Analyser mon rapport hijackthis
Pnlop
-
benurrr Messages postés 9766 Statut Contributeur sécurité -
benurrr Messages postés 9766 Statut Contributeur sécurité -
Bonjour,
Voici mon rapport Hijackthis! Je crois qu'il y à quelque chose d'anormale dans mon systeme. Pouvez-vous m'aider s.v.p? Que dois-je faire? Merci à l'avance de votre aide!
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
C:\Windows\System32\SupportAppXL\AutoDect.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
C:\Program Files\Videotron\Videotron Service Agent\VideotronSA.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJDM0P3I\RSIT[1].exe
C:\Program Files\trend micro\Utilisateur.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Gateway\traybar.exe"
O4 - HKLM\..\Run: [autodetect] C:\Windows\system32\SupportAppXL\AutoDect.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-ca.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PDAgent - Unknown owner - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (file missing)
O23 - Service: PDEngine - Unknown owner - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe (file missing)
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Services de sécurité Vidéotron (Radialpoint Security Services) - Vidéotron - C:\Program Files\Videotron\Services de sécurité Vidéotron\RpsSecurityAwareR.exe
O23 - Service: RadialpointIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Services de sécurité Vidéotron Coupe-feu (RP_FWS) - Vidéotron - C:\Program Files\Videotron\Services de sécurité Vidéotron\Fws.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: BitDefender Threat Scanner (scan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ServicepointService - Radialpoint Inc. - C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
Voici mon rapport Hijackthis! Je crois qu'il y à quelque chose d'anormale dans mon systeme. Pouvez-vous m'aider s.v.p? Que dois-je faire? Merci à l'avance de votre aide!
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
C:\Windows\System32\SupportAppXL\AutoDect.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
C:\Program Files\Videotron\Videotron Service Agent\VideotronSA.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJDM0P3I\RSIT[1].exe
C:\Program Files\trend micro\Utilisateur.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Gateway\traybar.exe"
O4 - HKLM\..\Run: [autodetect] C:\Windows\system32\SupportAppXL\AutoDect.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-ca.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PDAgent - Unknown owner - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (file missing)
O23 - Service: PDEngine - Unknown owner - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe (file missing)
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Services de sécurité Vidéotron (Radialpoint Security Services) - Vidéotron - C:\Program Files\Videotron\Services de sécurité Vidéotron\RpsSecurityAwareR.exe
O23 - Service: RadialpointIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Services de sécurité Vidéotron Coupe-feu (RP_FWS) - Vidéotron - C:\Program Files\Videotron\Services de sécurité Vidéotron\Fws.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: BitDefender Threat Scanner (scan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ServicepointService - Radialpoint Inc. - C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
A voir également:
- Analyser mon rapport hijackthis
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Plan rapport de stage - Guide
- Analyser disque dur externe - Guide
- Analyser clé usb - Guide
- Image analyser - Télécharger - Photo & Graphisme
29 réponses
bonjour
Telecharge combofix :
Faire un clic droit sur le lien
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Choisir : "Enregistrer la cible du lien sous..."
* Choisir le Bureau comme destination.
* Dans le champ "Nom du fichier", renommer ComboFix.exe en CCM.exe par exemple, puis enregistrer.
* Attention ! L'étape de renommage est obligatoire sous peine de voir afficher le message "ComboFix.exe n'est pas une application win32 valide" et de le rendre ainsi totalement inefficace.
Note importante :tu est sous Vista
la désactivation du Contrôle des comptes utilisateurs est obligatoire
Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uacer-l-uac
pour toute manipulation fait comme ceci( clic droit "exécuter en tant qu'administrateur" pour Vista/7 )
-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
-Attention Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes. risque de figer l'ordi
- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
!\ Ne touche à rien tant que le scan n'est pas terminé. /!\ : risque de figer l'ordi (plantage complet)
::Si combofix detecte quelque chose et de demande a redémarrer tu accepte
Telecharge combofix :
Faire un clic droit sur le lien
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Choisir : "Enregistrer la cible du lien sous..."
* Choisir le Bureau comme destination.
* Dans le champ "Nom du fichier", renommer ComboFix.exe en CCM.exe par exemple, puis enregistrer.
* Attention ! L'étape de renommage est obligatoire sous peine de voir afficher le message "ComboFix.exe n'est pas une application win32 valide" et de le rendre ainsi totalement inefficace.
Note importante :tu est sous Vista
la désactivation du Contrôle des comptes utilisateurs est obligatoire
Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uacer-l-uac
pour toute manipulation fait comme ceci( clic droit "exécuter en tant qu'administrateur" pour Vista/7 )
-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
-Attention Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes. risque de figer l'ordi
- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
!\ Ne touche à rien tant que le scan n'est pas terminé. /!\ : risque de figer l'ordi (plantage complet)
::Si combofix detecte quelque chose et de demande a redémarrer tu accepte
ComboFix 10-11-07.09 - Utilisateur 2010-11-08 5:27.1.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.2.1036.18.3062.1469 [GMT -5:00]
Lancé depuis: c:\users\Utilisateur\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Utilisateur\AppData\Roaming\ErrorWiz
c:\users\Utilisateur\AppData\Roaming\ErrorWiz\Backup\Automatic Backup_11-07-2010_00-00-51.reg
c:\users\Utilisateur\AppData\Roaming\ErrorWiz\Backup\Automatic Backup_11-07-2010_00-26-20.reg
c:\users\Utilisateur\AppData\Roaming\ErrorWiz\settings.ini
c:\windows\system32\system
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-10-08 au 2010-11-08 ))))))))))))))))))))))))))))))))))))
.
2010-11-08 10:35 . 2010-11-08 10:35 -------- d-----w- c:\users\Utilisateur\AppData\Local\temp
2010-11-08 07:05 . 2010-10-07 21:21 6146896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F237270-6E3F-4609-A3C4-A2DE9CD3C2F3}\mpengine.dll
2010-11-08 07:01 . 2010-11-08 07:20 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-11-07 04:44 . 2010-11-07 04:44 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\GlarySoft
2010-11-07 04:37 . 2010-11-08 10:23 -------- d-----w- c:\program files\Glary Utilities
2010-11-07 03:53 . 2010-11-07 03:53 -------- d--h--w- c:\windows\PIF
2010-11-06 22:01 . 2006-05-25 19:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-11-06 22:01 . 2010-11-07 02:04 -------- d-----w- c:\program files\Trojan Remover
2010-11-06 20:40 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C9979897-7CBE-48EA-BCF4-02D742DA9033}\mpengine.dll
2010-11-06 08:13 . 2010-11-06 08:13 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\SoftwareDetectionScripts
2010-11-01 17:01 . 2010-11-07 05:33 -------- d-----w- c:\users\Utilisateur\AppData\Local\CrashDumps
2010-11-01 02:09 . 2010-11-01 02:27 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-11-01 02:08 . 2010-11-01 02:08 -------- d-----w- c:\program files\Norton 360
2010-11-01 02:08 . 2010-11-01 02:11 -------- d-----w- c:\programdata\Norton
2010-11-01 02:07 . 2010-11-01 02:07 -------- d-----w- c:\program files\NortonInstaller
2010-11-01 01:51 . 2006-09-25 02:11 -------- d-----w- c:\program files\ReviverSoft
2010-10-31 23:45 . 2010-11-07 06:14 -------- d-----w- C:\0b4fc0d5dfb66e640becf83f
2010-10-31 22:07 . 2010-11-08 02:29 -------- d-----w- c:\program files\trend micro
2010-10-31 22:07 . 2010-10-31 22:50 -------- d-----w- C:\rsit
2010-10-31 19:27 . 2010-10-31 19:27 -------- d-----w- C:\f9adf8b29e962ef5f561
2010-10-26 18:10 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-26 18:10 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-10-26 18:10 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-25 00:11 . 2010-10-25 00:11 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\{90140011-0062-040C-0000-0000000FF1CE}
2010-10-24 06:32 . 2009-09-04 21:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2010-10-24 06:32 . 2009-09-04 21:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-10-24 06:32 . 2009-09-04 21:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-10-24 06:30 . 2010-10-25 18:37 -------- d-----w- c:\users\Utilisateur\AppData\Local\Windows Live
2010-10-24 04:54 . 2010-10-24 04:54 -------- d-----w- c:\programdata\VirtualizedApplications
2010-10-24 04:51 . 2010-10-24 04:51 -------- d-----w- c:\users\Utilisateur\AppData\Local\Apps
2010-10-24 02:08 . 2006-09-29 07:14 -------- d-----w- c:\users\Utilisateur\AppData\Local\Microsoft Help
2010-10-24 02:07 . 2010-11-06 22:31 -------- d-----w- c:\programdata\Microsoft Help
2010-10-24 00:45 . 2010-10-24 00:45 -------- d-----w- c:\program files\Common Files\Java
2010-10-24 00:40 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2010-10-24 00:34 . 2010-11-08 02:15 -------- d-----w- c:\users\Utilisateur\AppData\Local\SoftGrid Client
2010-10-24 00:34 . 2010-11-07 05:55 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\SoftGrid Client
2010-10-24 00:32 . 2010-10-24 06:09 -------- d-----w- c:\program files\Microsoft Application Virtualization Client
2010-10-24 00:31 . 2010-11-07 03:34 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\TP
2010-10-23 23:34 . 2006-09-29 07:13 -------- d-----w- c:\program files\Conduit
2010-10-18 00:38 . 2010-10-18 00:38 -------- d-----w- c:\users\Utilisateur\AppData\Local\Windows Live Writer
2010-10-18 00:38 . 2010-10-18 00:38 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\Windows Live Writer
2010-10-16 19:55 . 2010-10-25 05:51 -------- d-----w- c:\users\Utilisateur\AppData\Local\MigWiz
2010-10-16 01:36 . 2010-10-16 01:36 -------- d-----w- c:\program files\Veetle
2010-10-15 11:02 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-15 11:02 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-15 11:02 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-15 11:02 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-15 11:02 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-15 11:02 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-15 11:02 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-15 11:02 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-15 11:00 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 20:51 . 2009-10-02 18:01 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-15 08:50 . 2010-04-28 00:25 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-08 15:17 . 2010-09-08 15:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17 . 2010-09-08 15:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-08-26 16:33 . 2010-10-26 18:10 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-10-26 18:10 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2010-08-26 16:33 . 2010-10-26 18:10 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2010-08-26 16:33 . 2010-10-26 18:10 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-17 14:11 . 2010-09-15 20:21 128000 ----a-w- c:\windows\system32\spoolsv.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-02 150552]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Gateway\traybar.exe" [2007-09-13 638976]
"autodetect"="c:\windows\system32\SupportAppXL\AutoDect.exe" [2009-05-20 91648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]
c:\users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 - Capture d''cran et lancement.lnk - c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE [2010-2-28 3207072]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Radialpoint Security Services]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2008-09-19 7168]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 RadialpointIDSEH;RadialpointIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2009-11-02 25608]
S2 Radialpoint Security Services;Services de sécurité Vidéotron;c:\program files\Videotron\Services de sécurité Vidéotron\RpsSecurityAwareR.exe [2010-03-02 166944]
S2 RadialpointIDSAgent;RadialpointIDSAgent;c:\program files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe RadialpointIDSAgent [x]
S2 ServicepointService;ServicepointService;c:\program files\Videotron\Videotron Service Agent\ServicepointService.exe [2010-03-02 689392]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-09-22 112128]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-26 42368]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
S3 RadialpointIDSDriver;RadialpointIDSDriver;c:\program files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys [x]
S3 RadialpointIDSFilter;RadialpointIDSFilter;c:\program files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\drivers\AVGIDSFilter.sys [x]
S3 RadialpointIDSShim;RadialpointIDSShim;c:\program files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-24 550760]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-24 195944]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-24 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-24 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]
--- Autres Services/Pilotes en mémoire ---
*NewlyCreated* - 69DEAA9B
*NewlyCreated* - D95A8580
*NewlyCreated* - MPFILTER
*NewlyCreated* - MPNWMON
*Deregistered* - 69deaa9b
*Deregistered* - d95a8580
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bdx REG_MULTI_SZ scan sysagent
.
Contenu du dossier 'Tâches planifiées'
2010-10-25 c:\windows\Tasks\User_Feed_Synchronization-{16F615E4-4B44-4145-86A5-9502310A7D2B}.job
- c:\windows\system32\msfeedssync.exe [2010-10-15 04:25]
.
.
------- Examen supplémentaire -------
.
mStart Page = hxxp://www.msn.com
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
.
- - - - ORPHELINS SUPPRIMES - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-08 05:36
Windows 6.0.6002 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2010-11-08 05:40:08
ComboFix-quarantined-files.txt 2010-11-08 10:40
Avant-CF: 150 287 794 176 octets libres
Après-CF: 150 391 324 672 octets libres
- - End Of File - - 2C096413F4F9FC05EFB5CD38E42FE8BE
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.2.1036.18.3062.1469 [GMT -5:00]
Lancé depuis: c:\users\Utilisateur\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Utilisateur\AppData\Roaming\ErrorWiz
c:\users\Utilisateur\AppData\Roaming\ErrorWiz\Backup\Automatic Backup_11-07-2010_00-00-51.reg
c:\users\Utilisateur\AppData\Roaming\ErrorWiz\Backup\Automatic Backup_11-07-2010_00-26-20.reg
c:\users\Utilisateur\AppData\Roaming\ErrorWiz\settings.ini
c:\windows\system32\system
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-10-08 au 2010-11-08 ))))))))))))))))))))))))))))))))))))
.
2010-11-08 10:35 . 2010-11-08 10:35 -------- d-----w- c:\users\Utilisateur\AppData\Local\temp
2010-11-08 07:05 . 2010-10-07 21:21 6146896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F237270-6E3F-4609-A3C4-A2DE9CD3C2F3}\mpengine.dll
2010-11-08 07:01 . 2010-11-08 07:20 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-11-07 04:44 . 2010-11-07 04:44 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\GlarySoft
2010-11-07 04:37 . 2010-11-08 10:23 -------- d-----w- c:\program files\Glary Utilities
2010-11-07 03:53 . 2010-11-07 03:53 -------- d--h--w- c:\windows\PIF
2010-11-06 22:01 . 2006-05-25 19:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-11-06 22:01 . 2010-11-07 02:04 -------- d-----w- c:\program files\Trojan Remover
2010-11-06 20:40 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C9979897-7CBE-48EA-BCF4-02D742DA9033}\mpengine.dll
2010-11-06 08:13 . 2010-11-06 08:13 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\SoftwareDetectionScripts
2010-11-01 17:01 . 2010-11-07 05:33 -------- d-----w- c:\users\Utilisateur\AppData\Local\CrashDumps
2010-11-01 02:09 . 2010-11-01 02:27 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-11-01 02:08 . 2010-11-01 02:08 -------- d-----w- c:\program files\Norton 360
2010-11-01 02:08 . 2010-11-01 02:11 -------- d-----w- c:\programdata\Norton
2010-11-01 02:07 . 2010-11-01 02:07 -------- d-----w- c:\program files\NortonInstaller
2010-11-01 01:51 . 2006-09-25 02:11 -------- d-----w- c:\program files\ReviverSoft
2010-10-31 23:45 . 2010-11-07 06:14 -------- d-----w- C:\0b4fc0d5dfb66e640becf83f
2010-10-31 22:07 . 2010-11-08 02:29 -------- d-----w- c:\program files\trend micro
2010-10-31 22:07 . 2010-10-31 22:50 -------- d-----w- C:\rsit
2010-10-31 19:27 . 2010-10-31 19:27 -------- d-----w- C:\f9adf8b29e962ef5f561
2010-10-26 18:10 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-26 18:10 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-10-26 18:10 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-25 00:11 . 2010-10-25 00:11 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\{90140011-0062-040C-0000-0000000FF1CE}
2010-10-24 06:32 . 2009-09-04 21:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2010-10-24 06:32 . 2009-09-04 21:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-10-24 06:32 . 2009-09-04 21:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-10-24 06:30 . 2010-10-25 18:37 -------- d-----w- c:\users\Utilisateur\AppData\Local\Windows Live
2010-10-24 04:54 . 2010-10-24 04:54 -------- d-----w- c:\programdata\VirtualizedApplications
2010-10-24 04:51 . 2010-10-24 04:51 -------- d-----w- c:\users\Utilisateur\AppData\Local\Apps
2010-10-24 02:08 . 2006-09-29 07:14 -------- d-----w- c:\users\Utilisateur\AppData\Local\Microsoft Help
2010-10-24 02:07 . 2010-11-06 22:31 -------- d-----w- c:\programdata\Microsoft Help
2010-10-24 00:45 . 2010-10-24 00:45 -------- d-----w- c:\program files\Common Files\Java
2010-10-24 00:40 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2010-10-24 00:34 . 2010-11-08 02:15 -------- d-----w- c:\users\Utilisateur\AppData\Local\SoftGrid Client
2010-10-24 00:34 . 2010-11-07 05:55 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\SoftGrid Client
2010-10-24 00:32 . 2010-10-24 06:09 -------- d-----w- c:\program files\Microsoft Application Virtualization Client
2010-10-24 00:31 . 2010-11-07 03:34 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\TP
2010-10-23 23:34 . 2006-09-29 07:13 -------- d-----w- c:\program files\Conduit
2010-10-18 00:38 . 2010-10-18 00:38 -------- d-----w- c:\users\Utilisateur\AppData\Local\Windows Live Writer
2010-10-18 00:38 . 2010-10-18 00:38 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\Windows Live Writer
2010-10-16 19:55 . 2010-10-25 05:51 -------- d-----w- c:\users\Utilisateur\AppData\Local\MigWiz
2010-10-16 01:36 . 2010-10-16 01:36 -------- d-----w- c:\program files\Veetle
2010-10-15 11:02 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-15 11:02 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-15 11:02 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-15 11:02 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-15 11:02 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-15 11:02 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-15 11:02 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-15 11:02 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-15 11:00 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 20:51 . 2009-10-02 18:01 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-15 08:50 . 2010-04-28 00:25 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-08 15:17 . 2010-09-08 15:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17 . 2010-09-08 15:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-08-26 16:33 . 2010-10-26 18:10 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-10-26 18:10 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2010-08-26 16:33 . 2010-10-26 18:10 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2010-08-26 16:33 . 2010-10-26 18:10 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-17 14:11 . 2010-09-15 20:21 128000 ----a-w- c:\windows\system32\spoolsv.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-02 150552]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Gateway\traybar.exe" [2007-09-13 638976]
"autodetect"="c:\windows\system32\SupportAppXL\AutoDect.exe" [2009-05-20 91648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]
c:\users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 - Capture d''cran et lancement.lnk - c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE [2010-2-28 3207072]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Radialpoint Security Services]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2008-09-19 7168]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 RadialpointIDSEH;RadialpointIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2009-11-02 25608]
S2 Radialpoint Security Services;Services de sécurité Vidéotron;c:\program files\Videotron\Services de sécurité Vidéotron\RpsSecurityAwareR.exe [2010-03-02 166944]
S2 RadialpointIDSAgent;RadialpointIDSAgent;c:\program files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe RadialpointIDSAgent [x]
S2 ServicepointService;ServicepointService;c:\program files\Videotron\Videotron Service Agent\ServicepointService.exe [2010-03-02 689392]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-09-22 112128]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-26 42368]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
S3 RadialpointIDSDriver;RadialpointIDSDriver;c:\program files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys [x]
S3 RadialpointIDSFilter;RadialpointIDSFilter;c:\program files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\drivers\AVGIDSFilter.sys [x]
S3 RadialpointIDSShim;RadialpointIDSShim;c:\program files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-24 550760]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-24 195944]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-24 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-24 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]
--- Autres Services/Pilotes en mémoire ---
*NewlyCreated* - 69DEAA9B
*NewlyCreated* - D95A8580
*NewlyCreated* - MPFILTER
*NewlyCreated* - MPNWMON
*Deregistered* - 69deaa9b
*Deregistered* - d95a8580
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bdx REG_MULTI_SZ scan sysagent
.
Contenu du dossier 'Tâches planifiées'
2010-10-25 c:\windows\Tasks\User_Feed_Synchronization-{16F615E4-4B44-4145-86A5-9502310A7D2B}.job
- c:\windows\system32\msfeedssync.exe [2010-10-15 04:25]
.
.
------- Examen supplémentaire -------
.
mStart Page = hxxp://www.msn.com
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
.
- - - - ORPHELINS SUPPRIMES - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-08 05:36
Windows 6.0.6002 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2010-11-08 05:40:08
ComboFix-quarantined-files.txt 2010-11-08 10:40
Avant-CF: 150 287 794 176 octets libres
Après-CF: 150 391 324 672 octets libres
- - End Of File - - 2C096413F4F9FC05EFB5CD38E42FE8BE
télécharge
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
a l'installation vérifie que mise a jour et lancer programme et scan complet sont bien cocher
Une fois a jour, le programme va se lancer; clic sur l'onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression".
A la fin du scan clique sur Afficher les résultats
Vérifier si tout est coché et clic Supprimer la sélection
S'il t'es demandé de redémarrer >>> clique sur "Yes"
Et tu poste le rapport générer
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
a l'installation vérifie que mise a jour et lancer programme et scan complet sont bien cocher
Une fois a jour, le programme va se lancer; clic sur l'onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression".
A la fin du scan clique sur Afficher les résultats
Vérifier si tout est coché et clic Supprimer la sélection
S'il t'es demandé de redémarrer >>> clique sur "Yes"
Et tu poste le rapport générer
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Voici ce que j'obtiens lorsque j'essaie de télécharger malwarebyte:
Impossible d'exécuter un fichier depuis le dossier temporaire. Abandon de l'instalation.
Erreur 5: accès refusé
Impossible d'exécuter un fichier depuis le dossier temporaire. Abandon de l'instalation.
Erreur 5: accès refusé
clic droit et enregistre le sur le bureau
http://dl.commentcamarche.net/www.commentcamarche.net/download/files/mbam-setup_1.46.exe
Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que tu es libre...Merci a australe13
http://dl.commentcamarche.net/www.commentcamarche.net/download/files/mbam-setup_1.46.exe
Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que tu es libre...Merci a australe13
Vraiment très heureuse de retrouver un systeme normale et performant. Si vous saviez comment j'ai essayer d'application qui ont tous été des flops! J'étais tout près de formater! Je vous remercie grandement pour votre aide compétente et de votre temps généreux!J'ai retrouver le sourire :) Si jamais un problème se représente; je sais ou trouver l'aide! :) :) :)
salut le C correspond a un mot en 3 lettre
tu peut poster le rapport malwarbyte
Téléchargez Tools Cleaner 2 sur le bureau ici: https://www.commentcamarche.net/telecharger/securite/22061-toolscleaner/
* Double-cliquez sur Tools Cleaner2 pour l'exécuter. (Si vous êtes sous Vista, cliquez droit sur le fichier Tools Cleaner 2 et exécutez-le en tant qu'administrateur.)
* Cliquez sur Recherche et laissez-la se dérouler
* Cliquez sur Suppression pour finaliser.
* Vous pouvez, si vous le souhaitez, vous servir des Options facultatives.
* Cliquez sur Quitter pour obtenir le rapport.
* Postez le rapport (TCleaner.txt) qui se trouve à la racine de votre disque dur (C:) dans le forum où cela vous a été demandé.
------------------Après
tu va télécharger Ccleaner http://dl.commentcamarche.net/...
ouvre "Ccleaner" vas dans l'onglet "Option" puis "Avancé" puis décoches "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures."
. Puis vas dans l'onglet "Nettoyeur" fais "Analyse" puis "Lancer le nettoyage".
Puis vas dans l'onglet "Registre" puis fait "Chercher des erreurs" puis "Réparer les erreurs sélectionnée"
. Tu refais tous ca 4-5 fois (le nettoyage et le registre).
Puis reste dans "Ccleaner" puis va dans "Option" puis "Propriété" puis coches "Nettoyer automatiquement l'ordinateur au démarrage".
içi mode d'emploi pour ccleaner
https://www.malekal.com/tutoriel-ccleaner/
tu peut poster le rapport malwarbyte
Téléchargez Tools Cleaner 2 sur le bureau ici: https://www.commentcamarche.net/telecharger/securite/22061-toolscleaner/
* Double-cliquez sur Tools Cleaner2 pour l'exécuter. (Si vous êtes sous Vista, cliquez droit sur le fichier Tools Cleaner 2 et exécutez-le en tant qu'administrateur.)
* Cliquez sur Recherche et laissez-la se dérouler
* Cliquez sur Suppression pour finaliser.
* Vous pouvez, si vous le souhaitez, vous servir des Options facultatives.
* Cliquez sur Quitter pour obtenir le rapport.
* Postez le rapport (TCleaner.txt) qui se trouve à la racine de votre disque dur (C:) dans le forum où cela vous a été demandé.
------------------Après
tu va télécharger Ccleaner http://dl.commentcamarche.net/...
ouvre "Ccleaner" vas dans l'onglet "Option" puis "Avancé" puis décoches "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures."
. Puis vas dans l'onglet "Nettoyeur" fais "Analyse" puis "Lancer le nettoyage".
Puis vas dans l'onglet "Registre" puis fait "Chercher des erreurs" puis "Réparer les erreurs sélectionnée"
. Tu refais tous ca 4-5 fois (le nettoyage et le registre).
Puis reste dans "Ccleaner" puis va dans "Option" puis "Propriété" puis coches "Nettoyer automatiquement l'ordinateur au démarrage".
içi mode d'emploi pour ccleaner
https://www.malekal.com/tutoriel-ccleaner/
[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]
--> Recherche:
C:\Combofix.txt: trouvé !
C:\Qoobox: trouvé !
C:\Rsit: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
C:\Program Files\trend micro\HijackThis: trouvé !
C:\Program Files\trend micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\trend micro\HijackThis\hijackthis.log: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Qoobox\Quarantine\catchme.log: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\Utilisateur\AppData\Local\VirtualStore\Program Files\trend micro\hijackthis.log: trouvé !
C:\Users\Utilisateur\Desktop\HijackThis.lnk: trouvé !
C:\Windows\mbr.exe: trouvé !
---------------------------------
--> Suppression:
C:\Program Files\trend micro\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\Program Files\trend micro\HijackThis\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: ERREUR DE SUPPRESSION !!
C:\Users\Utilisateur\Desktop\HijackThis.lnk: supprimé !
C:\Combofix.txt: ERREUR DE SUPPRESSION !!
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Program Files\trend micro\HijackThis\hijackthis.log: ERREUR DE SUPPRESSION !!
C:\Qoobox\Quarantine\catchme.log: supprimé !
C:\Windows\mbr.exe: ERREUR DE SUPPRESSION !!
C:\Qoobox: ERREUR DE SUPPRESSION !!
C:\Rsit: supprimé !
C:\Program Files\trend micro\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: ERREUR DE SUPPRESSION !!
Fichiers temporaires nettoyés !
--> Recherche:
C:\Combofix.txt: trouvé !
C:\Qoobox: trouvé !
C:\Rsit: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
C:\Program Files\trend micro\HijackThis: trouvé !
C:\Program Files\trend micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\trend micro\HijackThis\hijackthis.log: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Qoobox\Quarantine\catchme.log: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\Utilisateur\AppData\Local\VirtualStore\Program Files\trend micro\hijackthis.log: trouvé !
C:\Users\Utilisateur\Desktop\HijackThis.lnk: trouvé !
C:\Windows\mbr.exe: trouvé !
---------------------------------
--> Suppression:
C:\Program Files\trend micro\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\Program Files\trend micro\HijackThis\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: ERREUR DE SUPPRESSION !!
C:\Users\Utilisateur\Desktop\HijackThis.lnk: supprimé !
C:\Combofix.txt: ERREUR DE SUPPRESSION !!
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Program Files\trend micro\HijackThis\hijackthis.log: ERREUR DE SUPPRESSION !!
C:\Qoobox\Quarantine\catchme.log: supprimé !
C:\Windows\mbr.exe: ERREUR DE SUPPRESSION !!
C:\Qoobox: ERREUR DE SUPPRESSION !!
C:\Rsit: supprimé !
C:\Program Files\trend micro\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: ERREUR DE SUPPRESSION !!
Fichiers temporaires nettoyés !
Salut :
DÉSACTIVE TON ANTIVIRUS ET TON PAREFEU SI PRÉSENTS !!!!!(car il est détecte a tort comme infection)
Télécharge ici :List_Kill'em de gen-hackman
http://sd-4.archive-host.com/membres/up/829108531491024/Mes_Tools/List_Killem_Install.exe
et enregistre le sur ton bureau
windows 7 => clic droit "exécuter en tant que administrateur
sur le raccourci sur ton bureau pour lancer l'installation
Laisse coché :
Exécuter List_Kill'em
une fois terminée , clic sur "terminer" et le programme se lancera seul
Il commencera par telecharger et installer ses mises à jour , puis te donnera son menu
choisis l'option Search
laisse travailler l'outil
il se peut qu'une boite de dialogue s'ouvre , dans ce cas clique sur "ok" ou "Agrée"
à l'apparition de la fenetre blanche , c'est un peu long , c'est normal ,c'est une recherche supplementaire de fichiers cachés , le programme n'est pas bloqué.
Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"
DÉSACTIVE TON ANTIVIRUS ET TON PAREFEU SI PRÉSENTS !!!!!(car il est détecte a tort comme infection)
Télécharge ici :List_Kill'em de gen-hackman
http://sd-4.archive-host.com/membres/up/829108531491024/Mes_Tools/List_Killem_Install.exe
et enregistre le sur ton bureau
windows 7 => clic droit "exécuter en tant que administrateur
sur le raccourci sur ton bureau pour lancer l'installation
Laisse coché :
Exécuter List_Kill'em
une fois terminée , clic sur "terminer" et le programme se lancera seul
Il commencera par telecharger et installer ses mises à jour , puis te donnera son menu
choisis l'option Search
laisse travailler l'outil
il se peut qu'une boite de dialogue s'ouvre , dans ce cas clique sur "ok" ou "Agrée"
à l'apparition de la fenetre blanche , c'est un peu long , c'est normal ,c'est une recherche supplementaire de fichiers cachés , le programme n'est pas bloqué.
Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"
Present !! : HKLM\Software\Conduit
Present !! : HKU\.DEFAULT\Software\AGI
Present !! : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_mpnwmon
Present !! : HKLM\SYSTEM\CurrentControlSet\Services\mpnwmon
Present !! : HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_mpnwmon
Present !! : HKLM\SYSTEM\ControlSet001\Services\mpnwmon
Present !! : HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_mpnwmon
Present !! : HKLM\SYSTEM\ControlSet002\Services\mpnwmon
FEATURE_BROWSER_EMULATION | svchost :
====================================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-10 19:37:05
Windows 6.0.6002 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 62 !
copy of MBR has been found in sector 63 !
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
cval = 1 (0x1)
FirewallDisableNotify = 0 (0x0)
AntiVirusDisableNotify = 0 (0x0)
UpdatesDisableNotify = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
End of scan : 19:38:22,17
Present !! : HKLM\Software\Conduit
Present !! : HKU\.DEFAULT\Software\AGI
Present !! : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_mpnwmon
Present !! : HKLM\SYSTEM\CurrentControlSet\Services\mpnwmon
Present !! : HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_mpnwmon
Present !! : HKLM\SYSTEM\ControlSet001\Services\mpnwmon
Present !! : HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_mpnwmon
Present !! : HKLM\SYSTEM\ControlSet002\Services\mpnwmon
FEATURE_BROWSER_EMULATION | svchost :
====================================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-10 19:41:19
Windows 6.0.6002 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 62 !
copy of MBR has been found in sector 63 !
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
cval = 1 (0x1)
FirewallDisableNotify = 0 (0x0)
AntiVirusDisableNotify = 0 (0x0)
UpdatesDisableNotify = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
End of scan : 19:42:31,49
Present !! : HKU\.DEFAULT\Software\AGI
Present !! : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_mpnwmon
Present !! : HKLM\SYSTEM\CurrentControlSet\Services\mpnwmon
Present !! : HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_mpnwmon
Present !! : HKLM\SYSTEM\ControlSet001\Services\mpnwmon
Present !! : HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_mpnwmon
Present !! : HKLM\SYSTEM\ControlSet002\Services\mpnwmon
FEATURE_BROWSER_EMULATION | svchost :
====================================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-10 19:37:05
Windows 6.0.6002 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 62 !
copy of MBR has been found in sector 63 !
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
cval = 1 (0x1)
FirewallDisableNotify = 0 (0x0)
AntiVirusDisableNotify = 0 (0x0)
UpdatesDisableNotify = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
End of scan : 19:38:22,17
Present !! : HKLM\Software\Conduit
Present !! : HKU\.DEFAULT\Software\AGI
Present !! : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_mpnwmon
Present !! : HKLM\SYSTEM\CurrentControlSet\Services\mpnwmon
Present !! : HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_mpnwmon
Present !! : HKLM\SYSTEM\ControlSet001\Services\mpnwmon
Present !! : HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_mpnwmon
Present !! : HKLM\SYSTEM\ControlSet002\Services\mpnwmon
FEATURE_BROWSER_EMULATION | svchost :
====================================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-10 19:41:19
Windows 6.0.6002 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 62 !
copy of MBR has been found in sector 63 !
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
cval = 1 (0x1)
FirewallDisableNotify = 0 (0x0)
AntiVirusDisableNotify = 0 (0x0)
UpdatesDisableNotify = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
End of scan : 19:42:31,49
¤¤¤¤¤¤¤¤¤¤ More informations ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤ DLLs ¤¤¤¤¤¤¤¤¤¤
------------------------------------------------------------------------------
explorer.exe pid: 2040
Command line: C:\Windows\Explorer.EXE
Base Size Version Path
0x001b0000 0x2cd000 6.00.6002.18005 C:\Windows\Explorer.EXE
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x72fd0000 0x108000 6.00.6002.18005 C:\Windows\system32\SHDOCVW.dll
0x75080000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll
0x75500000 0x1a000 6.00.6002.18005 C:\Windows\system32\POWRPROF.dll
0x73600000 0xc000 6.00.6001.18000 C:\Windows\system32\dwmapi.dll
0x748d0000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x74710000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x72e80000 0x146000 6.00.6002.18005 C:\Windows\system32\BROWSEUI.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.dll
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x75050000 0x30000 6.00.6001.18000 C:\Windows\system32\DUser.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x74360000 0xf4000 7.00.6002.18107 C:\Windows\system32\WindowsCodecs.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x72bb0000 0x1f000 5.02.3790.1830 C:\Windows\system32\EhStorShell.dll
0x72ba0000 0x6000 6.00.6000.16386 C:\Windows\system32\IconCodecService.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x726b0000 0xb2000 6.00.6002.18127 C:\Windows\system32\timedate.cpl
0x74a90000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x74b60000 0x3d000 7.00.6002.18155 C:\Windows\system32\OLEACC.dll
0x72490000 0x53000 6.00.6001.18000 C:\Windows\system32\ACTXPRXY.DLL
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x75610000 0xd7000 6.00.6000.16386 C:\Windows\system32\WINBRAND.dll
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\System32\SAMLIB.dll
0x728c0000 0x3c000 7.00.6002.18255 C:\Windows\System32\msshsq.dll
0x722f0000 0xc7000 6.00.6002.18005 C:\Windows\System32\NaturalLanguage6.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x74c30000 0x1e8000 6.00.6002.18005 C:\Windows\system32\authui.dll
0x75470000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x72b00000 0x9000 6.00.6000.16386 C:\Windows\system32\LINKINFO.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x71850000 0xa95000 8.00.6001.18975 C:\Windows\system32\ieframe.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x735f0000 0x7000 4.00.6000.16386 C:\Windows\system32\msiltcfg.dll
0x75840000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x71620000 0x227000 4.05.6002.18005 C:\Windows\system32\msi.dll
0x769f0000 0xe6000 8.00.6001.18975 C:\Windows\system32\WININET.dll
0x76180000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x74ba0000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x740d0000 0x2f000 6.00.6002.18005 C:\Windows\system32\wdmaud.drv
0x740c0000 0x4000 6.00.6000.16386 C:\Windows\system32\ksuser.dll
0x74fc0000 0x28000 6.00.6002.18005 C:\Windows\system32\MMDevAPI.DLL
0x74b00000 0x7000 6.00.6001.18000 C:\Windows\system32\AVRT.dll
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x72660000 0x4a000 6.00.6001.18000 C:\Windows\system32\ntshrui.dll
0x73190000 0xb000 6.00.6002.18005 C:\Windows\system32\cscapi.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\system32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x73180000 0x9000 6.00.6002.18005 C:\Windows\system32\ExplorerFrame.dll
0x737b0000 0x21000 6.00.6002.18005 C:\Windows\system32\AUDIOSES.DLL
0x73520000 0x66000 6.00.6001.18000 C:\Windows\system32\audioeng.dll
0x73640000 0x9000 6.00.6002.18005 C:\Windows\system32\msacm32.drv
0x73620000 0x14000 6.00.6001.18000 C:\Windows\system32\MSACM32.dll
0x73610000 0x7000 6.00.6002.18005 C:\Windows\system32\midimap.dll
0x75130000 0x30000 6.00.6001.18000 C:\Windows\system32\MLANG.dll
0x6fef0000 0x92000 6.00.6002.18005 C:\Windows\system32\stobject.dll
0x6fe30000 0xb6000 6.00.6000.16386 C:\Windows\system32\BatMeter.dll
0x75450000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x74460000 0x46000 2001.12.6932.18005 C:\Windows\system32\es.dll
0x6fbd0000 0x30000 6.00.6000.16386 C:\Windows\System32\SndVolSSO.dll
0x6fba0000 0x21000 6.00.6002.18005 C:\Windows\ehome\ehSSO.dll
0x74a80000 0x9000 6.00.6000.16386 C:\Windows\system32\HID.DLL
0x75390000 0x66000 6.00.6001.18000 C:\Windows\system32\FirewallAPI.dll
0x6e670000 0x30b000 6.00.6002.18005 C:\Windows\System32\netshell.dll
0x75a10000 0x19000 6.00.6002.18005 C:\Windows\System32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 C:\Windows\System32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 C:\Windows\System32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc6.DLL
0x74af0000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll
0x6f3c0000 0x1bf000 6.00.6002.18005 C:\Windows\system32\pnidui.dll
0x715b0000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll
0x75a30000 0x40000 6.00.6002.18005 C:\Windows\system32\wevtapi.dll
0x74120000 0x6000 6.00.6000.16386 C:\Windows\system32\wlanutil.dll
0x6f5e0000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x6d3e0000 0x12000 6.00.6002.18064 C:\Windows\system32\Wlanapi.dll
0x73910000 0x17c000 6.00.6002.18005 C:\Windows\system32\OneX.DLL
0x744e0000 0xe000 6.00.6001.18000 C:\Windows\system32\eappprxy.dll
0x74130000 0x24000 6.00.6002.18005 C:\Windows\system32\eappcfg.dll
0x758f0000 0x45000 6.00.6002.18005 C:\Windows\system32\bcrypt.dll
0x6d3b0000 0xd000 6.00.6000.16386 C:\Windows\System32\AltTab.dll
0x6d370000 0x19000 6.00.6002.18112 C:\Windows\system32\wpdshserviceobj.dll
0x6d2e0000 0x2b000 6.00.6002.18112 C:\Windows\system32\PortableDeviceTypes.dll
0x6f580000 0x56000 6.00.6002.18112 C:\Windows\system32\PortableDeviceApi.dll
0x70e00000 0x5a000 6.00.6001.18000 C:\Windows\system32\taskschd.dll
0x75100000 0x2f000 1.02.1009.0000 C:\Windows\system32\XmlLite.dll
0x6ceb0000 0x4d000 7.00.6002.18005 C:\Windows\System32\srchadmin.dll
0x6cf10000 0x3d000 8.00.6001.18702 C:\Windows\System32\webcheck.dll
0x71130000 0x21c000 6.00.6002.18005 C:\Windows\System32\SyncCenter.dll
0x6dd80000 0xb000 7.00.6002.18005 C:\Windows\system32\mssprxy.dll
0x6cf90000 0x39000 6.00.6002.18005 C:\Windows\system32\wscntfy.dll
0x72ad0000 0xb000 6.00.6002.18005 C:\Windows\system32\WSCAPI.dll
0x6ce00000 0xa3000 6.00.6002.18005 C:\Windows\system32\bthprops.cpl
0x71570000 0x2e000 6.00.6001.18000 C:\Windows\System32\QAgent.dll
0x72de0000 0x96000 6.00.6002.18005 C:\Windows\System32\fwpuclnt.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x6c990000 0x23000 9.00.0044.43458 C:\Program Files\Videotron\Services de sécurité Vidéotron\MalwareContextMenuR.dll
0x6c890000 0x73000 1.00.2498.0000 c:\PROGRA~1\MICROS~4\shellext.dll
0x6c830000 0x2e000 6.00.6001.18000 C:\Windows\system32\syncui.dll
0x6c870000 0x16000 6.00.6001.18000 C:\Windows\system32\SYNCENG.dll
0x75bb0000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x6f760000 0x28c000 6.00.6001.18000 C:\Windows\System32\NLSData000c.dll
0x6e980000 0x5f4000 6.00.6000.16386 C:\Windows\System32\NLSLexicons000c.dll
0x70e90000 0x28000 6.00.6002.18005 C:\Windows\system32\FunDisc.dll
0x74b20000 0xa000 6.00.6002.18005 C:\Windows\system32\fdproxy.dll
0x70a80000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
------------------------------------------------------------------------------
winlogon.exe pid: 800
Command line: winlogon.exe
Base Size Version Path
0x00710000 0x50000 6.00.6002.18005 C:\Windows\system32\winlogon.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x745a0000 0x3e000 6.00.6002.18005 C:\Windows\system32\SHSVCS.dll
0x75080000 0x3f000 6.00.6001.18000 C:\Windows\system32\uxtheme.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x74360000 0xf4000 7.00.6002.18107 C:\Windows\system32\WindowsCodecs.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x75bb0000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x75ff0000 0x16000 6.00.6002.18005 C:\Windows\system32\AUTHZ.dll
------------------------------------------------------------------------------
wininit.exe pid: 644
Command line: wininit.exe
Base Size Version Path
0x00760000 0x1a000 6.00.6001.18000 C:\Windows\system32\wininit.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
------------------------------------------------------------------------------
svchost.exe pid: 916
Command line: C:\Windows\system32\svchost.exe -k DcomLaunch
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75400000 0x39000 6.00.6002.18005 c:\windows\system32\umpnpmgr.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75500000 0x1a000 6.00.6002.18005 C:\Windows\system32\POWRPROF.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x752e0000 0x8a000 6.00.6002.18005 c:\windows\system32\rpcss.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x75450000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll
------------------------------------------------------------------------------
svchost.exe pid: 976
Command line: C:\Windows\system32\svchost.exe -k rpcss
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x752e0000 0x8a000 6.00.6002.18005 c:\windows\system32\rpcss.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x72de0000 0x96000 6.00.6002.18005 C:\Windows\system32\fwpuclnt.dll
------------------------------------------------------------------------------
svchost.exe pid: 1160
Command line: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\System32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x747d0000 0xfc000 6.00.6002.18005 c:\windows\system32\wevtsvc.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x754e0000 0x15000 6.00.6002.18005 c:\windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\System32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\System32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x746b0000 0x51000 6.00.6002.18005 c:\windows\system32\audiosrv.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x74fc0000 0x28000 6.00.6002.18005 c:\windows\system32\MMDevAPI.DLL
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x75560000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\System32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x744f0000 0x8000 6.00.6000.16386 c:\windows\system32\lmhsvc.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\System32\rsaenh.dll
0x737b0000 0x21000 6.00.6002.18005 C:\Windows\System32\audioses.dll
0x73520000 0x66000 6.00.6001.18000 C:\Windows\System32\audioeng.dll
0x74b00000 0x7000 6.00.6001.18000 C:\Windows\System32\AVRT.dll
0x6d270000 0x12000 6.00.6002.18005 c:\windows\system32\wscsvc.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x6e420000 0xdc000 6.00.6001.18000 c:\windows\system32\dbghelp.dll
0x6fb40000 0xb000 6.00.6002.18005 C:\Windows\system32\wbem\wbemprox.dll
0x6f5f0000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6ef80000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6dc10000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\fastprox.dll
0x75bf0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x75940000 0x35000 6.00.6002.18005 C:\Windows\System32\ncrypt.dll
0x758f0000 0x45000 6.00.6002.18005 C:\Windows\System32\BCRYPT.dll
0x6b330000 0x8e000 7.04.7600.0226 C:\Windows\system32\wuapi.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
------------------------------------------------------------------------------
svchost.exe pid: 1240
Command line: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\System32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\System32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\System32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x746b0000 0x51000 6.00.6002.18005 c:\windows\system32\audiosrv.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x74fc0000 0x28000 6.00.6002.18005 c:\windows\system32\MMDevAPI.DLL
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x75560000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\System32\WINTRUST.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\System32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\System32\Secur32.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x745f0000 0xb000 6.00.6002.18005 c:\windows\system32\uxsms.dll
0x744c0000 0x13000 6.00.6000.16386 c:\windows\system32\tabsvc.dll
0x74a80000 0x9000 6.00.6000.16386 c:\windows\system32\HID.DLL
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x745e0000 0x10000 6.00.6001.18000 c:\windows\system32\wudfsvc.dll
0x74330000 0x30000 6.00.6001.18000 c:\windows\system32\WUDFPlatform.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x75a30000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x741c0000 0x82000 6.00.6002.18064 c:\windows\system32\wlansvc.dll
0x75d40000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x74260000 0x4c000 6.00.6002.18064 c:\windows\system32\WLANMSM.DLL
0x74160000 0x52000 6.00.6002.18064 c:\windows\system32\WLANSEC.dll
0x73910000 0x17c000 6.00.6002.18005 c:\windows\system32\OneX.DLL
0x744e0000 0xe000 6.00.6001.18000 c:\windows\system32\eappprxy.dll
0x74130000 0x24000 6.00.6002.18005 c:\windows\system32\eappcfg.dll
0x748d0000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x75050000 0x30000 6.00.6001.18000 c:\windows\system32\DUser.dll
0x75080000 0x3f000 6.00.6001.18000 c:\windows\system32\UxTheme.dll
0x74b60000 0x3d000 7.00.6002.18155 c:\windows\system32\OLEACC.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x742c0000 0x18000 6.00.6002.18005 c:\windows\system32\wlgpclnt.dll
0x74250000 0x10000 6.00.6001.18000 c:\windows\system32\l2gpstore.dll
0x74120000 0x6000 6.00.6000.16386 c:\windows\system32\wlanutil.dll
0x75cb0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x75220000 0x1f000 6.00.6002.18005 c:\windows\system32\WinSCard.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x758f0000 0x45000 6.00.6002.18005 c:\windows\system32\bcrypt.dll
0x73650000 0x15b000 6.20.5002.0000 C:\Windows\System32\msxml6.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\System32\rsaenh.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\System32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75850000 0x7e000 6.00.6002.18051 C:\Windows\system32\kerberos.dll
0x75c90000 0x11000 6.00.6001.18000 C:\Windows\System32\cryptdll.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x73590000 0x60000 6.00.6001.18000 C:\Windows\system32\netcfgx.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\System32\Cabinet.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x71450000 0x8d000 6.00.6002.18005 c:\windows\system32\emdmgmt.dll
0x71530000 0x39000 6.00.6002.18005 c:\windows\system32\WDSCORE.dll
0x714f0000 0xd000 6.00.6001.18000 c:\windows\system32\pcasvc.dll
0x70d60000 0x46000 6.00.6001.18000 c:\windows\system32\netman.dll
0x70db0000 0x4a000 6.00.6002.18005 c:\windows\system32\RASAPI32.dll
0x70d40000 0x14000 6.00.6001.18000 c:\windows\system32\rasman.dll
0x70d00000 0x31000 6.00.6000.16386 c:\windows\system32\TAPI32.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x74ba0000 0x32000 6.00.6002.18005 c:\windows\system32\WINMM.dll
0x6e670000 0x30b000 6.00.6002.18005 C:\Windows\System32\netshell.dll
0x74af0000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll
0x6f6d0000 0x8a000 6.00.6002.18005 c:\windows\system32\sysmain.dll
0x6fac0000 0x15000 6.00.6001.18000 c:\windows\system32\trkwks.dll
0x6faa0000 0x17000 6.00.6002.18112 c:\windows\system32\wpdbusenum.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\System32\GPAPI.dll
0x6f580000 0x56000 6.00.6002.18112 C:\Windows\system32\PortableDeviceApi.dll
0x6ded0000 0x12000 6.00.6002.18112 C:\Windows\System32\portabledeviceconnectapi.dll
0x71510000 0x15000 6.00.6001.18000 c:\windows\system32\wdi.dll
0x72ae0000 0xa000 6.00.6001.18000 C:\Windows\system32\pcadm.dll
0x6d660000 0xce000 6.00.6002.18005 C:\Windows\System32\RASDLG.dll
0x6dab0000 0x1a000 6.00.6002.18005 C:\Windows\System32\MPRAPI.dll
0x75010000 0x35000 6.00.6001.18000 C:\Windows\System32\ACTIVEDS.dll
0x74bf0000 0x33000 6.00.6002.18005 C:\Windows\System32\adsldpc.dll
0x72460000 0x2e000 6.00.6002.18005 C:\Windows\System32\credui.dll
0x74a90000 0x14000 3.05.2284.0002 C:\Windows\System32\ATL.DLL
0x6de30000 0x4a000 6.00.6001.18000 C:\Windows\System32\hnetcfg.dll
0x72820000 0x60000 6.00.6002.18096 C:\Windows\System32\WINHTTP.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x6c940000 0x33000 6.00.6001.18000 C:\Windows\system32\upnp.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\System32\SXS.DLL
0x6fb40000 0xb000 6.00.6002.18005 C:\Windows\system32\wbem\wbemprox.dll
0x6f5f0000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6ef80000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6dc10000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\fastprox.dll
0x75bf0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x75790000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x6c760000 0x15000 6.00.6000.16386 C:\Windows\system32\radardt.dll
------------------------------------------------------------------------------
svchost.exe pid: 1264
Command line: C:\Windows\system32\svchost.exe -k netsvcs
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74ad0000 0x11000 6.00.6001.18000 c:\windows\system32\mmcss.dll
0x74b00000 0x7000 6.00.6001.18000 c:\windows\system32\AVRT.dll
0x74620000 0x29000 6.00.6002.18005 c:\windows\system32\profsvc.dll
0x75cb0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x74af0000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x74a90000 0x14000 3.05.2284.0002 c:\windows\system32\ATL.DLL
0x745a0000 0x3e000 6.00.6002.18005 c:\windows\system32\shsvcs.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x75080000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x74610000 0xe000 6.00.6001.18000 c:\windows\system32\sens.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x744b0000 0x10000 6.00.6001.18000 c:\windows\system32\eapsvc.dll
0x742e0000 0x30000 6.00.6002.18005 C:\Windows\system32\eapphost.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x742b0000 0xf000 6.00.6001.18000 C:\Windows\system32\umb.dll
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\system32\WINTRUST.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x73880000 0x85000 5.82.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll
0x737e0000 0x94000 6.00.6002.18005 c:\windows\system32\schedsvc.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75a30000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x74110000 0x7000 6.00.6001.18000 c:\windows\system32\ktmw32.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x74070000 0x44000 6.00.6002.18005 C:\Windows\system32\taskcomp.dll
0x75840000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x74100000 0xb000 6.00.6001.18000 C:\Windows\system32\wiarpc.dll
0x74710000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x732b0000 0x9000 6.00.6000.16386 C:\Windows\system32\tschannel.dll
0x72630000 0x22000 6.00.6002.18306 c:\windows\system32\srvsvc.dll
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x75440000 0x6000 6.00.6000.16386 C:\Windows\system32\SSCORE.DLL
0x75390000 0x66000 6.00.6001.18000 C:\Windows\system32\FirewallAPI.DLL
0x750d0000 0x2e000 6.00.6001.18000 C:\Windows\system32\CLUSAPI.DLL
0x75bf0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x75c90000 0x11000 6.00.6001.18000 C:\Windows\system32\cryptdll.dll
0x75010000 0x35000 6.00.6001.18000 C:\Windows\system32\ACTIVEDS.dll
0x74bf0000 0x33000 6.00.6002.18005 C:\Windows\system32\adsldpc.dll
0x72460000 0x2e000 6.00.6002.18005 C:\Windows\system32\credui.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x75370000 0x13000 6.00.6001.18000 C:\Windows\system32\RESUTILS.DLL
0x74ff0000 0x9000 6.00.6000.16386 c:\windows\system32\aelupsvc.dll
0x713e0000 0x6f000 6.00.6002.18005 c:\windows\system32\ikeext.dll
0x72de0000 0x96000 6.00.6002.18005 c:\windows\system32\fwpuclnt.dll
0x75940000 0x35000 6.00.6002.18005 C:\Windows\system32\ncrypt.dll
0x758f0000 0x45000 6.00.6002.18005 C:\Windows\system32\BCRYPT.dll
0x704a0000 0x8000 6.00.6001.18000 c:\windows\system32\seclogon.dll
0x6f9f0000 0x2a000 6.00.6002.18005 c:\windows\system32\wbem\wmisvc.dll
0x6f5f0000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6efb0000 0x43000 6.00.6002.18005 c:\windows\system32\rasmans.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x6f030000 0x14000 6.00.6002.18005 C:\Windows\system32\rastapi.dll
0x70d00000 0x31000 6.00.6000.16386 C:\Windows\system32\TAPI32.dll
0x74ba0000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x74b60000 0x3d000 7.00.6002.18155 C:\Windows\system32\OLEACC.dll
0x6e310000 0x34000 6.00.6002.18209 c:\windows\system32\iphlpsvc.dll
0x6f000000 0x23000 6.00.6001.18000 c:\windows\system32\sqmapi.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x6de30000 0x4a000 6.00.6001.18000 C:\Windows\system32\hnetcfg.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x72820000 0x60000 6.00.6002.18096 C:\Windows\system32\WINHTTP.dll
0x70f50000 0x10b000 6.00.6002.18005 C:\Windows\system32\VSSAPI.DLL
0x74b40000 0x14000 6.00.6001.18000 C:\Windows\system32\vsstrace.dll
0x75100000 0x2f000 1.02.1009.0000 C:\Windows\system32\XmlLite.dll
0x75bb0000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x6dcb0000 0xb9000 6.00.6002.18005 C:\Windows\system32\wbem\wbemcore.dll
0x6dde0000 0x43000 6.00.6002.18005 C:\Windows\system32\wbem\esscli.dll
0x6dc10000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\FastProx.dll
0x6ef80000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6dda0000 0x17000 6.00.6002.18005 C:\Windows\system32\wbem\wmiutils.dll
0x6db70000 0x44000 6.00.6002.18005 C:\Windows\system32\wbem\repdrvfs.dll
0x6dad0000 0x43000 6.00.6002.18005 C:\Windows\system32\rasppp.dll
0x6dab0000 0x1a000 6.00.6002.18005 C:\Windows\system32\MPRAPI.dll
0x70db0000 0x4a000 6.00.6002.18005 C:\Windows\system32\RASAPI32.dll
0x70d40000 0x14000 6.00.6001.18000 C:\Windows\system32\rasman.dll
0x75850000 0x7e000 6.00.6002.18051 C:\Windows\system32\kerberos.dll
0x6da90000 0x14000 6.00.6001.18000 C:\Windows\system32\RASQEC.DLL
0x715b0000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll
0x6d860000 0x47000 6.00.6002.18005 C:\Windows\System32\raschap.dll
0x6da10000 0x3e000 6.00.6002.18116 C:\Windows\System32\rastls.dll
0x6d770000 0xf0000 6.00.6002.18005 C:\Windows\system32\CRYPTUI.dll
0x75470000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x75220000 0x1f000 6.00.6002.18005 C:\Windows\system32\WinSCard.dll
0x6d5d0000 0x7d000 6.00.6002.18005 C:\Windows\system32\wbem\wmiprvsd.dll
0x75fe0000 0xf000 6.00.6001.18000 C:\Windows\system32\NCObjAPI.DLL
0x6d570000 0x57000 6.00.6002.18005 C:\Windows\system32\wbem\wbemess.dll
0x75790000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x6c810000 0xb000 6.00.6001.18000 c:\windows\system32\appinfo.dll
0x6c7e0000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\ncprov.dll
0x6afa0000 0x1bf000 7.00.6002.18005 c:\windows\system32\qmgr.dll
0x6fc30000 0x5000 6.00.6000.16386 c:\windows\system32\SHFOLDER.dll
0x6d750000 0x8000 7.00.6000.16386 c:\windows\system32\bitsperf.dll
0x6d760000 0xb000 7.00.6002.18005 C:\Windows\system32\bitsigd.dll
0x6c940000 0x33000 6.00.6001.18000 C:\Windows\system32\upnp.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x6a540000 0x1d9000 7.04.7600.0226 c:\windows\system32\wuaueng.dll
0x6d400000 0x168000 6.00.6002.18005 c:\windows\system32\ESENT.dll
0x715d0000 0x42000 6.00.6002.18087 c:\windows\system32\WINSPOOL.DRV
0x6d740000 0xc000 6.00.6001.18000 c:\windows\system32\mspatcha.dll
0x75c80000 0x6000 6.00.6000.16386 C:\Windows\system32\WMsgAPI.dll
0x6f1e0000 0xd9000 6.00.6002.18005 C:\Windows\system32\wer.dll
0x70bd0000 0x6000 6.00.6000.16386 C:\Windows\system32\SensApi.dll
0x70a80000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x70020000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6fc60000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x70010000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x6fc00000 0x25000 2.00.0002.0000 C:\Program Files\Bonjour\mdnsNSP.dll
0x73170000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6da60000 0x26000 6.00.6001.18000 C:\Windows\system32\dssenh.dll
0x6c510000 0x2e000 8.00.6001.18702 C:\Windows\system32\advpack.dll
0x71620000 0x227000 4.05.6002.18005 C:\Windows\system32\msi.dll
0x74460000 0x46000 2001.12.6932.18005 C:\Windows\System32\ES.DLL
0x74050000 0xa000 7.04.7600.0226 C:\Windows\System32\wups.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x769f0000 0xe6000 8.00.6001.18975 C:\Windows\system32\WININET.dll
0x76180000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x73f00000 0x16000 6.00.6001.18000 c:\windows\system32\browser.dll
------------------------------------------------------------------------------
svchost.exe pid: 1392
Command line: C:\Windows\system32\svchost.exe -k GPSvcGroup
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74500000 0x8f000 6.00.6002.18005 c:\windows\system32\gpsvc.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x75d40000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x75bf0000 0x18000 6.00.6001.18000 c:\windows\system32\NTDSAPI.dll
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x754e0000 0x15000 6.00.6002.18005 c:\windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x75cb0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x75560000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74af0000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
------------------------------------------------------------------------------
svchost.exe pid: 1436
Command line: C:\Windows\system32\svchost.exe -k LocalService
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74460000 0x46000 2001.12.6932.18005 c:\windows\system32\es.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x74710000 0xbb000 7.00.6002.18005 c:\windows\system32\PROPSYS.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x74590000 0x8000 6.00.6001.18000 c:\windows\system32\nsisvc.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\secur32.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x72880000 0x34000 6.00.6002.18005 c:\windows\system32\webclnt.dll
0x72820000 0x60000 6.00.6002.18096 c:\windows\system32\WINHTTP.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\shell32.dll
0x769f0000 0xe6000 8.00.6001.18975 C:\Windows\system32\WinInet.dll
0x76180000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x72770000 0x2a000 6.00.6002.18049 c:\windows\system32\wkssvc.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75bf0000 0x18000 6.00.6001.18000 c:\windows\system32\NTDSAPI.dll
0x75610000 0xd7000 6.00.6000.16386 c:\windows\system32\WINBRAND.dll
0x715a0000 0x9000 6.00.6000.16386 c:\windows\system32\fdrespub.dll
0x70ec0000 0x59000 6.00.6002.18085 c:\windows\system32\wsdapi.dll
0x72810000 0xb000 6.00.6002.18210 c:\windows\system32\HTTPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 c:\windows\system32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x75100000 0x2f000 1.02.1009.0000 c:\windows\system32\XmlLite.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x70e90000 0x28000 6.00.6002.18005 C:\Windows\system32\FunDisc.dll
0x74a90000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x70a80000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x6ffa0000 0x25000 6.00.6001.18000 c:\windows\system32\sstpsvc.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x6f680000 0x48000 6.00.6002.18005 c:\windows\system32\w32time.dll
0x75c90000 0x11000 6.00.6001.18000 c:\windows\system32\cryptdll.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x6e3e0000 0x3c000 6.00.6001.18000 c:\windows\system32\netprofm.dll
0x74af0000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x6f5e0000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x70020000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6fc60000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x70010000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x6fc00000 0x25000 2.00.0002.0000 C:\Program Files\Bonjour\mdnsNSP.dll
0x73170000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6c910000 0x28000 6.00.6001.18000 c:\windows\system32\ssdpsrv.dll
0x74040000 0x6000 6.00.6001.18000 c:\windows\system32\fdphost.dll
0x73b60000 0x12000 6.00.6002.18005 C:\Windows\system32\fdwsd.dll
0x75130000 0x30000 6.00.6001.18000 C:\Windows\system32\MLANG.dll
0x73b40000 0x12000 6.00.6002.18005 C:\Windows\system32\fdssdp.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x74b20000 0xa000 6.00.6002.18005 C:\Windows\system32\fdproxy.dll
------------------------------------------------------------------------------
svchost.exe pid: 1656
Command line: C:\Windows\system32\svchost.exe -k NetworkService
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74310000 0x18000 6.00.6002.18005 c:\windows\system32\dnsrslvr.dll
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x71060000 0x22000 6.00.6002.18005 c:\windows\system32\cryptsvc.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x70f50000 0x10b000 6.00.6002.18005 c:\windows\system32\VSSAPI.DLL
0x74a90000 0x14000 3.05.2284.0002 c:\windows\system32\ATL.DLL
0x74b40000 0x14000 6.00.6001.18000 c:\windows\system32\vsstrace.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x75100000 0x2f000 1.02.1009.0000 c:\windows\system32\XmlLite.dll
0x75d40000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x75bb0000 0x14000 6.00.6002.18005 c:\windows\system32\MPR.dll
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75ab0000 0xf2000 6.00.6002.18005 c:\windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 c:\windows\system32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x70e60000 0x2b000 6.00.6001.18000 c:\windows\system32\nlasvc.dll
0x75a30000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x70be0000 0x1a000 6.00.6001.18000 c:\windows\system32\ncsi.dll
0x72820000 0x60000 6.00.6002.18096 c:\windows\system32\WINHTTP.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x758f0000 0x45000 6.00.6002.18005 c:\windows\system32\bcrypt.dll
0x70ca0000 0x8000 6.00.6001.18000 c:\windows\system32\CFGMGR32.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\ssdpapi.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x74460000 0x46000 2001.12.6932.18005 C:\Windows\system32\es.dll
0x74710000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x6fa60000 0x3d000 6.00.6002.18005 c:\windows\system32\tapisrv.dll
0x75010000 0x35000 6.00.6001.18000 c:\windows\system32\ACTIVEDS.dll
0x74bf0000 0x33000 6.00.6002.18005 c:\windows\system32\adsldpc.dll
0x72460000 0x2e000 6.00.6002.18005 c:\windows\system32\credui.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x74ba0000 0x32000 6.00.6002.18005 c:\windows\system32\WINMM.dll
0x74b60000 0x3d000 7.00.6002.18155 c:\windows\system32\OLEACC.dll
0x6f2c0000 0x71000 6.00.6002.18005 c:\windows\system32\termsrv.dll
0x70330000 0x7000 6.00.6001.18000 c:\windows\system32\ICAAPI.dll
0x75240000 0x2d000 6.00.6002.18169 c:\windows\system32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x6de80000 0x48000 6.00.6002.18005 C:\Windows\system32\unimdm.tsp
0x6dd90000 0x7000 6.00.6000.16386 C:\Windows\system32\uniplat.dll
0x6dbf0000 0x11000 6.00.6000.16386 C:\Windows\system32\unimdmat.dll
0x75840000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x6db20000 0x4a000
¤¤¤¤¤¤¤¤¤¤¤ DLLs ¤¤¤¤¤¤¤¤¤¤
------------------------------------------------------------------------------
explorer.exe pid: 2040
Command line: C:\Windows\Explorer.EXE
Base Size Version Path
0x001b0000 0x2cd000 6.00.6002.18005 C:\Windows\Explorer.EXE
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x72fd0000 0x108000 6.00.6002.18005 C:\Windows\system32\SHDOCVW.dll
0x75080000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll
0x75500000 0x1a000 6.00.6002.18005 C:\Windows\system32\POWRPROF.dll
0x73600000 0xc000 6.00.6001.18000 C:\Windows\system32\dwmapi.dll
0x748d0000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x74710000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x72e80000 0x146000 6.00.6002.18005 C:\Windows\system32\BROWSEUI.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.dll
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x75050000 0x30000 6.00.6001.18000 C:\Windows\system32\DUser.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x74360000 0xf4000 7.00.6002.18107 C:\Windows\system32\WindowsCodecs.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x72bb0000 0x1f000 5.02.3790.1830 C:\Windows\system32\EhStorShell.dll
0x72ba0000 0x6000 6.00.6000.16386 C:\Windows\system32\IconCodecService.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x726b0000 0xb2000 6.00.6002.18127 C:\Windows\system32\timedate.cpl
0x74a90000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x74b60000 0x3d000 7.00.6002.18155 C:\Windows\system32\OLEACC.dll
0x72490000 0x53000 6.00.6001.18000 C:\Windows\system32\ACTXPRXY.DLL
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x75610000 0xd7000 6.00.6000.16386 C:\Windows\system32\WINBRAND.dll
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\System32\SAMLIB.dll
0x728c0000 0x3c000 7.00.6002.18255 C:\Windows\System32\msshsq.dll
0x722f0000 0xc7000 6.00.6002.18005 C:\Windows\System32\NaturalLanguage6.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x74c30000 0x1e8000 6.00.6002.18005 C:\Windows\system32\authui.dll
0x75470000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x72b00000 0x9000 6.00.6000.16386 C:\Windows\system32\LINKINFO.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x71850000 0xa95000 8.00.6001.18975 C:\Windows\system32\ieframe.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x735f0000 0x7000 4.00.6000.16386 C:\Windows\system32\msiltcfg.dll
0x75840000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x71620000 0x227000 4.05.6002.18005 C:\Windows\system32\msi.dll
0x769f0000 0xe6000 8.00.6001.18975 C:\Windows\system32\WININET.dll
0x76180000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x74ba0000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x740d0000 0x2f000 6.00.6002.18005 C:\Windows\system32\wdmaud.drv
0x740c0000 0x4000 6.00.6000.16386 C:\Windows\system32\ksuser.dll
0x74fc0000 0x28000 6.00.6002.18005 C:\Windows\system32\MMDevAPI.DLL
0x74b00000 0x7000 6.00.6001.18000 C:\Windows\system32\AVRT.dll
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x72660000 0x4a000 6.00.6001.18000 C:\Windows\system32\ntshrui.dll
0x73190000 0xb000 6.00.6002.18005 C:\Windows\system32\cscapi.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\system32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x73180000 0x9000 6.00.6002.18005 C:\Windows\system32\ExplorerFrame.dll
0x737b0000 0x21000 6.00.6002.18005 C:\Windows\system32\AUDIOSES.DLL
0x73520000 0x66000 6.00.6001.18000 C:\Windows\system32\audioeng.dll
0x73640000 0x9000 6.00.6002.18005 C:\Windows\system32\msacm32.drv
0x73620000 0x14000 6.00.6001.18000 C:\Windows\system32\MSACM32.dll
0x73610000 0x7000 6.00.6002.18005 C:\Windows\system32\midimap.dll
0x75130000 0x30000 6.00.6001.18000 C:\Windows\system32\MLANG.dll
0x6fef0000 0x92000 6.00.6002.18005 C:\Windows\system32\stobject.dll
0x6fe30000 0xb6000 6.00.6000.16386 C:\Windows\system32\BatMeter.dll
0x75450000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x74460000 0x46000 2001.12.6932.18005 C:\Windows\system32\es.dll
0x6fbd0000 0x30000 6.00.6000.16386 C:\Windows\System32\SndVolSSO.dll
0x6fba0000 0x21000 6.00.6002.18005 C:\Windows\ehome\ehSSO.dll
0x74a80000 0x9000 6.00.6000.16386 C:\Windows\system32\HID.DLL
0x75390000 0x66000 6.00.6001.18000 C:\Windows\system32\FirewallAPI.dll
0x6e670000 0x30b000 6.00.6002.18005 C:\Windows\System32\netshell.dll
0x75a10000 0x19000 6.00.6002.18005 C:\Windows\System32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 C:\Windows\System32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 C:\Windows\System32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc6.DLL
0x74af0000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll
0x6f3c0000 0x1bf000 6.00.6002.18005 C:\Windows\system32\pnidui.dll
0x715b0000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll
0x75a30000 0x40000 6.00.6002.18005 C:\Windows\system32\wevtapi.dll
0x74120000 0x6000 6.00.6000.16386 C:\Windows\system32\wlanutil.dll
0x6f5e0000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x6d3e0000 0x12000 6.00.6002.18064 C:\Windows\system32\Wlanapi.dll
0x73910000 0x17c000 6.00.6002.18005 C:\Windows\system32\OneX.DLL
0x744e0000 0xe000 6.00.6001.18000 C:\Windows\system32\eappprxy.dll
0x74130000 0x24000 6.00.6002.18005 C:\Windows\system32\eappcfg.dll
0x758f0000 0x45000 6.00.6002.18005 C:\Windows\system32\bcrypt.dll
0x6d3b0000 0xd000 6.00.6000.16386 C:\Windows\System32\AltTab.dll
0x6d370000 0x19000 6.00.6002.18112 C:\Windows\system32\wpdshserviceobj.dll
0x6d2e0000 0x2b000 6.00.6002.18112 C:\Windows\system32\PortableDeviceTypes.dll
0x6f580000 0x56000 6.00.6002.18112 C:\Windows\system32\PortableDeviceApi.dll
0x70e00000 0x5a000 6.00.6001.18000 C:\Windows\system32\taskschd.dll
0x75100000 0x2f000 1.02.1009.0000 C:\Windows\system32\XmlLite.dll
0x6ceb0000 0x4d000 7.00.6002.18005 C:\Windows\System32\srchadmin.dll
0x6cf10000 0x3d000 8.00.6001.18702 C:\Windows\System32\webcheck.dll
0x71130000 0x21c000 6.00.6002.18005 C:\Windows\System32\SyncCenter.dll
0x6dd80000 0xb000 7.00.6002.18005 C:\Windows\system32\mssprxy.dll
0x6cf90000 0x39000 6.00.6002.18005 C:\Windows\system32\wscntfy.dll
0x72ad0000 0xb000 6.00.6002.18005 C:\Windows\system32\WSCAPI.dll
0x6ce00000 0xa3000 6.00.6002.18005 C:\Windows\system32\bthprops.cpl
0x71570000 0x2e000 6.00.6001.18000 C:\Windows\System32\QAgent.dll
0x72de0000 0x96000 6.00.6002.18005 C:\Windows\System32\fwpuclnt.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x6c990000 0x23000 9.00.0044.43458 C:\Program Files\Videotron\Services de sécurité Vidéotron\MalwareContextMenuR.dll
0x6c890000 0x73000 1.00.2498.0000 c:\PROGRA~1\MICROS~4\shellext.dll
0x6c830000 0x2e000 6.00.6001.18000 C:\Windows\system32\syncui.dll
0x6c870000 0x16000 6.00.6001.18000 C:\Windows\system32\SYNCENG.dll
0x75bb0000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x6f760000 0x28c000 6.00.6001.18000 C:\Windows\System32\NLSData000c.dll
0x6e980000 0x5f4000 6.00.6000.16386 C:\Windows\System32\NLSLexicons000c.dll
0x70e90000 0x28000 6.00.6002.18005 C:\Windows\system32\FunDisc.dll
0x74b20000 0xa000 6.00.6002.18005 C:\Windows\system32\fdproxy.dll
0x70a80000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
------------------------------------------------------------------------------
winlogon.exe pid: 800
Command line: winlogon.exe
Base Size Version Path
0x00710000 0x50000 6.00.6002.18005 C:\Windows\system32\winlogon.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x745a0000 0x3e000 6.00.6002.18005 C:\Windows\system32\SHSVCS.dll
0x75080000 0x3f000 6.00.6001.18000 C:\Windows\system32\uxtheme.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x74360000 0xf4000 7.00.6002.18107 C:\Windows\system32\WindowsCodecs.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x75bb0000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x75ff0000 0x16000 6.00.6002.18005 C:\Windows\system32\AUTHZ.dll
------------------------------------------------------------------------------
wininit.exe pid: 644
Command line: wininit.exe
Base Size Version Path
0x00760000 0x1a000 6.00.6001.18000 C:\Windows\system32\wininit.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
------------------------------------------------------------------------------
svchost.exe pid: 916
Command line: C:\Windows\system32\svchost.exe -k DcomLaunch
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75400000 0x39000 6.00.6002.18005 c:\windows\system32\umpnpmgr.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75500000 0x1a000 6.00.6002.18005 C:\Windows\system32\POWRPROF.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x752e0000 0x8a000 6.00.6002.18005 c:\windows\system32\rpcss.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x75450000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll
------------------------------------------------------------------------------
svchost.exe pid: 976
Command line: C:\Windows\system32\svchost.exe -k rpcss
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x752e0000 0x8a000 6.00.6002.18005 c:\windows\system32\rpcss.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x72de0000 0x96000 6.00.6002.18005 C:\Windows\system32\fwpuclnt.dll
------------------------------------------------------------------------------
svchost.exe pid: 1160
Command line: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\System32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x747d0000 0xfc000 6.00.6002.18005 c:\windows\system32\wevtsvc.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x754e0000 0x15000 6.00.6002.18005 c:\windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\System32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\System32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x746b0000 0x51000 6.00.6002.18005 c:\windows\system32\audiosrv.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x74fc0000 0x28000 6.00.6002.18005 c:\windows\system32\MMDevAPI.DLL
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x75560000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\System32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x744f0000 0x8000 6.00.6000.16386 c:\windows\system32\lmhsvc.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\System32\rsaenh.dll
0x737b0000 0x21000 6.00.6002.18005 C:\Windows\System32\audioses.dll
0x73520000 0x66000 6.00.6001.18000 C:\Windows\System32\audioeng.dll
0x74b00000 0x7000 6.00.6001.18000 C:\Windows\System32\AVRT.dll
0x6d270000 0x12000 6.00.6002.18005 c:\windows\system32\wscsvc.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x6e420000 0xdc000 6.00.6001.18000 c:\windows\system32\dbghelp.dll
0x6fb40000 0xb000 6.00.6002.18005 C:\Windows\system32\wbem\wbemprox.dll
0x6f5f0000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6ef80000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6dc10000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\fastprox.dll
0x75bf0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x75940000 0x35000 6.00.6002.18005 C:\Windows\System32\ncrypt.dll
0x758f0000 0x45000 6.00.6002.18005 C:\Windows\System32\BCRYPT.dll
0x6b330000 0x8e000 7.04.7600.0226 C:\Windows\system32\wuapi.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
------------------------------------------------------------------------------
svchost.exe pid: 1240
Command line: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\System32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\System32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\System32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x746b0000 0x51000 6.00.6002.18005 c:\windows\system32\audiosrv.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x74fc0000 0x28000 6.00.6002.18005 c:\windows\system32\MMDevAPI.DLL
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x75560000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\System32\WINTRUST.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\System32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\System32\Secur32.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x745f0000 0xb000 6.00.6002.18005 c:\windows\system32\uxsms.dll
0x744c0000 0x13000 6.00.6000.16386 c:\windows\system32\tabsvc.dll
0x74a80000 0x9000 6.00.6000.16386 c:\windows\system32\HID.DLL
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x745e0000 0x10000 6.00.6001.18000 c:\windows\system32\wudfsvc.dll
0x74330000 0x30000 6.00.6001.18000 c:\windows\system32\WUDFPlatform.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x75a30000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x741c0000 0x82000 6.00.6002.18064 c:\windows\system32\wlansvc.dll
0x75d40000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x74260000 0x4c000 6.00.6002.18064 c:\windows\system32\WLANMSM.DLL
0x74160000 0x52000 6.00.6002.18064 c:\windows\system32\WLANSEC.dll
0x73910000 0x17c000 6.00.6002.18005 c:\windows\system32\OneX.DLL
0x744e0000 0xe000 6.00.6001.18000 c:\windows\system32\eappprxy.dll
0x74130000 0x24000 6.00.6002.18005 c:\windows\system32\eappcfg.dll
0x748d0000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x75050000 0x30000 6.00.6001.18000 c:\windows\system32\DUser.dll
0x75080000 0x3f000 6.00.6001.18000 c:\windows\system32\UxTheme.dll
0x74b60000 0x3d000 7.00.6002.18155 c:\windows\system32\OLEACC.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x742c0000 0x18000 6.00.6002.18005 c:\windows\system32\wlgpclnt.dll
0x74250000 0x10000 6.00.6001.18000 c:\windows\system32\l2gpstore.dll
0x74120000 0x6000 6.00.6000.16386 c:\windows\system32\wlanutil.dll
0x75cb0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x75220000 0x1f000 6.00.6002.18005 c:\windows\system32\WinSCard.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x758f0000 0x45000 6.00.6002.18005 c:\windows\system32\bcrypt.dll
0x73650000 0x15b000 6.20.5002.0000 C:\Windows\System32\msxml6.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\System32\rsaenh.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\System32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75850000 0x7e000 6.00.6002.18051 C:\Windows\system32\kerberos.dll
0x75c90000 0x11000 6.00.6001.18000 C:\Windows\System32\cryptdll.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x73590000 0x60000 6.00.6001.18000 C:\Windows\system32\netcfgx.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\System32\Cabinet.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x71450000 0x8d000 6.00.6002.18005 c:\windows\system32\emdmgmt.dll
0x71530000 0x39000 6.00.6002.18005 c:\windows\system32\WDSCORE.dll
0x714f0000 0xd000 6.00.6001.18000 c:\windows\system32\pcasvc.dll
0x70d60000 0x46000 6.00.6001.18000 c:\windows\system32\netman.dll
0x70db0000 0x4a000 6.00.6002.18005 c:\windows\system32\RASAPI32.dll
0x70d40000 0x14000 6.00.6001.18000 c:\windows\system32\rasman.dll
0x70d00000 0x31000 6.00.6000.16386 c:\windows\system32\TAPI32.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x74ba0000 0x32000 6.00.6002.18005 c:\windows\system32\WINMM.dll
0x6e670000 0x30b000 6.00.6002.18005 C:\Windows\System32\netshell.dll
0x74af0000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll
0x6f6d0000 0x8a000 6.00.6002.18005 c:\windows\system32\sysmain.dll
0x6fac0000 0x15000 6.00.6001.18000 c:\windows\system32\trkwks.dll
0x6faa0000 0x17000 6.00.6002.18112 c:\windows\system32\wpdbusenum.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\System32\GPAPI.dll
0x6f580000 0x56000 6.00.6002.18112 C:\Windows\system32\PortableDeviceApi.dll
0x6ded0000 0x12000 6.00.6002.18112 C:\Windows\System32\portabledeviceconnectapi.dll
0x71510000 0x15000 6.00.6001.18000 c:\windows\system32\wdi.dll
0x72ae0000 0xa000 6.00.6001.18000 C:\Windows\system32\pcadm.dll
0x6d660000 0xce000 6.00.6002.18005 C:\Windows\System32\RASDLG.dll
0x6dab0000 0x1a000 6.00.6002.18005 C:\Windows\System32\MPRAPI.dll
0x75010000 0x35000 6.00.6001.18000 C:\Windows\System32\ACTIVEDS.dll
0x74bf0000 0x33000 6.00.6002.18005 C:\Windows\System32\adsldpc.dll
0x72460000 0x2e000 6.00.6002.18005 C:\Windows\System32\credui.dll
0x74a90000 0x14000 3.05.2284.0002 C:\Windows\System32\ATL.DLL
0x6de30000 0x4a000 6.00.6001.18000 C:\Windows\System32\hnetcfg.dll
0x72820000 0x60000 6.00.6002.18096 C:\Windows\System32\WINHTTP.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x6c940000 0x33000 6.00.6001.18000 C:\Windows\system32\upnp.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\System32\SXS.DLL
0x6fb40000 0xb000 6.00.6002.18005 C:\Windows\system32\wbem\wbemprox.dll
0x6f5f0000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6ef80000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6dc10000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\fastprox.dll
0x75bf0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x75790000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x6c760000 0x15000 6.00.6000.16386 C:\Windows\system32\radardt.dll
------------------------------------------------------------------------------
svchost.exe pid: 1264
Command line: C:\Windows\system32\svchost.exe -k netsvcs
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74ad0000 0x11000 6.00.6001.18000 c:\windows\system32\mmcss.dll
0x74b00000 0x7000 6.00.6001.18000 c:\windows\system32\AVRT.dll
0x74620000 0x29000 6.00.6002.18005 c:\windows\system32\profsvc.dll
0x75cb0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x74af0000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x74a90000 0x14000 3.05.2284.0002 c:\windows\system32\ATL.DLL
0x745a0000 0x3e000 6.00.6002.18005 c:\windows\system32\shsvcs.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x75080000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x74610000 0xe000 6.00.6001.18000 c:\windows\system32\sens.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x744b0000 0x10000 6.00.6001.18000 c:\windows\system32\eapsvc.dll
0x742e0000 0x30000 6.00.6002.18005 C:\Windows\system32\eapphost.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x742b0000 0xf000 6.00.6001.18000 C:\Windows\system32\umb.dll
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\system32\WINTRUST.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x73880000 0x85000 5.82.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll
0x737e0000 0x94000 6.00.6002.18005 c:\windows\system32\schedsvc.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75a30000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x74110000 0x7000 6.00.6001.18000 c:\windows\system32\ktmw32.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x74070000 0x44000 6.00.6002.18005 C:\Windows\system32\taskcomp.dll
0x75840000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x74100000 0xb000 6.00.6001.18000 C:\Windows\system32\wiarpc.dll
0x74710000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x732b0000 0x9000 6.00.6000.16386 C:\Windows\system32\tschannel.dll
0x72630000 0x22000 6.00.6002.18306 c:\windows\system32\srvsvc.dll
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x75440000 0x6000 6.00.6000.16386 C:\Windows\system32\SSCORE.DLL
0x75390000 0x66000 6.00.6001.18000 C:\Windows\system32\FirewallAPI.DLL
0x750d0000 0x2e000 6.00.6001.18000 C:\Windows\system32\CLUSAPI.DLL
0x75bf0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x75c90000 0x11000 6.00.6001.18000 C:\Windows\system32\cryptdll.dll
0x75010000 0x35000 6.00.6001.18000 C:\Windows\system32\ACTIVEDS.dll
0x74bf0000 0x33000 6.00.6002.18005 C:\Windows\system32\adsldpc.dll
0x72460000 0x2e000 6.00.6002.18005 C:\Windows\system32\credui.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x75370000 0x13000 6.00.6001.18000 C:\Windows\system32\RESUTILS.DLL
0x74ff0000 0x9000 6.00.6000.16386 c:\windows\system32\aelupsvc.dll
0x713e0000 0x6f000 6.00.6002.18005 c:\windows\system32\ikeext.dll
0x72de0000 0x96000 6.00.6002.18005 c:\windows\system32\fwpuclnt.dll
0x75940000 0x35000 6.00.6002.18005 C:\Windows\system32\ncrypt.dll
0x758f0000 0x45000 6.00.6002.18005 C:\Windows\system32\BCRYPT.dll
0x704a0000 0x8000 6.00.6001.18000 c:\windows\system32\seclogon.dll
0x6f9f0000 0x2a000 6.00.6002.18005 c:\windows\system32\wbem\wmisvc.dll
0x6f5f0000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6efb0000 0x43000 6.00.6002.18005 c:\windows\system32\rasmans.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x6f030000 0x14000 6.00.6002.18005 C:\Windows\system32\rastapi.dll
0x70d00000 0x31000 6.00.6000.16386 C:\Windows\system32\TAPI32.dll
0x74ba0000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x74b60000 0x3d000 7.00.6002.18155 C:\Windows\system32\OLEACC.dll
0x6e310000 0x34000 6.00.6002.18209 c:\windows\system32\iphlpsvc.dll
0x6f000000 0x23000 6.00.6001.18000 c:\windows\system32\sqmapi.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x6de30000 0x4a000 6.00.6001.18000 C:\Windows\system32\hnetcfg.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x72820000 0x60000 6.00.6002.18096 C:\Windows\system32\WINHTTP.dll
0x70f50000 0x10b000 6.00.6002.18005 C:\Windows\system32\VSSAPI.DLL
0x74b40000 0x14000 6.00.6001.18000 C:\Windows\system32\vsstrace.dll
0x75100000 0x2f000 1.02.1009.0000 C:\Windows\system32\XmlLite.dll
0x75bb0000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x6dcb0000 0xb9000 6.00.6002.18005 C:\Windows\system32\wbem\wbemcore.dll
0x6dde0000 0x43000 6.00.6002.18005 C:\Windows\system32\wbem\esscli.dll
0x6dc10000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\FastProx.dll
0x6ef80000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6dda0000 0x17000 6.00.6002.18005 C:\Windows\system32\wbem\wmiutils.dll
0x6db70000 0x44000 6.00.6002.18005 C:\Windows\system32\wbem\repdrvfs.dll
0x6dad0000 0x43000 6.00.6002.18005 C:\Windows\system32\rasppp.dll
0x6dab0000 0x1a000 6.00.6002.18005 C:\Windows\system32\MPRAPI.dll
0x70db0000 0x4a000 6.00.6002.18005 C:\Windows\system32\RASAPI32.dll
0x70d40000 0x14000 6.00.6001.18000 C:\Windows\system32\rasman.dll
0x75850000 0x7e000 6.00.6002.18051 C:\Windows\system32\kerberos.dll
0x6da90000 0x14000 6.00.6001.18000 C:\Windows\system32\RASQEC.DLL
0x715b0000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll
0x6d860000 0x47000 6.00.6002.18005 C:\Windows\System32\raschap.dll
0x6da10000 0x3e000 6.00.6002.18116 C:\Windows\System32\rastls.dll
0x6d770000 0xf0000 6.00.6002.18005 C:\Windows\system32\CRYPTUI.dll
0x75470000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x75220000 0x1f000 6.00.6002.18005 C:\Windows\system32\WinSCard.dll
0x6d5d0000 0x7d000 6.00.6002.18005 C:\Windows\system32\wbem\wmiprvsd.dll
0x75fe0000 0xf000 6.00.6001.18000 C:\Windows\system32\NCObjAPI.DLL
0x6d570000 0x57000 6.00.6002.18005 C:\Windows\system32\wbem\wbemess.dll
0x75790000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x6c810000 0xb000 6.00.6001.18000 c:\windows\system32\appinfo.dll
0x6c7e0000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\ncprov.dll
0x6afa0000 0x1bf000 7.00.6002.18005 c:\windows\system32\qmgr.dll
0x6fc30000 0x5000 6.00.6000.16386 c:\windows\system32\SHFOLDER.dll
0x6d750000 0x8000 7.00.6000.16386 c:\windows\system32\bitsperf.dll
0x6d760000 0xb000 7.00.6002.18005 C:\Windows\system32\bitsigd.dll
0x6c940000 0x33000 6.00.6001.18000 C:\Windows\system32\upnp.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x6a540000 0x1d9000 7.04.7600.0226 c:\windows\system32\wuaueng.dll
0x6d400000 0x168000 6.00.6002.18005 c:\windows\system32\ESENT.dll
0x715d0000 0x42000 6.00.6002.18087 c:\windows\system32\WINSPOOL.DRV
0x6d740000 0xc000 6.00.6001.18000 c:\windows\system32\mspatcha.dll
0x75c80000 0x6000 6.00.6000.16386 C:\Windows\system32\WMsgAPI.dll
0x6f1e0000 0xd9000 6.00.6002.18005 C:\Windows\system32\wer.dll
0x70bd0000 0x6000 6.00.6000.16386 C:\Windows\system32\SensApi.dll
0x70a80000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x70020000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6fc60000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x70010000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x6fc00000 0x25000 2.00.0002.0000 C:\Program Files\Bonjour\mdnsNSP.dll
0x73170000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6da60000 0x26000 6.00.6001.18000 C:\Windows\system32\dssenh.dll
0x6c510000 0x2e000 8.00.6001.18702 C:\Windows\system32\advpack.dll
0x71620000 0x227000 4.05.6002.18005 C:\Windows\system32\msi.dll
0x74460000 0x46000 2001.12.6932.18005 C:\Windows\System32\ES.DLL
0x74050000 0xa000 7.04.7600.0226 C:\Windows\System32\wups.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x769f0000 0xe6000 8.00.6001.18975 C:\Windows\system32\WININET.dll
0x76180000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x73f00000 0x16000 6.00.6001.18000 c:\windows\system32\browser.dll
------------------------------------------------------------------------------
svchost.exe pid: 1392
Command line: C:\Windows\system32\svchost.exe -k GPSvcGroup
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74500000 0x8f000 6.00.6002.18005 c:\windows\system32\gpsvc.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x75d40000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x75bf0000 0x18000 6.00.6001.18000 c:\windows\system32\NTDSAPI.dll
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x754e0000 0x15000 6.00.6002.18005 c:\windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x75cb0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x75560000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74af0000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
------------------------------------------------------------------------------
svchost.exe pid: 1436
Command line: C:\Windows\system32\svchost.exe -k LocalService
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74460000 0x46000 2001.12.6932.18005 c:\windows\system32\es.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x74710000 0xbb000 7.00.6002.18005 c:\windows\system32\PROPSYS.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x74590000 0x8000 6.00.6001.18000 c:\windows\system32\nsisvc.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\secur32.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x72880000 0x34000 6.00.6002.18005 c:\windows\system32\webclnt.dll
0x72820000 0x60000 6.00.6002.18096 c:\windows\system32\WINHTTP.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\shell32.dll
0x769f0000 0xe6000 8.00.6001.18975 C:\Windows\system32\WinInet.dll
0x76180000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x72770000 0x2a000 6.00.6002.18049 c:\windows\system32\wkssvc.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75bf0000 0x18000 6.00.6001.18000 c:\windows\system32\NTDSAPI.dll
0x75610000 0xd7000 6.00.6000.16386 c:\windows\system32\WINBRAND.dll
0x715a0000 0x9000 6.00.6000.16386 c:\windows\system32\fdrespub.dll
0x70ec0000 0x59000 6.00.6002.18085 c:\windows\system32\wsdapi.dll
0x72810000 0xb000 6.00.6002.18210 c:\windows\system32\HTTPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 c:\windows\system32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x75100000 0x2f000 1.02.1009.0000 c:\windows\system32\XmlLite.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x70e90000 0x28000 6.00.6002.18005 C:\Windows\system32\FunDisc.dll
0x74a90000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x70a80000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x6ffa0000 0x25000 6.00.6001.18000 c:\windows\system32\sstpsvc.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x6f680000 0x48000 6.00.6002.18005 c:\windows\system32\w32time.dll
0x75c90000 0x11000 6.00.6001.18000 c:\windows\system32\cryptdll.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x6e3e0000 0x3c000 6.00.6001.18000 c:\windows\system32\netprofm.dll
0x74af0000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x6f5e0000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x70020000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6fc60000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x70010000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x6fc00000 0x25000 2.00.0002.0000 C:\Program Files\Bonjour\mdnsNSP.dll
0x73170000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6c910000 0x28000 6.00.6001.18000 c:\windows\system32\ssdpsrv.dll
0x74040000 0x6000 6.00.6001.18000 c:\windows\system32\fdphost.dll
0x73b60000 0x12000 6.00.6002.18005 C:\Windows\system32\fdwsd.dll
0x75130000 0x30000 6.00.6001.18000 C:\Windows\system32\MLANG.dll
0x73b40000 0x12000 6.00.6002.18005 C:\Windows\system32\fdssdp.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x74b20000 0xa000 6.00.6002.18005 C:\Windows\system32\fdproxy.dll
------------------------------------------------------------------------------
svchost.exe pid: 1656
Command line: C:\Windows\system32\svchost.exe -k NetworkService
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74310000 0x18000 6.00.6002.18005 c:\windows\system32\dnsrslvr.dll
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x71060000 0x22000 6.00.6002.18005 c:\windows\system32\cryptsvc.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x70f50000 0x10b000 6.00.6002.18005 c:\windows\system32\VSSAPI.DLL
0x74a90000 0x14000 3.05.2284.0002 c:\windows\system32\ATL.DLL
0x74b40000 0x14000 6.00.6001.18000 c:\windows\system32\vsstrace.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x75100000 0x2f000 1.02.1009.0000 c:\windows\system32\XmlLite.dll
0x75d40000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x75bb0000 0x14000 6.00.6002.18005 c:\windows\system32\MPR.dll
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75ab0000 0xf2000 6.00.6002.18005 c:\windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 c:\windows\system32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x70e60000 0x2b000 6.00.6001.18000 c:\windows\system32\nlasvc.dll
0x75a30000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x70be0000 0x1a000 6.00.6001.18000 c:\windows\system32\ncsi.dll
0x72820000 0x60000 6.00.6002.18096 c:\windows\system32\WINHTTP.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x758f0000 0x45000 6.00.6002.18005 c:\windows\system32\bcrypt.dll
0x70ca0000 0x8000 6.00.6001.18000 c:\windows\system32\CFGMGR32.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\ssdpapi.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x74460000 0x46000 2001.12.6932.18005 C:\Windows\system32\es.dll
0x74710000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x6fa60000 0x3d000 6.00.6002.18005 c:\windows\system32\tapisrv.dll
0x75010000 0x35000 6.00.6001.18000 c:\windows\system32\ACTIVEDS.dll
0x74bf0000 0x33000 6.00.6002.18005 c:\windows\system32\adsldpc.dll
0x72460000 0x2e000 6.00.6002.18005 c:\windows\system32\credui.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x74ba0000 0x32000 6.00.6002.18005 c:\windows\system32\WINMM.dll
0x74b60000 0x3d000 7.00.6002.18155 c:\windows\system32\OLEACC.dll
0x6f2c0000 0x71000 6.00.6002.18005 c:\windows\system32\termsrv.dll
0x70330000 0x7000 6.00.6001.18000 c:\windows\system32\ICAAPI.dll
0x75240000 0x2d000 6.00.6002.18169 c:\windows\system32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x6de80000 0x48000 6.00.6002.18005 C:\Windows\system32\unimdm.tsp
0x6dd90000 0x7000 6.00.6000.16386 C:\Windows\system32\uniplat.dll
0x6dbf0000 0x11000 6.00.6000.16386 C:\Windows\system32\unimdmat.dll
0x75840000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x6db20000 0x4a000
¤¤¤¤¤¤¤¤¤¤ More informations ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤ DLLs ¤¤¤¤¤¤¤¤¤¤
------------------------------------------------------------------------------
explorer.exe pid: 2040
Command line: C:\Windows\Explorer.EXE
Base Size Version Path
0x001b0000 0x2cd000 6.00.6002.18005 C:\Windows\Explorer.EXE
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x72fd0000 0x108000 6.00.6002.18005 C:\Windows\system32\SHDOCVW.dll
0x75080000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll
0x75500000 0x1a000 6.00.6002.18005 C:\Windows\system32\POWRPROF.dll
0x73600000 0xc000 6.00.6001.18000 C:\Windows\system32\dwmapi.dll
0x748d0000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x74710000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x72e80000 0x146000 6.00.6002.18005 C:\Windows\system32\BROWSEUI.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.dll
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x75050000 0x30000 6.00.6001.18000 C:\Windows\system32\DUser.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x74360000 0xf4000 7.00.6002.18107 C:\Windows\system32\WindowsCodecs.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x72bb0000 0x1f000 5.02.3790.1830 C:\Windows\system32\EhStorShell.dll
0x72ba0000 0x6000 6.00.6000.16386 C:\Windows\system32\IconCodecService.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x726b0000 0xb2000 6.00.6002.18127 C:\Windows\system32\timedate.cpl
0x74a90000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x74b60000 0x3d000 7.00.6002.18155 C:\Windows\system32\OLEACC.dll
0x72490000 0x53000 6.00.6001.18000 C:\Windows\system32\ACTXPRXY.DLL
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x75610000 0xd7000 6.00.6000.16386 C:\Windows\system32\WINBRAND.dll
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\System32\SAMLIB.dll
0x728c0000 0x3c000 7.00.6002.18255 C:\Windows\System32\msshsq.dll
0x722f0000 0xc7000 6.00.6002.18005 C:\Windows\System32\NaturalLanguage6.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x74c30000 0x1e8000 6.00.6002.18005 C:\Windows\system32\authui.dll
0x75470000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x72b00000 0x9000 6.00.6000.16386 C:\Windows\system32\LINKINFO.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x71850000 0xa95000 8.00.6001.18975 C:\Windows\system32\ieframe.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x735f0000 0x7000 4.00.6000.16386 C:\Windows\system32\msiltcfg.dll
0x75840000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x71620000 0x227000 4.05.6002.18005 C:\Windows\system32\msi.dll
0x769f0000 0xe6000 8.00.6001.18975 C:\Windows\system32\WININET.dll
0x76180000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x74ba0000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x740d0000 0x2f000 6.00.6002.18005 C:\Windows\system32\wdmaud.drv
0x740c0000 0x4000 6.00.6000.16386 C:\Windows\system32\ksuser.dll
0x74fc0000 0x28000 6.00.6002.18005 C:\Windows\system32\MMDevAPI.DLL
0x74b00000 0x7000 6.00.6001.18000 C:\Windows\system32\AVRT.dll
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x72660000 0x4a000 6.00.6001.18000 C:\Windows\system32\ntshrui.dll
0x73190000 0xb000 6.00.6002.18005 C:\Windows\system32\cscapi.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\system32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x73180000 0x9000 6.00.6002.18005 C:\Windows\system32\ExplorerFrame.dll
0x737b0000 0x21000 6.00.6002.18005 C:\Windows\system32\AUDIOSES.DLL
0x73520000 0x66000 6.00.6001.18000 C:\Windows\system32\audioeng.dll
0x73640000 0x9000 6.00.6002.18005 C:\Windows\system32\msacm32.drv
0x73620000 0x14000 6.00.6001.18000 C:\Windows\system32\MSACM32.dll
0x73610000 0x7000 6.00.6002.18005 C:\Windows\system32\midimap.dll
0x75130000 0x30000 6.00.6001.18000 C:\Windows\system32\MLANG.dll
0x6fef0000 0x92000 6.00.6002.18005 C:\Windows\system32\stobject.dll
0x6fe30000 0xb6000 6.00.6000.16386 C:\Windows\system32\BatMeter.dll
0x75450000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x74460000 0x46000 2001.12.6932.18005 C:\Windows\system32\es.dll
0x6fbd0000 0x30000 6.00.6000.16386 C:\Windows\System32\SndVolSSO.dll
0x6fba0000 0x21000 6.00.6002.18005 C:\Windows\ehome\ehSSO.dll
0x74a80000 0x9000 6.00.6000.16386 C:\Windows\system32\HID.DLL
0x75390000 0x66000 6.00.6001.18000 C:\Windows\system32\FirewallAPI.dll
0x6e670000 0x30b000 6.00.6002.18005 C:\Windows\System32\netshell.dll
0x75a10000 0x19000 6.00.6002.18005 C:\Windows\System32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 C:\Windows\System32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 C:\Windows\System32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc6.DLL
0x74af0000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll
0x6f3c0000 0x1bf000 6.00.6002.18005 C:\Windows\system32\pnidui.dll
0x715b0000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll
0x75a30000 0x40000 6.00.6002.18005 C:\Windows\system32\wevtapi.dll
0x74120000 0x6000 6.00.6000.16386 C:\Windows\system32\wlanutil.dll
0x6f5e0000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x6d3e0000 0x12000 6.00.6002.18064 C:\Windows\system32\Wlanapi.dll
0x73910000 0x17c000 6.00.6002.18005 C:\Windows\system32\OneX.DLL
0x744e0000 0xe000 6.00.6001.18000 C:\Windows\system32\eappprxy.dll
0x74130000 0x24000 6.00.6002.18005 C:\Windows\system32\eappcfg.dll
0x758f0000 0x45000 6.00.6002.18005 C:\Windows\system32\bcrypt.dll
0x6d3b0000 0xd000 6.00.6000.16386 C:\Windows\System32\AltTab.dll
0x6d370000 0x19000 6.00.6002.18112 C:\Windows\system32\wpdshserviceobj.dll
0x6d2e0000 0x2b000 6.00.6002.18112 C:\Windows\system32\PortableDeviceTypes.dll
0x6f580000 0x56000 6.00.6002.18112 C:\Windows\system32\PortableDeviceApi.dll
0x70e00000 0x5a000 6.00.6001.18000 C:\Windows\system32\taskschd.dll
0x75100000 0x2f000 1.02.1009.0000 C:\Windows\system32\XmlLite.dll
0x6ceb0000 0x4d000 7.00.6002.18005 C:\Windows\System32\srchadmin.dll
0x6cf10000 0x3d000 8.00.6001.18702 C:\Windows\System32\webcheck.dll
0x71130000 0x21c000 6.00.6002.18005 C:\Windows\System32\SyncCenter.dll
0x6dd80000 0xb000 7.00.6002.18005 C:\Windows\system32\mssprxy.dll
0x6cf90000 0x39000 6.00.6002.18005 C:\Windows\system32\wscntfy.dll
0x72ad0000 0xb000 6.00.6002.18005 C:\Windows\system32\WSCAPI.dll
0x6ce00000 0xa3000 6.00.6002.18005 C:\Windows\system32\bthprops.cpl
0x71570000 0x2e000 6.00.6001.18000 C:\Windows\System32\QAgent.dll
0x72de0000 0x96000 6.00.6002.18005 C:\Windows\System32\fwpuclnt.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x6c990000 0x23000 9.00.0044.43458 C:\Program Files\Videotron\Services de sécurité Vidéotron\MalwareContextMenuR.dll
0x6c890000 0x73000 1.00.2498.0000 c:\PROGRA~1\MICROS~4\shellext.dll
0x6c830000 0x2e000 6.00.6001.18000 C:\Windows\system32\syncui.dll
0x6c870000 0x16000 6.00.6001.18000 C:\Windows\system32\SYNCENG.dll
0x75bb0000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x6f760000 0x28c000 6.00.6001.18000 C:\Windows\System32\NLSData000c.dll
0x6e980000 0x5f4000 6.00.6000.16386 C:\Windows\System32\NLSLexicons000c.dll
0x70e90000 0x28000 6.00.6002.18005 C:\Windows\system32\FunDisc.dll
0x74b20000 0xa000 6.00.6002.18005 C:\Windows\system32\fdproxy.dll
0x70a80000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
------------------------------------------------------------------------------
winlogon.exe pid: 800
Command line: winlogon.exe
Base Size Version Path
0x00710000 0x50000 6.00.6002.18005 C:\Windows\system32\winlogon.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x745a0000 0x3e000 6.00.6002.18005 C:\Windows\system32\SHSVCS.dll
0x75080000 0x3f000 6.00.6001.18000 C:\Windows\system32\uxtheme.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x74360000 0xf4000 7.00.6002.18107 C:\Windows\system32\WindowsCodecs.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x75bb0000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x75ff0000 0x16000 6.00.6002.18005 C:\Windows\system32\AUTHZ.dll
------------------------------------------------------------------------------
wininit.exe pid: 644
Command line: wininit.exe
Base Size Version Path
0x00760000 0x1a000 6.00.6001.18000 C:\Windows\system32\wininit.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
------------------------------------------------------------------------------
svchost.exe pid: 916
Command line: C:\Windows\system32\svchost.exe -k DcomLaunch
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75400000 0x39000 6.00.6002.18005 c:\windows\system32\umpnpmgr.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75500000 0x1a000 6.00.6002.18005 C:\Windows\system32\POWRPROF.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x752e0000 0x8a000 6.00.6002.18005 c:\windows\system32\rpcss.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x75450000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll
------------------------------------------------------------------------------
svchost.exe pid: 976
Command line: C:\Windows\system32\svchost.exe -k rpcss
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x752e0000 0x8a000 6.00.6002.18005 c:\windows\system32\rpcss.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x72de0000 0x96000 6.00.6002.18005 C:\Windows\system32\fwpuclnt.dll
------------------------------------------------------------------------------
svchost.exe pid: 1160
Command line: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\System32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x747d0000 0xfc000 6.00.6002.18005 c:\windows\system32\wevtsvc.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x754e0000 0x15000 6.00.6002.18005 c:\windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\System32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\System32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x746b0000 0x51000 6.00.6002.18005 c:\windows\system32\audiosrv.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x74fc0000 0x28000 6.00.6002.18005 c:\windows\system32\MMDevAPI.DLL
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x75560000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\System32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x744f0000 0x8000 6.00.6000.16386 c:\windows\system32\lmhsvc.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\System32\rsaenh.dll
0x737b0000 0x21000 6.00.6002.18005 C:\Windows\System32\audioses.dll
0x73520000 0x66000 6.00.6001.18000 C:\Windows\System32\audioeng.dll
0x74b00000 0x7000 6.00.6001.18000 C:\Windows\System32\AVRT.dll
0x6d270000 0x12000 6.00.6002.18005 c:\windows\system32\wscsvc.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x6e420000 0xdc000 6.00.6001.18000 c:\windows\system32\dbghelp.dll
0x6fb40000 0xb000 6.00.6002.18005 C:\Windows\system32\wbem\wbemprox.dll
0x6f5f0000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6ef80000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6dc10000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\fastprox.dll
0x75bf0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x75940000 0x35000 6.00.6002.18005 C:\Windows\System32\ncrypt.dll
0x758f0000 0x45000 6.00.6002.18005 C:\Windows\System32\BCRYPT.dll
0x6b330000 0x8e000 7.04.7600.0226 C:\Windows\system32\wuapi.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
------------------------------------------------------------------------------
svchost.exe pid: 1240
Command line: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\System32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\System32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\System32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x746b0000 0x51000 6.00.6002.18005 c:\windows\system32\audiosrv.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x74fc0000 0x28000 6.00.6002.18005 c:\windows\system32\MMDevAPI.DLL
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x75560000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\System32\WINTRUST.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\System32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\System32\Secur32.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x745f0000 0xb000 6.00.6002.18005 c:\windows\system32\uxsms.dll
0x744c0000 0x13000 6.00.6000.16386 c:\windows\system32\tabsvc.dll
0x74a80000 0x9000 6.00.6000.16386 c:\windows\system32\HID.DLL
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x745e0000 0x10000 6.00.6001.18000 c:\windows\system32\wudfsvc.dll
0x74330000 0x30000 6.00.6001.18000 c:\windows\system32\WUDFPlatform.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x75a30000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x741c0000 0x82000 6.00.6002.18064 c:\windows\system32\wlansvc.dll
0x75d40000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x74260000 0x4c000 6.00.6002.18064 c:\windows\system32\WLANMSM.DLL
0x74160000 0x52000 6.00.6002.18064 c:\windows\system32\WLANSEC.dll
0x73910000 0x17c000 6.00.6002.18005 c:\windows\system32\OneX.DLL
0x744e0000 0xe000 6.00.6001.18000 c:\windows\system32\eappprxy.dll
0x74130000 0x24000 6.00.6002.18005 c:\windows\system32\eappcfg.dll
0x748d0000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x75050000 0x30000 6.00.6001.18000 c:\windows\system32\DUser.dll
0x75080000 0x3f000 6.00.6001.18000 c:\windows\system32\UxTheme.dll
0x74b60000 0x3d000 7.00.6002.18155 c:\windows\system32\OLEACC.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x742c0000 0x18000 6.00.6002.18005 c:\windows\system32\wlgpclnt.dll
0x74250000 0x10000 6.00.6001.18000 c:\windows\system32\l2gpstore.dll
0x74120000 0x6000 6.00.6000.16386 c:\windows\system32\wlanutil.dll
0x75cb0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x75220000 0x1f000 6.00.6002.18005 c:\windows\system32\WinSCard.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x758f0000 0x45000 6.00.6002.18005 c:\windows\system32\bcrypt.dll
0x73650000 0x15b000 6.20.5002.0000 C:\Windows\System32\msxml6.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\System32\rsaenh.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\System32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75850000 0x7e000 6.00.6002.18051 C:\Windows\system32\kerberos.dll
0x75c90000 0x11000 6.00.6001.18000 C:\Windows\System32\cryptdll.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x73590000 0x60000 6.00.6001.18000 C:\Windows\system32\netcfgx.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\System32\Cabinet.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x71450000 0x8d000 6.00.6002.18005 c:\windows\system32\emdmgmt.dll
0x71530000 0x39000 6.00.6002.18005 c:\windows\system32\WDSCORE.dll
0x714f0000 0xd000 6.00.6001.18000 c:\windows\system32\pcasvc.dll
0x70d60000 0x46000 6.00.6001.18000 c:\windows\system32\netman.dll
0x70db0000 0x4a000 6.00.6002.18005 c:\windows\system32\RASAPI32.dll
0x70d40000 0x14000 6.00.6001.18000 c:\windows\system32\rasman.dll
0x70d00000 0x31000 6.00.6000.16386 c:\windows\system32\TAPI32.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x74ba0000 0x32000 6.00.6002.18005 c:\windows\system32\WINMM.dll
0x6e670000 0x30b000 6.00.6002.18005 C:\Windows\System32\netshell.dll
0x74af0000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll
0x6f6d0000 0x8a000 6.00.6002.18005 c:\windows\system32\sysmain.dll
0x6fac0000 0x15000 6.00.6001.18000 c:\windows\system32\trkwks.dll
0x6faa0000 0x17000 6.00.6002.18112 c:\windows\system32\wpdbusenum.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\System32\GPAPI.dll
0x6f580000 0x56000 6.00.6002.18112 C:\Windows\system32\PortableDeviceApi.dll
0x6ded0000 0x12000 6.00.6002.18112 C:\Windows\System32\portabledeviceconnectapi.dll
0x71510000 0x15000 6.00.6001.18000 c:\windows\system32\wdi.dll
0x72ae0000 0xa000 6.00.6001.18000 C:\Windows\system32\pcadm.dll
0x6d660000 0xce000 6.00.6002.18005 C:\Windows\System32\RASDLG.dll
0x6dab0000 0x1a000 6.00.6002.18005 C:\Windows\System32\MPRAPI.dll
0x75010000 0x35000 6.00.6001.18000 C:\Windows\System32\ACTIVEDS.dll
0x74bf0000 0x33000 6.00.6002.18005 C:\Windows\System32\adsldpc.dll
0x72460000 0x2e000 6.00.6002.18005 C:\Windows\System32\credui.dll
0x74a90000 0x14000 3.05.2284.0002 C:\Windows\System32\ATL.DLL
0x6de30000 0x4a000 6.00.6001.18000 C:\Windows\System32\hnetcfg.dll
0x72820000 0x60000 6.00.6002.18096 C:\Windows\System32\WINHTTP.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x6c940000 0x33000 6.00.6001.18000 C:\Windows\system32\upnp.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\System32\SXS.DLL
0x6fb40000 0xb000 6.00.6002.18005 C:\Windows\system32\wbem\wbemprox.dll
0x6f5f0000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6ef80000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6dc10000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\fastprox.dll
0x75bf0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x75790000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x6c760000 0x15000 6.00.6000.16386 C:\Windows\system32\radardt.dll
------------------------------------------------------------------------------
svchost.exe pid: 1264
Command line: C:\Windows\system32\svchost.exe -k netsvcs
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74ad0000 0x11000 6.00.6001.18000 c:\windows\system32\mmcss.dll
0x74b00000 0x7000 6.00.6001.18000 c:\windows\system32\AVRT.dll
0x74620000 0x29000 6.00.6002.18005 c:\windows\system32\profsvc.dll
0x75cb0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x74af0000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x74a90000 0x14000 3.05.2284.0002 c:\windows\system32\ATL.DLL
0x745a0000 0x3e000 6.00.6002.18005 c:\windows\system32\shsvcs.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x75080000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x74610000 0xe000 6.00.6001.18000 c:\windows\system32\sens.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x744b0000 0x10000 6.00.6001.18000 c:\windows\system32\eapsvc.dll
0x742e0000 0x30000 6.00.6002.18005 C:\Windows\system32\eapphost.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x742b0000 0xf000 6.00.6001.18000 C:\Windows\system32\umb.dll
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\system32\WINTRUST.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x73880000 0x85000 5.82.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll
0x737e0000 0x94000 6.00.6002.18005 c:\windows\system32\schedsvc.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75a30000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x74110000 0x7000 6.00.6001.18000 c:\windows\system32\ktmw32.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x74070000 0x44000 6.00.6002.18005 C:\Windows\system32\taskcomp.dll
0x75840000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x74100000 0xb000 6.00.6001.18000 C:\Windows\system32\wiarpc.dll
0x74710000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x732b0000 0x9000 6.00.6000.16386 C:\Windows\system32\tschannel.dll
0x72630000 0x22000 6.00.6002.18306 c:\windows\system32\srvsvc.dll
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x75440000 0x6000 6.00.6000.16386 C:\Windows\system32\SSCORE.DLL
0x75390000 0x66000 6.00.6001.18000 C:\Windows\system32\FirewallAPI.DLL
0x750d0000 0x2e000 6.00.6001.18000 C:\Windows\system32\CLUSAPI.DLL
0x75bf0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x75c90000 0x11000 6.00.6001.18000 C:\Windows\system32\cryptdll.dll
0x75010000 0x35000 6.00.6001.18000 C:\Windows\system32\ACTIVEDS.dll
0x74bf0000 0x33000 6.00.6002.18005 C:\Windows\system32\adsldpc.dll
0x72460000 0x2e000 6.00.6002.18005 C:\Windows\system32\credui.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x75370000 0x13000 6.00.6001.18000 C:\Windows\system32\RESUTILS.DLL
0x74ff0000 0x9000 6.00.6000.16386 c:\windows\system32\aelupsvc.dll
0x713e0000 0x6f000 6.00.6002.18005 c:\windows\system32\ikeext.dll
0x72de0000 0x96000 6.00.6002.18005 c:\windows\system32\fwpuclnt.dll
0x75940000 0x35000 6.00.6002.18005 C:\Windows\system32\ncrypt.dll
0x758f0000 0x45000 6.00.6002.18005 C:\Windows\system32\BCRYPT.dll
0x704a0000 0x8000 6.00.6001.18000 c:\windows\system32\seclogon.dll
0x6f9f0000 0x2a000 6.00.6002.18005 c:\windows\system32\wbem\wmisvc.dll
0x6f5f0000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6efb0000 0x43000 6.00.6002.18005 c:\windows\system32\rasmans.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x6f030000 0x14000 6.00.6002.18005 C:\Windows\system32\rastapi.dll
0x70d00000 0x31000 6.00.6000.16386 C:\Windows\system32\TAPI32.dll
0x74ba0000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x74b60000 0x3d000 7.00.6002.18155 C:\Windows\system32\OLEACC.dll
0x6e310000 0x34000 6.00.6002.18209 c:\windows\system32\iphlpsvc.dll
0x6f000000 0x23000 6.00.6001.18000 c:\windows\system32\sqmapi.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x6de30000 0x4a000 6.00.6001.18000 C:\Windows\system32\hnetcfg.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x72820000 0x60000 6.00.6002.18096 C:\Windows\system32\WINHTTP.dll
0x70f50000 0x10b000 6.00.6002.18005 C:\Windows\system32\VSSAPI.DLL
0x74b40000 0x14000 6.00.6001.18000 C:\Windows\system32\vsstrace.dll
0x75100000 0x2f000 1.02.1009.0000 C:\Windows\system32\XmlLite.dll
0x75bb0000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x6dcb0000 0xb9000 6.00.6002.18005 C:\Windows\system32\wbem\wbemcore.dll
0x6dde0000 0x43000 6.00.6002.18005 C:\Windows\system32\wbem\esscli.dll
0x6dc10000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\FastProx.dll
0x6ef80000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6dda0000 0x17000 6.00.6002.18005 C:\Windows\system32\wbem\wmiutils.dll
0x6db70000 0x44000 6.00.6002.18005 C:\Windows\system32\wbem\repdrvfs.dll
0x6dad0000 0x43000 6.00.6002.18005 C:\Windows\system32\rasppp.dll
0x6dab0000 0x1a000 6.00.6002.18005 C:\Windows\system32\MPRAPI.dll
0x70db0000 0x4a000 6.00.6002.18005 C:\Windows\system32\RASAPI32.dll
0x70d40000 0x14000 6.00.6001.18000 C:\Windows\system32\rasman.dll
0x75850000 0x7e000 6.00.6002.18051 C:\Windows\system32\kerberos.dll
0x6da90000 0x14000 6.00.6001.18000 C:\Windows\system32\RASQEC.DLL
0x715b0000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll
0x6d860000 0x47000 6.00.6002.18005 C:\Windows\System32\raschap.dll
0x6da10000 0x3e000 6.00.6002.18116 C:\Windows\System32\rastls.dll
0x6d770000 0xf0000 6.00.6002.18005 C:\Windows\system32\CRYPTUI.dll
0x75470000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x75220000 0x1f000 6.00.6002.18005 C:\Windows\system32\WinSCard.dll
0x6d5d0000 0x7d000 6.00.6002.18005 C:\Windows\system32\wbem\wmiprvsd.dll
0x75fe0000 0xf000 6.00.6001.18000 C:\Windows\system32\NCObjAPI.DLL
0x6d570000 0x57000 6.00.6002.18005 C:\Windows\system32\wbem\wbemess.dll
0x75790000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x6c810000 0xb000 6.00.6001.18000 c:\windows\system32\appinfo.dll
0x6c7e0000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\ncprov.dll
0x6afa0000 0x1bf000 7.00.6002.18005 c:\windows\system32\qmgr.dll
0x6fc30000 0x5000 6.00.6000.16386 c:\windows\system32\SHFOLDER.dll
0x6d750000 0x8000 7.00.6000.16386 c:\windows\system32\bitsperf.dll
0x6d760000 0xb000 7.00.6002.18005 C:\Windows\system32\bitsigd.dll
0x6c940000 0x33000 6.00.6001.18000 C:\Windows\system32\upnp.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x6a540000 0x1d9000 7.04.7600.0226 c:\windows\system32\wuaueng.dll
0x6d400000 0x168000 6.00.6002.18005 c:\windows\system32\ESENT.dll
0x715d0000 0x42000 6.00.6002.18087 c:\windows\system32\WINSPOOL.DRV
0x6d740000 0xc000 6.00.6001.18000 c:\windows\system32\mspatcha.dll
0x75c80000 0x6000 6.00.6000.16386 C:\Windows\system32\WMsgAPI.dll
0x6f1e0000 0xd9000 6.00.6002.18005 C:\Windows\system32\wer.dll
0x70bd0000 0x6000 6.00.6000.16386 C:\Windows\system32\SensApi.dll
0x70a80000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x70020000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6fc60000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x70010000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x6fc00000 0x25000 2.00.0002.0000 C:\Program Files\Bonjour\mdnsNSP.dll
0x73170000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6da60000 0x26000 6.00.6001.18000 C:\Windows\system32\dssenh.dll
0x6c510000 0x2e000 8.00.6001.18702 C:\Windows\system32\advpack.dll
0x71620000 0x227000 4.05.6002.18005 C:\Windows\system32\msi.dll
0x74460000 0x46000 2001.12.6932.18005 C:\Windows\System32\ES.DLL
0x74050000 0xa000 7.04.7600.0226 C:\Windows\System32\wups.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x769f0000 0xe6000 8.00.6001.18975 C:\Windows\system32\WININET.dll
0x76180000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x73f00000 0x16000 6.00.6001.18000 c:\windows\system32\browser.dll
------------------------------------------------------------------------------
svchost.exe pid: 1392
Command line: C:\Windows\system32\svchost.exe -k GPSvcGroup
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74500000 0x8f000 6.00.6002.18005 c:\windows\system32\gpsvc.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x75d40000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x75bf0000 0x18000 6.00.6001.18000 c:\windows\system32\NTDSAPI.dll
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x754e0000 0x15000 6.00.6002.18005 c:\windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x75cb0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x75560000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74af0000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
------------------------------------------------------------------------------
svchost.exe pid: 1436
Command line: C:\Windows\system32\svchost.exe -k LocalService
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74460000 0x46000 2001.12.6932.18005 c:\windows\system32\es.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x74710000 0xbb000 7.00.6002.18005 c:\windows\system32\PROPSYS.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x74590000 0x8000 6.00.6001.18000 c:\windows\system32\nsisvc.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\secur32.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x72880000 0x34000 6.00.6002.18005 c:\windows\system32\webclnt.dll
0x72820000 0x60000 6.00.6002.18096 c:\windows\system32\WINHTTP.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\shell32.dll
0x769f0000 0xe6000 8.00.6001.18975 C:\Windows\system32\WinInet.dll
0x76180000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x72770000 0x2a000 6.00.6002.18049 c:\windows\system32\wkssvc.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75bf0000 0x18000 6.00.6001.18000 c:\windows\system32\NTDSAPI.dll
0x75610000 0xd7000 6.00.6000.16386 c:\windows\system32\WINBRAND.dll
0x715a0000 0x9000 6.00.6000.16386 c:\windows\system32\fdrespub.dll
0x70ec0000 0x59000 6.00.6002.18085 c:\windows\system32\wsdapi.dll
0x72810000 0xb000 6.00.6002.18210 c:\windows\system32\HTTPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 c:\windows\system32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x75100000 0x2f000 1.02.1009.0000 c:\windows\system32\XmlLite.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x70e90000 0x28000 6.00.6002.18005 C:\Windows\system32\FunDisc.dll
0x74a90000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x70a80000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x6ffa0000 0x25000 6.00.6001.18000 c:\windows\system32\sstpsvc.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x6f680000 0x48000 6.00.6002.18005 c:\windows\system32\w32time.dll
0x75c90000 0x11000 6.00.6001.18000 c:\windows\system32\cryptdll.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x6e3e0000 0x3c000 6.00.6001.18000 c:\windows\system32\netprofm.dll
0x74af0000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x6f5e0000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x70020000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6fc60000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x70010000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x6fc00000 0x25000 2.00.0002.0000 C:\Program Files\Bonjour\mdnsNSP.dll
0x73170000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6c910000 0x28000 6.00.6001.18000 c:\windows\system32\ssdpsrv.dll
0x74040000 0x6000 6.00.6001.18000 c:\windows\system32\fdphost.dll
0x73b60000 0x12000 6.00.6002.18005 C:\Windows\system32\fdwsd.dll
0x75130000 0x30000 6.00.6001.18000 C:\Windows\system32\MLANG.dll
0x73b40000 0x12000 6.00.6002.18005 C:\Windows\system32\fdssdp.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x74b20000 0xa000 6.00.6002.18005 C:\Windows\system32\fdproxy.dll
------------------------------------------------------------------------------
svchost.exe pid: 1656
Command line: C:\Windows\system32\svchost.exe -k NetworkService
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74310000 0x18000 6.00.6002.18005 c:\windows\system32\dnsrslvr.dll
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x71060000 0x22000 6.00.6002.18005 c:\windows\system32\cryptsvc.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x70f50000 0x10b000 6.00.6002.18005 c:\windows\system32\VSSAPI.DLL
0x74a90000 0x14000 3.05.2284.0002 c:\windows\system32\ATL.DLL
0x74b40000 0x14000 6.00.6001.18000 c:\windows\system32\vsstrace.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x75100000 0x2f000 1.02.1009.0000 c:\windows\system32\XmlLite.dll
0x75d40000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x75bb0000 0x14000 6.00.6002.18005 c:\windows\system32\MPR.dll
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75ab0000 0xf2000 6.00.6002.18005 c:\windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 c:\windows\system32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x70e60000 0x2b000 6.00.6001.18000 c:\windows\system32\nlasvc.dll
0x75a30000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x70be0000 0x1a000 6.00.6001.18000 c:\windows\system32\ncsi.dll
0x72820000 0x60000 6.00.6002.18096 c:\windows\system32\WINHTTP.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x758f0000 0x45000 6.00.6002.18005 c:\windows\system32\bcrypt.dll
0x70ca0000 0x8000 6.00.6001.18000 c:\windows\system32\CFGMGR32.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\ssdpapi.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x74460000 0x46000 2001.12.6932.18005 C:\Windows\system32\es.dll
0x74710000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x6fa60000 0x3d000 6.00.6002.18005 c:\windows\system32\tapisrv.dll
0x75010000 0x35000 6.00.6001.18000 c:\windows\system32\ACTIVEDS.dll
0x74bf0000 0x33000 6.00.6002.18005 c:\windows\system32\adsldpc.dll
0x72460000 0x2e000 6.00.6002.18005 c:\windows\system32\credui.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x74ba0000 0x32000 6.00.6002.18005 c:\windows\system32\WINMM.dll
0x74b60000 0x3d000 7.00.6002.18155 c:\windows\system32\OLEACC.dll
0x6f2c0000 0x71000 6.00.6002.18005 c:\windows\system32\termsrv.dll
0x70330000 0x7000 6.00.6001.18000 c:\windows\system32\ICAAPI.dll
0x75240000 0x2d000 6.00.6002.18169 c:\windows\system32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x6de80000 0x48000 6.00.6002.18005 C:\Windows\system32\unimdm.tsp
0x6dd90000 0x7000 6.00.6000.16386 C:\Windows\system32\uniplat.dll
0x6dbf0000 0x11000 6.00.6000.16386 C:\Windows\system32\unimdmat.dll
0x75840000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x6db20000 0x4a000
¤¤¤¤¤¤¤¤¤¤¤ DLLs ¤¤¤¤¤¤¤¤¤¤
------------------------------------------------------------------------------
explorer.exe pid: 2040
Command line: C:\Windows\Explorer.EXE
Base Size Version Path
0x001b0000 0x2cd000 6.00.6002.18005 C:\Windows\Explorer.EXE
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x72fd0000 0x108000 6.00.6002.18005 C:\Windows\system32\SHDOCVW.dll
0x75080000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll
0x75500000 0x1a000 6.00.6002.18005 C:\Windows\system32\POWRPROF.dll
0x73600000 0xc000 6.00.6001.18000 C:\Windows\system32\dwmapi.dll
0x748d0000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x74710000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x72e80000 0x146000 6.00.6002.18005 C:\Windows\system32\BROWSEUI.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.dll
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x75050000 0x30000 6.00.6001.18000 C:\Windows\system32\DUser.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x74360000 0xf4000 7.00.6002.18107 C:\Windows\system32\WindowsCodecs.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x72bb0000 0x1f000 5.02.3790.1830 C:\Windows\system32\EhStorShell.dll
0x72ba0000 0x6000 6.00.6000.16386 C:\Windows\system32\IconCodecService.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x726b0000 0xb2000 6.00.6002.18127 C:\Windows\system32\timedate.cpl
0x74a90000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x74b60000 0x3d000 7.00.6002.18155 C:\Windows\system32\OLEACC.dll
0x72490000 0x53000 6.00.6001.18000 C:\Windows\system32\ACTXPRXY.DLL
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x75610000 0xd7000 6.00.6000.16386 C:\Windows\system32\WINBRAND.dll
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\System32\SAMLIB.dll
0x728c0000 0x3c000 7.00.6002.18255 C:\Windows\System32\msshsq.dll
0x722f0000 0xc7000 6.00.6002.18005 C:\Windows\System32\NaturalLanguage6.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x74c30000 0x1e8000 6.00.6002.18005 C:\Windows\system32\authui.dll
0x75470000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x72b00000 0x9000 6.00.6000.16386 C:\Windows\system32\LINKINFO.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x71850000 0xa95000 8.00.6001.18975 C:\Windows\system32\ieframe.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x735f0000 0x7000 4.00.6000.16386 C:\Windows\system32\msiltcfg.dll
0x75840000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x71620000 0x227000 4.05.6002.18005 C:\Windows\system32\msi.dll
0x769f0000 0xe6000 8.00.6001.18975 C:\Windows\system32\WININET.dll
0x76180000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x74ba0000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x740d0000 0x2f000 6.00.6002.18005 C:\Windows\system32\wdmaud.drv
0x740c0000 0x4000 6.00.6000.16386 C:\Windows\system32\ksuser.dll
0x74fc0000 0x28000 6.00.6002.18005 C:\Windows\system32\MMDevAPI.DLL
0x74b00000 0x7000 6.00.6001.18000 C:\Windows\system32\AVRT.dll
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x72660000 0x4a000 6.00.6001.18000 C:\Windows\system32\ntshrui.dll
0x73190000 0xb000 6.00.6002.18005 C:\Windows\system32\cscapi.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\system32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x73180000 0x9000 6.00.6002.18005 C:\Windows\system32\ExplorerFrame.dll
0x737b0000 0x21000 6.00.6002.18005 C:\Windows\system32\AUDIOSES.DLL
0x73520000 0x66000 6.00.6001.18000 C:\Windows\system32\audioeng.dll
0x73640000 0x9000 6.00.6002.18005 C:\Windows\system32\msacm32.drv
0x73620000 0x14000 6.00.6001.18000 C:\Windows\system32\MSACM32.dll
0x73610000 0x7000 6.00.6002.18005 C:\Windows\system32\midimap.dll
0x75130000 0x30000 6.00.6001.18000 C:\Windows\system32\MLANG.dll
0x6fef0000 0x92000 6.00.6002.18005 C:\Windows\system32\stobject.dll
0x6fe30000 0xb6000 6.00.6000.16386 C:\Windows\system32\BatMeter.dll
0x75450000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x74460000 0x46000 2001.12.6932.18005 C:\Windows\system32\es.dll
0x6fbd0000 0x30000 6.00.6000.16386 C:\Windows\System32\SndVolSSO.dll
0x6fba0000 0x21000 6.00.6002.18005 C:\Windows\ehome\ehSSO.dll
0x74a80000 0x9000 6.00.6000.16386 C:\Windows\system32\HID.DLL
0x75390000 0x66000 6.00.6001.18000 C:\Windows\system32\FirewallAPI.dll
0x6e670000 0x30b000 6.00.6002.18005 C:\Windows\System32\netshell.dll
0x75a10000 0x19000 6.00.6002.18005 C:\Windows\System32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 C:\Windows\System32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 C:\Windows\System32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc6.DLL
0x74af0000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll
0x6f3c0000 0x1bf000 6.00.6002.18005 C:\Windows\system32\pnidui.dll
0x715b0000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll
0x75a30000 0x40000 6.00.6002.18005 C:\Windows\system32\wevtapi.dll
0x74120000 0x6000 6.00.6000.16386 C:\Windows\system32\wlanutil.dll
0x6f5e0000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x6d3e0000 0x12000 6.00.6002.18064 C:\Windows\system32\Wlanapi.dll
0x73910000 0x17c000 6.00.6002.18005 C:\Windows\system32\OneX.DLL
0x744e0000 0xe000 6.00.6001.18000 C:\Windows\system32\eappprxy.dll
0x74130000 0x24000 6.00.6002.18005 C:\Windows\system32\eappcfg.dll
0x758f0000 0x45000 6.00.6002.18005 C:\Windows\system32\bcrypt.dll
0x6d3b0000 0xd000 6.00.6000.16386 C:\Windows\System32\AltTab.dll
0x6d370000 0x19000 6.00.6002.18112 C:\Windows\system32\wpdshserviceobj.dll
0x6d2e0000 0x2b000 6.00.6002.18112 C:\Windows\system32\PortableDeviceTypes.dll
0x6f580000 0x56000 6.00.6002.18112 C:\Windows\system32\PortableDeviceApi.dll
0x70e00000 0x5a000 6.00.6001.18000 C:\Windows\system32\taskschd.dll
0x75100000 0x2f000 1.02.1009.0000 C:\Windows\system32\XmlLite.dll
0x6ceb0000 0x4d000 7.00.6002.18005 C:\Windows\System32\srchadmin.dll
0x6cf10000 0x3d000 8.00.6001.18702 C:\Windows\System32\webcheck.dll
0x71130000 0x21c000 6.00.6002.18005 C:\Windows\System32\SyncCenter.dll
0x6dd80000 0xb000 7.00.6002.18005 C:\Windows\system32\mssprxy.dll
0x6cf90000 0x39000 6.00.6002.18005 C:\Windows\system32\wscntfy.dll
0x72ad0000 0xb000 6.00.6002.18005 C:\Windows\system32\WSCAPI.dll
0x6ce00000 0xa3000 6.00.6002.18005 C:\Windows\system32\bthprops.cpl
0x71570000 0x2e000 6.00.6001.18000 C:\Windows\System32\QAgent.dll
0x72de0000 0x96000 6.00.6002.18005 C:\Windows\System32\fwpuclnt.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x6c990000 0x23000 9.00.0044.43458 C:\Program Files\Videotron\Services de sécurité Vidéotron\MalwareContextMenuR.dll
0x6c890000 0x73000 1.00.2498.0000 c:\PROGRA~1\MICROS~4\shellext.dll
0x6c830000 0x2e000 6.00.6001.18000 C:\Windows\system32\syncui.dll
0x6c870000 0x16000 6.00.6001.18000 C:\Windows\system32\SYNCENG.dll
0x75bb0000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x6f760000 0x28c000 6.00.6001.18000 C:\Windows\System32\NLSData000c.dll
0x6e980000 0x5f4000 6.00.6000.16386 C:\Windows\System32\NLSLexicons000c.dll
0x70e90000 0x28000 6.00.6002.18005 C:\Windows\system32\FunDisc.dll
0x74b20000 0xa000 6.00.6002.18005 C:\Windows\system32\fdproxy.dll
0x70a80000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
------------------------------------------------------------------------------
winlogon.exe pid: 800
Command line: winlogon.exe
Base Size Version Path
0x00710000 0x50000 6.00.6002.18005 C:\Windows\system32\winlogon.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x745a0000 0x3e000 6.00.6002.18005 C:\Windows\system32\SHSVCS.dll
0x75080000 0x3f000 6.00.6001.18000 C:\Windows\system32\uxtheme.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x74360000 0xf4000 7.00.6002.18107 C:\Windows\system32\WindowsCodecs.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x75bb0000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x75ff0000 0x16000 6.00.6002.18005 C:\Windows\system32\AUTHZ.dll
------------------------------------------------------------------------------
wininit.exe pid: 644
Command line: wininit.exe
Base Size Version Path
0x00760000 0x1a000 6.00.6001.18000 C:\Windows\system32\wininit.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
------------------------------------------------------------------------------
svchost.exe pid: 916
Command line: C:\Windows\system32\svchost.exe -k DcomLaunch
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75400000 0x39000 6.00.6002.18005 c:\windows\system32\umpnpmgr.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75500000 0x1a000 6.00.6002.18005 C:\Windows\system32\POWRPROF.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x752e0000 0x8a000 6.00.6002.18005 c:\windows\system32\rpcss.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x75450000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll
------------------------------------------------------------------------------
svchost.exe pid: 976
Command line: C:\Windows\system32\svchost.exe -k rpcss
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x752e0000 0x8a000 6.00.6002.18005 c:\windows\system32\rpcss.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x72de0000 0x96000 6.00.6002.18005 C:\Windows\system32\fwpuclnt.dll
------------------------------------------------------------------------------
svchost.exe pid: 1160
Command line: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\System32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x747d0000 0xfc000 6.00.6002.18005 c:\windows\system32\wevtsvc.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x754e0000 0x15000 6.00.6002.18005 c:\windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\System32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\System32\NETAPI32.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x746b0000 0x51000 6.00.6002.18005 c:\windows\system32\audiosrv.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x74fc0000 0x28000 6.00.6002.18005 c:\windows\system32\MMDevAPI.DLL
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x75560000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\System32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x744f0000 0x8000 6.00.6000.16386 c:\windows\system32\lmhsvc.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\System32\rsaenh.dll
0x737b0000 0x21000 6.00.6002.18005 C:\Windows\System32\audioses.dll
0x73520000 0x66000 6.00.6001.18000 C:\Windows\System32\audioeng.dll
0x74b00000 0x7000 6.00.6001.18000 C:\Windows\System32\AVRT.dll
0x6d270000 0x12000 6.00.6002.18005 c:\windows\system32\wscsvc.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x6e420000 0xdc000 6.00.6001.18000 c:\windows\system32\dbghelp.dll
0x6fb40000 0xb000 6.00.6002.18005 C:\Windows\system32\wbem\wbemprox.dll
0x6f5f0000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6ef80000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6dc10000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\fastprox.dll
0x75bf0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x75940000 0x35000 6.00.6002.18005 C:\Windows\System32\ncrypt.dll
0x758f0000 0x45000 6.00.6002.18005 C:\Windows\System32\BCRYPT.dll
0x6b330000 0x8e000 7.04.7600.0226 C:\Windows\system32\wuapi.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
------------------------------------------------------------------------------
svchost.exe pid: 1240
Command line: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\System32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\System32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\System32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x746b0000 0x51000 6.00.6002.18005 c:\windows\system32\audiosrv.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x74fc0000 0x28000 6.00.6002.18005 c:\windows\system32\MMDevAPI.DLL
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x75560000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\System32\WINTRUST.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\System32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\System32\Secur32.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x745f0000 0xb000 6.00.6002.18005 c:\windows\system32\uxsms.dll
0x744c0000 0x13000 6.00.6000.16386 c:\windows\system32\tabsvc.dll
0x74a80000 0x9000 6.00.6000.16386 c:\windows\system32\HID.DLL
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x745e0000 0x10000 6.00.6001.18000 c:\windows\system32\wudfsvc.dll
0x74330000 0x30000 6.00.6001.18000 c:\windows\system32\WUDFPlatform.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x75a30000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x741c0000 0x82000 6.00.6002.18064 c:\windows\system32\wlansvc.dll
0x75d40000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x74260000 0x4c000 6.00.6002.18064 c:\windows\system32\WLANMSM.DLL
0x74160000 0x52000 6.00.6002.18064 c:\windows\system32\WLANSEC.dll
0x73910000 0x17c000 6.00.6002.18005 c:\windows\system32\OneX.DLL
0x744e0000 0xe000 6.00.6001.18000 c:\windows\system32\eappprxy.dll
0x74130000 0x24000 6.00.6002.18005 c:\windows\system32\eappcfg.dll
0x748d0000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x75050000 0x30000 6.00.6001.18000 c:\windows\system32\DUser.dll
0x75080000 0x3f000 6.00.6001.18000 c:\windows\system32\UxTheme.dll
0x74b60000 0x3d000 7.00.6002.18155 c:\windows\system32\OLEACC.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x742c0000 0x18000 6.00.6002.18005 c:\windows\system32\wlgpclnt.dll
0x74250000 0x10000 6.00.6001.18000 c:\windows\system32\l2gpstore.dll
0x74120000 0x6000 6.00.6000.16386 c:\windows\system32\wlanutil.dll
0x75cb0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x75220000 0x1f000 6.00.6002.18005 c:\windows\system32\WinSCard.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x758f0000 0x45000 6.00.6002.18005 c:\windows\system32\bcrypt.dll
0x73650000 0x15b000 6.20.5002.0000 C:\Windows\System32\msxml6.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\System32\rsaenh.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\System32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75850000 0x7e000 6.00.6002.18051 C:\Windows\system32\kerberos.dll
0x75c90000 0x11000 6.00.6001.18000 C:\Windows\System32\cryptdll.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x73590000 0x60000 6.00.6001.18000 C:\Windows\system32\netcfgx.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\System32\Cabinet.dll
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x71450000 0x8d000 6.00.6002.18005 c:\windows\system32\emdmgmt.dll
0x71530000 0x39000 6.00.6002.18005 c:\windows\system32\WDSCORE.dll
0x714f0000 0xd000 6.00.6001.18000 c:\windows\system32\pcasvc.dll
0x70d60000 0x46000 6.00.6001.18000 c:\windows\system32\netman.dll
0x70db0000 0x4a000 6.00.6002.18005 c:\windows\system32\RASAPI32.dll
0x70d40000 0x14000 6.00.6001.18000 c:\windows\system32\rasman.dll
0x70d00000 0x31000 6.00.6000.16386 c:\windows\system32\TAPI32.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x74ba0000 0x32000 6.00.6002.18005 c:\windows\system32\WINMM.dll
0x6e670000 0x30b000 6.00.6002.18005 C:\Windows\System32\netshell.dll
0x74af0000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll
0x6f6d0000 0x8a000 6.00.6002.18005 c:\windows\system32\sysmain.dll
0x6fac0000 0x15000 6.00.6001.18000 c:\windows\system32\trkwks.dll
0x6faa0000 0x17000 6.00.6002.18112 c:\windows\system32\wpdbusenum.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\System32\GPAPI.dll
0x6f580000 0x56000 6.00.6002.18112 C:\Windows\system32\PortableDeviceApi.dll
0x6ded0000 0x12000 6.00.6002.18112 C:\Windows\System32\portabledeviceconnectapi.dll
0x71510000 0x15000 6.00.6001.18000 c:\windows\system32\wdi.dll
0x72ae0000 0xa000 6.00.6001.18000 C:\Windows\system32\pcadm.dll
0x6d660000 0xce000 6.00.6002.18005 C:\Windows\System32\RASDLG.dll
0x6dab0000 0x1a000 6.00.6002.18005 C:\Windows\System32\MPRAPI.dll
0x75010000 0x35000 6.00.6001.18000 C:\Windows\System32\ACTIVEDS.dll
0x74bf0000 0x33000 6.00.6002.18005 C:\Windows\System32\adsldpc.dll
0x72460000 0x2e000 6.00.6002.18005 C:\Windows\System32\credui.dll
0x74a90000 0x14000 3.05.2284.0002 C:\Windows\System32\ATL.DLL
0x6de30000 0x4a000 6.00.6001.18000 C:\Windows\System32\hnetcfg.dll
0x72820000 0x60000 6.00.6002.18096 C:\Windows\System32\WINHTTP.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x6c940000 0x33000 6.00.6001.18000 C:\Windows\system32\upnp.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\System32\SXS.DLL
0x6fb40000 0xb000 6.00.6002.18005 C:\Windows\system32\wbem\wbemprox.dll
0x6f5f0000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6ef80000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6dc10000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\fastprox.dll
0x75bf0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x75790000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x6c760000 0x15000 6.00.6000.16386 C:\Windows\system32\radardt.dll
------------------------------------------------------------------------------
svchost.exe pid: 1264
Command line: C:\Windows\system32\svchost.exe -k netsvcs
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74ad0000 0x11000 6.00.6001.18000 c:\windows\system32\mmcss.dll
0x74b00000 0x7000 6.00.6001.18000 c:\windows\system32\AVRT.dll
0x74620000 0x29000 6.00.6002.18005 c:\windows\system32\profsvc.dll
0x75cb0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x74af0000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x74a90000 0x14000 3.05.2284.0002 c:\windows\system32\ATL.DLL
0x745a0000 0x3e000 6.00.6002.18005 c:\windows\system32\shsvcs.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x75080000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x74610000 0xe000 6.00.6001.18000 c:\windows\system32\sens.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x744b0000 0x10000 6.00.6001.18000 c:\windows\system32\eapsvc.dll
0x742e0000 0x30000 6.00.6002.18005 C:\Windows\system32\eapphost.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x742b0000 0xf000 6.00.6001.18000 C:\Windows\system32\umb.dll
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 C:\Windows\system32\WINTRUST.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x73880000 0x85000 5.82.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll
0x737e0000 0x94000 6.00.6002.18005 c:\windows\system32\schedsvc.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75a30000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x74110000 0x7000 6.00.6001.18000 c:\windows\system32\ktmw32.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x74070000 0x44000 6.00.6002.18005 C:\Windows\system32\taskcomp.dll
0x75840000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x74100000 0xb000 6.00.6001.18000 C:\Windows\system32\wiarpc.dll
0x74710000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x75fb0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x732b0000 0x9000 6.00.6000.16386 C:\Windows\system32\tschannel.dll
0x72630000 0x22000 6.00.6002.18306 c:\windows\system32\srvsvc.dll
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x75440000 0x6000 6.00.6000.16386 C:\Windows\system32\SSCORE.DLL
0x75390000 0x66000 6.00.6001.18000 C:\Windows\system32\FirewallAPI.DLL
0x750d0000 0x2e000 6.00.6001.18000 C:\Windows\system32\CLUSAPI.DLL
0x75bf0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x75c90000 0x11000 6.00.6001.18000 C:\Windows\system32\cryptdll.dll
0x75010000 0x35000 6.00.6001.18000 C:\Windows\system32\ACTIVEDS.dll
0x74bf0000 0x33000 6.00.6002.18005 C:\Windows\system32\adsldpc.dll
0x72460000 0x2e000 6.00.6002.18005 C:\Windows\system32\credui.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x75370000 0x13000 6.00.6001.18000 C:\Windows\system32\RESUTILS.DLL
0x74ff0000 0x9000 6.00.6000.16386 c:\windows\system32\aelupsvc.dll
0x713e0000 0x6f000 6.00.6002.18005 c:\windows\system32\ikeext.dll
0x72de0000 0x96000 6.00.6002.18005 c:\windows\system32\fwpuclnt.dll
0x75940000 0x35000 6.00.6002.18005 C:\Windows\system32\ncrypt.dll
0x758f0000 0x45000 6.00.6002.18005 C:\Windows\system32\BCRYPT.dll
0x704a0000 0x8000 6.00.6001.18000 c:\windows\system32\seclogon.dll
0x6f9f0000 0x2a000 6.00.6002.18005 c:\windows\system32\wbem\wmisvc.dll
0x6f5f0000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6efb0000 0x43000 6.00.6002.18005 c:\windows\system32\rasmans.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x6f030000 0x14000 6.00.6002.18005 C:\Windows\system32\rastapi.dll
0x70d00000 0x31000 6.00.6000.16386 C:\Windows\system32\TAPI32.dll
0x74ba0000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x74b60000 0x3d000 7.00.6002.18155 C:\Windows\system32\OLEACC.dll
0x6e310000 0x34000 6.00.6002.18209 c:\windows\system32\iphlpsvc.dll
0x6f000000 0x23000 6.00.6001.18000 c:\windows\system32\sqmapi.dll
0x74ab0000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x6de30000 0x4a000 6.00.6001.18000 C:\Windows\system32\hnetcfg.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x72820000 0x60000 6.00.6002.18096 C:\Windows\system32\WINHTTP.dll
0x70f50000 0x10b000 6.00.6002.18005 C:\Windows\system32\VSSAPI.DLL
0x74b40000 0x14000 6.00.6001.18000 C:\Windows\system32\vsstrace.dll
0x75100000 0x2f000 1.02.1009.0000 C:\Windows\system32\XmlLite.dll
0x75bb0000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x6dcb0000 0xb9000 6.00.6002.18005 C:\Windows\system32\wbem\wbemcore.dll
0x6dde0000 0x43000 6.00.6002.18005 C:\Windows\system32\wbem\esscli.dll
0x6dc10000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\FastProx.dll
0x6ef80000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x6dda0000 0x17000 6.00.6002.18005 C:\Windows\system32\wbem\wmiutils.dll
0x6db70000 0x44000 6.00.6002.18005 C:\Windows\system32\wbem\repdrvfs.dll
0x6dad0000 0x43000 6.00.6002.18005 C:\Windows\system32\rasppp.dll
0x6dab0000 0x1a000 6.00.6002.18005 C:\Windows\system32\MPRAPI.dll
0x70db0000 0x4a000 6.00.6002.18005 C:\Windows\system32\RASAPI32.dll
0x70d40000 0x14000 6.00.6001.18000 C:\Windows\system32\rasman.dll
0x75850000 0x7e000 6.00.6002.18051 C:\Windows\system32\kerberos.dll
0x6da90000 0x14000 6.00.6001.18000 C:\Windows\system32\RASQEC.DLL
0x715b0000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll
0x6d860000 0x47000 6.00.6002.18005 C:\Windows\System32\raschap.dll
0x6da10000 0x3e000 6.00.6002.18116 C:\Windows\System32\rastls.dll
0x6d770000 0xf0000 6.00.6002.18005 C:\Windows\system32\CRYPTUI.dll
0x75470000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x75220000 0x1f000 6.00.6002.18005 C:\Windows\system32\WinSCard.dll
0x6d5d0000 0x7d000 6.00.6002.18005 C:\Windows\system32\wbem\wmiprvsd.dll
0x75fe0000 0xf000 6.00.6001.18000 C:\Windows\system32\NCObjAPI.DLL
0x6d570000 0x57000 6.00.6002.18005 C:\Windows\system32\wbem\wbemess.dll
0x75790000 0x38000 6.00.6002.18111 C:\Windows\system32\msv1_0.dll
0x6c810000 0xb000 6.00.6001.18000 c:\windows\system32\appinfo.dll
0x6c7e0000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\ncprov.dll
0x6afa0000 0x1bf000 7.00.6002.18005 c:\windows\system32\qmgr.dll
0x6fc30000 0x5000 6.00.6000.16386 c:\windows\system32\SHFOLDER.dll
0x6d750000 0x8000 7.00.6000.16386 c:\windows\system32\bitsperf.dll
0x6d760000 0xb000 7.00.6002.18005 C:\Windows\system32\bitsigd.dll
0x6c940000 0x33000 6.00.6001.18000 C:\Windows\system32\upnp.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x6a540000 0x1d9000 7.04.7600.0226 c:\windows\system32\wuaueng.dll
0x6d400000 0x168000 6.00.6002.18005 c:\windows\system32\ESENT.dll
0x715d0000 0x42000 6.00.6002.18087 c:\windows\system32\WINSPOOL.DRV
0x6d740000 0xc000 6.00.6001.18000 c:\windows\system32\mspatcha.dll
0x75c80000 0x6000 6.00.6000.16386 C:\Windows\system32\WMsgAPI.dll
0x6f1e0000 0xd9000 6.00.6002.18005 C:\Windows\system32\wer.dll
0x70bd0000 0x6000 6.00.6000.16386 C:\Windows\system32\SensApi.dll
0x70a80000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x70020000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6fc60000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x70010000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x6fc00000 0x25000 2.00.0002.0000 C:\Program Files\Bonjour\mdnsNSP.dll
0x73170000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6da60000 0x26000 6.00.6001.18000 C:\Windows\system32\dssenh.dll
0x6c510000 0x2e000 8.00.6001.18702 C:\Windows\system32\advpack.dll
0x71620000 0x227000 4.05.6002.18005 C:\Windows\system32\msi.dll
0x74460000 0x46000 2001.12.6932.18005 C:\Windows\System32\ES.DLL
0x74050000 0xa000 7.04.7600.0226 C:\Windows\System32\wups.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x769f0000 0xe6000 8.00.6001.18975 C:\Windows\system32\WININET.dll
0x76180000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x73f00000 0x16000 6.00.6001.18000 c:\windows\system32\browser.dll
------------------------------------------------------------------------------
svchost.exe pid: 1392
Command line: C:\Windows\system32\svchost.exe -k GPSvcGroup
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74500000 0x8f000 6.00.6002.18005 c:\windows\system32\gpsvc.dll
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x75d40000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x75bf0000 0x18000 6.00.6001.18000 c:\windows\system32\NTDSAPI.dll
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x754e0000 0x15000 6.00.6002.18005 c:\windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 c:\windows\system32\slc.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x75cb0000 0x7000 6.00.6000.16386 c:\windows\system32\SYSNTFY.dll
0x75560000 0x25000 6.00.6001.18000 c:\windows\system32\WINSTA.dll
0x74af0000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
------------------------------------------------------------------------------
svchost.exe pid: 1436
Command line: C:\Windows\system32\svchost.exe -k LocalService
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74460000 0x46000 2001.12.6932.18005 c:\windows\system32\es.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x74710000 0xbb000 7.00.6002.18005 c:\windows\system32\PROPSYS.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x74590000 0x8000 6.00.6001.18000 c:\windows\system32\nsisvc.dll
0x76010000 0x14000 6.00.6002.18051 C:\Windows\system32\secur32.dll
0x75ab0000 0xf2000 6.00.6002.18005 C:\Windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 C:\Windows\system32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x75d40000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x72880000 0x34000 6.00.6002.18005 c:\windows\system32\webclnt.dll
0x72820000 0x60000 6.00.6002.18096 c:\windows\system32\WINHTTP.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x76c90000 0x133000 8.00.6001.18975 C:\Windows\system32\urlmon.dll
0x76dd0000 0x1e8000 8.00.6001.18975 C:\Windows\system32\iertutil.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\shell32.dll
0x769f0000 0xe6000 8.00.6001.18975 C:\Windows\system32\WinInet.dll
0x76180000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x72770000 0x2a000 6.00.6002.18049 c:\windows\system32\wkssvc.dll
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75bf0000 0x18000 6.00.6001.18000 c:\windows\system32\NTDSAPI.dll
0x75610000 0xd7000 6.00.6000.16386 c:\windows\system32\WINBRAND.dll
0x715a0000 0x9000 6.00.6000.16386 c:\windows\system32\fdrespub.dll
0x70ec0000 0x59000 6.00.6002.18085 c:\windows\system32\wsdapi.dll
0x72810000 0xb000 6.00.6002.18210 c:\windows\system32\HTTPAPI.dll
0x75240000 0x2d000 6.00.6002.18169 c:\windows\system32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x75100000 0x2f000 1.02.1009.0000 c:\windows\system32\XmlLite.dll
0x75390000 0x66000 6.00.6001.18000 c:\windows\system32\FirewallAPI.dll
0x75840000 0x8000 6.00.6002.18005 c:\windows\system32\VERSION.dll
0x70e90000 0x28000 6.00.6002.18005 C:\Windows\system32\FunDisc.dll
0x74a90000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x70a80000 0x136000 8.100.5003.0000 C:\Windows\System32\msxml3.dll
0x75f50000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x6ffa0000 0x25000 6.00.6001.18000 c:\windows\system32\sstpsvc.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x6f680000 0x48000 6.00.6002.18005 c:\windows\system32\w32time.dll
0x75c90000 0x11000 6.00.6001.18000 c:\windows\system32\cryptdll.dll
0x754e0000 0x15000 6.00.6002.18005 C:\Windows\system32\GPAPI.dll
0x75a70000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x6e3e0000 0x3c000 6.00.6001.18000 c:\windows\system32\netprofm.dll
0x74af0000 0xf000 6.00.6001.18000 c:\windows\system32\nlaapi.dll
0x6f5e0000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x70020000 0xf000 6.00.6001.18000 C:\Windows\system32\napinsp.dll
0x6fc60000 0x12000 6.00.6001.18000 C:\Windows\system32\pnrpnsp.dll
0x70010000 0x8000 6.00.6002.18005 C:\Windows\System32\winrnr.dll
0x6fc00000 0x25000 2.00.0002.0000 C:\Program Files\Bonjour\mdnsNSP.dll
0x73170000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6c910000 0x28000 6.00.6001.18000 c:\windows\system32\ssdpsrv.dll
0x74040000 0x6000 6.00.6001.18000 c:\windows\system32\fdphost.dll
0x73b60000 0x12000 6.00.6002.18005 C:\Windows\system32\fdwsd.dll
0x75130000 0x30000 6.00.6001.18000 C:\Windows\system32\MLANG.dll
0x73b40000 0x12000 6.00.6002.18005 C:\Windows\system32\fdssdp.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\SSDPAPI.dll
0x74b20000 0xa000 6.00.6002.18005 C:\Windows\system32\fdproxy.dll
------------------------------------------------------------------------------
svchost.exe pid: 1656
Command line: C:\Windows\system32\svchost.exe -k NetworkService
Base Size Version Path
0x00500000 0x8000 6.00.6001.18000 C:\Windows\system32\svchost.exe
0x77ad0000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x765c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x76340000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x76260000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x76190000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x75480000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x76bf0000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x76420000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x769a0000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x766a0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x76330000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x76170000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75c30000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x76470000 0x145000 6.00.6002.18277 C:\Windows\system32\ole32.dll
0x77c00000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x768d0000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x766d0000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x77c20000 0x7d000 1.626.6002.18244 C:\Windows\system32\USP10.dll
0x74310000 0x18000 6.00.6002.18005 c:\windows\system32\dnsrslvr.dll
0x75c50000 0x2c000 6.00.6002.18005 c:\windows\system32\DNSAPI.dll
0x759d0000 0x35000 6.00.6002.18005 c:\windows\system32\dhcpcsvc.DLL
0x76010000 0x14000 6.00.6002.18051 c:\windows\system32\Secur32.dll
0x759c0000 0x7000 6.00.6001.18000 c:\windows\system32\WINNSI.DLL
0x75990000 0x22000 6.00.6002.18005 c:\windows\system32\dhcpcsvc6.DLL
0x75a10000 0x19000 6.00.6002.18005 c:\windows\system32\IPHLPAPI.DLL
0x757d0000 0x3b000 6.00.6002.18005 C:\Windows\system32\mswsock.dll
0x75830000 0x5000 6.00.6001.18000 C:\Windows\System32\wship6.dll
0x75460000 0x5000 6.00.6001.18000 C:\Windows\System32\wshtcpip.dll
0x71060000 0x22000 6.00.6002.18005 c:\windows\system32\cryptsvc.dll
0x76ae0000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x70f50000 0x10b000 6.00.6002.18005 c:\windows\system32\VSSAPI.DLL
0x74a90000 0x14000 3.05.2284.0002 c:\windows\system32\ATL.DLL
0x74b40000 0x14000 6.00.6001.18000 c:\windows\system32\vsstrace.dll
0x75ff0000 0x16000 6.00.6002.18005 c:\windows\system32\AUTHZ.dll
0x75100000 0x2f000 1.02.1009.0000 c:\windows\system32\XmlLite.dll
0x75d40000 0x76000 6.00.6002.18005 c:\windows\system32\NETAPI32.dll
0x75bb0000 0x14000 6.00.6002.18005 c:\windows\system32\MPR.dll
0x766e0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x75ab0000 0xf2000 6.00.6002.18005 c:\windows\system32\CRYPT32.dll
0x75c10000 0x12000 6.00.6002.18106 c:\windows\system32\MSASN1.dll
0x76030000 0x1e000 6.00.6002.18005 c:\windows\system32\USERENV.dll
0x70e60000 0x2b000 6.00.6001.18000 c:\windows\system32\nlasvc.dll
0x75a30000 0x40000 6.00.6002.18005 c:\windows\system32\wevtapi.dll
0x70be0000 0x1a000 6.00.6001.18000 c:\windows\system32\ncsi.dll
0x72820000 0x60000 6.00.6002.18096 c:\windows\system32\WINHTTP.dll
0x76870000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75450000 0xa000 6.00.6001.18000 c:\windows\system32\WTSAPI32.dll
0x758f0000 0x45000 6.00.6002.18005 c:\windows\system32\bcrypt.dll
0x70ca0000 0x8000 6.00.6001.18000 c:\windows\system32\CFGMGR32.dll
0x74e20000 0x19e000 6.10.6002.18305 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x75520000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x758e0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x755c0000 0x46000 6.00.6002.18290 C:\Windows\system32\schannel.dll
0x70bc0000 0xc000 6.00.6000.16386 C:\Windows\system32\ssdpapi.dll
0x77ca0000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x74460000 0x46000 2001.12.6932.18005 C:\Windows\system32\es.dll
0x74710000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x75560000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x6fa60000 0x3d000 6.00.6002.18005 c:\windows\system32\tapisrv.dll
0x75010000 0x35000 6.00.6001.18000 c:\windows\system32\ACTIVEDS.dll
0x74bf0000 0x33000 6.00.6002.18005 c:\windows\system32\adsldpc.dll
0x72460000 0x2e000 6.00.6002.18005 c:\windows\system32\credui.dll
0x76fc0000 0xb10000 6.00.6002.18287 C:\Windows\system32\SHELL32.dll
0x71500000 0xc000 6.00.6002.18274 c:\windows\system32\rtutils.dll
0x74ba0000 0x32000 6.00.6002.18005 c:\windows\system32\WINMM.dll
0x74b60000 0x3d000 7.00.6002.18155 c:\windows\system32\OLEACC.dll
0x6f2c0000 0x71000 6.00.6002.18005 c:\windows\system32\termsrv.dll
0x70330000 0x7000 6.00.6001.18000 c:\windows\system32\ICAAPI.dll
0x75240000 0x2d000 6.00.6002.18169 c:\windows\system32\WINTRUST.dll
0x763f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x6de80000 0x48000 6.00.6002.18005 C:\Windows\system32\unimdm.tsp
0x6dd90000 0x7000 6.00.6000.16386 C:\Windows\system32\uniplat.dll
0x6dbf0000 0x11000 6.00.6000.16386 C:\Windows\system32\unimdmat.dll
0x75840000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x6db20000 0x4a000
contact at www.sur-la-toile.com
mail: tigzy44<at>hotmail<dot>fr
Remontées: https://www.luanagames.com/index.fr.html
Operating System: Windows Vista (6.0.6002 Service Pack 2) version 32 bits
Mode: Scan -- Time : 11/11/2010 02:31:30
Bad processes:
Found:
Finished
mail: tigzy44<at>hotmail<dot>fr
Remontées: https://www.luanagames.com/index.fr.html
Operating System: Windows Vista (6.0.6002 Service Pack 2) version 32 bits
Mode: Scan -- Time : 11/11/2010 02:31:30
Bad processes:
Found:
Finished
salut pourquoi rogue killer ?
Relance List_Kill'em(soit en clic droit pour vista/7),avec le raccourci sur ton bureau.
mais cette fois-ci :
choisis l'option CLEAN
laisse travailler l'outil.
en fin de scan la fenêtre se ferme , et tu as un rapport du nom de Kill'em.txt sur ton bureau
Relance List_Kill'em(soit en clic droit pour vista/7),avec le raccourci sur ton bureau.
mais cette fois-ci :
choisis l'option CLEAN
laisse travailler l'outil.
en fin de scan la fenêtre se ferme , et tu as un rapport du nom de Kill'em.txt sur ton bureau
¤¤ Kill'em by g3n-h@ckm@n 2.1.2.0 ¤¤¤¤¤¤¤¤¤¤
User : Utilisateur (Administrateurs)
Update on 11/11/2010 by g3n-h@ckm@n ::::: 13.00
Start at: 07:46:37 | 2010-11-11
Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18975
Windows Firewall Status : Disabled
C:\ -> Disque fixe local | 216,88 Go (139,33 Go free) | NTFS
D:\ -> Disque CD-ROM
Q:\ -> Disque fixe local
¤¤¤¤¤¤¤¤¤¤ Files/folders :
¤¤¤¤¤¤¤¤¤¤ Hosts ¤¤¤¤¤¤¤¤¤¤
127.0.0.1 localhost
¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
Local Page = C:\WINDOWS\system32\blank.htm
Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.google.com/?gws_rd=ssl
Local Page = C:\WINDOWS\system32\blank.htm
Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
¤¤¤¤¤¤¤¤¤¤ Security Center ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
cval = 1 (0x1)
FirewallDisableNotify = 0 (0x0)
AntiVirusDisableNotify = 0 (0x0)
UpdatesDisableNotify = 0 (0x0)
FirstRunDisabled = 1 (0x1)
AntiVirusOverride = 0 (0x0)
FirewallOverride = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤
Ndisuio : Start = 3
EapHost : Start = 2
Wlansvc : Start = 2
SharedAccess : Start = 2
windefend : Start = 2
wuauserv : Start = 2
wscsvc : Start = 2
¤¤¤¤¤¤¤¤¤¤ Winlogon
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
Shell = explorer.exe
Userinit = C:\Windows\System32\userinit.exe,
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Disk Cleaned
anti-ver blaster : OK
Prefetch cleaned
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
FEATURE_BROWSER_EMULATION | svchost :
====================================
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 62 !
copy of MBR has been found in sector 63 !
End of Scan : 7:47:49,85
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
User : Utilisateur (Administrateurs)
Update on 11/11/2010 by g3n-h@ckm@n ::::: 13.00
Start at: 07:46:37 | 2010-11-11
Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18975
Windows Firewall Status : Disabled
C:\ -> Disque fixe local | 216,88 Go (139,33 Go free) | NTFS
D:\ -> Disque CD-ROM
Q:\ -> Disque fixe local
¤¤¤¤¤¤¤¤¤¤ Files/folders :
¤¤¤¤¤¤¤¤¤¤ Hosts ¤¤¤¤¤¤¤¤¤¤
127.0.0.1 localhost
¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
Local Page = C:\WINDOWS\system32\blank.htm
Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.google.com/?gws_rd=ssl
Local Page = C:\WINDOWS\system32\blank.htm
Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
¤¤¤¤¤¤¤¤¤¤ Security Center ¤¤¤¤¤¤¤¤¤¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
cval = 1 (0x1)
FirewallDisableNotify = 0 (0x0)
AntiVirusDisableNotify = 0 (0x0)
UpdatesDisableNotify = 0 (0x0)
FirstRunDisabled = 1 (0x1)
AntiVirusOverride = 0 (0x0)
FirewallOverride = 0 (0x0)
¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤
Ndisuio : Start = 3
EapHost : Start = 2
Wlansvc : Start = 2
SharedAccess : Start = 2
windefend : Start = 2
wuauserv : Start = 2
wscsvc : Start = 2
¤¤¤¤¤¤¤¤¤¤ Winlogon
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
Shell = explorer.exe
Userinit = C:\Windows\System32\userinit.exe,
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Disk Cleaned
anti-ver blaster : OK
Prefetch cleaned
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
FEATURE_BROWSER_EMULATION | svchost :
====================================
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 62 !
copy of MBR has been found in sector 63 !
End of Scan : 7:47:49,85
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Bonjour!
J'ai finalement réussis à faire malwarebytes!
Voici le rapport:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 5097
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975
2010-11-11 21:53:41
mbam-log-2010-11-11 (21-53-41).txt
Type d'examen: Examen complet (C:\|Q:\|)
Elément(s) analysé(s): 245079
Temps écoulé: 57 minute(s), 58 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
J'ai finalement réussis à faire malwarebytes!
Voici le rapport:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 5097
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975
2010-11-11 21:53:41
mbam-log-2010-11-11 (21-53-41).txt
Type d'examen: Examen complet (C:\|Q:\|)
Elément(s) analysé(s): 245079
Temps écoulé: 57 minute(s), 58 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
