows\system32\csrss.exe ---- 11204 Ko ---- Normal ---- C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 ----
C:\Windows\system32\wininit.exe ---- 10804 Ko ---- High ---- wininit.exe ----
C:\Windows\system32\csrss.exe ---- 8512 Ko ---- Normal ---- C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 ----
C:\Windows\system32\winlogon.exe ---- 13552 Ko ---- High ---- winlogon.exe ----
C:\Windows\system32\services.exe ---- 6788 Ko ---- Normal ---- C:\Windows\system32\services.exe ----
C:\Windows\system32\lsass.exe ---- 3192 Ko ---- Normal ---- C:\Windows\system32\lsass.exe ----
C:\Windows\system32\lsm.exe ---- 10628 Ko ---- Normal ---- C:\Windows\system32\lsm.exe ----
C:\Windows\system32\svchost.exe ---- 6544 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k DcomLaunch ----
C:\Windows\system32\svchost.exe ---- 6128 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k rpcss ----
C:\Windows\System32\svchost.exe ---- 12240 Ko ---- Normal ---- C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted ----
C:\Windows\System32\svchost.exe ---- 68956 Ko ---- Normal ---- C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted ----
C:\Windows\system32\svchost.exe ---- 58148 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k netsvcs ----
C:\Windows\system32\svchost.exe ---- 11632 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k LocalService ----
C:\Windows\system32\svchost.exe ---- 18728 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k NetworkService ----
C:\Program Files\Avira\AntiVir Desktop\sched.exe ---- 1084 Ko ---- Normal ---- "C:\Program Files\Avira\AntiVir Desktop\sched.exe" ----
C:\Windows\system32\svchost.exe ---- 12256 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork ----
C:\Program Files\Avira\AntiVir Desktop\avguard.exe ---- 20936 Ko ---- Normal ---- "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" ----
C:\Windows\system32\svchost.exe ---- 8504 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k hpdevmgmt ----
C:\Windows\system32\svchost.exe ---- 2508 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k HsfXAudioService ----
C:\Windows\System32\svchost.exe ---- 3036 Ko ---- Normal ---- C:\Windows\System32\svchost.exe -k HPZ12 ----
C:\Windows\System32\svchost.exe ---- 2780 Ko ---- Normal ---- C:\Windows\System32\svchost.exe -k HPZ12 ----
C:\Windows\system32\svchost.exe ---- 5020 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted ----
C:\Windows\system32\svchost.exe ---- 6720 Ko ---- Normal ---- C:\Windows\system32\svchost.exe -k imgsvc ----
C:\Windows\System32\svchost.exe ---- 2156 Ko ---- Normal ---- C:\Windows\System32\svchost.exe -k WerSvcGroup ----
C:\Windows\system32\Dwm.exe ---- 41288 Ko ---- High ---- "C:\Windows\system32\Dwm.exe" ----
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe ---- 2512 Ko ---- Normal ---- "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min ----
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe ---- 8988 Ko ---- Normal ---- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe ---- Microsoft Corporation
C:\Windows\system32\WUDFHost.exe ---- 5840 Ko ---- Normal ---- "C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-3ce9f560-35a5-44d8-a40a-5b1c93de0a68 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5cd6f290-5752-4d13-9cb4-ab93cf894042 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-522a85d3-db55-4d58-b91c-92397ac1b1e1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cdb6f739-585d-4ff3-98f0-9ce37d208541 ----
C:\Windows\system32\SearchIndexer.exe ---- 26768 Ko ---- Normal ---- C:\Windows\system32\SearchIndexer.exe /Embedding ----
C:\Windows\system32\SearchProtocolHost.exe ---- 11704 Ko ---- Idle ---- "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" ----
C:\Windows\System32\spoolsv.exe ---- 9820 Ko ---- Normal ---- C:\Windows\System32\spoolsv.exe ----
C:\Windows\system32\taskeng.exe ---- 4524 Ko ---- Normal ---- taskeng.exe {20D3911B-C762-47F3-BC0C-95676F03BC56} ----
C:\Windows\servicing\TrustedInstaller.exe ---- 8028 Ko ---- Normal ---- C:\Windows\servicing\TrustedInstaller.exe ----
C:\Windows\system32\msiexec.exe ---- 4848 Ko ---- Normal ---- C:\Windows\system32\msiexec /V ----
C:\Windows\system32\SLsvc.exe ---- 10804 Ko ---- Normal ---- C:\Windows\system32\SLsvc.exe ----
C:\Windows\Explorer.exe ---- 52016 Ko ---- Normal ---- Explorer.exe ----
C:\Program Files\Mozilla Firefox\firefox.exe ---- 87492 Ko ---- Normal ---- "C:\Program Files\Mozilla Firefox\firefox.exe" ---- Mozilla Corporation
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe ---- 7888 Ko ---- Normal ---- "C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" ---- Microsoft Corporation
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ---- 1880 Ko ---- Normal ---- "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -Embedding ---- Google Inc
C:\Windows\system32\taskeng.exe ---- 3904 Ko ---- Below Normal ---- taskeng.exe {C7834365-2EF8-430F-9042-BA7F3A798516} ----
C:\Windows\system32\taskeng.exe ---- 3872 Ko ---- Below Normal ---- taskeng.exe {79296479-1707-4B01-804B-7BB15C442F55} ----
C:\Windows\system32\SearchFilterHost.exe ---- 4224 Ko ---- Idle ---- "C:\Windows\system32\SearchFilterHost.exe" 0 612 616 624 65536 620 ----
C:\Windows\system32\cmd.exe ---- 2388 Ko ---- Normal ---- C:\Windows\system32\cmd.exe /K List'em.bat ----
C:\Windows\system32\wbem\wmiprvse.exe ---- 8568 Ko ---- Normal ---- C:\Windows\system32\wbem\wmiprvse.exe ----
C:\Windows\system32\DllHost.exe ---- 4128 Ko ---- Normal ---- C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ----
C:\Program Files\List_Kill'em\pv.exe ---- 5392 Ko ---- Normal ---- pv -o"%f ---- %m Ko ---- %p ---- %l ---- %s" ----
¤¤¤¤¤¤¤¤¤¤ Keys "Run" ¤¤¤¤¤¤¤¤¤¤
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
SpybotSD TeaTimer = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
swg = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
avgnt = "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
StartCCC = "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
NDSTray.exe = NDSTray.exe
TPwrMain = %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
RtHDVCpl = RtHDVCpl.exe
cfFncEnabler.exe = cfFncEnabler.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
@ =
¤¤¤¤¤¤¤¤¤¤ Other System Keys ¤¤¤¤¤¤¤¤¤¤
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveAutoRun = 3 (0x3)
NoDriveTypeAutoRun = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
BindDirectlyToPropertySetStorage = 0 (0x0)
NoDriveAutoRun = 3 (0x3)
NoDriveTypeAutoRun = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS =
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
Shell = Explorer.exe
Userinit = C:\Windows\system32\Userinit.exe,
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
¤¤¤¤¤¤¤¤¤¤ ActivX | COM ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]
¤¤¤¤¤¤¤¤¤¤ BHO ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
¤¤¤¤¤¤¤¤¤¤ DNS ¤¤¤¤¤¤¤¤¤¤
HKLM\SYSTEM\CS1\Services\Tcpip\..\{88DB93C5-D751-4126-BFE4-064FAD43E7CC}: NameServer=62.201.129.99 62.201.159.99
HKLM\SYSTEM\CS1\Services\Tcpip\..\{AA52AC40-7AA2-4005-80DD-B613D894E7CC}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{C03B27C1-C7E2-4D7F-94F6-087CBA6137DC}: DhcpNameServer=109.0.64.243 86.64.233.85
HKLM\SYSTEM\CS2\Services\Tcpip\..\{88DB93C5-D751-4126-BFE4-064FAD43E7CC}: NameServer=62.201.129.99 62.201.159.99
HKLM\SYSTEM\CS2\Services\Tcpip\..\{AA52AC40-7AA2-4005-80DD-B613D894E7CC}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{C03B27C1-C7E2-4D7F-94F6-087CBA6137DC}: DhcpNameServer=109.0.64.243 86.64.233.85
¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.msn.com/fr-fr
Local Page = %SystemRoot%\system32\blank.htm
Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.msn.com/fr-fr
Local Page = C:\Windows\system32\blank.htm
Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
¤¤¤¤¤ Proxy Internet Explorer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
ProxyEnable = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤ Proxy Firefox ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ TaskCache ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\Ad-Aware Update (Weekly)]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\Apple]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\GoogleUpdateTaskMachineCore]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\GoogleUpdateTaskMachineUA]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\Microsoft]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\RunAsStdUser Task for VeohWebPlayer]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\{8FF000F1-81B0-4040-8BC1-46DC84E19318}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\{EAA22F88-549F-4815-86E2-1FA28A59754C}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\{FF7FBDEE-2414-4A57-A574-4CA56B46D433}]
¤¤¤¤¤¤¤¤¤¤ IFEO ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DllNXOptions]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\IEInstal.exe]
¤¤¤¤¤¤¤¤¤¤ File Protection ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Windows File Protection]
KnownDllList = nlhtml.dll
¤¤¤¤¤¤¤¤¤¤ Safemode ¤¤¤¤¤¤¤¤¤¤
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot : OK !!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal : OK !!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network : OK !!
¤¤¤¤¤¤¤¤¤¤ Atapi.sys ¤¤¤¤¤¤¤¤¤¤
[MD5.1f05b78ab91c9075565a9d8a4b880bc4] - C:\Windows\System32\drivers\atapi.sys
[MD5.0d83c87a801a3dfcd1bf73893fe7518c] - C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[MD5.1f05b78ab91c9075565a9d8a4b880bc4] - C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[MD5.4f4fcb8b6ea06784fb6d475b7ec7300f] - C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[MD5.2d9c903dc76a66813d350a562de40ed9] - C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[MD5.2d9c903dc76a66813d350a562de40ed9] - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[MD5.0d83c87a801a3dfcd1bf73893fe7518c] - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[MD5.96dc4e1a9f90ccd489950a8935425c59] - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
[MD5.1f05b78ab91c9075565a9d8a4b880bc4] - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
¤¤¤¤¤ Reference
Win 2000_SP2 : ff953a8f08ca3f822127654375786bbe
Win 2000_SP4 : 8c718aa8c77041b3285d55a0ce980867
Win XP_32b : a64013e98426e1877cb653685c5c0009
Win XP_SP1_32b : 95b858761a00e1d4f81f79a0da019aca
Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
Vista_32b : e03e8c99d15d0381e02743c36afc7c6f
Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
Windows 7_32b : 338c86357871c167a96ab976519bf59e
Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C
¤¤¤¤¤¤¤¤¤¤ Explorer ¤¤¤¤¤¤¤¤¤¤
[MD5.d07d4c3038f3578ffce1c0237f2a1253] - C:\Windows\explorer.exe
[MD5.37440d09deae0b672a04dccf7abf06be] - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[MD5.e7156b0b74762d9de0e66bdcde06e5fb] - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[MD5.ffa764631cb70a30065c12ef8e174f9f] - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[MD5.4f554999d7d5f05daaebba7b5ba1089d] - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[MD5.50ba5850147410cde89c523ad3bc606e] - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[MD5.d07d4c3038f3578ffce1c0237f2a1253] - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
¤¤¤¤¤¤¤¤¤¤ Winlogon ¤¤¤¤¤¤¤¤¤¤
[MD5.898e7c06a350d4a1a64a9ea264d55452] - C:\Windows\System32\winlogon.exe
[MD5.c2610b6bdbefc053bbdab4f1b965cb24] - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[MD5.898e7c06a350d4a1a64a9ea264d55452] - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
¤¤¤¤¤¤¤¤¤¤ Drive ¤¤¤¤¤¤¤¤¤¤
D'fragmenteur de disque Windows
Copyright (c) 2006 Microsoft Corp.
Rapport d'analyse pour le volume C: Vista
Taille du volume = 74.37 Go
Espace libre = 37.21 Go
tendue d'espace libre la plus grande = 21.26 Go
Pourcentage de fragmentation des fichiers = 1 %
Remarqueÿ: sur les volumes NTFS, les fragments de fichiers de plus de 64ÿMo ne sont pas inclus dans les statistiques de fragmentation.
Il n'est pas n'cessaire de d'fragmenter ce volume.
¤¤¤¤¤¤¤¤¤¤ Mountpoints2 ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ First Scan ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤
[HKEY_CURRENT_USER\software\Adobe]
[HKEY_CURRENT_USER\software\AppDataLow]
[HKEY_CURRENT_USER\software\Apple Computer, Inc.]
[HKEY_CURRENT_USER\software\Astonsoft]
[HKEY_CURRENT_USER\software\ATI]
[HKEY_CURRENT_USER\software\ATI Technologies Inc.]
[HKEY_CURRENT_USER\software\Avira]
[HKEY_CURRENT_USER\software\CEC_CM_SW]
[HKEY_CURRENT_USER\software\Clients]
[HKEY_CURRENT_USER\software\Cyberlink]
[HKEY_CURRENT_USER\software\DivXNetworks]
[HKEY_CURRENT_USER\software\Gabest]
[HKEY_CURRENT_USER\software\GNU]
[HKEY_CURRENT_USER\software\Google]
[HKEY_CURRENT_USER\software\Haali]
[HKEY_CURRENT_USER\software\Hewlett-Packard]
[HKEY_CURRENT_USER\software\IM Providers]
[HKEY_CURRENT_USER\software\JavaSoft]
[HKEY_CURRENT_USER\software\Lavasoft]
[HKEY_CURRENT_USER\software\Licenses]
[HKEY_CURRENT_USER\software\Local AppWizard-Generated Applications]
[HKEY_CURRENT_USER\software\Macromedia]
[HKEY_CURRENT_USER\software\madFlac]
[HKEY_CURRENT_USER\software\MediaInfo]
[HKEY_CURRENT_USER\software\Microsoft]
[HKEY_CURRENT_USER\software\MimarSinan]
[HKEY_CURRENT_USER\software\MONOGRAM]
[HKEY_CURRENT_USER\software\Mozilla]
[HKEY_CURRENT_USER\software\MozillaPlugins]
[HKEY_CURRENT_USER\software\Netscape]
[HKEY_CURRENT_USER\software\ODBC]
[HKEY_CURRENT_USER\software\Piriform]
[HKEY_CURRENT_USER\software\Policies]
[HKEY_CURRENT_USER\software\RealNetworks]
[HKEY_CURRENT_USER\software\Realtek]
[HKEY_CURRENT_USER\software\Safer Networking Limited]
[HKEY_CURRENT_USER\software\Skype]
[HKEY_CURRENT_USER\software\Synaptics]
[HKEY_CURRENT_USER\software\TOSHIBA]
[HKEY_CURRENT_USER\software\Trolltech]
[HKEY_CURRENT_USER\software\Usbfix]
[HKEY_CURRENT_USER\software\Veoh]
[HKEY_CURRENT_USER\software\Winamp]
[HKEY_CURRENT_USER\software\WinRAR]
[HKEY_CURRENT_USER\software\WinRAR SFX]
[HKEY_CURRENT_USER\software\YahooPartnerToolbar]
[HKEY_CURRENT_USER\software\Zattoo]
[HKEY_CURRENT_USER\software\Zattoo Inc.]
[HKEY_CURRENT_USER\software\Classes]
[@ = ]
[HKEY_LOCAL_MACHINE\software\Adobe]
[HKEY_LOCAL_MACHINE\software\Agere]
[HKEY_LOCAL_MACHINE\software\America Online]
[HKEY_LOCAL_MACHINE\software\Apple Computer, Inc.]
[HKEY_LOCAL_MACHINE\software\Atheros]
[HKEY_LOCAL_MACHINE\software\ATI]
[HKEY_LOCAL_MACHINE\software\ATI Technologies]
[HKEY_LOCAL_MACHINE\software\Avira]
[HKEY_LOCAL_MACHINE\software\BVRP Software, Inc]
[HKEY_LOCAL_MACHINE\software\CCleaner]
[HKEY_LOCAL_MACHINE\software\Chicony Electronics Co.,Ltd.]
[HKEY_LOCAL_MACHINE\software\Classes]
[HKEY_LOCAL_MACHINE\software\Clients]
[HKEY_LOCAL_MACHINE\software\Codec Tweak Tool]
[HKEY_LOCAL_MACHINE\software\Conexant]
[HKEY_LOCAL_MACHINE\software\Conexant Systems]
[HKEY_LOCAL_MACHINE\software\Conexant Systems Inc ]
[HKEY_LOCAL_MACHINE\software\CXT]
[HKEY_LOCAL_MACHINE\software\Cyberlink]
[HKEY_LOCAL_MACHINE\software\DivXNetworks]
[HKEY_LOCAL_MACHINE\software\Fraps]
[HKEY_LOCAL_MACHINE\software\GNU]
[HKEY_LOCAL_MACHINE\software\Google]
[HKEY_LOCAL_MACHINE\software\HaaliMkx]
[HKEY_LOCAL_MACHINE\software\Hewlett-Packard]
[HKEY_LOCAL_MACHINE\software\InstalledOptions]
[HKEY_LOCAL_MACHINE\software\Intel]
[HKEY_LOCAL_MACHINE\software\JavaSoft]
[HKEY_LOCAL_MACHINE\software\JreMetrics]
[HKEY_LOCAL_MACHINE\software\Kit Internet Mobile Bouygues Telecom]
[HKEY_LOCAL_MACHINE\software\KLCodecPack]
[HKEY_LOCAL_MACHINE\software\Lavasoft]
[HKEY_LOCAL_MACHINE\software\Lucent]
[HKEY_LOCAL_MACHINE\software\Macromedia]
[HKEY_LOCAL_MACHINE\software\MCCI]
[HKEY_LOCAL_MACHINE\software\Microsoft]
[HKEY_LOCAL_MACHINE\software\MimarSinan]
[HKEY_LOCAL_MACHINE\software\Mozilla]
[HKEY_LOCAL_MACHINE\software\mozilla.org]
[HKEY_LOCAL_MACHINE\software\MozillaPlugins]
[HKEY_LOCAL_MACHINE\software\ODBC]
[HKEY_LOCAL_MACHINE\software\Policies]
[HKEY_LOCAL_MACHINE\software\RealNetworks]
[HKEY_LOCAL_MACHINE\software\Realtek]
[HKEY_LOCAL_MACHINE\software\Realtek Semiconductor Corp.]
[HKEY_LOCAL_MACHINE\software\Realtek USB 2.0 Card Reader]
[HKEY_LOCAL_MACHINE\software\RegisteredApplications]
[HKEY_LOCAL_MACHINE\software\RichFX]
[HKEY_LOCAL_MACHINE\software\RTLSetup]
[HKEY_LOCAL_MACHINE\software\RtWLan]
[HKEY_LOCAL_MACHINE\software\Safer Networking Limited]
[HKEY_LOCAL_MACHINE\software\Samsung]
[HKEY_LOCAL_MACHINE\software\Samsung Electronics Co., Ltd.]
[HKEY_LOCAL_MACHINE\software\Skype]
[HKEY_LOCAL_MACHINE\software\SOFTWARE]
[HKEY_LOCAL_MACHINE\software\SRS Labs]
[HKEY_LOCAL_MACHINE\software\Synaptics]
[HKEY_LOCAL_MACHINE\software\Sys Modules]
[HKEY_LOCAL_MACHINE\software\TOSHIBA]
[HKEY_LOCAL_MACHINE\software\Toshiba Tempo]
[HKEY_LOCAL_MACHINE\software\Ulead Systems]
[HKEY_LOCAL_MACHINE\software\VideoLAN]
[HKEY_LOCAL_MACHINE\software\Waves Audio]
[HKEY_LOCAL_MACHINE\software\Windows]
[HKEY_LOCAL_MACHINE\software\WinRAR]
[HKEY_LOCAL_MACHINE\software\WOW6432Node]
[HKEY_LOCAL_MACHINE\software\X-AVCSD]
[HKEY_LOCAL_MACHINE\software\Xing Technology Corp.]
¤¤¤¤¤¤¤¤¤¤ Files/folders ¤¤¤¤¤¤¤¤¤¤
Present !! : C:\ProgramData\ezsidmv.dat
Present !! : C:\ProgramData\hpzinstall.log
Present !! : C:\ProgramData\ezsidmv.dat
Present !! : C:\ProgramData\hpzinstall.log
Present !! : C:\ProgramData\ezsidmv.dat
Present !! : C:\ProgramData\hpzinstall.log
Present !! : C:\ProgramData\ezsidmv.dat
Present !! : C:\ProgramData\hpzinstall.log
Present !! : C:\Users\fleur\AppData\Local\d3d9caps.dat
Present !! : C:\Users\fleur\AppData\Local\GDIPFONTCACHEV1.DAT
¤¤¤¤¤¤¤¤¤¤ Keys :
Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}
FEATURE_BROWSER_EMULATION | svchost :
====================================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-10-09 01:30:29
Windows 6.0.6002 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
kernel: MBR read successfully
user & kernel MBR OK
¤¤¤¤¤¤¤¤¤¤ Programs ¤¤¤¤¤¤¤¤¤¤
32 Bit HP CIO Components Installer 1.0.0
AIO_CDA_ProductContext 82.0.233.000
AIO_CDA_Software 82.0.233.000
AIO_Scan 82.0.173.000
ATI Catalyst Install Manager 3.0.664.0
Adobe Flash Player 10 ActiveX 10.0.32.18
Adobe Flash Player 10 Plugin 10.0.32.18
Adobe Reader 8.2.3 - Français 8.2.3
Apple Software Update 2.1.1.116
Archiveur WinRAR
Assistant de connexion Windows Live 5.000.818.5
Atheros Driver Installation Program 5.0
Atheros Wi-Fi Protected Setup Library
Avira AntiVir Personal - Free Antivirus
BufferChm 82.0.173.000
C5100 82.0.233.000
CCC Help Chinese Standard 2008.0422.2138.36895
CCC Help Chinese Traditional 2008.0422.2138.36895
CCC Help Czech 2008.0422.2138.36895
CCC Help Danish 2008.0422.2138.36895
CCC Help Dutch 2008.0422.2138.36895
CCC Help English 2008.0422.2138.36895
CCC Help Finnish 2008.0422.2138.36895
CCC Help French 2008.0422.2138.36895
CCC Help German 2008.0422.2138.36895
CCC Help Greek 2008.0422.2138.36895
CCC Help Hungarian 2008.0422.2138.36895
CCC Help Italian 2008.0422.2138.36895
CCC Help Japanese 2008.0422.2138.36895
CCC Help Korean 2008.0422.2138.36895
CCC Help Norwegian 2008.0422.2138.36895
CCC Help Polish 2008.0422.2138.36895
CCC Help Portuguese 2008.0422.2138.36895
CCC Help Russian 2008.0422.2138.36895
CCC Help Spanish 2008.0422.2138.36895
CCC Help Swedish 2008.0422.2138.36895
CCC Help Thai 2008.0422.2138.36895
CCC Help Turkish 2008.0422.2138.36895
CCleaner (remove only)
Camera Assistant Software for Toshiba 1.7.231.1126L
Catalyst Control Center - Branding 1.00.0000
Catalyst Control Center Core Implementation 2008.0422.2139.36895
Catalyst Control Center Graphics Full Existing 2008.0422.2139.36895
Catalyst Control Center Graphics Full New 2008.0422.2139.36895
Catalyst Control Center Graphics Light 2008.0422.2139.36895
Catalyst Control Center Graphics Previews Vista 2008.0422.2139.36895
Catalyst Control Center Localization Chinese Standard 2008.0422.2139.36895
Catalyst Control Center Localization Chinese Traditional 2008.0422.2139.36895
Catalyst Control Center Localization Czech 2008.0422.2139.36895
Catalyst Control Center Localization Danish 2008.0422.2139.36895
Catalyst Control Center Localization Dutch 2008.0422.2139.36895
Catalyst Control Center Localization Finnish 2008.0422.2139.36895
Catalyst Control Center Localization French 2008.0422.2139.36895
Catalyst Control Center Localization German 2008.0422.2139.36895
Catalyst Control Center Localization Greek 2008.0422.2139.36895
Catalyst Control Center Localization Hungarian 2008.0422.2139.36895
Catalyst Control Center Localization Italian 2008.0422.2139.36895
Catalyst Control Center Localization Japanese 2008.0422.2139.36895
Catalyst Control Center Localization Korean 2008.0422.2139.36895
Catalyst Control Center Localization Norwegian 2008.0422.2139.36895
Catalyst Control Center Localization Polish 2008.0422.2139.36895
Catalyst Control Center Localization Portuguese 2008.0422.2139.36895
Catalyst Control Center Localization Russian 2008.0422.2139.36895
Catalyst Control Center Localization Spanish 2008.0422.2139.36895
Catalyst Control Center Localization Swedish 2008.0422.2139.36895
Catalyst Control Center Localization Thai 2008.0422.2139.36895
Catalyst Control Center Localization Turkish 2008.0422.2139.36895
Codeur Windows Media Série 9 9.00.3369
Codeur Windows Media Série 9
Copy 82.0.188.000
CustomerResearchQFolder 1.00.0000
DeepBurner v1.9.0.228
Destinations 82.0.173.000
DeviceManagementQFolder 1.00.0000
DocProc 8.1.0.0
DocProcQFolder 1.00.0000
Fax 82.0.188.000
Galerie de photos Windows Live 14.0.8081.709
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer 1.0.0
Google Update Helper 1.2.183.29
HDAUDIO Soft Data Fax Modem with SmartCP 7.80.2.0
HP Customer Participation Program 8.0 8.0
HP Imaging Device Functions 8.0 8.0
HP OCR Software 8.0 8.0
HP Photosmart.All-In-One Driver Software 8.0 .A 8.0
HP Solution Center 8.0 8.0
HP Update 4.000.005.006
HPProductAssistant 82.0.173.000
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) 1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) 1
Installation Windows Live 14.0.8089.726
Installation Windows Live 14.0.8089.0726
Java(TM) 6 Update 17 6.0.170
Java(TM) 6 Update 3 1.6.0.30
Java(TM) 6 Update 7 1.6.0.70
Junk Mail filter update 14.0.8089.726
K-Lite Codec Pack 5.8.0 (Full) 5.8.0
Kit Internet Mobile Bouygues Telecom 1.0.0.1
List_Kill'em
MSVCRT 14.0.1468.721
MSXML 4.0 SP2 (KB941833) 4.20.9849.0
MSXML 4.0 SP2 (KB954430) 4.20.9870.0
MSXML 4.0 SP2 (KB973688) 4.20.9876.0
Manuels TOSHIBA 7.40
MarketResearch 82.0.174.000
Microsoft .NET Framework 3.5 Language Pack SP1 - fra 3.5.30729
Microsoft .NET Framework 3.5 SP1 3.5.30729
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting 12.0.6012.5000
Microsoft Choice Guard 2.0.48.0
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (French) 2007 12.0.6425.1000
Microsoft Office Excel MUI (French) 2007 12.0.6425.1000
Microsoft Office InfoPath MUI (French) 2007 12.0.6425.1000
Microsoft Office Live Add-in 1.3 2.0.2313.0
Microsoft Office Outlook Connector 12.0.6423.1000
Microsoft Office Outlook MUI (French) 2007 12.0.6425.1000
Microsoft Office PowerPoint MUI (French) 2007 12.0.6425.1000
Microsoft Office PowerPoint Viewer 2007 (French) 12.0.6425.1000
Microsoft Office Professional Plus 2007 12.0.6425.1000
Microsoft Office Professional Plus 2007 12.0.6425.1000
Microsoft Office Proof (Arabic) 2007 12.0.6425.1000
Microsoft Office Proof (Dutch) 2007 12.0.6425.1000
Microsoft Office Proof (English) 2007 12.0.6425.1000
Microsoft Office Proof (French) 2007 12.0.6425.1000
Microsoft Office Proof (German) 2007 12.0.6425.1000
Microsoft Office Proof (Spanish) 2007 12.0.6425.1000
Microsoft Office Proofing (French) 2007 12.0.4518.1014
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (French) 2007 12.0.6425.1000
Microsoft Office Shared MUI (French) 2007 12.0.6425.1000
Microsoft Office Word MUI (French) 2007 12.0.6425.1000
Microsoft SQL Server 2005 Compact Edition [ENU] 3.1.0000
Microsoft Search Enhancement Pack 1.3.59.0
Microsoft Silverlight 4.0.50917.0
Microsoft Sync Framework Runtime Native v1.0 (x86) 1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86) 1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable 8.0.56336
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 9.0.30729
Microsoft Works 9.7.0621
Microsoft XML Parser 8.20.8730.4
Module de compatibilité pour Microsoft Office System 2007 12.0.6425.1000
Module linguistique Microsoft .NET Framework 3.5 SP1- fra
Mozilla Firefox (3.6.10) 3.6.10 (fr)
NetWaiting 2.5.52
OGA Notifier 2.0.0048.0 2.0.0048.0
Outil de téléchargement Windows Live 14.0.8014.1029
QuickTime 7.62.14.0
RealPlayer
Realtek 8169 8168 8101E 8102E Ethernet Driver 1.00.0000
Realtek High Definition Audio Driver 6.0.1.5599
Realtek USB 2.0 Card Reader
Réducteur de bruit du lecteur de CD/DVD 2.02.03
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer 1.00.0000
Samsung Samples Installer 1.00.0000
Scan 8.1.0.0
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) 1
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Skins 2008.0422.2139.36895
Skype Toolbars 1.0.4051
Skype? 4.1 4.1.179
SolutionCenter 82.0.188.000
Spybot - Search & Destroy 1.6.2
Status 82.0.173.000
Synaptics Pointing Device Driver 11.2.4.0
TOSHIBA Assist 2.01.04
TOSHIBA ConfigFree 7.2.13
TOSHIBA DVD PLAYER 1.30.12
TOSHIBA Disc Creator 2.0.1.3
TOSHIBA Extended Tiles for Windows Mobility Center 1.01.00
TOSHIBA Extended Tiles for Windows Mobility Center 1.01.00
TOSHIBA Face Recognition 2.0.17.32
TOSHIBA Face Recognition 2.0.17.32
TOSHIBA Hardware Setup 2.00.08
TOSHIBA Recovery Disc Creator 2.0.0.1b
TOSHIBA Supervisor Password 2.00.04
TOSHIBA Value Added Package 1.1.19
TOSHIBA Value Added Package 1.1.19
TRDCReminder 1.00.0015
TRDCReminder 1.00.0015
TRORDCLauncher 1.0.0.1
TRORDCLauncher 1.0.0.1
Toolbox 82.0.173.000
Toshiba Online Product Information 1.00.0012
Toshiba TEMPRO 1.2
TrayApp 82.0.188.000
UnloadSupport 1.00.0000
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) 1
Update for Outlook 2007 Junk Email Filter (kb2291599)
UsbFix By El Desaparecido & C_XX
VLC media player 1.0.3 1.0.3
Veoh Web Player 1.1.6.1160
Visual C++ 2008 x86 Runtime - (v9.0.30729) 9.0.30729
Visual C++ 2008 x86 Runtime - v9.0.30729.01 9.0.30729.01
WebReg 82.0.173.000
Windows Live Call 14.0.8064.0206
Windows Live Communications Platform 14.0.8064.206
Windows Live FolderShare 14.0.8089.726
Windows Live Mail 14.0.8089.0726
Windows Live Messenger 14.0.8089.0726
Windows Live Movie Maker 14.0.8091.0730
Windows Live Toolbar 14.0.8064.206
Windows Live Writer 14.0.8089.0726
Windows Media Player Firefox Plugin 1.0.0.8
ZHPDiag 1.26 1.26
c5100_Help 82.0.233.000
ccc-core-static 2008.0422.2139.36895
ccc-utility 2008.0422.2139.36895
eSupportQFolder 1.00.0000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
cval = 1 (0x1)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
End of scan : 1:31:21,23
fleurcoi
Messages postés
179
Date d'inscription
mercredi 13 février 2008
Statut
Membre
Dernière intervention
26 août 2013
9 oct. 2010 à 01:33
9 oct. 2010 à 01:33
et voici le dernier....
¤¤¤¤¤¤¤¤¤¤ More informations ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤ DLLs ¤¤¤¤¤¤¤¤¤¤
------------------------------------------------------------------------------
explorer.exe pid: 3860
Command line: Explorer.exe
Base Size Version Path
0x00d20000 0x2cd000 6.00.6002.18005 C:\Windows\Explorer.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75c00000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x76850000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x6df80000 0x108000 6.00.6002.18005 C:\Windows\system32\SHDOCVW.dll
0x74950000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll
0x74f00000 0x1a000 6.00.6002.18005 C:\Windows\system32\POWRPROF.dll
0x6def0000 0xc000 6.00.6001.18000 C:\Windows\system32\dwmapi.dll
0x73910000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x754e0000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x737d0000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x6dbd0000 0x146000 6.00.6002.18005 C:\Windows\system32\BROWSEUI.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.dll
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x74920000 0x30000 6.00.6001.18000 C:\Windows\system32\DUser.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74ac0000 0x19e000 6.10.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
0x720f0000 0xb3000 6.00.6002.18005 C:\Windows\system32\WindowsCodecs.dll
0x75a30000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x6f3e0000 0x1f000 5.02.3790.1830 C:\Windows\system32\EhStorShell.dll
0x74ee0000 0x6000 6.00.6000.16386 C:\Windows\system32\IconCodecService.dll
0x75a90000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x6d6d0000 0xb2000 6.00.6002.18005 C:\Windows\system32\timedate.cpl
0x74a00000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x758d0000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x73ad0000 0x39000 4.02.5406.0000 C:\Windows\system32\OLEACC.dll
0x704b0000 0x53000 6.00.6001.18000 C:\Windows\System32\actxprxy.dll
0x75ab0000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x75060000 0xd7000 6.00.6000.16386 C:\Windows\system32\WINBRAND.dll
0x6ee20000 0x16000 6.00.6001.18000 C:\Windows\System32\shacct.dll
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\System32\SAMLIB.dll
0x6eb20000 0x3c000 7.00.6002.18005 C:\Windows\System32\msshsq.dll
0x6f420000 0xc7000 6.00.6002.18005 C:\Windows\System32\NaturalLanguage6.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x6b5a0000 0x28c000 6.00.6001.18000 C:\Windows\System32\NLSData000c.dll
0x69690000 0x5f4000 6.00.6000.16386 C:\Windows\System32\NLSLexicons000c.dll
0x6bc00000 0x1e8000 6.00.6002.18005 C:\Windows\system32\authui.dll
0x74e80000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x6df20000 0x7000 4.00.6000.16386 C:\Windows\system32\msiltcfg.dll
0x74e90000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x6d790000 0x227000 4.05.6002.18005 C:\Windows\system32\msi.dll
0x6f870000 0x9000 6.00.6000.16386 C:\Windows\system32\LINKINFO.dll
0x6afc0000 0x5d1000 7.00.6002.18278 C:\Windows\system32\ieframe.dll
0x75f60000 0x45000 7.00.6002.18005 C:\Windows\system32\iertutil.dll
0x76090000 0x12a000 7.00.6002.18278 C:\Windows\system32\urlmon.dll
0x74550000 0x4a000 6.00.6001.18000 C:\Windows\system32\ntshrui.dll
0x74790000 0xb000 6.00.6002.18005 C:\Windows\system32\cscapi.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76770000 0xd1000 7.00.6002.18278 C:\Windows\system32\WININET.dll
0x774c0000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x745a0000 0x9000 6.00.6002.18005 C:\Windows\system32\ExplorerFrame.dll
0x6e510000 0x92000 6.00.6002.18005 C:\Windows\system32\stobject.dll
0x6c850000 0xb6000 6.00.6000.16386 C:\Windows\system32\BatMeter.dll
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x74c60000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll
0x75a60000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x74c80000 0x2d000 6.00.6002.18169 C:\Windows\system32\WINTRUST.dll
0x76280000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x721b0000 0x46000 2001.12.6932.18005 C:\Windows\system32\es.dll
0x6e760000 0x30000 6.00.6000.16386 C:\Windows\System32\SndVolSSO.dll
0x737a0000 0x28000 6.00.6002.18005 C:\Windows\System32\MMDevApi.dll
0x71d30000 0x21000 6.00.6002.18005 C:\Windows\system32\AUDIOSES.DLL
0x71cc0000 0x66000 6.00.6001.18000 C:\Windows\system32\audioeng.dll
0x74530000 0x7000 6.00.6001.18000 C:\Windows\system32\AVRT.dll
0x69e80000 0x30b000 6.00.6002.18005 C:\Windows\System32\netshell.dll
0x75470000 0x19000 6.00.6002.18005 C:\Windows\System32\IPHLPAPI.DLL
0x75430000 0x35000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc.DLL
0x756c0000 0x2c000 6.00.6002.18005 C:\Windows\System32\DNSAPI.dll
0x75420000 0x7000 6.00.6001.18000 C:\Windows\System32\WINNSI.DLL
0x753f0000 0x22000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc6.DLL
0x74a20000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll
0x6ba40000 0x1bf000 6.00.6002.18005 C:\Windows\system32\pnidui.dll
0x6c3f0000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll
0x75490000 0x40000 6.00.6002.18005 C:\Windows\system32\wevtapi.dll
0x72030000 0x6000 6.00.6000.16386 C:\Windows\system32\wlanutil.dll
0x6f390000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x6f400000 0x12000 6.00.6002.18064 C:\Windows\system32\Wlanapi.dll
0x71dc0000 0x17c000 6.00.6002.18005 C:\Windows\system32\OneX.DLL
0x73770000 0xe000 6.00.6001.18000 C:\Windows\system32\eappprxy.dll
0x72040000 0x24000 6.00.6002.18005 C:\Windows\system32\eappcfg.dll
0x75350000 0x45000 6.00.6002.18005 C:\Windows\system32\bcrypt.dll
0x6f2c0000 0xd000 6.00.6000.16386 C:\Windows\System32\AltTab.dll
0x6e730000 0x23000 6.00.6001.18000 C:\Windows\system32\wpdshserviceobj.dll
0x705a0000 0x60000 6.00.6002.18096 C:\Windows\system32\WINHTTP.dll
0x747a0000 0xb000 7.00.6002.18005 C:\Windows\system32\mssprxy.dll
0x6e5b0000 0x2b000 6.00.6002.18005 C:\Windows\system32\PortableDeviceTypes.dll
0x6f270000 0x3e000 6.00.6002.18005 C:\Windows\system32\PortableDeviceApi.dll
0x6d680000 0x4d000 7.00.6002.18005 C:\Windows\System32\srchadmin.dll
0x6de70000 0x3c000 7.00.6002.18005 C:\Windows\system32\webcheck.dll
0x6a290000 0x21c000 6.00.6002.18005 C:\Windows\System32\SyncCenter.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x6e810000 0x39000 6.00.6002.18005 C:\Windows\system32\wscntfy.dll
0x6f3a0000 0xb000 6.00.6002.18005 C:\Windows\system32\WSCAPI.dll
0x6e5e0000 0x2e000 6.00.6001.18000 C:\Windows\System32\QAgent.dll
0x70700000 0x96000 6.00.6002.18005 C:\Windows\System32\fwpuclnt.dll
0x6aa20000 0xa3000 6.00.6002.18005 C:\Windows\system32\bthprops.cpl
0x716d0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x75620000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x07900000 0x1d6000 1.06.0002.0014 C:\PROGRA~1\SPYBOT~1\SDHelper.dll
0x766f0000 0x73000 6.00.6002.18005 C:\Windows\system32\comdlg32.dll
0x6fe90000 0x7000 6.00.6001.18000 C:\Windows\system32\wsock32.dll
0x700a0000 0x42000 6.00.6002.18005 C:\Windows\system32\winspool.drv
0x6ea40000 0xd9000 6.00.6002.18005 C:\Windows\system32\wer.dll
0x6fb80000 0x6000 6.00.6000.16386 C:\Windows\system32\SensApi.dll
0x6c370000 0x28000 6.00.6002.18005 C:\Windows\system32\faultrep.dll
0x6c4b0000 0x18000 6.00.6002.18005 C:\Windows\system32\olepro32.dll
0x6df10000 0xa000 7.00.6002.18005 C:\Windows\system32\jsproxy.dll
0x6d5c0000 0x30000 6.00.6001.18000 C:\Windows\system32\MLANG.dll
0x73b10000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x6b870000 0x2f000 6.00.6002.18005 C:\Windows\system32\wdmaud.drv
0x71d60000 0x4000 6.00.6000.16386 C:\Windows\system32\ksuser.dll
0x6e880000 0x9000 6.00.6002.18005 C:\Windows\system32\msacm32.drv
0x71c90000 0x14000 6.00.6001.18000 C:\Windows\system32\MSACM32.dll
0x6db80000 0x7000 6.00.6002.18005 C:\Windows\system32\midimap.dll
0x03440000 0x2e000 3.80.0000.0000 C:\Program Files\WinRAR\rarext.dll
0x03d30000 0x4c000 9.00.0000.0004 C:\Program Files\Avira\AntiVir Desktop\shlext.dll
0x6d650000 0x2e000 6.00.6001.18000 C:\Windows\system32\syncui.dll
0x6d600000 0x16000 6.00.6001.18000 C:\Windows\system32\SYNCENG.dll
0x6edd0000 0x6000 6.00.6002.18051 C:\Windows\system32\dciman32.dll
0x69270000 0x20c000 6.00.6002.18005 C:\Windows\system32\FunctionDiscoveryFolder.dll
0x73b90000 0x4a000 6.00.6002.18005 C:\Windows\system32\RASAPI32.dll
0x74e50000 0x14000 6.00.6001.18000 C:\Windows\system32\rasman.dll
0x73b50000 0x31000 6.00.6000.16386 C:\Windows\system32\TAPI32.dll
0x74c70000 0xc000 6.00.6002.18274 C:\Windows\system32\rtutils.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x751e0000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x756f0000 0x11000 6.00.6001.18000 C:\Windows\system32\cryptdll.dll
0x6d630000 0x20000 6.00.6002.18005 C:\Windows\System32\EhStorAPI.dll
No matching processes were found.
------------------------------------------------------------------------------
firefox.exe pid: 2876
Command line: "C:\Program Files\Mozilla Firefox\firefox.exe"
Base Size Version Path
0x00a90000 0xe0000 1.09.0002.3909 C:\Program Files\Mozilla Firefox\firefox.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x66e90000 0xb3b000 1.09.0002.3909 C:\Program Files\Mozilla Firefox\xul.dll
0x6c040000 0x75000 3.06.0022.0000 C:\Program Files\Mozilla Firefox\sqlite3.dll
0x6bef0000 0xb0000 8.00.0000.0000 C:\Program Files\Mozilla Firefox\MOZCRT19.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x6a6a0000 0xfb000 C:\Program Files\Mozilla Firefox\js3250.dll
0x6c470000 0x31000 4.08.0006.0000 C:\Program Files\Mozilla Firefox\nspr4.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x6fe90000 0x7000 6.00.6001.18000 C:\Windows\system32\WSOCK32.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x73b10000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x73ad0000 0x39000 4.02.5406.0000 C:\Windows\system32\OLEACC.dll
0x6f590000 0x18000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\smime3.dll
0x6be50000 0x9d000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\nss3.dll
0x74730000 0x14000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\nssutil3.dll
0x74720000 0x7000 4.08.0006.0000 C:\Program Files\Mozilla Firefox\plc4.dll
0x748c0000 0x7000 4.08.0006.0000 C:\Program Files\Mozilla Firefox\plds4.dll
0x6e700000 0x21000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\ssl3.dll
0x76850000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x75c00000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x74e90000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x700a0000 0x42000 6.00.6002.18005 C:\Windows\system32\WINSPOOL.DRV
0x766f0000 0x73000 6.00.6002.18005 C:\Windows\system32\COMDLG32.dll
0x74ac0000 0x19e000 6.10.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\COMCTL32.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.dll
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x74e80000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x6b990000 0xaf000 8.00.0000.0000 C:\Program Files\Mozilla Firefox\MOZCPP19.dll
0x6edc0000 0x7000 1.09.0002.3909 C:\Program Files\Mozilla Firefox\xpcom.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x74950000 0x3f000 6.00.6001.18000 C:\Windows\system32\uxtheme.dll
0x6def0000 0xc000 6.00.6001.18000 C:\Windows\system32\dwmapi.dll
0x6fc50000 0xdc000 6.00.6001.18000 C:\Windows\system32\dbghelp.dll
0x75ab0000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x75a90000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x737d0000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x6edb0000 0x8000 1.09.0002.3909 C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
0x75220000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x74e70000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75470000 0x19000 6.00.6002.18005 C:\Windows\system32\iphlpapi.dll
0x75430000 0x35000 6.00.6002.18005 C:\Windows\system32\dhcpcsvc.DLL
0x756c0000 0x2c000 6.00.6002.18005 C:\Windows\system32\DNSAPI.dll
0x75420000 0x7000 6.00.6001.18000 C:\Windows\system32\WINNSI.DLL
0x753f0000 0x22000 6.00.6002.18005 C:\Windows\system32\dhcpcsvc6.DLL
0x6e850000 0x2b000 6.00.6002.18124 C:\Windows\system32\t2embed.dll
0x6d040000 0x24000 1.09.0002.3909 C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
0x74a20000 0xf000 6.00.6001.18000 C:\Windows\system32\NLAapi.dll
0x6fb20000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6f8b0000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x6fb10000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x720f0000 0xb3000 6.00.6002.18005 C:\Windows\system32\WindowsCodecs.dll
0x75a30000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x6f3e0000 0x1f000 5.02.3790.1830 C:\Windows\system32\EhStorShell.dll
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x10000000 0x9d000 4.02.0000.5016 C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
0x76770000 0xd1000 7.00.6002.18278 C:\Windows\system32\WININET.dll
0x774c0000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x75f60000 0x45000 7.00.6002.18005 C:\Windows\system32\iertutil.dll
0x05980000 0x3c2000 4.02.0000.5004 C:\Program Files\Skype\Toolbars\Shared\SkypePnr.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x6b920000 0x62000 6.00.6002.18005 C:\Windows\system32\mscms.dll
0x75280000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x6fb40000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6c440000 0x26000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\softokn3.dll
0x6d550000 0x18000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\nssdbm3.dll
0x6c2d0000 0x41000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\freebl3.dll
0x6b8d0000 0x50000 1.79.0000.0000 C:\Program Files\Mozilla Firefox\nssckbi.dll
0x600a0000 0x1b000 1.00.0001.0525 C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
0x73910000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Windows\system32\MSVCP71.dll
0x7c340000 0x56000 7.10.3052.0004 C:\Windows\system32\MSVCR71.dll
0x60050000 0x49000 1.00.0001.0525 C:\Program Files\Real\RealPlayer\browserrecord\rpmainbrowserrecordplugin.dll
0x6df80000 0x108000 6.00.6002.18005 C:\Windows\system32\shdocvw.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
No matching processes were found.
No matching processes were found.
No matching processes were found.
------------------------------------------------------------------------------
csrss.exe pid: 496
Command line: C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
Base Size Version Path
0x49f30000 0x5000 6.00.6001.18000 C:\Windows\system32\csrss.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75b50000 0xf000 6.00.6001.18000 C:\Windows\system32\CSRSRV.dll
0x75b30000 0x13000 6.00.6001.18000 C:\Windows\system32\basesrv.dll
0x75ad0000 0x60000 6.00.6002.18005 C:\Windows\system32\winsrv.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\KERNEL32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\system32\sxs.dll
------------------------------------------------------------------------------
csrss.exe pid: 568
Command line: C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
Base Size Version Path
0x49f30000 0x5000 6.00.6001.18000 C:\Windows\system32\csrss.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75b50000 0xf000 6.00.6001.18000 C:\Windows\system32\CSRSRV.dll
0x75b30000 0x13000 6.00.6001.18000 C:\Windows\system32\basesrv.dll
0x75ad0000 0x60000 6.00.6002.18005 C:\Windows\system32\winsrv.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\KERNEL32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\system32\sxs.dll
------------------------------------------------------------------------------
smss.exe pid: 420
Command line: \SystemRoot\System32\smss.exe
Base Size Version Path
0x478a0000 0x12000 \SystemRoot\System32\smss.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
------------------------------------------------------------------------------
winlogon.exe pid: 616
Command line: winlogon.exe
Base Size Version Path
0x002d0000 0x50000 6.00.6002.18005 C:\Windows\system32\winlogon.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75a90000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x75a60000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75ab0000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75a30000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x73500000 0x3e000 6.00.6002.18005 C:\Windows\system32\SHSVCS.dll
0x74950000 0x3f000 6.00.6001.18000 C:\Windows\system32\uxtheme.dll
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x720f0000 0xb3000 6.00.6002.18005 C:\Windows\system32\WindowsCodecs.dll
0x758d0000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x754e0000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x75620000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
------------------------------------------------------------------------------
svchost.exe pid: 836
Command line: C:\Windows\system32\svchost.exe -k DcomLaunch
Base Size Version Path
0x00e00000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x74ea0000 0x39000 6.00.6002.18005 c:\windows\system32\umpnpmgr.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x75ab0000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x75a90000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74f00000 0x1a000 6.00.6002.18005 C:\Windows\system32\POWRPROF.dll
0x74f80000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x754e0000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x74a30000 0x8a000 6.00.6002.18005 c:\windows\system32\rpcss.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x74cb0000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x74e90000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x758d0000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x716d0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x75a60000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x75a30000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x74c60000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll
------------------------------------------------------------------------------
svchost.exe pid: 936
Command line: C:\Windows\system32\svchost.exe -k rpcss
Base Size Version Path
0x00e00000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x74a30000 0x8a000 6.00.6002.18005 c:\windows\system32\rpcss.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75a90000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x74cb0000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x74e90000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x75ab0000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x758d0000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x75220000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x74e70000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75280000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x70700000 0x96000 6.00.6002.18005 C:\Windows\system32\fwpuclnt.dll
0x74a20000 0xf000 6.00.6001.18000 C:\Windows\system32\NLAapi.dll
0x75470000 0x19000 6.00.6002.18005 C:\Windows\system32\IPHLPAPI.DLL
0x75430000 0x35000 6.00.6002.18005 C:\Windows\system32\dhcpcsvc.DLL
0x756c0000 0x2c000 6.00.6002.18005 C:\Windows\system32\DNSAPI.dll
0x75420000 0x7000 6.00.6001.18000 C:\Windows\system32\WINNSI.DLL
0x753f0000 0x22000 6.00.6002.18005 C:\Windows\system32\dhcpcsvc6.DLL
0x6fb20000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6f8b0000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x6fb10000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x6fb40000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
------------------------------------------------------------------------------
svchost.exe pid: 1116
Command line: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Base Size Version Path
0x00e00000 0x8000 6.00.6001.18000 C:\Windows\System32\svchost.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x735d0000 0xfc000 6.00.6002.18005 c:\windows\system32\wevtsvc.dll
0x75ab0000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x75a90000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x74e90000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x74f80000 0x15000 6.00.6002.18005 c:\windows\system32\GPAPI.dll
0x754e0000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\System32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x758d0000 0x76000 6.00.6002.18005 C:\Windows\System32\NETAPI32.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75220000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x74e70000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75280000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x73710000 0x51000 6.00.6002.18005 c:\windows\system32\audiosrv.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x737a0000 0x28000 6.00.6002.18005 c:\windows\system32\MMDevAPI.DLL
0x75c00000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x74c60000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x75a60000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74ac0000 0x19e000 6.10.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x74c80000 0x2d000 6.00.6002.18169 C:\Windows\System32\WINTRUST.dll
0x76280000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x738e0000 0x8000 6.00.6000.16386 c:\windows\system32\lmhsvc.dll
0x75470000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x75430000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x756c0000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x75420000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x753f0000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\System32\rsaenh.dll
0x71d30000 0x21000 6.00.6002.18005 C:\Windows\System32\audioses.dll
0x71cc0000 0x66000 6.00.6001.18000 C:\Windows\System32\audioeng.dll
0x74530000 0x7000 6.00.6001.18000 C:\Windows\System32\AVRT.dll
0x6f2d0000 0x12000 6.00.6002.18005 c:\windows\system32\wscsvc.dll
0x74cb0000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x6fc50000 0xdc000 6.00.6001.18000 c:\windows\system32\dbghelp.dll
0x6f850000 0xb000 6.00.6002.18005 C:\Windows\system32\wbem\wbemprox.dll
0x6f770000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6f2b0000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6e8e0000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\fastprox.dll
0x75660000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x753a0000 0x35000 6.00.6002.18005 C:\Windows\System32\ncrypt.dll
0x75350000 0x45000 6.00.6002.18005 C:\Windows\System32\BCRYPT.dll
0x6e670000 0x8e000 7.04.7600.0226 C:\Windows\system32\wuapi.dll
0x716d0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
------------------------------------------------------------------------------
svchost.exe pid: 1144
Command line: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Base Size Version Path
0x00e00000 0x8000 6.00.6001.18000 C:\Windows\System32\svchost.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\System32\NTMARTA.DLL
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\System32\SAMLIB.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x73710000 0x51000 6.00.6002.18005 c:\windows\system32\audiosrv.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x737a0000 0x28000 6.00.6002.18005 c:\windows\system32\MMDevAPI.DLL
0x75c00000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x74c60000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x75a60000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74ac0000 0x19e000 6.10.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x74c80000 0x2d000 6.00.6002.18169 C:\Windows\System32\WINTRUST.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x75ab0000 0x1e000 6.00.6002.18005 C:\Windows\System32\USERENV.dll
0x75a90000 0x14000 6.00.6002.18051 C:\Windows\System32\Secur32.dll
0x76280000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x749a0000 0xb000 6.00.6002.18005 c:\windows\system32\uxsms.dll
0x736f0000 0x13000 6.00.6000.16386 c:\windows\system32\tabsvc.dll
0x749f0000 0x9000 6.00.6000.16386 c:\windows\system32\HID.DLL
0x754e0000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x73ac0000 0x10000 6.00.6001.18000 c:\windows\system32\wudfsvc.dll
0x734d0000 0x30000 6.00.6001.18000 c:\windows\system32\WUDFPlatform.dll
0x74e90000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x75490000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x71fa0000 0x82000 6.00.6002.18064 c:\windows\system32\wlansvc.dll
0x758d0000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x76850000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x72070000 0x4c000 6.00.6002.18064 c:\windows\system32\WLANMSM.DLL
0x71f40000 0x52000 6.00.6002.18064 c:\windows\system32\WLANSEC.dll
0x71dc0000 0x17c000 6.00.6002.18005 c:\windows\system32\OneX.DLL
0x73770000 0xe000 6.00.6001.18000 c:\windows\system32\eappprxy.dll
0x72040000 0x24000 6.00.6002.18005 c:\windows\system32\eappcfg.dll
0x73910000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x74920000 0x30000 6.00.6001.18000 c:\windows\system32\DUser.dll
0x74950000 0x3f000 6.00.6001.18000 c:\windows\system32\UxTheme.dll
0x73ad0000 0x39000 4.02.5406.0000 c:\windows\system32\OLEACC.dll
0x75950000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x75430000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x756c0000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x75420000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x71da0000 0x18000 6.00.6002.18005 c:\windows\system32\wlgpclnt.dll
0x734a0000 0x10000 6.00.6001.18000 c:\windows\system32\l2gpstore.dll
0x72030000 0x6000 6.00.6000.16386 c:\windows\system32\wlanutil.dll
0x754d0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x738f0000 0x1f000 6.00.6002.18005 c:\windows\system32\WinSCard.dll
0x75470000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x753f0000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75350000 0x45000 6.00.6002.18005 c:\windows\system32\bcrypt.dll
0x719c0000 0x15b000 6.20.5002.0000 C:\Windows\System32\msxml6.dll
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\System32\rsaenh.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\System32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x752b0000 0x7e000 6.00.6002.18051 C:\Windows\system32\kerberos.dll
0x756f0000 0x11000 6.00.6001.18000 C:\Windows\System32\cryptdll.dll
0x75a30000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x708c0000 0x60000 6.00.6001.18000 C:\Windows\system32\netcfgx.dll
0x716d0000 0x15000 6.00.6001.18000 C:\Windows\System32\Cabinet.dll
0x6fdc0000 0x8d000 6.00.6002.18005 c:\windows\system32\emdmgmt.dll
0x6fea0000 0x39000 6.00.6002.18005 c:\windows\system32\WDSCORE.dll
0x6fe50000 0xd000 6.00.6001.18000 c:\windows\system32\pcasvc.dll
0x6f6b0000 0x8a000 6.00.6002.18005 c:\windows\system32\sysmain.dll
0x6f630000 0x15000 6.00.6001.18000 c:\windows\system32\trkwks.dll
0x6f610000 0x15000 6.00.6001.18000 c:\windows\system32\wpdbusenum.dll
0x74f80000 0x15000 6.00.6002.18005 C:\Windows\System32\GPAPI.dll
0x6f270000 0x3e000 6.00.6002.18005 C:\Windows\system32\PortableDeviceApi.dll
0x734b0000 0xf000 6.00.6001.18000 C:\Windows\system32\umb.dll
0x74a00000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x70060000 0x15000 6.00.6001.18000 c:\windows\system32\wdi.dll
0x6df40000 0xa000 6.00.6001.18000 C:\Windows\system32\pcadm.dll
0x6bfa0000 0x46000 6.00.6001.18000 c:\windows\system32\netman.dll
0x73b90000 0x4a000 6.00.6002.18005 c:\windows\system32\RASAPI32.dll
0x74e50000 0x14000 6.00.6001.18000 c:\windows\system32\rasman.dll
0x73b50000 0x31000 6.00.6000.16386 c:\windows\system32\TAPI32.dll
0x74c70000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x73b10000 0x32000 6.00.6002.18005 c:\windows\system32\WINMM.dll
0x69e80000 0x30b000 6.00.6002.18005 C:\Windows\System32\netshell.dll
0x74a20000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll
0x700f0000 0xce000 6.00.6002.18005 C:\Windows\System32\RASDLG.dll
0x703b0000 0x1a000 6.00.6002.18005 C:\Windows\System32\MPRAPI.dll
0x70470000 0x35000 6.00.6001.18000 C:\Windows\System32\ACTIVEDS.dll
0x70430000 0x33000 6.00.6002.18005 C:\Windows\System32\adsldpc.dll
0x70510000 0x2e000 6.00.6002.18005 C:\Windows\System32\credui.dll
0x6aad0000 0x4a000 6.00.6001.18000 C:\Windows\System32\hnetcfg.dll
0x705a0000 0x60000 6.00.6002.18096 C:\Windows\System32\WINHTTP.dll
0x75220000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x74e70000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x6deb0000 0x33000 6.00.6001.18000 C:\Windows\system32\upnp.dll
0x6fb70000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\System32\SXS.DLL
0x6f850000 0xb000 6.00.6002.18005 C:\Windows\system32\wbem\wbemprox.dll
0x6f770000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6f2b0000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6e8e0000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\fastprox.dll
0x75660000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x751e0000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x6ea40000 0xd9000 6.00.6002.18005 C:\Windows\System32\wer.dll
0x6fb80000 0x6000 6.00.6000.16386 C:\Windows\System32\SensApi.dll
0x745d0000 0x15000 6.00.6000.16386 C:\Windows\system32\radardt.dll
------------------------------------------------------------------------------
svchost.exe pid: 1160
Command line: C:\Windows\system32\svchost.exe -k netsvcs
Base Size Version Path
0x00e00000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x73780000 0x11000 6.00.6001.18000 c:\windows\system32\mmcss.dll
0x74530000 0x7000 6.00.6001.18000 c:\windows\system32\AVRT.dll
0x73540000 0x8f000 6.00.6002.18005 c:\windows\system32\gpsvc.dll
0x75a90000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x758d0000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x75660000 0x18000 6.00.6001.18000 c:\windows\system32\NTDSAPI.dll
0x756c0000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x74c60000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x75ab0000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x74f80000 0x15000 6.00.6002.18005 c:\windows\system32\GPAPI.dll
0x754e0000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x75950000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x754d0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x75a60000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74a20000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x75470000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x75430000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75420000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x753f0000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x749c0000 0x29000 6.00.6002.18005 c:\windows\system32\profsvc.dll
0x74a00000 0x14000 3.05.2284.0002 c:\windows\system32\ATL.DLL
0x73500000 0x3e000 6.00.6002.18005 c:\windows\system32\shsvcs.dll
0x749b0000 0xe000 6.00.6001.18000 c:\windows\system32\sens.dll
0x74950000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x734c0000 0x10000 6.00.6001.18000 c:\windows\system32\eapsvc.dll
0x720c0000 0x30000 6.00.6002.18005 C:\Windows\system32\eapphost.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x734b0000 0xf000 6.00.6001.18000 C:\Windows\system32\umb.dll
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x74c80000 0x2d000 6.00.6002.18169 C:\Windows\system32\WINTRUST.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x76280000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x707a0000 0x85000 5.82.6001.18000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll
0x70660000 0x94000 6.00.6002.18005 c:\windows\system32\schedsvc.dll
0x75c00000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75490000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x71b20000 0x7000 6.00.6001.18000 c:\windows\system32\ktmw32.dll
0x74ac0000 0x19e000 6.10.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x70870000 0x44000 6.00.6002.18005 C:\Windows\system32\taskcomp.dll
0x74e90000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x75220000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x74e70000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75280000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x76850000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x71690000 0xb000 6.00.6001.18000 C:\Windows\system32\wiarpc.dll
0x70540000 0x21000 6.00.6002.18005 c:\windows\system32\srvsvc.dll
0x71680000 0x6000 6.00.6000.16386 C:\Windows\system32\SSCORE.DLL
0x74cb0000 0x66000 6.00.6001.18000 C:\Windows\system32\FirewallAPI.DLL
0x71650000 0x2e000 6.00.6001.18000 C:\Windows\system32\CLUSAPI.DLL
0x756f0000 0x11000 6.00.6001.18000 C:\Windows\system32\cryptdll.dll
0x70470000 0x35000 6.00.6001.18000 C:\Windows\system32\ACTIVEDS.dll
0x70430000 0x33000 6.00.6002.18005 C:\Windows\system32\adsldpc.dll
0x70510000 0x2e000 6.00.6002.18005 C:\Windows\system32\credui.dll
0x70410000 0x13000 6.00.6001.18000 C:\Windows\system32\RESUTILS.DLL
0x703f0000 0x9000 6.00.6000.16386 c:\windows\system32\aelupsvc.dll
0x75a30000 0x2c000 6.00.6002.18005 c:\windows\system32\apphelp.dll
0x6f960000 0x6f000 6.00.6002.18005 c:\windows\system32\ikeext.dll
0x70700000 0x96000 6.00.6002.18005 c:\windows\system32\fwpuclnt.dll
0x753a0000 0x35000 6.00.6002.18005 C:\Windows\system32\ncrypt.dll
0x75350000 0x45000 6.00.6002.18005 C:\Windows\system32\BCRYPT.dll
0x6fb50000 0x8000 6.00.6001.18000 c:\windows\system32\seclogon.dll
0x6f1f0000 0x2a000 6.00.6002.18005 c:\windows\system32\wbem\wmisvc.dll
0x6f770000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6f230000 0x34000 6.00.6002.18209 c:\windows\system32\iphlpsvc.dll
0x74c70000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x6f740000 0x23000 6.00.6001.18000 c:\windows\system32\sqmapi.dll
0x716d0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x705a0000 0x60000 6.00.6002.18096 C:\Windows\system32\WINHTTP.dll
0x6ff10000 0x10b000 6.00.6002.18005 C:\Windows\system32\VSSAPI.DLL
0x703d0000 0x14000 6.00.6001.18000 C:\Windows\system32\vsstrace.dll
0x73c40000 0x2f000 1.02.1009.0000 C:\Windows\system32\XmlLite.dll
0x75620000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x737d0000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x6e980000 0xb9000 6.00.6002.18005 C:\Windows\system32\wbem\wbemcore.dll
0x6ecf0000 0x43000 6.00.6002.18005 C:\Windows\system32\wbem\esscli.dll
0x6e8e0000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\FastProx.dll
0x6f2b0000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6ecd0000 0x17000 6.00.6002.18005 C:\Windows\system32\wbem\wmiutils.dll
0x6e890000 0x44000 6.00.6002.18005 C:\Windows\system32\wbem\repdrvfs.dll
0x6e790000 0x7d000 6.00.6002.18005 C:\Windows\system32\wbem\wmiprvsd.dll
0x759d0000 0xf000 6.00.6001.18000 C:\Windows\system32\NCObjAPI.DLL
0x6e610000 0x57000 6.00.6002.18005 C:\Windows\system32\wbem\wbemess.dll
0x6fb20000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6f8b0000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x6fb10000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x6ed90000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\ncprov.dll
0x6fb40000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6d9c0000 0x1bf000 7.00.6002.18005 c:\windows\system32\qmgr.dll
0x75290000 0x5000 6.00.6000.16386 c:\windows\system32\SHFOLDER.dll
0x6e090000 0x8000 7.00.6000.16386 c:\windows\system32\bitsperf.dll
0x6df30000 0xb000 7.00.6002.18005 C:\Windows\system32\bitsigd.dll
0x6deb0000 0x33000 6.00.6001.18000 C:\Windows\system32\upnp.dll
0x6fb70000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x73b90000 0x4a000 6.00.6002.18005 C:\Windows\system32\RasApi32.dll
0x74e50000 0x14000 6.00.6001.18000 C:\Windows\system32\rasman.dll
0x73b50000 0x31000 6.00.6000.16386 C:\Windows\system32\TAPI32.dll
0x73b10000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x73ad0000 0x39000 4.02.5406.0000 C:\Windows\system32\OLEACC.dll
0x6a800000 0x43000 6.00.6002.18005 c:\windows\system32\rasmans.dll
0x6c540000 0x14000 6.00.6002.18005 C:\Windows\system32\rastapi.dll
0x68eb0000 0x1d9000 7.04.7600.0226 c:\windows\system32\wuaueng.dll
0x6e390000 0x168000 6.00.6002.18005 c:\windows\system32\ESENT.dll
0x700a0000 0x42000 6.00.6002.18005 c:\windows\system32\WINSPOOL.DRV
0x6c590000 0xc000 6.00.6001.18000 c:\windows\system32\mspatcha.dll
0x6a590000 0x43000 6.00.6002.18005 C:\Windows\system32\rasppp.dll
0x703b0000 0x1a000 6.00.6002.18005 C:\Windows\system32\MPRAPI.dll
0x752b0000 0x7e000 6.00.6002.18051 C:\Windows\system32\kerberos.dll
0x6c560000 0x14000 6.00.6001.18000 C:\Windows\system32\RASQEC.DLL
0x6c3f0000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll
0x6a4f0000 0x47000 6.00.6002.18005 C:\Windows\System32\raschap.dll
0x6a4b0000 0x3e000 6.00.6002.18116 C:\Windows\System32\rastls.dll
0x69c90000 0xf0000 6.00.6002.18005 C:\Windows\system32\CRYPTUI.dll
0x74e80000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x738f0000 0x1f000 6.00.6002.18005 C:\Windows\system32\WinSCard.dll
0x751e0000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x752a0000 0x6000 6.00.6000.16386 C:\Windows\system32\WMsgAPI.dll
0x6ea40000 0xd9000 6.00.6002.18005 C:\Windows\system32\wer.dll
0x6fb80000 0x6000 6.00.6000.16386 C:\Windows\system32\SensApi.dll
0x679d0000 0x26000 6.00.6001.18000 C:\Windows\system32\dssenh.dll
0x6d790000 0x227000 4.05.6002.18005 C:\Windows\system32\msi.dll
0x63c60000 0x2e000 7.00.6001.18000 C:\Windows\system32\advpack.dll
0x6f570000 0x16000 6.00.6001.18000 c:\windows\system32\browser.dll
0x74750000 0x9000 6.00.6000.16386 C:\Windows\system32\tschannel.dll
------------------------------------------------------------------------------
svchost.exe pid: 1292
Command line: C:\Windows\system32\svchost.exe -k LocalService
Base Size Version Path
0x00e00000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x721b0000 0x46000 2001.12.6932.18005 c:\windows\system32\es.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x737d0000 0xbb000 7.00.6002.18005 c:\windows\system32\PROPSYS.dll
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x738d0000 0x8000 6.00.6001.18000 c:\windows\system32\nsisvc.dll
0x75a90000 0x14000 6.00.6002.18051 C:\Windows\system32\secur32.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x75ab0000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x758d0000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x70830000 0x34000 6.00.6002.18005 c:\windows\system32\webclnt.dll
0x705a0000 0x60000 6.00.6002.18096 c:\windows\system32\WINHTTP.dll
0x75c00000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x76090000 0x12a000 7.00.6002.18278 C:\Windows\system32\urlmon.dll
0x75f60000 0x45000 7.00.6002.18005 C:\Windows\system32\iertutil.dll
0x74ac0000 0x19e000 6.10.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
0x76850000 0xb10000 6.00.6002.18287 C:\Windows\system32\shell32.dll
0x76770000 0xd1000 7.00.6002.18278 C:\Windows\system32\WinInet.dll
0x774c0000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x70570000 0x2a000 6.00.6002.18049 c:\windows\system32\wkssvc.dll
0x75470000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x75430000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x756c0000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x75420000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x753f0000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75660000 0x18000 6.00.6001.18000 c:\windows\system32\NTDSAPI.dll
0x75060000 0xd7000 6.00.6000.16386 c:\windows\system32\WINBRAND.dll
0x70050000 0x9000 6.00.6000.16386 c:\windows\system32\fdrespub.dll
0x6fd60000 0x59000 6.00.6002.18085 c:\windows\system32\wsdapi.dll
0x703a0000 0xb000 6.00.6002.18136 c:\windows\system32\HTTPAPI.dll
0x74c80000 0x2d000 6.00.6002.18169 c:\windows\system32\WINTRUST.dll
0x76280000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x73c40000 0x2f000 1.02.1009.0000 c:\windows\system32\XmlLite.dll
0x74cb0000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x74e90000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x6fd30000 0x28000 6.00.6002.18005 C:\Windows\system32\FunDisc.dll
0x74a00000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75220000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x74e70000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75280000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x6f9d0000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x6f8d0000 0x28000 6.00.6001.18000 c:\windows\system32\ssdpsrv.dll
0x6f340000 0x43000 6.00.6001.18000 c:\windows\system32\upnphost.dll
0x6fb70000 0xc000 6.00.6000.16386 c:\windows\system32\SSDPAPI.dll
0x6f2f0000 0x48000 6.00.6002.18005 c:\windows\system32\w32time.dll
0x756f0000 0x11000 6.00.6001.18000 c:\windows\system32\cryptdll.dll
0x74f80000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x754e0000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x6ede0000 0x
¤¤¤¤¤¤¤¤¤¤ More informations ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤ DLLs ¤¤¤¤¤¤¤¤¤¤
------------------------------------------------------------------------------
explorer.exe pid: 3860
Command line: Explorer.exe
Base Size Version Path
0x00d20000 0x2cd000 6.00.6002.18005 C:\Windows\Explorer.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75c00000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x76850000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x6df80000 0x108000 6.00.6002.18005 C:\Windows\system32\SHDOCVW.dll
0x74950000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll
0x74f00000 0x1a000 6.00.6002.18005 C:\Windows\system32\POWRPROF.dll
0x6def0000 0xc000 6.00.6001.18000 C:\Windows\system32\dwmapi.dll
0x73910000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x754e0000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x737d0000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x6dbd0000 0x146000 6.00.6002.18005 C:\Windows\system32\BROWSEUI.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.dll
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x74920000 0x30000 6.00.6001.18000 C:\Windows\system32\DUser.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74ac0000 0x19e000 6.10.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
0x720f0000 0xb3000 6.00.6002.18005 C:\Windows\system32\WindowsCodecs.dll
0x75a30000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x6f3e0000 0x1f000 5.02.3790.1830 C:\Windows\system32\EhStorShell.dll
0x74ee0000 0x6000 6.00.6000.16386 C:\Windows\system32\IconCodecService.dll
0x75a90000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x6d6d0000 0xb2000 6.00.6002.18005 C:\Windows\system32\timedate.cpl
0x74a00000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x758d0000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x73ad0000 0x39000 4.02.5406.0000 C:\Windows\system32\OLEACC.dll
0x704b0000 0x53000 6.00.6001.18000 C:\Windows\System32\actxprxy.dll
0x75ab0000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x75060000 0xd7000 6.00.6000.16386 C:\Windows\system32\WINBRAND.dll
0x6ee20000 0x16000 6.00.6001.18000 C:\Windows\System32\shacct.dll
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\System32\SAMLIB.dll
0x6eb20000 0x3c000 7.00.6002.18005 C:\Windows\System32\msshsq.dll
0x6f420000 0xc7000 6.00.6002.18005 C:\Windows\System32\NaturalLanguage6.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x6b5a0000 0x28c000 6.00.6001.18000 C:\Windows\System32\NLSData000c.dll
0x69690000 0x5f4000 6.00.6000.16386 C:\Windows\System32\NLSLexicons000c.dll
0x6bc00000 0x1e8000 6.00.6002.18005 C:\Windows\system32\authui.dll
0x74e80000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x6df20000 0x7000 4.00.6000.16386 C:\Windows\system32\msiltcfg.dll
0x74e90000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x6d790000 0x227000 4.05.6002.18005 C:\Windows\system32\msi.dll
0x6f870000 0x9000 6.00.6000.16386 C:\Windows\system32\LINKINFO.dll
0x6afc0000 0x5d1000 7.00.6002.18278 C:\Windows\system32\ieframe.dll
0x75f60000 0x45000 7.00.6002.18005 C:\Windows\system32\iertutil.dll
0x76090000 0x12a000 7.00.6002.18278 C:\Windows\system32\urlmon.dll
0x74550000 0x4a000 6.00.6001.18000 C:\Windows\system32\ntshrui.dll
0x74790000 0xb000 6.00.6002.18005 C:\Windows\system32\cscapi.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76770000 0xd1000 7.00.6002.18278 C:\Windows\system32\WININET.dll
0x774c0000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x745a0000 0x9000 6.00.6002.18005 C:\Windows\system32\ExplorerFrame.dll
0x6e510000 0x92000 6.00.6002.18005 C:\Windows\system32\stobject.dll
0x6c850000 0xb6000 6.00.6000.16386 C:\Windows\system32\BatMeter.dll
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x74c60000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll
0x75a60000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x74c80000 0x2d000 6.00.6002.18169 C:\Windows\system32\WINTRUST.dll
0x76280000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x721b0000 0x46000 2001.12.6932.18005 C:\Windows\system32\es.dll
0x6e760000 0x30000 6.00.6000.16386 C:\Windows\System32\SndVolSSO.dll
0x737a0000 0x28000 6.00.6002.18005 C:\Windows\System32\MMDevApi.dll
0x71d30000 0x21000 6.00.6002.18005 C:\Windows\system32\AUDIOSES.DLL
0x71cc0000 0x66000 6.00.6001.18000 C:\Windows\system32\audioeng.dll
0x74530000 0x7000 6.00.6001.18000 C:\Windows\system32\AVRT.dll
0x69e80000 0x30b000 6.00.6002.18005 C:\Windows\System32\netshell.dll
0x75470000 0x19000 6.00.6002.18005 C:\Windows\System32\IPHLPAPI.DLL
0x75430000 0x35000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc.DLL
0x756c0000 0x2c000 6.00.6002.18005 C:\Windows\System32\DNSAPI.dll
0x75420000 0x7000 6.00.6001.18000 C:\Windows\System32\WINNSI.DLL
0x753f0000 0x22000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc6.DLL
0x74a20000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll
0x6ba40000 0x1bf000 6.00.6002.18005 C:\Windows\system32\pnidui.dll
0x6c3f0000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll
0x75490000 0x40000 6.00.6002.18005 C:\Windows\system32\wevtapi.dll
0x72030000 0x6000 6.00.6000.16386 C:\Windows\system32\wlanutil.dll
0x6f390000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x6f400000 0x12000 6.00.6002.18064 C:\Windows\system32\Wlanapi.dll
0x71dc0000 0x17c000 6.00.6002.18005 C:\Windows\system32\OneX.DLL
0x73770000 0xe000 6.00.6001.18000 C:\Windows\system32\eappprxy.dll
0x72040000 0x24000 6.00.6002.18005 C:\Windows\system32\eappcfg.dll
0x75350000 0x45000 6.00.6002.18005 C:\Windows\system32\bcrypt.dll
0x6f2c0000 0xd000 6.00.6000.16386 C:\Windows\System32\AltTab.dll
0x6e730000 0x23000 6.00.6001.18000 C:\Windows\system32\wpdshserviceobj.dll
0x705a0000 0x60000 6.00.6002.18096 C:\Windows\system32\WINHTTP.dll
0x747a0000 0xb000 7.00.6002.18005 C:\Windows\system32\mssprxy.dll
0x6e5b0000 0x2b000 6.00.6002.18005 C:\Windows\system32\PortableDeviceTypes.dll
0x6f270000 0x3e000 6.00.6002.18005 C:\Windows\system32\PortableDeviceApi.dll
0x6d680000 0x4d000 7.00.6002.18005 C:\Windows\System32\srchadmin.dll
0x6de70000 0x3c000 7.00.6002.18005 C:\Windows\system32\webcheck.dll
0x6a290000 0x21c000 6.00.6002.18005 C:\Windows\System32\SyncCenter.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x6e810000 0x39000 6.00.6002.18005 C:\Windows\system32\wscntfy.dll
0x6f3a0000 0xb000 6.00.6002.18005 C:\Windows\system32\WSCAPI.dll
0x6e5e0000 0x2e000 6.00.6001.18000 C:\Windows\System32\QAgent.dll
0x70700000 0x96000 6.00.6002.18005 C:\Windows\System32\fwpuclnt.dll
0x6aa20000 0xa3000 6.00.6002.18005 C:\Windows\system32\bthprops.cpl
0x716d0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x75620000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x07900000 0x1d6000 1.06.0002.0014 C:\PROGRA~1\SPYBOT~1\SDHelper.dll
0x766f0000 0x73000 6.00.6002.18005 C:\Windows\system32\comdlg32.dll
0x6fe90000 0x7000 6.00.6001.18000 C:\Windows\system32\wsock32.dll
0x700a0000 0x42000 6.00.6002.18005 C:\Windows\system32\winspool.drv
0x6ea40000 0xd9000 6.00.6002.18005 C:\Windows\system32\wer.dll
0x6fb80000 0x6000 6.00.6000.16386 C:\Windows\system32\SensApi.dll
0x6c370000 0x28000 6.00.6002.18005 C:\Windows\system32\faultrep.dll
0x6c4b0000 0x18000 6.00.6002.18005 C:\Windows\system32\olepro32.dll
0x6df10000 0xa000 7.00.6002.18005 C:\Windows\system32\jsproxy.dll
0x6d5c0000 0x30000 6.00.6001.18000 C:\Windows\system32\MLANG.dll
0x73b10000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x6b870000 0x2f000 6.00.6002.18005 C:\Windows\system32\wdmaud.drv
0x71d60000 0x4000 6.00.6000.16386 C:\Windows\system32\ksuser.dll
0x6e880000 0x9000 6.00.6002.18005 C:\Windows\system32\msacm32.drv
0x71c90000 0x14000 6.00.6001.18000 C:\Windows\system32\MSACM32.dll
0x6db80000 0x7000 6.00.6002.18005 C:\Windows\system32\midimap.dll
0x03440000 0x2e000 3.80.0000.0000 C:\Program Files\WinRAR\rarext.dll
0x03d30000 0x4c000 9.00.0000.0004 C:\Program Files\Avira\AntiVir Desktop\shlext.dll
0x6d650000 0x2e000 6.00.6001.18000 C:\Windows\system32\syncui.dll
0x6d600000 0x16000 6.00.6001.18000 C:\Windows\system32\SYNCENG.dll
0x6edd0000 0x6000 6.00.6002.18051 C:\Windows\system32\dciman32.dll
0x69270000 0x20c000 6.00.6002.18005 C:\Windows\system32\FunctionDiscoveryFolder.dll
0x73b90000 0x4a000 6.00.6002.18005 C:\Windows\system32\RASAPI32.dll
0x74e50000 0x14000 6.00.6001.18000 C:\Windows\system32\rasman.dll
0x73b50000 0x31000 6.00.6000.16386 C:\Windows\system32\TAPI32.dll
0x74c70000 0xc000 6.00.6002.18274 C:\Windows\system32\rtutils.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x751e0000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x756f0000 0x11000 6.00.6001.18000 C:\Windows\system32\cryptdll.dll
0x6d630000 0x20000 6.00.6002.18005 C:\Windows\System32\EhStorAPI.dll
No matching processes were found.
------------------------------------------------------------------------------
firefox.exe pid: 2876
Command line: "C:\Program Files\Mozilla Firefox\firefox.exe"
Base Size Version Path
0x00a90000 0xe0000 1.09.0002.3909 C:\Program Files\Mozilla Firefox\firefox.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x66e90000 0xb3b000 1.09.0002.3909 C:\Program Files\Mozilla Firefox\xul.dll
0x6c040000 0x75000 3.06.0022.0000 C:\Program Files\Mozilla Firefox\sqlite3.dll
0x6bef0000 0xb0000 8.00.0000.0000 C:\Program Files\Mozilla Firefox\MOZCRT19.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x6a6a0000 0xfb000 C:\Program Files\Mozilla Firefox\js3250.dll
0x6c470000 0x31000 4.08.0006.0000 C:\Program Files\Mozilla Firefox\nspr4.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x6fe90000 0x7000 6.00.6001.18000 C:\Windows\system32\WSOCK32.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x73b10000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x73ad0000 0x39000 4.02.5406.0000 C:\Windows\system32\OLEACC.dll
0x6f590000 0x18000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\smime3.dll
0x6be50000 0x9d000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\nss3.dll
0x74730000 0x14000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\nssutil3.dll
0x74720000 0x7000 4.08.0006.0000 C:\Program Files\Mozilla Firefox\plc4.dll
0x748c0000 0x7000 4.08.0006.0000 C:\Program Files\Mozilla Firefox\plds4.dll
0x6e700000 0x21000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\ssl3.dll
0x76850000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x75c00000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x74e90000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x700a0000 0x42000 6.00.6002.18005 C:\Windows\system32\WINSPOOL.DRV
0x766f0000 0x73000 6.00.6002.18005 C:\Windows\system32\COMDLG32.dll
0x74ac0000 0x19e000 6.10.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\COMCTL32.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.dll
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x74e80000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x6b990000 0xaf000 8.00.0000.0000 C:\Program Files\Mozilla Firefox\MOZCPP19.dll
0x6edc0000 0x7000 1.09.0002.3909 C:\Program Files\Mozilla Firefox\xpcom.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x74950000 0x3f000 6.00.6001.18000 C:\Windows\system32\uxtheme.dll
0x6def0000 0xc000 6.00.6001.18000 C:\Windows\system32\dwmapi.dll
0x6fc50000 0xdc000 6.00.6001.18000 C:\Windows\system32\dbghelp.dll
0x75ab0000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x75a90000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x737d0000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x6edb0000 0x8000 1.09.0002.3909 C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
0x75220000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x74e70000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75470000 0x19000 6.00.6002.18005 C:\Windows\system32\iphlpapi.dll
0x75430000 0x35000 6.00.6002.18005 C:\Windows\system32\dhcpcsvc.DLL
0x756c0000 0x2c000 6.00.6002.18005 C:\Windows\system32\DNSAPI.dll
0x75420000 0x7000 6.00.6001.18000 C:\Windows\system32\WINNSI.DLL
0x753f0000 0x22000 6.00.6002.18005 C:\Windows\system32\dhcpcsvc6.DLL
0x6e850000 0x2b000 6.00.6002.18124 C:\Windows\system32\t2embed.dll
0x6d040000 0x24000 1.09.0002.3909 C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
0x74a20000 0xf000 6.00.6001.18000 C:\Windows\system32\NLAapi.dll
0x6fb20000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6f8b0000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x6fb10000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x720f0000 0xb3000 6.00.6002.18005 C:\Windows\system32\WindowsCodecs.dll
0x75a30000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x6f3e0000 0x1f000 5.02.3790.1830 C:\Windows\system32\EhStorShell.dll
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x10000000 0x9d000 4.02.0000.5016 C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
0x76770000 0xd1000 7.00.6002.18278 C:\Windows\system32\WININET.dll
0x774c0000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x75f60000 0x45000 7.00.6002.18005 C:\Windows\system32\iertutil.dll
0x05980000 0x3c2000 4.02.0000.5004 C:\Program Files\Skype\Toolbars\Shared\SkypePnr.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x6b920000 0x62000 6.00.6002.18005 C:\Windows\system32\mscms.dll
0x75280000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x6fb40000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6c440000 0x26000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\softokn3.dll
0x6d550000 0x18000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\nssdbm3.dll
0x6c2d0000 0x41000 3.12.0007.0000 C:\Program Files\Mozilla Firefox\freebl3.dll
0x6b8d0000 0x50000 1.79.0000.0000 C:\Program Files\Mozilla Firefox\nssckbi.dll
0x600a0000 0x1b000 1.00.0001.0525 C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
0x73910000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Windows\system32\MSVCP71.dll
0x7c340000 0x56000 7.10.3052.0004 C:\Windows\system32\MSVCR71.dll
0x60050000 0x49000 1.00.0001.0525 C:\Program Files\Real\RealPlayer\browserrecord\rpmainbrowserrecordplugin.dll
0x6df80000 0x108000 6.00.6002.18005 C:\Windows\system32\shdocvw.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
No matching processes were found.
No matching processes were found.
No matching processes were found.
------------------------------------------------------------------------------
csrss.exe pid: 496
Command line: C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
Base Size Version Path
0x49f30000 0x5000 6.00.6001.18000 C:\Windows\system32\csrss.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75b50000 0xf000 6.00.6001.18000 C:\Windows\system32\CSRSRV.dll
0x75b30000 0x13000 6.00.6001.18000 C:\Windows\system32\basesrv.dll
0x75ad0000 0x60000 6.00.6002.18005 C:\Windows\system32\winsrv.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\KERNEL32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\system32\sxs.dll
------------------------------------------------------------------------------
csrss.exe pid: 568
Command line: C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
Base Size Version Path
0x49f30000 0x5000 6.00.6001.18000 C:\Windows\system32\csrss.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75b50000 0xf000 6.00.6001.18000 C:\Windows\system32\CSRSRV.dll
0x75b30000 0x13000 6.00.6001.18000 C:\Windows\system32\basesrv.dll
0x75ad0000 0x60000 6.00.6002.18005 C:\Windows\system32\winsrv.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\KERNEL32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\system32\sxs.dll
------------------------------------------------------------------------------
smss.exe pid: 420
Command line: \SystemRoot\System32\smss.exe
Base Size Version Path
0x478a0000 0x12000 \SystemRoot\System32\smss.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
------------------------------------------------------------------------------
winlogon.exe pid: 616
Command line: winlogon.exe
Base Size Version Path
0x002d0000 0x50000 6.00.6002.18005 C:\Windows\system32\winlogon.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75a90000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x75a60000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75ab0000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75a30000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x73500000 0x3e000 6.00.6002.18005 C:\Windows\system32\SHSVCS.dll
0x74950000 0x3f000 6.00.6001.18000 C:\Windows\system32\uxtheme.dll
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x720f0000 0xb3000 6.00.6002.18005 C:\Windows\system32\WindowsCodecs.dll
0x758d0000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x754e0000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x75620000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
------------------------------------------------------------------------------
svchost.exe pid: 836
Command line: C:\Windows\system32\svchost.exe -k DcomLaunch
Base Size Version Path
0x00e00000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x74ea0000 0x39000 6.00.6002.18005 c:\windows\system32\umpnpmgr.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x75ab0000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x75a90000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74f00000 0x1a000 6.00.6002.18005 C:\Windows\system32\POWRPROF.dll
0x74f80000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x754e0000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x74a30000 0x8a000 6.00.6002.18005 c:\windows\system32\rpcss.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x74cb0000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x74e90000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x758d0000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x716d0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x75a60000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x75a30000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x74c60000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll
------------------------------------------------------------------------------
svchost.exe pid: 936
Command line: C:\Windows\system32\svchost.exe -k rpcss
Base Size Version Path
0x00e00000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x74a30000 0x8a000 6.00.6002.18005 c:\windows\system32\rpcss.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75a90000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x74cb0000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x74e90000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x75ab0000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x758d0000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x75220000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x74e70000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75280000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x70700000 0x96000 6.00.6002.18005 C:\Windows\system32\fwpuclnt.dll
0x74a20000 0xf000 6.00.6001.18000 C:\Windows\system32\NLAapi.dll
0x75470000 0x19000 6.00.6002.18005 C:\Windows\system32\IPHLPAPI.DLL
0x75430000 0x35000 6.00.6002.18005 C:\Windows\system32\dhcpcsvc.DLL
0x756c0000 0x2c000 6.00.6002.18005 C:\Windows\system32\DNSAPI.dll
0x75420000 0x7000 6.00.6001.18000 C:\Windows\system32\WINNSI.DLL
0x753f0000 0x22000 6.00.6002.18005 C:\Windows\system32\dhcpcsvc6.DLL
0x6fb20000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6f8b0000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x6fb10000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x6fb40000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
------------------------------------------------------------------------------
svchost.exe pid: 1116
Command line: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Base Size Version Path
0x00e00000 0x8000 6.00.6001.18000 C:\Windows\System32\svchost.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x735d0000 0xfc000 6.00.6002.18005 c:\windows\system32\wevtsvc.dll
0x75ab0000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x75a90000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x74e90000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x74f80000 0x15000 6.00.6002.18005 c:\windows\system32\GPAPI.dll
0x754e0000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\System32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x758d0000 0x76000 6.00.6002.18005 C:\Windows\System32\NETAPI32.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75220000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x74e70000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75280000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x73710000 0x51000 6.00.6002.18005 c:\windows\system32\audiosrv.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x737a0000 0x28000 6.00.6002.18005 c:\windows\system32\MMDevAPI.DLL
0x75c00000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x74c60000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x75a60000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74ac0000 0x19e000 6.10.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x74c80000 0x2d000 6.00.6002.18169 C:\Windows\System32\WINTRUST.dll
0x76280000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x738e0000 0x8000 6.00.6000.16386 c:\windows\system32\lmhsvc.dll
0x75470000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x75430000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x756c0000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x75420000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x753f0000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\System32\rsaenh.dll
0x71d30000 0x21000 6.00.6002.18005 C:\Windows\System32\audioses.dll
0x71cc0000 0x66000 6.00.6001.18000 C:\Windows\System32\audioeng.dll
0x74530000 0x7000 6.00.6001.18000 C:\Windows\System32\AVRT.dll
0x6f2d0000 0x12000 6.00.6002.18005 c:\windows\system32\wscsvc.dll
0x74cb0000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x6fc50000 0xdc000 6.00.6001.18000 c:\windows\system32\dbghelp.dll
0x6f850000 0xb000 6.00.6002.18005 C:\Windows\system32\wbem\wbemprox.dll
0x6f770000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6f2b0000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6e8e0000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\fastprox.dll
0x75660000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x753a0000 0x35000 6.00.6002.18005 C:\Windows\System32\ncrypt.dll
0x75350000 0x45000 6.00.6002.18005 C:\Windows\System32\BCRYPT.dll
0x6e670000 0x8e000 7.04.7600.0226 C:\Windows\system32\wuapi.dll
0x716d0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
------------------------------------------------------------------------------
svchost.exe pid: 1144
Command line: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Base Size Version Path
0x00e00000 0x8000 6.00.6001.18000 C:\Windows\System32\svchost.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\System32\NTMARTA.DLL
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\System32\SAMLIB.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x73710000 0x51000 6.00.6002.18005 c:\windows\system32\audiosrv.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x737a0000 0x28000 6.00.6002.18005 c:\windows\system32\MMDevAPI.DLL
0x75c00000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x74c60000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x75a60000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74ac0000 0x19e000 6.10.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x74c80000 0x2d000 6.00.6002.18169 C:\Windows\System32\WINTRUST.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x75ab0000 0x1e000 6.00.6002.18005 C:\Windows\System32\USERENV.dll
0x75a90000 0x14000 6.00.6002.18051 C:\Windows\System32\Secur32.dll
0x76280000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x749a0000 0xb000 6.00.6002.18005 c:\windows\system32\uxsms.dll
0x736f0000 0x13000 6.00.6000.16386 c:\windows\system32\tabsvc.dll
0x749f0000 0x9000 6.00.6000.16386 c:\windows\system32\HID.DLL
0x754e0000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x73ac0000 0x10000 6.00.6001.18000 c:\windows\system32\wudfsvc.dll
0x734d0000 0x30000 6.00.6001.18000 c:\windows\system32\WUDFPlatform.dll
0x74e90000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x75490000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x71fa0000 0x82000 6.00.6002.18064 c:\windows\system32\wlansvc.dll
0x758d0000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x76850000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x72070000 0x4c000 6.00.6002.18064 c:\windows\system32\WLANMSM.DLL
0x71f40000 0x52000 6.00.6002.18064 c:\windows\system32\WLANSEC.dll
0x71dc0000 0x17c000 6.00.6002.18005 c:\windows\system32\OneX.DLL
0x73770000 0xe000 6.00.6001.18000 c:\windows\system32\eappprxy.dll
0x72040000 0x24000 6.00.6002.18005 c:\windows\system32\eappcfg.dll
0x73910000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x74920000 0x30000 6.00.6001.18000 c:\windows\system32\DUser.dll
0x74950000 0x3f000 6.00.6001.18000 c:\windows\system32\UxTheme.dll
0x73ad0000 0x39000 4.02.5406.0000 c:\windows\system32\OLEACC.dll
0x75950000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x75430000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x756c0000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x75420000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x71da0000 0x18000 6.00.6002.18005 c:\windows\system32\wlgpclnt.dll
0x734a0000 0x10000 6.00.6001.18000 c:\windows\system32\l2gpstore.dll
0x72030000 0x6000 6.00.6000.16386 c:\windows\system32\wlanutil.dll
0x754d0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x738f0000 0x1f000 6.00.6002.18005 c:\windows\system32\WinSCard.dll
0x75470000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x753f0000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75350000 0x45000 6.00.6002.18005 c:\windows\system32\bcrypt.dll
0x719c0000 0x15b000 6.20.5002.0000 C:\Windows\System32\msxml6.dll
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\System32\rsaenh.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\System32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x752b0000 0x7e000 6.00.6002.18051 C:\Windows\system32\kerberos.dll
0x756f0000 0x11000 6.00.6001.18000 C:\Windows\System32\cryptdll.dll
0x75a30000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x708c0000 0x60000 6.00.6001.18000 C:\Windows\system32\netcfgx.dll
0x716d0000 0x15000 6.00.6001.18000 C:\Windows\System32\Cabinet.dll
0x6fdc0000 0x8d000 6.00.6002.18005 c:\windows\system32\emdmgmt.dll
0x6fea0000 0x39000 6.00.6002.18005 c:\windows\system32\WDSCORE.dll
0x6fe50000 0xd000 6.00.6001.18000 c:\windows\system32\pcasvc.dll
0x6f6b0000 0x8a000 6.00.6002.18005 c:\windows\system32\sysmain.dll
0x6f630000 0x15000 6.00.6001.18000 c:\windows\system32\trkwks.dll
0x6f610000 0x15000 6.00.6001.18000 c:\windows\system32\wpdbusenum.dll
0x74f80000 0x15000 6.00.6002.18005 C:\Windows\System32\GPAPI.dll
0x6f270000 0x3e000 6.00.6002.18005 C:\Windows\system32\PortableDeviceApi.dll
0x734b0000 0xf000 6.00.6001.18000 C:\Windows\system32\umb.dll
0x74a00000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x70060000 0x15000 6.00.6001.18000 c:\windows\system32\wdi.dll
0x6df40000 0xa000 6.00.6001.18000 C:\Windows\system32\pcadm.dll
0x6bfa0000 0x46000 6.00.6001.18000 c:\windows\system32\netman.dll
0x73b90000 0x4a000 6.00.6002.18005 c:\windows\system32\RASAPI32.dll
0x74e50000 0x14000 6.00.6001.18000 c:\windows\system32\rasman.dll
0x73b50000 0x31000 6.00.6000.16386 c:\windows\system32\TAPI32.dll
0x74c70000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x73b10000 0x32000 6.00.6002.18005 c:\windows\system32\WINMM.dll
0x69e80000 0x30b000 6.00.6002.18005 C:\Windows\System32\netshell.dll
0x74a20000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll
0x700f0000 0xce000 6.00.6002.18005 C:\Windows\System32\RASDLG.dll
0x703b0000 0x1a000 6.00.6002.18005 C:\Windows\System32\MPRAPI.dll
0x70470000 0x35000 6.00.6001.18000 C:\Windows\System32\ACTIVEDS.dll
0x70430000 0x33000 6.00.6002.18005 C:\Windows\System32\adsldpc.dll
0x70510000 0x2e000 6.00.6002.18005 C:\Windows\System32\credui.dll
0x6aad0000 0x4a000 6.00.6001.18000 C:\Windows\System32\hnetcfg.dll
0x705a0000 0x60000 6.00.6002.18096 C:\Windows\System32\WINHTTP.dll
0x75220000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x74e70000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x6deb0000 0x33000 6.00.6001.18000 C:\Windows\system32\upnp.dll
0x6fb70000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\System32\SXS.DLL
0x6f850000 0xb000 6.00.6002.18005 C:\Windows\system32\wbem\wbemprox.dll
0x6f770000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6f2b0000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6e8e0000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\fastprox.dll
0x75660000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x751e0000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x6ea40000 0xd9000 6.00.6002.18005 C:\Windows\System32\wer.dll
0x6fb80000 0x6000 6.00.6000.16386 C:\Windows\System32\SensApi.dll
0x745d0000 0x15000 6.00.6000.16386 C:\Windows\system32\radardt.dll
------------------------------------------------------------------------------
svchost.exe pid: 1160
Command line: C:\Windows\system32\svchost.exe -k netsvcs
Base Size Version Path
0x00e00000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x73780000 0x11000 6.00.6001.18000 c:\windows\system32\mmcss.dll
0x74530000 0x7000 6.00.6001.18000 c:\windows\system32\AVRT.dll
0x73540000 0x8f000 6.00.6002.18005 c:\windows\system32\gpsvc.dll
0x75a90000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x758d0000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x75660000 0x18000 6.00.6001.18000 c:\windows\system32\NTDSAPI.dll
0x756c0000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x74c60000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x75ab0000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x74f80000 0x15000 6.00.6002.18005 c:\windows\system32\GPAPI.dll
0x754e0000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x75950000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x754d0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x75a60000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74a20000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x75470000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x75430000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75420000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x753f0000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x749c0000 0x29000 6.00.6002.18005 c:\windows\system32\profsvc.dll
0x74a00000 0x14000 3.05.2284.0002 c:\windows\system32\ATL.DLL
0x73500000 0x3e000 6.00.6002.18005 c:\windows\system32\shsvcs.dll
0x749b0000 0xe000 6.00.6001.18000 c:\windows\system32\sens.dll
0x74950000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x734c0000 0x10000 6.00.6001.18000 c:\windows\system32\eapsvc.dll
0x720c0000 0x30000 6.00.6002.18005 C:\Windows\system32\eapphost.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x734b0000 0xf000 6.00.6001.18000 C:\Windows\system32\umb.dll
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x74c80000 0x2d000 6.00.6002.18169 C:\Windows\system32\WINTRUST.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x76280000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x707a0000 0x85000 5.82.6001.18000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll
0x70660000 0x94000 6.00.6002.18005 c:\windows\system32\schedsvc.dll
0x75c00000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75490000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x71b20000 0x7000 6.00.6001.18000 c:\windows\system32\ktmw32.dll
0x74ac0000 0x19e000 6.10.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x70870000 0x44000 6.00.6002.18005 C:\Windows\system32\taskcomp.dll
0x74e90000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x75220000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x74e70000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75280000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x76850000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x71690000 0xb000 6.00.6001.18000 C:\Windows\system32\wiarpc.dll
0x70540000 0x21000 6.00.6002.18005 c:\windows\system32\srvsvc.dll
0x71680000 0x6000 6.00.6000.16386 C:\Windows\system32\SSCORE.DLL
0x74cb0000 0x66000 6.00.6001.18000 C:\Windows\system32\FirewallAPI.DLL
0x71650000 0x2e000 6.00.6001.18000 C:\Windows\system32\CLUSAPI.DLL
0x756f0000 0x11000 6.00.6001.18000 C:\Windows\system32\cryptdll.dll
0x70470000 0x35000 6.00.6001.18000 C:\Windows\system32\ACTIVEDS.dll
0x70430000 0x33000 6.00.6002.18005 C:\Windows\system32\adsldpc.dll
0x70510000 0x2e000 6.00.6002.18005 C:\Windows\system32\credui.dll
0x70410000 0x13000 6.00.6001.18000 C:\Windows\system32\RESUTILS.DLL
0x703f0000 0x9000 6.00.6000.16386 c:\windows\system32\aelupsvc.dll
0x75a30000 0x2c000 6.00.6002.18005 c:\windows\system32\apphelp.dll
0x6f960000 0x6f000 6.00.6002.18005 c:\windows\system32\ikeext.dll
0x70700000 0x96000 6.00.6002.18005 c:\windows\system32\fwpuclnt.dll
0x753a0000 0x35000 6.00.6002.18005 C:\Windows\system32\ncrypt.dll
0x75350000 0x45000 6.00.6002.18005 C:\Windows\system32\BCRYPT.dll
0x6fb50000 0x8000 6.00.6001.18000 c:\windows\system32\seclogon.dll
0x6f1f0000 0x2a000 6.00.6002.18005 c:\windows\system32\wbem\wmisvc.dll
0x6f770000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6f230000 0x34000 6.00.6002.18209 c:\windows\system32\iphlpsvc.dll
0x74c70000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x6f740000 0x23000 6.00.6001.18000 c:\windows\system32\sqmapi.dll
0x716d0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x705a0000 0x60000 6.00.6002.18096 C:\Windows\system32\WINHTTP.dll
0x6ff10000 0x10b000 6.00.6002.18005 C:\Windows\system32\VSSAPI.DLL
0x703d0000 0x14000 6.00.6001.18000 C:\Windows\system32\vsstrace.dll
0x73c40000 0x2f000 1.02.1009.0000 C:\Windows\system32\XmlLite.dll
0x75620000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x737d0000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x6e980000 0xb9000 6.00.6002.18005 C:\Windows\system32\wbem\wbemcore.dll
0x6ecf0000 0x43000 6.00.6002.18005 C:\Windows\system32\wbem\esscli.dll
0x6e8e0000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\FastProx.dll
0x6f2b0000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6ecd0000 0x17000 6.00.6002.18005 C:\Windows\system32\wbem\wmiutils.dll
0x6e890000 0x44000 6.00.6002.18005 C:\Windows\system32\wbem\repdrvfs.dll
0x6e790000 0x7d000 6.00.6002.18005 C:\Windows\system32\wbem\wmiprvsd.dll
0x759d0000 0xf000 6.00.6001.18000 C:\Windows\system32\NCObjAPI.DLL
0x6e610000 0x57000 6.00.6002.18005 C:\Windows\system32\wbem\wbemess.dll
0x6fb20000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6f8b0000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x6fb10000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x6ed90000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\ncprov.dll
0x6fb40000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6d9c0000 0x1bf000 7.00.6002.18005 c:\windows\system32\qmgr.dll
0x75290000 0x5000 6.00.6000.16386 c:\windows\system32\SHFOLDER.dll
0x6e090000 0x8000 7.00.6000.16386 c:\windows\system32\bitsperf.dll
0x6df30000 0xb000 7.00.6002.18005 C:\Windows\system32\bitsigd.dll
0x6deb0000 0x33000 6.00.6001.18000 C:\Windows\system32\upnp.dll
0x6fb70000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x73b90000 0x4a000 6.00.6002.18005 C:\Windows\system32\RasApi32.dll
0x74e50000 0x14000 6.00.6001.18000 C:\Windows\system32\rasman.dll
0x73b50000 0x31000 6.00.6000.16386 C:\Windows\system32\TAPI32.dll
0x73b10000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x73ad0000 0x39000 4.02.5406.0000 C:\Windows\system32\OLEACC.dll
0x6a800000 0x43000 6.00.6002.18005 c:\windows\system32\rasmans.dll
0x6c540000 0x14000 6.00.6002.18005 C:\Windows\system32\rastapi.dll
0x68eb0000 0x1d9000 7.04.7600.0226 c:\windows\system32\wuaueng.dll
0x6e390000 0x168000 6.00.6002.18005 c:\windows\system32\ESENT.dll
0x700a0000 0x42000 6.00.6002.18005 c:\windows\system32\WINSPOOL.DRV
0x6c590000 0xc000 6.00.6001.18000 c:\windows\system32\mspatcha.dll
0x6a590000 0x43000 6.00.6002.18005 C:\Windows\system32\rasppp.dll
0x703b0000 0x1a000 6.00.6002.18005 C:\Windows\system32\MPRAPI.dll
0x752b0000 0x7e000 6.00.6002.18051 C:\Windows\system32\kerberos.dll
0x6c560000 0x14000 6.00.6001.18000 C:\Windows\system32\RASQEC.DLL
0x6c3f0000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll
0x6a4f0000 0x47000 6.00.6002.18005 C:\Windows\System32\raschap.dll
0x6a4b0000 0x3e000 6.00.6002.18116 C:\Windows\System32\rastls.dll
0x69c90000 0xf0000 6.00.6002.18005 C:\Windows\system32\CRYPTUI.dll
0x74e80000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x738f0000 0x1f000 6.00.6002.18005 C:\Windows\system32\WinSCard.dll
0x751e0000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x752a0000 0x6000 6.00.6000.16386 C:\Windows\system32\WMsgAPI.dll
0x6ea40000 0xd9000 6.00.6002.18005 C:\Windows\system32\wer.dll
0x6fb80000 0x6000 6.00.6000.16386 C:\Windows\system32\SensApi.dll
0x679d0000 0x26000 6.00.6001.18000 C:\Windows\system32\dssenh.dll
0x6d790000 0x227000 4.05.6002.18005 C:\Windows\system32\msi.dll
0x63c60000 0x2e000 7.00.6001.18000 C:\Windows\system32\advpack.dll
0x6f570000 0x16000 6.00.6001.18000 c:\windows\system32\browser.dll
0x74750000 0x9000 6.00.6000.16386 C:\Windows\system32\tschannel.dll
------------------------------------------------------------------------------
svchost.exe pid: 1292
Command line: C:\Windows\system32\svchost.exe -k LocalService
Base Size Version Path
0x00e00000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77390000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x75fb0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76440000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75e00000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75c60000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x74f20000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x761c0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76650000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x766a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x77360000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x75ed0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75b60000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x756a0000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76500000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x76260000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75d30000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x764f0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x75ee0000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x721b0000 0x46000 2001.12.6932.18005 c:\windows\system32\es.dll
0x774d0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x737d0000 0xbb000 7.00.6002.18005 c:\windows\system32\PROPSYS.dll
0x74fa0000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x77560000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x738d0000 0x8000 6.00.6001.18000 c:\windows\system32\nsisvc.dll
0x75a90000 0x14000 6.00.6002.18051 C:\Windows\system32\secur32.dll
0x75520000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75680000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x75ab0000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x75340000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x75010000 0x46000 6.00.6002.18269 C:\Windows\system32\schannel.dll
0x758d0000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x75970000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x70830000 0x34000 6.00.6002.18005 c:\windows\system32\webclnt.dll
0x705a0000 0x60000 6.00.6002.18096 c:\windows\system32\WINHTTP.dll
0x75c00000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x76090000 0x12a000 7.00.6002.18278 C:\Windows\system32\urlmon.dll
0x75f60000 0x45000 7.00.6002.18005 C:\Windows\system32\iertutil.dll
0x74ac0000 0x19e000 6.10.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
0x76850000 0xb10000 6.00.6002.18287 C:\Windows\system32\shell32.dll
0x76770000 0xd1000 7.00.6002.18278 C:\Windows\system32\WinInet.dll
0x774c0000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x70570000 0x2a000 6.00.6002.18049 c:\windows\system32\wkssvc.dll
0x75470000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x75430000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x756c0000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x75420000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x753f0000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75660000 0x18000 6.00.6001.18000 c:\windows\system32\NTDSAPI.dll
0x75060000 0xd7000 6.00.6000.16386 c:\windows\system32\WINBRAND.dll
0x70050000 0x9000 6.00.6000.16386 c:\windows\system32\fdrespub.dll
0x6fd60000 0x59000 6.00.6002.18085 c:\windows\system32\wsdapi.dll
0x703a0000 0xb000 6.00.6002.18136 c:\windows\system32\HTTPAPI.dll
0x74c80000 0x2d000 6.00.6002.18169 c:\windows\system32\WINTRUST.dll
0x76280000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x73c40000 0x2f000 1.02.1009.0000 c:\windows\system32\XmlLite.dll
0x74cb0000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x74e90000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x6fd30000 0x28000 6.00.6002.18005 C:\Windows\system32\FunDisc.dll
0x74a00000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x762b0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75220000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x74e70000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75280000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x6f9d0000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x6f8d0000 0x28000 6.00.6001.18000 c:\windows\system32\ssdpsrv.dll
0x6f340000 0x43000 6.00.6001.18000 c:\windows\system32\upnphost.dll
0x6fb70000 0xc000 6.00.6000.16386 c:\windows\system32\SSDPAPI.dll
0x6f2f0000 0x48000 6.00.6002.18005 c:\windows\system32\w32time.dll
0x756f0000 0x11000 6.00.6001.18000 c:\windows\system32\cryptdll.dll
0x74f80000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x754e0000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x6ede0000 0x
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
9 oct. 2010 à 01:39
9 oct. 2010 à 01:39
1)
Relance List_Kill'em(soit en clic droit pour vista/7),avec le raccourci sur ton bureau.
mais cette fois-ci :
choisis l'option CLEAN
laisse travailler l'outil.
en fin de scan la fenetre se ferme , et tu as un rapport du nom de Kill'em.txt sur ton bureau ,
colle le contenu dans ta reponse
....................
2)
Téléchargez MalwareByte's Anti-Malware (que tu pourras garder ensuite)
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
Relance List_Kill'em(soit en clic droit pour vista/7),avec le raccourci sur ton bureau.
mais cette fois-ci :
choisis l'option CLEAN
laisse travailler l'outil.
en fin de scan la fenetre se ferme , et tu as un rapport du nom de Kill'em.txt sur ton bureau ,
colle le contenu dans ta reponse
....................
2)
Téléchargez MalwareByte's Anti-Malware (que tu pourras garder ensuite)
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
fleurcoi
Messages postés
179
Date d'inscription
mercredi 13 février 2008
Statut
Membre
Dernière intervention
26 août 2013
9 oct. 2010 à 10:35
9 oct. 2010 à 10:35
Bon matin!!!
allé c'est reparti!!
voici d'abord le rapport kill'em
¤¤¤¤¤¤¤¤¤¤ Kill'em by g3n-h@ckm@n 2.1.0.9 ¤¤¤¤¤¤¤¤¤¤
User : fleur (Administrateurs)
Update on 04/10/2010 by g3n-h@ckm@n ::::: 21.00
Start at: 09:45:36 | 09/10/2010
AMD Sempron(tm) SI-40
Microsoft® Windows Vista(TM) Édition Familiale Basique (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 7.0.6002.18005
Windows Firewall Status : Disabled
C:\ -> Disque fixe local | 74,37 Go (37,22 Go free) [Vista] | NTFS
D:\ -> Disque amovible | 7,45 Go (2,02 Go free) [YOUHOU] | FAT32
E:\ -> Disque fixe local | 73,21 Go (5,9 Go free) [Data] | NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque fixe local | 465,76 Go (76,32 Go free) [Crop BIEn] | NTFS
H:\ -> Disque amovible
¤¤¤¤¤¤¤¤¤¤ Files/folders :
Quarantined & Deleted !! : C:\ProgramData\ezsidmv.dat
Quarantined & Deleted !! : C:\ProgramData\hpzinstall.log
Quarantined & Deleted !! : C:\Users\fleur\AppData\Local\d3d9caps.dat
Quarantined & Deleted !! : C:\Users\fleur\AppData\Local\GDIPFONTCACHEV1.DAT
¤¤¤¤¤¤¤¤¤¤ Hosts ¤¤¤¤¤¤¤¤¤¤
127.0.0.1 localhost
¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤
Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}
¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
Local Page = C:\WINDOWS\system32\blank.htm
Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.google.com/?gws_rd=ssl
Local Page = C:\WINDOWS\system32\blank.htm
Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
¤¤¤¤¤¤¤¤¤¤ Security Center ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
cval = 1 ()
FirstRunDisabled = 1 ()
AntiVirusDisableNotify = 0 (0x0)
FirewallDisableNotify = 0 (0x0)
UpdatesDisableNotify = 0 (0x0)
AntiVirusOverride = 0 (0x0)
FirewallOverride = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤
Ndisuio : Start = 3
EapHost : Start = 2
Wlansvc : Start = 2
SharedAccess : Start = 2
windefend : Start = 2
wuauserv : Start = 2
wscsvc : Start = 2
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Disk Cleaned
anti-ver blaster : OK
Prefetch cleaned
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
FEATURE_BROWSER_EMULATION | svchost :
====================================
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys tcpip.sys NETIO.SYS
kernel: MBR read successfully
user & kernel MBR OK
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
allé c'est reparti!!
voici d'abord le rapport kill'em
¤¤¤¤¤¤¤¤¤¤ Kill'em by g3n-h@ckm@n 2.1.0.9 ¤¤¤¤¤¤¤¤¤¤
User : fleur (Administrateurs)
Update on 04/10/2010 by g3n-h@ckm@n ::::: 21.00
Start at: 09:45:36 | 09/10/2010
AMD Sempron(tm) SI-40
Microsoft® Windows Vista(TM) Édition Familiale Basique (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 7.0.6002.18005
Windows Firewall Status : Disabled
C:\ -> Disque fixe local | 74,37 Go (37,22 Go free) [Vista] | NTFS
D:\ -> Disque amovible | 7,45 Go (2,02 Go free) [YOUHOU] | FAT32
E:\ -> Disque fixe local | 73,21 Go (5,9 Go free) [Data] | NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque fixe local | 465,76 Go (76,32 Go free) [Crop BIEn] | NTFS
H:\ -> Disque amovible
¤¤¤¤¤¤¤¤¤¤ Files/folders :
Quarantined & Deleted !! : C:\ProgramData\ezsidmv.dat
Quarantined & Deleted !! : C:\ProgramData\hpzinstall.log
Quarantined & Deleted !! : C:\Users\fleur\AppData\Local\d3d9caps.dat
Quarantined & Deleted !! : C:\Users\fleur\AppData\Local\GDIPFONTCACHEV1.DAT
¤¤¤¤¤¤¤¤¤¤ Hosts ¤¤¤¤¤¤¤¤¤¤
127.0.0.1 localhost
¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤
Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}
¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
Local Page = C:\WINDOWS\system32\blank.htm
Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.google.com/?gws_rd=ssl
Local Page = C:\WINDOWS\system32\blank.htm
Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
¤¤¤¤¤¤¤¤¤¤ Security Center ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
cval = 1 ()
FirstRunDisabled = 1 ()
AntiVirusDisableNotify = 0 (0x0)
FirewallDisableNotify = 0 (0x0)
UpdatesDisableNotify = 0 (0x0)
AntiVirusOverride = 0 (0x0)
FirewallOverride = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤
Ndisuio : Start = 3
EapHost : Start = 2
Wlansvc : Start = 2
SharedAccess : Start = 2
windefend : Start = 2
wuauserv : Start = 2
wscsvc : Start = 2
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Disk Cleaned
anti-ver blaster : OK
Prefetch cleaned
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
FEATURE_BROWSER_EMULATION | svchost :
====================================
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys tcpip.sys NETIO.SYS
kernel: MBR read successfully
user & kernel MBR OK
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
fleurcoi
Messages postés
179
Date d'inscription
mercredi 13 février 2008
Statut
Membre
Dernière intervention
26 août 2013
9 oct. 2010 à 13:08
9 oct. 2010 à 13:08
et woilà le deuxième:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4784
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005
09/10/2010 11:57:31
mbam-log-2010-10-09 (11-57-31).txt
Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|)
Elément(s) analysé(s): 272260
Temps écoulé: 1 heure(s), 20 minute(s), 57 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4784
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005
09/10/2010 11:57:31
mbam-log-2010-10-09 (11-57-31).txt
Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|)
Elément(s) analysé(s): 272260
Temps écoulé: 1 heure(s), 20 minute(s), 57 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
9 oct. 2010 à 13:16
9 oct. 2010 à 13:16
ok
comment va le pc et ton soucis de départ ?
comment va le pc et ton soucis de départ ?
fleurcoi
Messages postés
179
Date d'inscription
mercredi 13 février 2008
Statut
Membre
Dernière intervention
26 août 2013
9 oct. 2010 à 13:19
9 oct. 2010 à 13:19
ah oui.. pour info: je suis toujours à 100% et l'ordi met toujours très longtems à démarrer et ram dès que je vais sur le net ou essaie de faire autre chose...
j'avais oublier de préciser que le démarrage était plus long aussi et que , de ce fait, j'avais essayer de sélectionner d'autre type de démarrage qui faisait que ça allait mieu mais qui m'ouvrai pas grand chose du tout...
bref ... je me demande si je devrais pas carrément le formater... vista , j'aime pas :(
j'avais oublier de préciser que le démarrage était plus long aussi et que , de ce fait, j'avais essayer de sélectionner d'autre type de démarrage qui faisait que ça allait mieu mais qui m'ouvrai pas grand chose du tout...
bref ... je me demande si je devrais pas carrément le formater... vista , j'aime pas :(