systeme tool

Question

Bonjour, 

systeme tools est sur mon pc et je n'arrive pas a m'en débarasser

qui peut m'aider ?

Merci



Configuration: Windows XP / Internet Explorer 8.0

gen-hackman · Answer

salut

DESACTIVE TON ANTIVIRUS ET TON PAREFEU SI PRESENTS !!!!! (car l'outil est detecté a tort comme infection contenant un module qui sert à arrêter des processus , et un autre servant à prendre des droits dans le registre pour effectuer des suppressions)

&#9654 Télécharge ici :List_Kill'em

 et enregistre le sur ton bureau 

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...." 

sur le raccourci sur ton bureau pour lancer l'installation

Laisse coché :

&#9830 Executer List_Kill'em

une fois terminée , clic sur "terminer" 

lance-le via le raccourci apparu sur ton bureau comme précité au debut 

choisis l'option Search

&#9654 laisse travailler l'outil

à l'apparition de la fenetre blanche , c'est un peu long , c'est normal ,c'est une recherche supplementaire de fichiers cachés , le programme n'est pas bloqué.

&#9654 Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"

&#9654&#9654&#9654 NE LE POSTE PAS SUR LE FORUM 

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/ 

&#9654 Clique sur Parcourir et cherche le fichier C:\List'em.txt 

&#9654 Clique sur Ouvrir. 

&#9654 Clique sur "Cliquez ici pour déposer le fichier". 

Un lien de cette forme : 

http://www.cijoint.fr/cjlink.php?file=265368/cijSKAP5fU.txt 

est ajouté dans la page. 

&#9654 Copie ce lien dans ta réponse. 

&#9654 Fais de même avec more.txt qui se trouve sur ton bureau

vrp74 · Answer

http://www.cijoint.fr/cjlink.php?file=cj201101/cijt2LYaDZ.txt
 le lien

je ne trouve pas more txt

merci

gen-hackman · Answer

tu n'as pas suivi les instructions !  

desactive avast et antivir 

vires-en un des deux et recommence  
G3?-?@¢??@?......List_Kill'em...

vrp74 · Answer

le lien
http://www.cijoint.fr/cjlink.php?file=cj201101/cijWWYsxPZ.txt

J'ai fais ce que tu me dis , mais je ne trouve pas de more txt

je comprends pas

gen-hackman · Answer

l antivirus est encore actif pendant l 'analyse...

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...." 

&#9654 Relance List_Kill'em,avec le raccourci sur ton bureau.

mais cette fois-ci :

&#9654 choisis l'Option Clean

&#9654&#9654&#9654 Ne clique qu'une seule fois sur le bouton !!

laisse travailler l'outil.

en fin de scan la fenetre se ferme , et tu as un rapport du nom de Kill'em.txt sur ton bureau ,

&#9654 colle le contenu dans ta reponse

vrp 74 · Answer

Bonjour,

je me retrouve devant un autre probème, quand je clique sur Kill rien ne se passe et j'ai un message qui apparait: A hard drive error occured while starting the application, que dois je faire ?

merci

gen-hackman · Answer

en mode sans echec avec prise en charge reseau

vrp 74 · Answer

Bonjour, 

Ok c'est fait , mais il n'y a aucun rapport sur le bureau et même en recherche on trouve rien

donc j'ai pas de rapport

gen-hackman · Answer

Kill'em.txt .??? tu n'as pas ca ?

vrp 74 · Answer

non

j'ai cherché partout

boogieman83 · Answer

salut vrp 74

je viens de nettoye 2 pc de copains qui avait le même probleme je vais te dire comment t en debarrasser il faut demarrer ton pc avec mode sans echec avec reseau ensuite tu lances la derniere version de bitdefender en ligne gratuite ,des qu'il t a trouve les trojans tu les vires et tu nettoie avec ccleaner et malawaerebyte 
avec ça pas de probleme  resultat garantit sur les 3 derniers pc qui avait ce spywaere et que j'ai depanne
tiens moi au courant 
a+

vrp 74 · Answer

This log file is located at C:\rkill.log. 
Please post this only if requested to by the person helping you. 
Otherwise you can close this log when you wish. 

Rkill was run on 13/01/2011 at 14:42:59. 
Operating System: Microsoft Windows XP 


Processes terminated by Rkill or while it was running: 

C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe


Rkill completed on 13/01/2011 at 14:43:20. 

je t'envoie le rapport  il est apparu a la 3 eme  X

boogieman83 · Answer

il faut absolument que tu travail en mode sans echec avec reseau autrement systeme tool va te barrer la route a chaque click
j'en ai vire 3 sur 3 pc differents je sais de quoi je parle car il est coriace
la premiere fois j'ai galere maintenant c'est une affaire d'un quart d'heure le temps de faire la procedure que j'ai demontre plus haut 



 --
Le paradis des fous est l'enfer des sages

gen-hackman · Answer

bonjour veuillez ne pas interferer dans les desinfections prises en charge et en cours merci !

telecharge roguekiller de cette page et fournis le rapport de l'option 2 stp

https://www.luanagames.com/index.fr.html

vrp 74 · Answer

le rapport ogueKiller V3.7.3 by Tigzy contact at www.sur-la-toile.com mail: tigzy44hotmailfr Feedback: https://www.luanagames.com/index.fr.html Operating System: Windows XP (5.1.2600 Service Pack 3) version 32 bits User: Admin Mode: Remove -- Time : 13/01/2011 15:10:20 Bad processes: Deregistred: HKCU\...\RUN\ sMucQTngLLRteNH.exe : C:\Documents and Settings\All Users\Application Data\sMucQTngLLRteNH.exe HKCU\...\RUN\ hDRgnC8vCXb : C:\Documents and Settings\All Users\Application Data\hDRgnC8vCXb.exe HKCU\...\RUNONCE\ oNcGj06511 : C:\Documents and Settings\All Users\Application Data\oNcGj06511\oNcGj06511.exe HKCU\...\Internet Settings\ ProxyServer : http=127.0.0.1:5555 ...NOT REMOVED! Fichier HOSTS: 127.0.0.1 localhost Finished

gen-hackman · Answer

reessaie le clean de List_Kill'em sans redemarrer

vrp 74 · Answer

Ok c'est fait

mais pas de rapport

gen-hackman · Answer

refais une recherche ?

Tigzy · Answer

Salut

HKCU\...\Internet Settings\ ProxyServer : http=127.0.0.1:5555 ...NOT REMOVED! 

Relance RogueKiller en mode 2, et quand demandé pour le proxy, tape 1

vrp 74 · Answer

his log file is located at C:\rkill.log. 
Please post this only if requested to by the person helping you. 
Otherwise you can close this log when you wish. 

Rkill was run on 13/01/2011 at 18:05:14. 
Operating System: Microsoft Windows XP 


Processes terminated by Rkill or while it was running: 



Rkill completed on 13/01/2011 at 18:05:35. 

Voila le rapport que j'ai

gen-hackman · Answer

ok je peux réavoir un rapport de recherche avec List_Kill'em ?

vrp 74 · Answer

Jai relancer rogue killer en mode 2

Voila le rapport

ogueKiller V3.7.3 by Tigzy
contact at www.sur-la-toile.com
mail: tigzy44<at>hotmail<dot>fr
Feedback: https://www.luanagames.com/index.fr.html

Operating System: Windows XP (5.1.2600 Service Pack 3) version 32 bits
User: Admin
Mode: Remove -- Time : 13/01/2011 15:10:20

Bad processes:

Deregistred:
HKCU\...\RUN\ sMucQTngLLRteNH.exe : C:\Documents and Settings\All Users\Application Data\sMucQTngLLRteNH.exe
HKCU\...\RUN\ hDRgnC8vCXb : C:\Documents and Settings\All Users\Application Data\hDRgnC8vCXb.exe
HKCU\...\RUNONCE\ oNcGj06511 : C:\Documents and Settings\All Users\Application Data\oNcGj06511\oNcGj06511.exe
HKCU\...\Internet Settings\ ProxyServer : http=127.0.0.1:5555 ...NOT REMOVED!

Fichier HOSTS:
127.0.0.1 localhost

Finished

RogueKiller V3.7.3 by Tigzy
contact at www.sur-la-toile.com
mail: tigzy44<at>hotmail<dot>fr
Feedback: https://www.luanagames.com/index.fr.html

Operating System: Windows XP (5.1.2600 Service Pack 3) version 32 bits
User: Admin
Mode: Remove -- Time : 13/01/2011 18:34:28

Bad processes:
Killed c:\documents and settings\bernadette\bureau\bureau\rkill.com
Killed c:\docume~1\michel\locals~1\temp\rarsfx3\nircmd.exe

Deregistred:
HKCU\...\Internet Settings\ ProxyServer : http=127.0.0.1:5555

Fichier HOSTS:
127.0.0.1 localhost
j

gen-hackman · Answer

/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\

__________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================

▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur

Telecharge ici : Combofix

Avant d'utiliser ComboFix :

Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système.
La simple désactivation du résident n'est pas suffisante.
Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover
Choisis la version adéquate (32 ou 64 bits)/!\

Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

▶ Télécharge Defogger (de jpshortstuff) sur ton Bureau

▶ Lance le

Une fenêtre apparait : clique sur "Disable"

▶ Fais redémarrer l'ordinateur si l'outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

_________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur combofix renommé

▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

vrp74 · Answer

rapport combofix


ComboFix 11-01-12.04 - Michel 13/01/2011  22:12:54.6.2 - x86
Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.1022.723 [GMT 1:00]
Lancé depuis: c:\documents and settings\Bernadette\Bureau\Bureau\mimi.exe
AV: avast! antivirus 4.8.1296 [VPS 090327-0] *Enabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\oNcGj06511
c:\documents and settings\All Users\Application Data\oNcGj06511\oNcGj06511
c:\documents and settings\All Users\Application Data\oNcGj06511\oNcGj06511.exe
c:\documents and settings\Michel\Application Data\Adobe\AdobeUpdate .exe
c:\documents and settings\Michel\Application Data\Adobe\plugs
c:\documents and settings\Michel\Application Data\Adobe\plugs\KB3388421.exe
c:\documents and settings\Michel\Application Data\Adobe\plugs\KB3444968.exe
c:\windows\system32	mp.reg

Une copie infectée de c:\windows\system32\drivers\ipsec.sys a été trouvée et désinfectée 
Copie restaurée à partir de - Kitty had a snack :p 
.
(((((((((((((((((((((((((((((   Fichiers créés du 2010-12-13 au 2011-01-13  ))))))))))))))))))))))))))))))))))))
.

2011-01-13 09:31 . 2011-01-13 09:31	--------	d-----w-	C:\Kill'em
2011-01-13 09:31 . 2011-01-13 14:32	--------	d-----w-	c:\program files\List_Kill'em
2011-01-13 07:30 . 2011-01-13 07:30	--------	d-----w-	c:\windows\system32\wbem\Repository
2011-01-12 09:38 . 2008-06-10 18:02	34296	----a-w-	c:\windows\system32\drivers\mbamcatchme.sys
2011-01-12 09:38 . 2008-06-10 18:02	15864	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-01-02 12:11 . 2011-01-02 12:11	--------	d-----w-	C:\spoolerlogs
2011-01-01 01:52 . 2011-01-01 01:52	1409	----a-w-	c:\windows\QTFont.for
2010-12-27 16:34 . 2010-12-27 16:34	--------	d-----w-	C:\found.000
2010-12-15 15:33 . 2010-11-02 15:17	40960	-c----w-	c:\windows\system32\dllcache
dproxy.sys
2010-12-15 15:33 . 2010-10-11 14:59	45568	-c----w-	c:\windows\system32\dllcache\wab.exe

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:12 . 2006-01-16 16:35	86016	----a-w-	c:\windows\system32\isign32.dll
2010-11-06 00:21 . 2006-01-16 16:23	916480	----a-w-	c:\windows\system32\wininet.dll
2010-11-06 00:21 . 2006-01-16 16:23	43520	----a-w-	c:\windows\system32\licmgr10.dll
2010-11-06 00:21 . 2006-01-16 16:23	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2010-11-03 12:26 . 2006-01-16 16:23	385024	----a-w-	c:\windows\system32\html.iec
2010-11-02 15:17 . 2006-01-16 16:23	40960	----a-w-	c:\windows\system32\drivers
dproxy.sys
2010-10-28 13:14 . 2006-01-16 16:22	290048	----a-w-	c:\windows\system32\atmfd.dll
2010-10-26 14:07 . 2006-01-16 16:23	1853440	----a-w-	c:\windows\system32\win32k.sys
2008-02-14 05:52 . 2008-02-14 05:51	698196	-c--a-w-	c:\program files\winmail-reader-setup.exe
2008-02-14 05:48 . 2008-02-14 05:48	224256	-c--a-w-	c:\program files\fentun.exe
.

(((((((((((((((((((((((((((((   SnapShot@2010-04-12_05.08.54   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 23:02 . 2009-07-11 23:02	51008              c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2007-11-07 01:19 . 2007-11-07 01:19	54272              c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	59728              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	42832              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	43344              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	61264              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	62800              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	61760              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	61776              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	53568              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	63296              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	36688              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	35648              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	62976              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	46080              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	46592              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	64512              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	66048              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	65024              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	65024              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	56832              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	66560              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	39936              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	38912              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05	59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05	59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07	59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07	59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2011-01-13 21:05 . 2011-01-13 21:05	16384              c:\windows	emp\Perflib_Perfdata_1f0.dat
- 2007-01-29 08:58 . 2010-01-23 08:11	46080              c:\windows\system32	zchange.exe
+ 2007-01-29 08:58 . 2010-11-03 13:12	46080              c:\windows\system32	zchange.exe
+ 2006-01-16 16:23 . 2010-08-27 05:58	99840              c:\windows\system32\srvsvc.dll
+ 2006-01-16 16:23 . 2010-08-17 13:17	58880              c:\windows\system32\spoolsv.exe
+ 2007-05-13 14:18 . 2011-01-13 07:31	25712              c:\windows\system32\Restorestrlog.dat
+ 2010-03-30 22:16 . 2010-03-30 22:16	99176              c:\windows\system32\PresentationHostProxy.dll
+ 2006-01-16 16:23 . 2010-11-23 17:01	84964              c:\windows\system32\perfc00C.dat
- 2006-01-16 16:23 . 2010-04-11 15:55	84964              c:\windows\system32\perfc00C.dat
+ 2006-01-16 16:23 . 2010-11-23 17:01	71394              c:\windows\system32\perfc009.dat
- 2006-01-16 16:23 . 2010-04-11 15:55	71394              c:\windows\system32\perfc009.dat
+ 2009-11-06 23:07 . 2009-11-06 23:07	49488              c:\windows\system32
etfxperf.dll
+ 2009-11-05 20:17 . 2009-11-05 20:17	11600              c:\windows\system32\mui\0409\mscorees.dll
+ 2006-01-16 16:23 . 2010-11-06 00:21	66560              c:\windows\system32\mshtmled.dll
- 2006-01-16 16:23 . 2009-03-08 02:31	66560              c:\windows\system32\mshtmled.dll
- 2007-08-13 17:54 . 2010-02-25 06:17	55296              c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 17:54 . 2010-11-06 00:21	55296              c:\windows\system32\msfeedsbs.dll
- 2006-01-16 16:23 . 2010-02-25 06:17	25600              c:\windows\system32\jsproxy.dll
+ 2006-01-16 16:23 . 2010-11-06 00:21	25600              c:\windows\system32\jsproxy.dll
- 2006-01-16 16:23 . 2008-04-14 02:33	80384              c:\windows\system32\iccvid.dll
+ 2006-01-16 16:23 . 2010-06-17 14:03	80384              c:\windows\system32\iccvid.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	13894              c:\windows\system32\dllcache\zonelibm.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	29760              c:\windows\system32\dllcache\znetm.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	41029              c:\windows\system32\dllcache\zcorem.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	36937              c:\windows\system32\dllcache\zclientm.exe
+ 2009-07-19 17:29 . 2010-11-06 00:21	12800              c:\windows\system32\dllcache\xpshims.dll
- 2009-07-19 17:29 . 2010-02-25 06:17	12800              c:\windows\system32\dllcache\xpshims.dll
+ 2006-01-16 16:33 . 2008-04-14 02:33	11776              c:\windows\system32\dllcache\xolehlp.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	30720              c:\windows\system32\dllcache\xcopy.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	51200              c:\windows\system32\dllcache\wstdecod.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	41984              c:\windows\system32\dllcache\wsnmp32.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	11264              c:\windows\system32\dllcache\wshrm.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	11776              c:\windows\system32\dllcache\wshisn.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	14336              c:\windows\system32\dllcache\wship6.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	57392              c:\windows\system32\dllcache\wshfr.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	36864              c:\windows\system32\dllcache\wshcon.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	13824              c:\windows\system32\dllcache\wscntfy.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	11776              c:\windows\system32\dllcache\wpnpinst.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	32256              c:\windows\system32\dllcache\wpabaln.exe
+ 2001-08-23 17:47 . 2004-08-05 11:00	14336              c:\windows\system32\dllcache\wowfaxui.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	10608              c:\windows\system32\dllcache\wowexec.exe
+ 2006-01-16 16:23 . 2004-08-10 20:52	20480              c:\windows\system32\dllcache\wmpcore.dll
+ 2006-01-16 16:23 . 2004-08-10 20:52	20480              c:\windows\system32\dllcache\wmpcd.dll
+ 2006-01-16 16:35 . 2004-08-11 19:49	77824              c:\windows\system32\dllcache\wmpband.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	52224              c:\windows\system32\dllcache\wmitimep.dll
+ 2006-01-16 16:33 . 2008-04-14 02:33	41472              c:\windows\system32\dllcache\wmipsess.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	19456              c:\windows\system32\dllcache\wmiprop.dll
+ 2006-01-16 16:33 . 2008-04-14 02:33	62464              c:\windows\system32\dllcache\wmipjobj.dll
+ 2006-01-16 16:33 . 2008-04-14 02:33	61952              c:\windows\system32\dllcache\wmipiprt.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	77312              c:\windows\system32\dllcache\wmipicmp.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	61440              c:\windows\system32\dllcache\wmimsg.dll
+ 2006-01-16 16:33 . 2008-04-14 02:33	60928              c:\windows\system32\dllcache\wmicookr.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	60928              c:\windows\system32\dllcache\wmerrfra.dll
+ 2008-04-14 02:33 . 2008-04-14 02:33	69120              c:\windows\system32\dllcache\wlanapi.dll
+ 2006-01-16 16:35 . 2004-08-05 11:00	25088              c:\windows\system32\dllcache\wisc10.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	21504              c:\windows\system32\dllcache\winstrm.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	17408              c:\windows\system32\dllcache\winshfhc.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	11776              c:\windows\system32\dllcache\winmsd.exe
+ 2006-01-16 16:34 . 2004-08-05 11:00	18944              c:\windows\system32\dllcache\winmgmtr.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	14336              c:\windows\system32\dllcache\winmgmt.exe
+ 2006-01-16 16:34 . 2004-08-05 11:00	35840              c:\windows\system32\dllcache\winchat.exe
+ 2006-01-16 17:30 . 2004-08-05 11:00	13600              c:\windows\system32\dllcache\wfwnet.drv
+ 2006-01-16 16:23 . 2008-04-14 02:34	66560              c:\windows\system32\dllcache\wextract.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	40960              c:\windows\system32\dllcache\webhits.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	44544              c:\windows\system32\dllcache\wbemperf.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	12288              c:\windows\system32\dllcache\wbemads.dll
+ 2006-01-16 16:35 . 2004-08-05 11:00	12288              c:\windows\system32\dllcache\wb32.exe
+ 2006-01-16 16:35 . 2008-04-14 02:34	30208              c:\windows\system32\dllcache\wabmig.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	85504              c:\windows\system32\dllcache\wabimp.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	22016              c:\windows\system32\dllcache\w32topl.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	51712              c:\windows\system32\dllcache\w32tm.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	34304              c:\windows\system32\dllcache\vssadmin.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	16896              c:\windows\system32\dllcache\vss_ps.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	18176              c:\windows\system32\dllcache\vga64k.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	51456              c:\windows\system32\dllcache\vga256.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	26624              c:\windows\system32\dllcache\verifier.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	51712              c:\windows\system32\dllcache\vdmredir.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	24624              c:\windows\system32\dllcache\vbsfr.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	30749              c:\windows\system32\dllcache\vbajet32.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	50176              c:\windows\system32\dllcache\utilman.exe
+ 2001-08-23 17:47 . 2004-08-05 11:00	49211              c:\windows\system32\dllcache\usrvpa.dll
+ 2001-08-23 17:47 . 2004-08-05 11:00	45116              c:\windows\system32\dllcache\usrvoica.dll
+ 2001-08-23 17:47 . 2004-08-05 11:00	49209              c:\windows\system32\dllcache\usrv80a.dll
+ 2001-08-23 17:47 . 2004-08-05 11:00	41019              c:\windows\system32\dllcache\usrsvpia.dll
+ 2001-08-23 17:47 . 2004-08-05 11:00	69700              c:\windows\system32\dllcache\usrshuta.exe
+ 2001-08-23 17:47 . 2004-08-05 11:00	49211              c:\windows\system32\dllcache\usrsdpia.dll
+ 2001-08-23 17:47 . 2004-08-05 11:00	77883              c:\windows\system32\dllcache\usrrtosa.dll
+ 2001-08-23 17:47 . 2004-08-05 11:00	61508              c:\windows\system32\dllcache\usrprbda.exe
+ 2001-08-23 17:47 . 2004-08-05 11:00	77891              c:\windows\system32\dllcache\usrmlnka.exe
+ 2001-08-23 17:47 . 2004-08-05 11:00	53305              c:\windows\system32\dllcache\usrlbva.dll
+ 2001-08-23 17:47 . 2004-08-05 11:00	86073              c:\windows\system32\dllcache\usrfaxa.dll
+ 2001-08-23 17:47 . 2004-08-05 11:00	77890              c:\windows\system32\dllcache\usrdpa.dll
+ 2001-08-23 17:47 . 2004-08-05 11:00	69699              c:\windows\system32\dllcache\usrcoina.dll
+ 2001-08-23 17:47 . 2004-08-05 11:00	61500              c:\windows\system32\dllcache\usrcntra.dll
+ 2006-01-16 17:31 . 2008-04-14 02:33	77312              c:\windows\system32\dllcache\usbui.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	17920              c:\windows\system32\dllcache\ureg.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	16896              c:\windows\system32\dllcache\upnpcont.exe
+ 2006-01-16 16:34 . 2004-08-05 11:00	16896              c:\windows\system32\dllcache\unsecapp.exe
+ 2006-01-16 16:34 . 2004-08-05 11:00	32339              c:\windows\system32\dllcache\uniansi.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	13312              c:\windows\system32\dllcache\umdmxfrm.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	36864              c:\windows\system32\dllcache\umandlg.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	82432              c:\windows\system32\dllcache\ufat.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	26624              c:\windows\system32\dllcache\udhisapi.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	17408              c:\windows\system32\dllcache	sshutdn.exe
+ 2008-04-14 02:33 . 2008-04-14 02:33	50688              c:\windows\system32\dllcache	spkg.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	16896              c:\windows\system32\dllcache	skill.exe
+ 2008-04-14 02:33 . 2008-04-14 02:33	53248              c:\windows\system32\dllcache	sgqec.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	14848              c:\windows\system32\dllcache	sdiscon.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	15360              c:\windows\system32\dllcache	sd32.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	15360              c:\windows\system32\dllcache	scon.exe
+ 2006-01-16 16:33 . 2008-04-14 02:33	94208              c:\windows\system32\dllcache	scfgwmi.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	52224              c:\windows\system32\dllcache	sappcmp.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	59904              c:\windows\system32\dllcache	rnsprov.dll
+ 2006-01-16 16:35 . 2004-08-05 11:00	40960              c:\windows\system32\dllcache	rialoc.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	32256              c:\windows\system32\dllcache	racert6.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	13312              c:\windows\system32\dllcache	racert.exe
+ 2006-01-16 16:34 . 2004-08-05 11:00	61952              c:\windows\system32\dllcache	mplprov.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	17920              c:\windows\system32\dllcache	ftp.exe
+ 2007-07-15 16:37 . 2008-04-14 02:34	32827              c:\windows\system32\dllcache	cptest.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	19456              c:\windows\system32\dllcache	cpsvcs.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	47104              c:\windows\system32\dllcache	cpmonui.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	14848              c:\windows\system32\dllcache	cpmib.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	13312              c:\windows\system32\dllcache	cmsetup.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	87040              c:\windows\system32\dllcache	apiui.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	19200              c:\windows\system32\dllcache	api.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	37888              c:\windows\system32\dllcache\syskey.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	15872              c:\windows\system32\dllcache\sysinv.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	19216              c:\windows\system32\dllcache\sysedit.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	57856              c:\windows\system32\dllcache\synceng.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	51200              c:\windows\system32\dllcache\syncapp.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	14848              c:\windows\system32\dllcache\stimon.exe
+ 2006-01-16 16:34 . 2008-04-14 02:33	59392              c:\windows\system32\dllcache\stclient.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	26624              c:\windows\system32\dllcache\startoc.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	33280              c:\windows\system32\dllcache\sstub.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	14336              c:\windows\system32\dllcache\ssstars.scr
+ 2006-01-16 16:23 . 2008-04-14 02:34	18944              c:\windows\system32\dllcache\ssmyst.scr
+ 2006-01-16 16:23 . 2008-04-14 02:34	47104              c:\windows\system32\dllcache\ssmypics.scr
+ 2006-01-16 16:23 . 2008-04-14 02:34	20992              c:\windows\system32\dllcache\ssmarque.scr
+ 2006-01-16 16:23 . 2008-04-14 02:34	19968              c:\windows\system32\dllcache\ssbezier.scr
+ 2010-08-27 05:58 . 2010-08-27 05:58	99840              c:\windows\system32\dllcache\srvsvc.dll
+ 2006-01-16 16:35 . 2004-08-05 11:00	47104              c:\windows\system32\dllcache\srdiag.exe
+ 2006-01-16 17:30 . 2004-08-05 11:00	24661              c:\windows\system32\dllcache\spxcoins.dll
+ 2001-08-23 17:47 . 2004-08-05 11:00	72192              c:\windows\system32\dllcache\sprio800.dll
+ 2001-08-23 17:47 . 2004-08-05 11:00	70656              c:\windows\system32\dllcache\sprio600.dll
+ 2010-08-17 13:17 . 2010-08-17 13:17	58880              c:\windows\system32\dllcache\spoolsv.exe
+ 2006-01-16 16:23 . 2008-04-13 17:34	11264              c:\windows\system32\dllcache\spnpinst.exe
+ 2001-08-23 17:47 . 2004-08-05 11:00	69632              c:\windows\system32\dllcache\spnike.dll
+ 2006-01-16 16:23 . 2008-04-13 16:43	62976              c:\windows\system32\dllcache\spgrmr.dll
+ 2006-01-16 17:30 . 2004-08-05 11:00	65536              c:\windows\system32\dllcache\spcplui.dll
+ 2006-01-16 17:30 . 2004-08-05 11:00	77824              c:\windows\system32\dllcache\spcommon.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	26112              c:\windows\system32\dllcache\sort.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	34816              c:\windows\system32\dllcache\sniffpol.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	40960              c:\windows\system32\dllcache\smtpcons.dll
+ 2008-04-14 02:34 . 2008-04-14 02:34	73796              c:\windows\system32\dllcache\slserv.exe
+ 2008-04-14 02:33 . 2008-04-14 02:33	73832              c:\windows\system32\dllcache\slcoinst.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	16384              c:\windows\system32\dllcache\slbrccsp.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	98304              c:\windows\system32\dllcache\slbiop.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	26112              c:\windows\system32\dllcache\skeys.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	13824              c:\windows\system32\dllcache\sisbkup.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	71168              c:\windows\system32\dllcache\sigverif.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	13824              c:\windows\system32\dllcache\sigtab.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	66113              c:\windows\system32\dllcache\shvl.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	20480              c:\windows\system32\dllcache\shutdown.exe
+ 2007-07-15 16:37 . 2008-04-14 02:34	16437              c:\windows\system32\dllcache\shtml.exe
+ 2007-07-15 16:37 . 2008-04-14 02:33	20536              c:\windows\system32\dllcache\shtml.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	78848              c:\windows\system32\dllcache\shrpubw.exe
+ 2006-01-16 16:34 . 2004-08-05 11:00	15360              c:\windows\system32\dllcache\shadow.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	23552              c:\windows\system32\dllcache\sfmapi.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	10240              c:\windows\system32\dllcache\sfc.exe
+ 2008-04-14 02:34 . 2008-04-14 02:34	32768              c:\windows\system32\dllcache\setupn.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	32768              c:\windows\system32\dllcache\sethc.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	14848              c:\windows\system32\dllcache\serwvdrv.dll
+ 2006-01-16 16:33 . 2008-04-14 02:33	56320              c:\windows\system32\dllcache\servdeps.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	14848              c:\windows\system32\dllcache\serialui.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	13824              c:\windows\system32\dllcache\senscfg.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	29696              c:\windows\system32\dllcache\sendcmsg.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	78848              c:\windows\system32\dllcache\sdbinst.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	24626              c:\windows\system32\dllcache\scrrnfr.dll
+ 2006-01-16 16:33 . 2008-04-14 02:34	36352              c:\windows\system32\dllcache\scrcons.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	24624              c:\windows\system32\dllcache\scofr.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	71168              c:\windows\system32\dllcache\scarddlg.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	13824              c:\windows\system32\dllcache\savedump.exe
+ 2006-01-16 17:30 . 2004-08-05 11:00	36864              c:\windows\system32\dllcache\sapisvr.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	45568              c:\windows\system32\dllcache\safrslv.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	29696              c:\windows\system32\dllcache\safrdm.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	43520              c:\windows\system32\dllcache\safrcdlg.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	16384              c:\windows\system32\dllcachewinsta.exe
+ 2006-01-16 16:34 . 2004-08-05 11:00	48706              c:\windows\system32\dllcachevse.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	14336              c:\windows\system32\dllcacheunonce.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	17408              c:\windows\system32\dllcacheunas.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	98304              c:\windows\system32\dllcachetm.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	31744              c:\windows\system32\dllcachetipxmib.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	78336              c:\windows\system32\dllcachetcshare.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	29696              c:\windows\system32\dllcachesvpmsg.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	49664              c:\windows\system32\dllcachesmui.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	24576              c:\windows\system32\dllcachesmsink.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	18944              c:\windows\system32\dllcachesmps.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	53248              c:\windows\system32\dllcachesm.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	15872              c:\windows\system32\dllcachesh.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	61440              c:\windows\system32\dllcachercm.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	22016              c:\windows\system32\dllcachepcns4.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	25600              c:\windows\system32\dllcacheoutemon.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	21504              c:\windows\system32\dllcacheoute.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	14848              c:\windows\system32\dllcacheexec.exe
+ 2006-01-16 16:34 . 2004-08-05 11:00	10240              c:\windows\system32\dllcacheeset.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	12800              c:\windows\system32\dllcacheeplace.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	59904              c:\windows\system32\dllcacheegsvc.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	33792              c:\windows\system32\dllcacheegini.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	53248              c:\windows\system32\dllcacheeg.exe
+ 2006-01-16 16:33 . 2008-04-14 02:34	67072              c:\windows\system32\dllcachedshost.exe
+ 2006-01-16 16:33 . 2008-04-14 02:34	13824              c:\windows\system32\dllcachedsaddin.exe
+ 2006-01-16 16:33 . 2008-04-14 02:34	87176              c:\windows\system32\dllcachedpwsx.dll
+ 2006-01-16 16:33 . 2008-04-14 02:33	19968              c:\windows\system32\dllcachedpsnd.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	23040              c:\windows\system32\dllcachecp.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	12800              c:\windows\system32\dllcacheasser.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	16384              c:\windows\system32\dllcacheassapi.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	23552              c:\windows\system32\dllcacheasrad.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	57344              c:\windows\system32\dllcacheasphone.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	22528              c:\windows\system32\dllcacheasmxs.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	11776              c:\windows\system32\dllcacheasdial.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	11776              c:\windows\system32\dllcacheasautou.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	43520              c:\windows\system32\dllcacheacpldlg.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	22528              c:\windows\system32\dllcache\qwinsta.exe
+ 2006-01-16 16:33 . 2008-04-14 02:34	20992              c:\windows\system32\dllcache\qprocess.exe
+ 2008-04-14 02:33 . 2008-04-14 02:33	62464              c:\windows\system32\dllcache\qcliprov.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	17408              c:\windows\system32\dllcache\qappsrv.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	43520              c:\windows\system32\dllcache\pstorec.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	50688              c:\windows\system32\dllcache\proquota.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	18944              c:\windows\system32\dllcache\prflbmsg.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	49152              c:\windows\system32\dllcache\powercfg.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	58880              c:\windows\system32\dllcache\pnrpnsp.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	30720              c:\windows\system32\dllcache\plustab.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	34304              c:\windows\system32\dllcache\ping6.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	19456              c:\windows\system32\dllcache\ping.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	35328              c:\windows\system32\dllcache\pifmgr.dll
+ 2004-08-04 00:54 . 2008-04-14 02:33	35328              c:\windows\system32\dllcache\pid.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	15360              c:\windows\system32\dllcache\pentnt.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	69632              c:\windows\system32\dllcache\pautoenr.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	22528              c:\windows\system32\dllcache\pathping.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	10240              c:\windows\system32\dllcache\panmap.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	59904              c:\windows\system32\dllcache\packager.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	41984              c:\windows\system32\dllcache\osuninst.exe
+ 2006-01-16 16:35 . 2008-04-14 02:34	51712              c:\windows\system32\dllcache\oobebaln.exe
+ 2006-01-16 17:30 . 2004-08-05 11:00	24064              c:\windows\system32\dllcache\olesvr.dll
+ 2006-01-16 17:30 . 2004-08-05 11:00	83456              c:\windows\system32\dllcache\olecli.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	35840              c:\windows\system32\dllcache\oemiglib.dll
+ 2006-01-16 16:35 . 2008-04-14 02:34	60928              c:\windows\system32\dllcache\oemig50.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	20511              c:\windows\system32\dllcache\odtext32.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	20510              c:\windows\system32\dllcache\odpdx32.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	20510              c:\windows\system32\dllcache\odfox32.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	20510              c:\windows\system32\dllcache\odexl32.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	20511              c:\windows\system32\dllcache\oddbse32.dll
+ 2006-01-16 16:23 . 2008-04-13 17:26	12288              c:\windows\system32\dllcache\odbcp32r.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	65536              c:\windows\system32\dllcache\odbccu32.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	65536              c:\windows\system32\dllcache\odbccr32.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	69632              c:\windows\system32\dllcache\odbcconf.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	32768              c:\windows\system32\dllcache\odbcad32.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	16384              c:\windows\system32\dllcache\odbc32gt.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	26224              c:\windows\system32\dllcache\odbc16gt.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	15360              c:\windows\system32\dllcache
tvdmd.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	91648              c:\windows\system32\dllcache
tprint.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	45056              c:\windows\system32\dllcache
tmsevt.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	40960              c:\windows\system32\dllcache
tmsapi.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	59392              c:\windows\system32\dllcache
tlanui.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	79360              c:\windows\system32\dllcache
slookup.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	55296              c:\windows\system32\dllcache
pptools.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	15360              c:\windows\system32\dllcache
ppagent.exe
+ 2006-01-16 16:35 . 2004-08-05 11:00	35328              c:\windows\system32\dllcache
otiflag.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	28672              c:\windows\system32\dllcache
mmkcert.dll
+ 2006-01-16 16:35 . 2004-08-05 11:00	12288              c:\windows\system32\dllcache
mevtmsg.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	77824              c:\windows\system32\dllcache
mcom.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	81920              c:\windows\system32\dllcache
mchat.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	28672              c:\windows\system32\dllcache
masnt.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	37888              c:\windows\system32\dllcache
etstat.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	88576              c:\windows\system32\dllcache
etsh.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	42496              c:\windows\system32\dllcache
et.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	57344              c:\windows\system32\dllcache
disnpp.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	19456              c:\windows\system32\dllcache
ddenb32.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	21504              c:\windows\system32\dllcache
btstat.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	36352              c:\windows\system32\dllcache
arrhook.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	55296              c:\windows\system32\dllcache
arrator.exe
+ 2008-04-14 02:33 . 2008-04-14 02:33	30208              c:\windows\system32\dllcache
apipsec.dll
+ 2006-01-16 16:34 . 2008-04-14 02:33	34304              c:\windows\system32\dllcache\mtxlegih.dll
+ 2006-01-16 16:34 . 2008-04-14 02:33	30720              c:\windows\system32\dllcache\mtxdm.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	30720              c:\windows\system32\dllcache\msxmlr.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	43792              c:\windows\system32\dllcache\msxml2r.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	24576              c:\windows\system32\dllcache\msxactps.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	72704              c:\windows\system32\dllcache\msw3prt.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	57344              c:\windows\system32\dllcache\msvcirt.dll
+ 2006-01-16 16:35 . 2008-04-14 02:34	12288              c:\windows\system32\dllcache\mstinit.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	57344              c:\windows\system32\dllcache\mst123.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	13312              c:\windows\system32\dllcache\msswch.dll
+ 2006-01-16 16:35 . 2004-08-05 11:00	23552              c:\windows\system32\dllcache\mssoapr.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	36352              c:\windows\system32\dllcache\mssign32.dll
+ 2008-04-14 02:03 . 2008-04-14 02:03	81920              c:\windows\system32\dllcache\msshamsg.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	65536              c:\windows\system32\dllcache\msratelc.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	69632              c:\windows\system32\dllcache\msr2c.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	43008              c:\windows\system32\dllcache\msports.dll
+ 2006-01-16 16:23 . 2007-03-28 12:56	24576              c:\windows\system32\dllcache\msorc32r.dll
+ 2006-01-16 16:35 . 2008-04-14 02:34	29184              c:\windows\system32\dllcache\msoobe.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	19456              c:\windows\system32\dllcache\msobweb.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	30720              c:\windows\system32\dllcache\msobshel.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	37376              c:\windows\system32\dllcache\msobjs.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	16384              c:\windows\system32\dllcache\msobdl.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	25600              c:\windows\system32\dllcache\mslbui.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	16896              c:\windows\system32\dllcache\msidntld.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	51712              c:\windows\system32\dllcache\msident.dll
+ 2006-01-16 16:23 . 2009-03-08 02:31	48128              c:\windows\system32\dllcache\mshtmler.dll
- 2007-08-13 17:01 . 2009-03-08 02:31	48128              c:\windows\system32\dllcache\mshtmler.dll
- 2006-10-23 15:34 . 2009-03-08 02:31	66560              c:\windows\system32\dllcache\mshtmled.dll
+ 2006-10-23 15:34 . 2010-11-06 00:21	66560              c:\windows\system32\dllcache\mshtmled.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	22528              c:\windows\system32\dllcache\msg.exe
+ 2008-01-04 05:38 . 2010-11-06 00:21	55296              c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-01-04 05:38 . 2010-02-25 06:17	55296              c:\windows\system32\dllcache\msfeedsbs.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	36864              c:\windows\system32\dllcache\msdfmap.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	20480              c:\windows\system32\dllcache\msdatt.dll
+ 2006-01-16 16:35 . 2007-03-28 12:56	16384              c:\windows\system32\dllcache\msdaremr.dll
+ 2006-01-16 16:35 . 2007-03-28 12:56	16384              c:\windows\system32\dllcache\msdaprsr.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	77824              c:\windows\system32\dllcache\msdaosp.dll
+ 2006-01-16 16:35 . 2007-03-28 12:56	16384              c:\windows\system32\dllcache\msdaorar.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	68608              c:\windows\system32\dllcache\msctfp.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	36864              c:\windows\system32\dllcache\mscpxl32.dll
+ 2006-01-16 16:23 . 2008-04-13 17:26	12288              c:\windows\system32\dllcache\mscpx32r.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	77312              c:\windows\system32\dllcache\msaudite.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	57344              c:\windows\system32\dllcache\msadrh15.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	57344              c:\windows\system32\dllcache\msador15.dll
+ 2006-01-16 16:35 . 2007-03-28 12:56	24576              c:\windows\system32\dllcache\msaddsr.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	53248              c:\windows\system32\dllcache\msadcs.dll
+ 2006-01-16 16:35 . 2007-03-28 12:56	16384              c:\windows\system32\dllcache\msadcor.dll
+ 2006-01-16 16:35 . 2007-03-28 12:56	16384              c:\windows\system32\dllcache\msadcfr.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	61440              c:\windows\system32\dllcache\msadcf.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	14336              c:\windows\system32\dllcache\mrinfo.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	47616              c:\windows\system32\dllcache\mprui.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	69120              c:\windows\system32\dllcache\mprddm.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	22016              c:\windows\system32\dllcache\mpnotify.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	10112              c:\windows\system32\dllcache\modex.dll
+ 2006-01-16 17:30 . 2004-08-05 11:00	70688              c:\windows\system32\dllcache\mmsystem.dll
+ 2006-01-16 16:33 . 2008-04-14 02:33	17920              c:\windows\system32\dllcache\mmfutil.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	12288              c:\windows\system32\dllcache\mmdrv.dll
+ 2008-04-14 02:34 . 2008-04-14 02:34	33792              c:\windows\system32\dllcache\mmcperf.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	29696              c:\windows\system32\dllcache\mimefilt.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	60928              c:\windows\system32\dllcache\miglibnt.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	14848              c:\windows\system32\dllcache\mgmtapi.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	45568              c:\windows\system32\dllcache\mfc40fra.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	40960              c:\windows\system32\dllcache\mf3216.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	39434              c:\windows\system32\dllcache\mem.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	50176              c:\windows\system32\dllcache\mdhcp.dll
+ 2006-01-16 17:30 . 2004-08-05 11:00	28160              c:\windows\system32\dllcache\mciwave.drv
+ 2006-01-16 16:23 . 2008-04-14 02:33	23552              c:\windows\system32\dllcache\mciwave.dll
+ 2006-01-16 17:30 . 2004-08-05 11:00	25280              c:\windows\system32\dllcache\mciseq.drv
+ 2006-01-16 16:23 . 2008-04-14 02:33	23040              c:\windows\system32\dllcache\mciseq.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	35328              c:\windows\system32\dllcache\mciqtz32.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	17408              c:\windows\system32\dllcache\mcicda.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	85504              c:\windows\system32\dllcache\mciavi32.dll
+ 2006-01-16 17:30 . 2004-08-05 11:00	73680              c:\windows\system32\dllcache\mciavi.drv
+ 2006-01-16 16:23 . 2004-08-05 11:00	10496              c:\windows\system32\dllcache\mcdsrv32.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	10240              c:\windows\system32\dllcache\mcd32.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	14336              c:\windows\system32\dllcache\mcastmib.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	57344              c:\windows\system32\dllcache\makecab.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	73216              c:\windows\system32\dllcache\magnify.exe
+ 2006-01-16 16:23 . 2008-04-14 02:33	10240              c:\windows\system32\dllcache\lprhelp.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	15872              c:\windows\system32\dllcache\logoff.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	61952              c:\windows\system32\dllcache\logman.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	50688              c:\windows\system32\dllcache\loghours.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	19968              c:\windows\system32\dllcache\log.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	11776              c:\windows\system32\dllcache\localui.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	26624              c:\windows\system32\dllcache\lnkstub.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	30208              c:\windows\system32\dllcache\lights.exe
+ 2006-01-16 16:23 . 2010-11-06 00:21	43520              c:\windows\system32\dllcache\licmgr10.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	89600              c:\windows\system32\dllcache\langwrbk.dll
+ 2008-04-14 02:33 . 2008-04-14 02:33	37376              c:\windows\system32\dllcache\l2store.dll
+ 2006-01-16 16:33 . 2008-04-14 02:33	24576              c:\windows\system32\dllcache\krnlprov.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	92608              c:\windows\system32\dllcache\krnl386.exe
- 2006-10-23 15:34 . 2010-02-25 06:17	25600              c:\windows\system32\dllcache\jsproxy.dll
+ 2006-10-23 15:34 . 2010-11-06 00:21	25600              c:\windows\system32\dllcache\jsproxy.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	28719              c:\windows\system32\dllcache\jsfr.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	49488              c:\windows\system32\dllcache\jobexec.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	54784              c:\windows\system32\dllcache\ixsso.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	32768              c:\windows\system32\dllcache\isrdbg32.dll
+ 2006-01-16 16:35 . 2004-08-05 11:00	16384              c:\windows\system32\dllcache\isignup.exe
+ 2006-01-16 16:35 . 2010-11-18 18:12	86016              c:\windows\system32\dllcache\isign32.dll
+ 2006-01-16 17:30 . 2004-08-05 11:00	13312              c:\windows\system32\dllcache\irclass.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	22016              c:\windows\system32\dllcache\ipxwan.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	66560              c:\windows\system32\dllcache\ipxsap.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	39936              c:\windows\system32\dllcache\ipxrtmgr.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	24576              c:\windows\system32\dllcache\ipxroute.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	21504              c:\windows\system32\dllcache\ipxrip.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	74240              c:\windows\system32\dllcache\ipxpromn.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	91648              c:\windows\system32\dllcache\ipxmontr.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	59904              c:\windows\system32\dllcache\ipv6mon.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	53760              c:\windows\system32\dllcache\ipv6.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	46080              c:\windows\system32\dllcache\ipsec6.exe
+ 2006-01-16 16:23 . 2008-04-14 02:34	58368              c:\windows\system32\dllcache\ipconfig.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	39936              c:\windows\system32\dllcache\iologmsg.dll
- 2006-10-23 15:34 . 2009-03-08 02:32	94720              c:\windows\system32\dllcache\inseng.dll
+ 2006-01-16 16:23 . 2009-03-08 02:32	94720              c:\windows\system32\dllcache\inseng.dll
+ 2006-01-16 16:35 . 2008-04-14 02:34	20480              c:\windows\system32\dllcache\inetwiz.exe
+ 2006-01-16 16:35 . 2008-04-14 02:02	50688              c:\windows\system32\dllcache\inetres.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	16384              c:\windows\system32\dllcache\inetppui.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	32768              c:\windows\system32\dllcache\inetmib1.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	36921              c:\windows\system32\dllcache\imeshare.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	81920              c:\windows\system32\dllcache\ils.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	70656              c:\windows\system32\dllcache\ifsutil.dll
- 2007-08-13 17:39 . 2009-03-08 02:32	71680              c:\windows\system32\dllcache\iesetup.dll
+ 2006-01-16 16:23 . 2009-03-08 02:32	71680              c:\windows\system32\dllcache\iesetup.dll
- 2007-08-13 17:39 . 2009-03-08 02:32	55808              c:\windows\system32\dllcache\iernonce.dll
+ 2006-01-16 16:23 . 2009-03-08 02:32	55808              c:\windows\system32\dllcache\iernonce.dll
- 2006-10-23 11:02 . 2007-08-13 17:44	69120              c:\windows\system32\dllcache\iedw.exe
+ 2006-01-16 16:35 . 2007-08-13 17:44	69120              c:\windows\system32\dllcache\iedw.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	49152              c:\windows\system32\dllcache\icwutil.dll
+ 2006-01-16 16:35 . 2004-08-05 11:00	73728              c:\windows\system32\dllcache\icwtutor.exe
+ 2006-01-16 16:35 . 2008-04-14 02:34	24576              c:\windows\system32\dllcache\icwrmind.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	65536              c:\windows\system32\dllcache\icwphbk.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	32768              c:\windows\system32\dllcache\icwdl.dll
+ 2006-01-16 16:35 . 2008-04-14 02:33	73728              c:\windows\system32\dllcache\icwdial.dll
+ 2006-01-16 16:35 . 2008-04-14 02:34	86016              c:\windows\system32\dllcache\icwconn2.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	61440              c:\windows\system32\dllcache\icwconn.dll
+ 2006-01-16 16:35 . 2004-08-05 11:00	16384              c:\windows\system32\dllcache\icfgnt5.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	62976              c:\windows\system32\dllcache\iassvcs.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	86528              c:\windows\system32\dllcache\iassam.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	17920              c:\windows\system32\dllcache\iaspolcy.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	62464              c:\windows\system32\dllcache\iasnap.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	32256              c:\windows\system32\dllcache\iashlpr.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	41472              c:\windows\system32\dllcache\iasads.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	23552              c:\windows\system32\dllcache\iasacct.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	43008              c:\windows\system32\dllcache\htui.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	13312              c:\windows\system32\dllcache\htrn_jis.dll
+ 2008-04-14 02:33 . 2008-04-14 02:33	32285              c:\windows\system32\dllcache\hsfcisp2.dll
+ 2006-01-16 16:35 . 2008-04-14 02:34	18432              c:\windows\system32\dllcache\hscupd.exe
+ 2006-01-16 16:34 . 2004-08-05 11:00	57409              c:\windows\system32\dllcache\hrtz.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	15360              c:\windows\system32\dllcache\hnetmon.dll
- 2007-08-13 17:18 . 2009-03-08 02:24	68608              c:\windows\system32\dllcache\hmmapi.dll
+ 2006-01-16 16:35 . 2009-03-08 02:24	68608              c:\windows\system32\dllcache\hmmapi.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	10752              c:\windows\system32\dllcache\hh.exe
+ 2006-01-16 16:35 . 2004-08-05 11:00	99840              c:\windows\system32\dllcache\helphost.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	57344              c:\windows\system32\dllcache\h323cc.dll
+ 2006-01-16 16:23 . 2008-04-14 01:59	10240              c:\windows\system32\dllcache\gpkrsrc.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	24576              c:\windows\system32\dllcache\gdi.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	77824              c:\windows\system32\dllcache\gcdef.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	53248              c:\windows\system32\dllcache\fwdprov.dll
+ 2006-01-16 16:23 . 2008-04-14 02:33	60416              c:\windows\system32\dllcache\fwcfg.dll
+ 2006-01-16 16:23 . 2008-04-14 02:34	46080              c:\windows\system32\dllcache\ftp.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	61952              c:\windows\system32\dllcache\fsutil.exe
+ 2006-01-16 16:23 . 2004-08-05 11:00	81920              c:\windows\system32\dllcache\fsusd.dll
+ 2007-07-15 16:37 . 2008-04-14 02:34	20538              c:\windows\system32\dllcache\fpremadm.exe
+ 2007-07-15 16:37 . 2008-04-14 02:33	20541              c:\windows\system32\dllcache\fpexedll.dll
+ 2007-07-15 16:37 . 2008-04-14 02:33	94208              c:\windows\system32\dllcache\fpencode.dll
+ 2007-07-15 16:37 . 2008-04-14 02:34	15120              c:\windows\system32\dllcache\fp98sadm.exe
+ 2007-07-15 16:37 . 2008-04-14 02:33	49212              c:\windows\system32\dllcache\fp4awebs.dll
+ 2007-07-15 16:37 . 2008-04-14 02:33	32826              c:\windows\system32\dllcache\fp4avss.dll
+ 2007-07-15 16:37 . 2008-04-14 02:33	41020              c:\windows\system32\dllcache\fp4avnb.dll
+ 2007-07-15 16:37 . 2008-04-14 02:33	49210              c:\windows\system32\dllcache\fp4areg.dll
+ 2007-07-15 16:37 . 2008-04-14 02:33	82035              c:\windows\system32\dllcache\fp4anscp.dll
+ 2006-01-16 16:22 . 2008-04-14 02:34	21504              c:\windows\system32\dllcache\fontview.exe
+ 2006-01-16 16:22 . 2004-08-05 11:00	16384              c:\windows\system32\dllcache\fmifs.dll
+ 2006-01-16 16:35 . 2008-04-14 02:34	23040              c:\windows\system32\dllcache\fltmc.exe
+ 2006-01-16 16:22 . 2004-08-05 11:00	10240              c:\windows\system32\dllcache\finger.exe
+ 2006-01-16 16:22 . 2008-04-14 02:34	29184              c:\windows\system32\dllcache\findstr.exe
+ 2006-01-16 16:22 . 2004-08-05 11:00	14848              c:\windows\system32\dllcache\fc.exe
+ 2006-01-16 16:22 . 2008-04-14 02:34	24064              c:\windows\system32\dllcache\extrac32.exe
+ 2006-01-16 16:22 . 2008-04-14 02:33	21504              c:\windows\system32\dllcache\evntrprv.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	33280              c:\windows\system32\dllcache\eventcls.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	39424              c:\windows\system32\dllcache\esentutl.exe
+ 2006-01-16 16:22 . 2004-08-05 11:00	17408              c:\windows\system32\dllcache\esentprf.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	20480              c:\windows\system32\dllcache\encapi.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	13010              c:\windows\system32\dllcache\edlin.exe
+ 2008-04-14 02:33 . 2008-04-14 02:33	59392              c:\windows\system32\dllcache\eapqec.dll
+ 2008-04-14 02:33 . 2008-04-14 02:33	94720              c:\windows\system32\dllcache\eappgnui.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	55632              c:\windows\system32\dllcache\dwil1033.dll
+ 2006-01-16 16:22 . 2008-04-14 02:34	17920              c:\windows\system32\dllcache\dvdupgrd.exe
+ 2001-08-23 17:47 . 2004-08-05 11:00	59392              c:\windows\system32\dllcache\dvdplay.exe
+ 2006-01-16 16:22 . 2008-04-14 02:33	19456              c:\windows\system32\dllcache\dswave.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	72192              c:\windows\system32\dllcache\dsdmoprp.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	62976              c:\windows\system32\dllcache\dsauth.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	16384              c:\windows\system32\dllcache\ds32gt.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	28400              c:\windows\system32\dllcache\drwatson.exe
+ 2006-01-16 16:22 . 2008-04-14 02:33	57344              c:\windows\system32\dllcache\dpwsockx.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	42768              c:\windows\system32\dllcache\dpwsock.dll
+ 2006-01-16 16:22 . 2008-04-14 02:34	83456              c:\windows\system32\dllcache\dpvsetup.exe
+ 2006-01-16 16:22 . 2008-04-14 02:33	21504              c:\windows\system32\dllcache\dpvacm.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	54032              c:\windows\system32\dllcache\dpserial.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	61952              c:\windows\system32\dllcache\dpnwsock.dll
+ 2006-01-16 16:22 . 2008-04-14 02:34	18432              c:\windows\system32\dllcache\dpnsvr.exe
+ 2006-01-16 16:22 . 2004-08-05 11:00	62464              c:\windows\system32\dllcache\dpnmodem.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	60928              c:\windows\system32\dllcache\dpnhupnp.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	24064              c:\windows\system32\dllcache\dpmodemx.dll
+ 2006-01-16 16:22 . 2008-04-14 02:34	29696              c:\windows\system32\dllcache\dplaysvr.exe
+ 2006-01-16 16:22 . 2004-08-05 11:00	33040              c:\windows\system32\dllcache\dplay.dll
+ 2008-04-14 02:33 . 2008-04-14 02:33	56832              c:\windows\system32\dllcache\dot3msm.dll
+ 2008-04-14 02:33 . 2008-04-14 02:33	39936              c:\windows\system32\dllcache\dot3clnt.dll
+ 2008-04-14 02:33 . 2008-04-14 02:33	60928              c:\windows\system32\dllcache\dot3cfg.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	54080              c:\windows\system32\dllcache\dosx.exe
+ 2006-01-16 16:22 . 2004-08-05 11:00	10752              c:\windows\system32\dllcache\doskey.exe
+ 2004-08-04 00:54 . 2008-04-14 02:33	58880              c:\windows\system32\dllcache\dmutil.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	82432              c:\windows\system32\dllcache\dmscript.dll
+ 2006-01-16 16:22 . 2008-04-14 02:34	15872              c:\windows\system32\dllcache\dmremote.exe
+ 2006-01-16 16:22 . 2004-08-05 11:00	19456              c:\windows\system32\dllcache\dmocx.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	35840              c:\windows\system32\dllcache\dmloader.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	18432              c:\windows\system32\dllcache\dmintf.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	61440              c:\windows\system32\dllcache\dmcompos.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	28672              c:\windows\system32\dllcache\dmband.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	19456              c:\windows\system32\dllcache\diskperf.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	86528              c:\windows\system32\dllcache\directdb.dll
+ 2008-04-14 02:33 . 2008-04-14 02:33	39936              c:\windows\system32\dllcache\dimsroam.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	44032              c:\windows\system32\dllcache\dimap.dll
+ 2006-01-16 16:22 . 2008-04-14 02:34	87040              c:\windows\system32\dllcache\diantz.exe
+ 2006-01-16 16:22 . 2004-08-05 11:00	78848              c:\windows\system32\dllcache\dhcpsapi.dll
+ 2008-04-14 02:33 . 2008-04-14 02:33	49152              c:\windows\system32\dllcache\dhcpqec.dll
+ 2006-01-16 17:30 . 2004-08-05 11:00	86044              c:\windows\system32\dllcache\dgsetup.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	39936              c:\windows\system32\dllcache\dfrgsnap.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	55808              c:\windows\system32\dllcache\dfrgres.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	82944              c:\windows\system32\dllcache\dfrgfat.exe
+ 2006-01-16 16:22 . 2008-04-14 02:33	25088              c:\windows\system32\dllcache\defrag.exe
+ 2006-01-16 16:22 . 2004-08-05 11:00	21162              c:\windows\system32\dllcache\debug.exe
+ 2006-01-16 16:22 . 2008-04-14 02:33	31744              c:\windows\system32\dllcache\ddeshare.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	40960              c:\windows\system32\dllcache\dcap32.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	47616              c:\windows\system32\dllcache\d3dxof.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	34816              c:\windows\system32\dllcache\d3dpmesh.dll
+ 2006-01-16 16:35 . 2004-05-11 23:18	28672              c:\windows\system32\dllcache\custsat.dll
+ 2006-01-16 16:23 . 2004-08-05 11:00	27136              c:\windows\system32\dllcache\ctl3d32.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	73728              c:\windows\system32\dllcache\csseqchk.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	75776              c:\windows\system32\dllcache\cryptdlg.dll
+ 2008-04-14 02:33 . 2008-04-14 02:33	12800              c:\windows\system32\dllcache\credssp.dll
+ 2006-01-16 16:22 . 2009-03-08 02:33	18944              c:\windows\system32\dllcache\corpol.dll
- 2009-03-08 02:33 . 2009-03-08 02:33	18944              c:\windows\system32\dllcache\corpol.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	13824              c:\windows\system32\dllcache\convert.exe
+ 2006-01-16 16:22 . 2004-08-05 11:00	67072              c:\windows\system32\dllcache\console.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	27648              c:\windows\system32\dllcache\conime.exe
+ 2006-01-16 16:35 . 2008-04-14 02:33	45056              c:\windows\system32\dllcache\confmrsl.dll
+ 2006-01-16 16:34 . 2008-04-14 02:33	97792              c:\windows\system32\dllcache\comrepl.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	18432              c:\windows\system32\dllcache\compact.exe
+ 2006-01-16 16:22 . 2004-08-05 11:00	15872              c:\windows\system32\dllcache\comp.exe
+ 2006-01-16 17:30 . 2004-08-05 11:00	33904              c:\windows\system32\dllcache\commdlg.dll
+ 2006-01-16 16:34 . 2008-04-14 02:33	28160              c:\windows\system32\dllcache\comaddin.dll
+ 2008-04-13 16:44 . 2008-04-13 16:44	17920              c:\windows\system32\dllcache\cobramsg.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	26624              c:\windows\system32\dllcache\cnvfat.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	32768              c:\windows\system32\dllcache\cnetcfg.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	40960              c:\windows\system32\dllcache\cmutil.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	65536              c:\windows\system32\dllcache\cmstp.exe
+ 2006-01-16 16:22 . 2008-04-14 02:33	13312              c:\windows\system32\dllcache\cmsetacl.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	14336              c:\windows\system32\dllcache\cmpbk32.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	39936              c:\windows\system32\dllcache\cmmon32.exe
+ 2006-01-16 16:22 . 2008-04-14 02:33	25600              c:\windows\system32\dllcache\cmdl32.exe
+ 2006-01-16 16:22 . 2008-04-14 02:33	15872              c:\windows\system32\dllcache\cmcfg32.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	11264              c:\windows\system32\dllcache\clb.dll
+ 2006-01-16 16:22 . 2008-04-14 02:33	69120              c:\windows\system32\dllcache\ciodm.dll
+ 2006-01-16 16:34 . 2004-08-05 11:00	40515              c:\windows\system32\dllcache\chkr.dll
+ 2006-01-16 16:22 . 2004-08-05 11:00	11264              c:\windows\system32\dllcache\chkntfs.exe
+ 2006-01-16 16:22 . 2004-08-0

gen-hackman · Answer

re

poste le rapport via cijoint.fr stp

==========================

reessaie le clean de list_kill'em

vrp74 · Answer

Bonjour,

j'ai relancé clean list ,mais pas de rapport, en regardant travailler il dit a un moment qu'il ne trouve pas le fichier , par contre en list kill search il me donne un rapport, je te le joints

¤¤¤¤¤¤¤¤¤¤ List'em by g3n-h@ckm@n 2.1.3.2 ¤¤¤¤¤¤¤¤¤¤

User : Michel (Administrateurs) 
Update on 12/01/2011 by g3n-h@ckm@n ::::: 20.20
Start at: 07:29:33 | 14/01/2011

Genuine Intel(R) CPU           T2050  @ 1.60GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1296 [VPS 090327-0] 4.8.1296 [ Enabled | (!) Outdated ]
FW : Norton Internet Worm Protection[ (!) Disabled ]2006

C:\ -> Disque fixe local | 24,41 Go (3,02 Go free) [Windows] | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque fixe local | 68,5 Go (58,26 Go free) [Données Perso] | NTFS
 
¤¤¤¤¤ Sessions ¤¤¤¤¤

C:\Documents and settings\Michel 
 
Boot: Normal 

¤¤¤¤¤¤ Processes ------- Memory(Ko) ------- Priority ------ Command ------- Signer

C:\WINDOWS\System32\smss.exe ---- 0 Ko ---- Normal ---- \SystemRoot\System32\smss.exe ---- 
C:\WINDOWS\system32\csrss.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 ---- 
C:\WINDOWS\system32\winlogon.exe ---- 0 Ko ---- High ---- winlogon.exe ---- 
C:\WINDOWS\system32\services.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\services.exe ---- 
C:\WINDOWS\system32\lsass.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\lsass.exe ---- 
C:\WINDOWS\system32\Ati2evxx.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\Ati2evxx.exe ---- 
C:\WINDOWS\system32\svchost.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\svchost -k DcomLaunch ---- 
C:\WINDOWS\system32\svchost.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\svchost -k rpcss ---- 
C:\WINDOWS\System32\svchost.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\System32\svchost.exe -k netsvcs ---- 
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe ---- 
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe ---- 
C:\WINDOWS\system32\svchost.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\svchost.exe -k NetworkService ---- 
C:\WINDOWS\system32\svchost.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\svchost.exe -k LocalService ---- 
C:\WINDOWS\system32\spoolsv.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\spoolsv.exe ---- 
C:\WINDOWS\system32\svchost.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\svchost.exe -k LocalService ---- 
C:\Program Files\Bonjour\mDNSResponder.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Bonjour\mDNSResponder.exe ---- 
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe ---- 0 Ko ---- Normal ---- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe ---- 
C:\WINDOWS\system32\DVDRAMSV.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\DVDRAMSV.exe ---- 
C:\WINDOWS\System32\svchost.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\System32\svchost.exe -k eapsvcs ---- 
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe ---- Seagate Technology, LLC
C:\Program Files\Java\jre6\bin\jqs.exe ---- 0 Ko ---- Idle ---- C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf ---- Sun Microsystems, Inc.
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe ---- 
C:\WINDOWS\system32\svchost.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\svchost.exe -k imgsvc ---- 
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe ---- 
C:\WINDOWS\system32\wdfmgr.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\wdfmgr.exe ---- 
C:\Program Files\Raxco\PerfectDisk\PDSched.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Raxco\PerfectDisk\PDSched.exe ---- 
C:\WINDOWS\system32\wbem\wmiprvse.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\wbem\wmiprvse.exe ---- 
C:\WINDOWS\system32\wbem\wmiapsrv.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\wbem\wmiapsrv.exe ---- 
C:\WINDOWS\System32\alg.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\System32\alg.exe ---- 
C:\WINDOWS\system32\Ati2evxx.exe ---- 0 Ko ---- Normal ---- Ati2evxx.exe -Client ---- 
C:\WINDOWS\system32\wscntfy.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\wscntfy.exe ---- 
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe  ---- 
C:\Program Files\ltmoh\Ltmoh.exe ---- 0 Ko ---- Normal ---- C:\Program Files\ltmoh\Ltmoh.exe  ---- 
C:\WINDOWS\AGRSMMSG.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\AGRSMMSG.exe  ---- 
C:\Program Files\Toshiba\Toshiba Applet	hotkey.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Toshiba\Toshiba Applet	hotkey.exe  ---- 
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe ---- 0 Ko ---- Normal ---- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe  ---- 
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe ---- 0 Ko ---- Normal ---- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe  ---- 
C:\Program Files\Synaptics\SynTP\Toshiba.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Synaptics\SynTP\Toshiba /RegPlugIn ---- 
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe ---- 0 Ko ---- Normal ---- C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe  ---- 
C:\WINDOWS\System32\DLA\DLACTRLW.EXE ---- 0 Ko ---- Normal ---- C:\WINDOWS\System32\DLA\DLACTRLW.EXE  ---- 
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe  ---- 
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless ---- 
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe /icon ---- 
C:\WINDOWS\System32\svchost.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\System32\svchost.exe -k HTTPFilter ---- 
C:\WINDOWS\system32\TPSBattM.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\TPSBattM.exe ---- 
C:\WINDOWS\RTHDCPL.EXE ---- 0 Ko ---- Normal ---- C:\WINDOWS\RTHDCPL.EXE  ---- 
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe  ---- 
C:\Program Files\QuickTime\qttask.exe ---- 0 Ko ---- Normal ---- C:\Program Files\QuickTime\qttask.exe -atboottime ---- 
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe  ---- Seagate Technology, LLC
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe ---- 0 Ko ---- Normal ---- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe runtime -Delay ---- 
C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe ---- 0 Ko ---- Normal ---- C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe  ---- 
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe  ---- Google Inc
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe ---- 0 Ko ---- Normal ---- C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe -Embedding ---- 
C:\WINDOWS\system32\RAMASST.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\RAMASST.exe  ---- 
C:\Program Files\Google\Chrome\Application\chrome.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Google\Chrome\Application\chrome.exe  ---- Google Inc
C:\Program Files\Google\Chrome\Application\chrome.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Google\Chrome\Application\chrome.exe --type=renderer --lang=fr --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/ --channel=3160.011B0480.395597097 /prefetch:3 ---- Google Inc
C:\Program Files\Google\Chrome\Application\chrome.exe ---- 0 Ko ---- Normal ---- C:\Program Files\Google\Chrome\Application\chrome.exe --type=plugin --plugin-path=C:\Program Files\Google\Chrome\Application\8.0.552.224\gcswf32.dll --lang=fr --plugin-data-dir=C:\Documents and Settings\Michel\Local Settings\Application Data\Google\Chrome\User Data\Default --channel=3160.04BCEE4C.1789962466 /prefetch:4 ---- Google Inc
C:\WINDOWS\system32\wuauclt.exe ---- 0 Ko ---- Normal ---- C:\WINDOWS\system32\wuauclt.exe ---- Microsoft Windows Component Publisher
C:\WINDOWS\explorer.exe ---- 0 Ko ---- Normal ---- explorer.exe  ---- 
C:\WINDOWS\system32\cmd.exe ---- 0 Ko ---- Normal ---- cmd /c C:\PROGRA~1\List_Kill'em\List'em.bat  ---- 
C:\PROGRA~1\List_Kill'em\pv.exe ---- 0 Ko ---- Normal ---- pv.exe -o%f ---- %m Ko ---- %p ---- %l ---- %s  ---- 


¤¤¤¤¤¤¤¤¤¤ Keys Run ¤¤¤¤¤¤¤¤¤¤

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
TOSCDSPD	=         	C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
ccleaner	=         	C:\Program Files\CCleaner\ccleaner.exe /AUTO
swg	=         	C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
SynTPEnh	=         	C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 
LtMoh	=         	C:\Program Files\ltmoh\Ltmoh.exe 
AGRSMMSG	=         	AGRSMMSG.exe 
THotkey	=         	C:\Program Files\Toshiba\Toshiba Applet	hotkey.exe 
TPSMain	=         	TPSMain.exe 
NDSTray.exe	=         	NDSTray.exe 
SmoothView	=         	C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe 
TFncKy	=         	TFncKy.exe 
TDispVol	=         	TDispVol.exe 
DLA	=         	C:\WINDOWS\System32\DLA\DLACTRLW.EXE 
IntelZeroConfig	=         	C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe 
IntelWireless	=         	C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless 
SpeedTouch USB Diagnostics	=         	C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe /icon 
RTHDCPL	=         	RTHDCPL.EXE 
Acrobat Assistant 7.0	=         	C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe 
QuickTime Task	=         	C:\Program Files\QuickTime\qttask.exe -atboottime 
MaxMenuMgr	=         	C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe 
ATICCC	=         	C:\Program Files\ATI Technologies\ATI.ACE\cli.exe runtime -Delay 
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Policies\explorer

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] 
NoDriveTypeAutoRun	=      	323 (0x143) 
NoDriveAutoRun	=      	67108863 (0x3ffffff) 
NoDrives	=      	0 (0x0) 

¤¤¤¤¤¤ 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] 
HonorAutoRunSetting	=      	1 (0x1) 
NoCDBurning	=      	0 (0x0) 
NoDriveAutoRun	=      	67108863 (0x3ffffff) 
NoDriveTypeAutoRun	=      	323 (0x143) 
NoDrives	=      	0 (0x0) 

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ AppInit_DLLS
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Winlogon

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 
 AutoRestartShell	=      	1 (0x1) 
 Shell	=         	explorer.exe 
 Userinit	=         	C:\WINDOWS\System32\userinit.exe, 

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Winlogon\Notify

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\AtiExtEvent]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\dimsntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\igfxcui]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify	ermsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\WgaLogon]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\wlballoon]

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Explorer\ShellExecuteHooks

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972}	=         	 

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ firewallpolicy

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe	=         	%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
%windir%\Network Diagnostic\xpnetdiag.exe	=         	%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Bonjour\mDNSResponder.exe	=         	C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
C:\Program Files\Skype\Phone\Skype.exe	=         	C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype

¤¤¤¤¤

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe	=         	%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
%windir%\Network Diagnostic\xpnetdiag.exe	=         	%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

¤¤¤¤¤¤¤¤¤¤ ActivX 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{21092D51-94F5-E3DC-8F24-3F9CE6566B76}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A3320D6-C805-4280-B423-B665BDE33D8F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2F6EFCE6-10DF-49F9-9E64-9AE3775B2588}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{411EDCF7-755D-414E-A74B-3DCD6583F589}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6845F32C-D033-F6DD-624B-860127F1371F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9A394342-4A68-4EBA-85A6-55B559F4E700}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A85EA3FF-0FF5-2961-FC7A-AF0DD895080E}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]

¤¤¤¤¤¤¤¤¤¤ BHO

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AE7CD045-E861-484f-8273-0445EE161910}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

¤¤¤¤¤¤¤¤¤¤ DNS 

HKLM\SYSTEM\CCS\Services\Tcpip\..\{911C65F0-FD75-43DF-AE32-5296994D53EA}: DhcpNameServer=192.168.1.1 192.168.1.1 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{911C65F0-FD75-43DF-AE32-5296994D53EA}: DhcpNameServer=192.168.1.1 192.168.1.1 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{911C65F0-FD75-43DF-AE32-5296994D53EA}: DhcpNameServer=192.168.1.1 192.168.1.1 
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1 
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1 
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1 


¤¤¤¤¤¤¤¤¤¤ Internet Explorer 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page	=         	https://www.msn.com/fr-fr/?ocid=iehp
Local Page	=         	C:\WINDOWS\system32\blank.htm
Default_Search_URL	=         	https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
Default_Page_URL	=         	https://www.msn.com/fr-fr/?ocid=iehp
Search Page	=         	https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page	=         	https://www.google.com/?gws_rd=ssl
Local Page	=         	C:\WINDOWS\system32\blank.htm
Search Page	=         	http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

¤¤¤¤¤ Proxy 

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
ProxyHttp1.1	=      	1 (0x1)
ProxyEnable	=      	0 (0x0)
ProxyServer	=         	http=127.0.0.1:5555

¤¤¤¤¤¤¤¤¤¤ Safemode 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot : OK !!  
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal : OK !!  
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network : OK !!  

¤¤¤¤¤¤¤¤¤¤ SVC | svchost 


¤¤¤¤¤¤¤¤¤¤ IFEO | debugger 
 

¤¤¤¤¤¤¤¤¤¤ Mountpoints2 
 
 

¤¤¤¤¤¤¤¤¤¤ Services 
 
¤ Ndisuio => Start : 3 ( OK = 3 ) 
¤ EapHost => Start : 2 ( OK = 2 ) 
¤ Ip6Fw => Start : 2 ( OK = 2 ) 
¤ SharedAccess => Start : 2 ( OK = 2 ) 
¤ wuauserv => Start : 2 ( OK = 2 ) 
¤ wscsvc => Start : 2 ( OK = 2 ) 

¤¤¤¤¤¤¤¤¤¤ First Scan
 
 

¤¤¤¤¤¤¤¤¤¤ HKCU | HKLM 
 
[12B79064-EB17-4f82-9DFE-B975BD26D1DC	=         	]  
[HKEY_CURRENT_USER\software\Adobe]  
[HKEY_CURRENT_USER\software\Alcatel]  
[HKEY_CURRENT_USER\software\ALWIL Software]  
[HKEY_CURRENT_USER\software\APLI]  
[HKEY_CURRENT_USER\software\APLI-AGIPA]  
[HKEY_CURRENT_USER\software\AppDataLow]  
[HKEY_CURRENT_USER\software\Astonsoft]  
[HKEY_CURRENT_USER\software\ATI]  
[HKEY_CURRENT_USER\software\Aurigma]  
[HKEY_CURRENT_USER\software\Avg]  
[HKEY_CURRENT_USER\software\Canon]  
[HKEY_CURRENT_USER\software\CeWe Color]  
[HKEY_CURRENT_USER\software\Classes.crx]  
[HKEY_CURRENT_USER\software\Clients]  
[HKEY_CURRENT_USER\software\Corel]  
[HKEY_CURRENT_USER\software\ej-technologies]  
[HKEY_CURRENT_USER\software\ESET]  
[HKEY_CURRENT_USER\software\Fastlab_FRA]  
[HKEY_CURRENT_USER\software\FileMaker]  
[HKEY_CURRENT_USER\software\FissaSearch]  
[HKEY_CURRENT_USER\software\FRANCE TELECOM]  
[HKEY_CURRENT_USER\software\GNU]  
[HKEY_CURRENT_USER\software\Google]  
[HKEY_CURRENT_USER\software\HKEY_LOCAL_MACHINE]  
[HKEY_CURRENT_USER\software\IM Providers]  
[HKEY_CURRENT_USER\software\Intel]  
[HKEY_CURRENT_USER\software\InterVideo]  
[HKEY_CURRENT_USER\software\JavaSoft]  
[HKEY_CURRENT_USER\software\JEDI-VCL]  
[HKEY_CURRENT_USER\software\Kazaa]  
[HKEY_CURRENT_USER\software\KGB Archiver]  
[HKEY_CURRENT_USER\software\Lake]  
[HKEY_CURRENT_USER\software\LaserWare]  
[HKEY_CURRENT_USER\software\Leadertech]  
[HKEY_CURRENT_USER\software\Local AppWizard-Generated Applications]  
[HKEY_CURRENT_USER\software\Macromedia]  
[HKEY_CURRENT_USER\software\Malwarebytes' Anti-Malware]  
[HKEY_CURRENT_USER\software\MAP-DN]  
[HKEY_CURRENT_USER\software\Microsoft]  
[HKEY_CURRENT_USER\software\MMBPlayer]  
[HKEY_CURRENT_USER\software\monAlbumPhoto]  
[HKEY_CURRENT_USER\software\MozillaPlugins]  
[HKEY_CURRENT_USER\software\Netscape]  
[HKEY_CURRENT_USER\software\ODBC]  
[HKEY_CURRENT_USER\software\Phison]  
[HKEY_CURRENT_USER\software\Piriform]  
[HKEY_CURRENT_USER\software\Policies]  
[HKEY_CURRENT_USER\software\PowerQuest]  
[HKEY_CURRENT_USER\software\Raxco]  
[HKEY_CURRENT_USER\software\Realtek]  
[HKEY_CURRENT_USER\software\ScanSoft]  
[HKEY_CURRENT_USER\software\Seagate]  
[HKEY_CURRENT_USER\software\Skyline]  
[HKEY_CURRENT_USER\software\Skype]  
[HKEY_CURRENT_USER\software\Softonic]  
[HKEY_CURRENT_USER\software\Sonic]  
[HKEY_CURRENT_USER\software\Sony Corporation]  
[HKEY_CURRENT_USER\software\Spointer]  
[HKEY_CURRENT_USER\software\Stardock]  
[HKEY_CURRENT_USER\software\Synaptics]  
[HKEY_CURRENT_USER\software\Sysinternals]  
[HKEY_CURRENT_USER\software\Toshiba]  
[HKEY_CURRENT_USER\software\Troi]  
[HKEY_CURRENT_USER\software\Trolltech]  
[HKEY_CURRENT_USER\software\Wget]  
[HKEY_CURRENT_USER\software\WinmailReader]  
[HKEY_CURRENT_USER\software\Yahoo]  
[HKEY_CURRENT_USER\software\YahooPartnerToolbar]  
[HKEY_CURRENT_USER\software\Classes]  

[flash	=         	application/x-shockwave-flash]  
[HKEY_LOCAL_MACHINE\software\13fe]  
[HKEY_LOCAL_MACHINE\software\Adobe]  
[HKEY_LOCAL_MACHINE\software\Adobe Systems]  
[HKEY_LOCAL_MACHINE\software\Adobe Systems Incorporated]  
[HKEY_LOCAL_MACHINE\software\Agere]  
[HKEY_LOCAL_MACHINE\software\Alcatel]  
[HKEY_LOCAL_MACHINE\software\ALWIL Software]  
[HKEY_LOCAL_MACHINE\software\APLI-AGIPA]  
[HKEY_LOCAL_MACHINE\software\Apple Computer, Inc.]  
[HKEY_LOCAL_MACHINE\software\ATI]  
[HKEY_LOCAL_MACHINE\software\ATI Technologies]  
[HKEY_LOCAL_MACHINE\software\ATI Technologies Inc.]  
[HKEY_LOCAL_MACHINE\software\Avg]  
[HKEY_LOCAL_MACHINE\software\BitTorrent]  
[HKEY_LOCAL_MACHINE\software\BufferZone]  
[HKEY_LOCAL_MACHINE\software\C07ft5Y]  
[HKEY_LOCAL_MACHINE\software\Canon]  
[HKEY_LOCAL_MACHINE\software\CCleaner]  
[HKEY_LOCAL_MACHINE\software\Classes]  
[HKEY_LOCAL_MACHINE\software\Clients]  
[HKEY_LOCAL_MACHINE\software\Convar Deutschland GmbH]  
[HKEY_LOCAL_MACHINE\software\ej-technologies]  
[HKEY_LOCAL_MACHINE\software\Eset]  
[HKEY_LOCAL_MACHINE\software\Fastlab_FRA]  
[HKEY_LOCAL_MACHINE\software\FRANCE TELECOM]  
[HKEY_LOCAL_MACHINE\software\Gemplus]  
[HKEY_LOCAL_MACHINE\software\Google]  
[HKEY_LOCAL_MACHINE\software\HPS]  
[HKEY_LOCAL_MACHINE\software\ICL]  
[HKEY_LOCAL_MACHINE\software\InstalledOptions]  
[HKEY_LOCAL_MACHINE\software\InstallShield]  
[HKEY_LOCAL_MACHINE\software\Intel]  
[HKEY_LOCAL_MACHINE\software\InterVideo]  
[HKEY_LOCAL_MACHINE\software\JavaSoft]  
[HKEY_LOCAL_MACHINE\software\JreMetrics]  
[HKEY_LOCAL_MACHINE\software\knight]  
[HKEY_LOCAL_MACHINE\software\Lake]  
[HKEY_LOCAL_MACHINE\software\LOXANE]  
[HKEY_LOCAL_MACHINE\software\Lucent]  
[HKEY_LOCAL_MACHINE\software\Macromedia]  
[HKEY_LOCAL_MACHINE\software\Macrovision]  
[HKEY_LOCAL_MACHINE\software\Malwarebytes' Anti-Malware]  
[HKEY_LOCAL_MACHINE\software\MAP-DN]  
[HKEY_LOCAL_MACHINE\software\MAXSOFT-OCRON]  
[HKEY_LOCAL_MACHINE\software\MDC]  
[HKEY_LOCAL_MACHINE\software\Microsoft]  
[HKEY_LOCAL_MACHINE\software\Mon Univers Fotocompil]  
[HKEY_LOCAL_MACHINE\software\Mon Univers livrephoto]  
[HKEY_LOCAL_MACHINE\software\Mozilla]  
[HKEY_LOCAL_MACHINE\software\MozillaPlugins]  
[HKEY_LOCAL_MACHINE\software\ODBC]  
[HKEY_LOCAL_MACHINE\software\optimidata]  
[HKEY_LOCAL_MACHINE\software\Panasonic ODSD]  
[HKEY_LOCAL_MACHINE\software\PDF995]  
[HKEY_LOCAL_MACHINE\software\Policies]  
[HKEY_LOCAL_MACHINE\software\PowerQuest]  
[HKEY_LOCAL_MACHINE\software\Preview Systems]  
[HKEY_LOCAL_MACHINE\software\Program Groups]  
[HKEY_LOCAL_MACHINE\software\Raxco]  
[HKEY_LOCAL_MACHINE\software\Realtek]  
[HKEY_LOCAL_MACHINE\software\Realtek Semiconductor Corp.]  
[HKEY_LOCAL_MACHINE\software\RegisteredApplications]  
[HKEY_LOCAL_MACHINE\software\ScanSoft]  
[HKEY_LOCAL_MACHINE\software\Schlumberger]  
[HKEY_LOCAL_MACHINE\software\SDS Software]  
[HKEY_LOCAL_MACHINE\software\Seagate]  
[HKEY_LOCAL_MACHINE\software\Secure]  
[HKEY_LOCAL_MACHINE\software\Skyline]  
[HKEY_LOCAL_MACHINE\software\Skype]  
[HKEY_LOCAL_MACHINE\software\Sonic]  
[HKEY_LOCAL_MACHINE\software\swearware]  
[HKEY_LOCAL_MACHINE\software\Symantec]  
[HKEY_LOCAL_MACHINE\software\Synaptics]  
[HKEY_LOCAL_MACHINE\software\Thomson]  
[HKEY_LOCAL_MACHINE\software\TOSHIBA]  
[HKEY_LOCAL_MACHINE\software\Trolltech]  
[HKEY_LOCAL_MACHINE\software\WebSupergoo]  
[HKEY_LOCAL_MACHINE\software\Wilson WindowWare]  
[HKEY_LOCAL_MACHINE\software\Windows 3.1 Migration Status]  
[HKEY_LOCAL_MACHINE\software\Wise Solutions]  
[HKEY_LOCAL_MACHINE\software\Yahoo]  

¤¤¤¤¤¤¤¤¤¤ Files/folders ¤¤¤¤¤¤¤¤¤¤

 
¤¤¤¤¤¤¤¤¤¤ Keys : 

Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer : NoDrives  
Present !! : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer : NoDrives  

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-14 07:31:49
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: FUJITSU_MHV2100BH_PL rev.00000029 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 
1 nt!IofCallDriver[0x804E13B9] -> \Device\Harddisk0\DR0[0x86FCEAB8]
3 CLASSPNP[0xF7576FD7] -> nt!IofCallDriver[0x804E13B9] -> \Device\0000007d[0x86ECF030]
5 ACPI[0xF74CC620] -> nt!IofCallDriver[0x804E13B9] -> \Device\Ide\IdeDeviceP0T0L0-3[0x86F50940]
kernel: MBR read successfully
user & kernel MBR OK 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] 
FirstRunDisabled	=      	1 (0x1) 
AntiVirusDisableNotify	=      	0 (0x0) 
FirewallDisableNotify	=      	0 (0x0) 
UpdatesDisableNotify	=      	0 (0x0) 
AntiVirusOverride	=      	0 (0x0) 
FirewallOverride	=      	0 (0x0) 

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

End of scan :  7:32:52

gen-hackman · Answer

relance-le clic sur Kill Proxy et dis-moi ce que dit la petite fenetre qui va s 'ouvrir

vrp74 · Answer

impossible de trouver programme export

gen-hackman · Answer

pardon ?

vrp74 · Answer

Quand je lance list kill'em j'ai une fenetre qui s'ouvere en me donnant le choix  
search  clean  tool stop service exit , je n'ai pas de kill proxy

gen-hackman · Answer

pardon Tools , puis killproxy

vrp74 · Answer

value changed success fully

gen-hackman · Answer

Télécharge ici :OTL

&#9654 enregistre le sur ton Bureau.

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...." 

sur OTL.exe pour le lancer.

&#9654 Coche les 2 cases Lop et Purity

&#9654 Coche la case devant tous les utilisateurs

&#9654 règle age du fichier sur "60 jours"

&#9654 dans les 6 onglets de la moitié gauche , mets tout sur "tous"

ne modifie pas ceci : 

"fichiers créés" et "fichiers Modifiés" 

&#9654Clic sur Analyse.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

&#9654&#9654&#9654 NE LE POSTE PAS SUR LE FORUM

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

&#9654 Clique sur Parcourir et cherche le fichier ci-dessus.

&#9654 Clique sur Ouvrir.

&#9654 Clique sur "Cliquez ici pour déposer le fichier".

juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

&#9654 Copie ce lien dans ta réponse.

&#9654&#9654 Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.

vrp74 · Answer

http://www.cijoint.fr/cjlink.php?file=cj201101/cijFK8vGSd.txt

http://www.cijoint.fr/cjlink.php?file=cj201101/cijsoW2Bf6.txt


je te transmets les 2 liens

gen-hackman · Answer

il me manque le rapport de combofix via cijoint.fr aussi comme demandé plus haut

vrp74 · Answer

http://www.cijoint.fr/cjlink.php?file=cj201101/cijsoW2Bf6.txt

rapport combo

gen-hackman · Answer

non c'est extra.txt ca.....

vrp74 · Answer

http://www.cijoint.fr/cjlink.php?file=cj201101/cijsG7xNfL.txt

ça doit etre le bon

Systeme tool

38 réponses

Votre réponse

Newsletters