| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/ATRAPS.Gen + TR/Rootkit.Gen8Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.04.2012, 15:58
| #16 |
 |  TR/ATRAPS.Gen + TR/Rootkit.Gen8 Habe den tdsskiller runtergeladen und gestartet.Dann den Neustart zugelassen. Doch danach fuhr der PC nicht mehr hoch. Hab ihm 40 Minuten gegeben und dann den Pc per Knopfdruck ausgemacht, in der Hoffnung, dass es beim nächsten Versuch klappt. Jetzt fährt er aber wieder nicht hoch (seit 20 Minuten).... Was nun?? Ich habs jetzt mehrmals probiert, der PC fährt einfach nicht mehr hoch. Was soll ich tun ? PC fährt einfach nicht mehr hoch. Was nun? |
|
21.04.2012, 18:44
| #17 |
| | TR/ATRAPS.Gen + TR/Rootkit.Gen8 Bin mit dem letzten gespeicherten Einstellung hochgefahren. Hier das Log. Soll ich nun beim Programm Killer JA drücken?
__________________Code:
ATTFilter 2012-04-20 15:47:32: ****************************************************
2012-04-20 15:47:32: Starting UP ... v 0.0.0.220
2012-04-20 15:47:32: ****************************************************
2012-04-20 15:47:32: Stop TPSRV returns: 2
2012-04-20 15:47:47: Listing processes...
2012-04-20 15:47:47: :[System Process]:0
2012-04-20 15:47:47: :System:4
2012-04-20 15:47:47: :smss.exe:448
2012-04-20 15:47:47: :csrss.exe:576
2012-04-20 15:47:47: :wininit.exe:632
2012-04-20 15:47:47: :csrss.exe:640
2012-04-20 15:47:47: :services.exe:676
2012-04-20 15:47:47: :lsass.exe:692
2012-04-20 15:47:47: :lsm.exe:704
2012-04-20 15:47:47: :winlogon.exe:728
2012-04-20 15:47:47: :svchost.exe:888
2012-04-20 15:47:47: :svchost.exe:960
2012-04-20 15:47:47: :svchost.exe:1024
2012-04-20 15:47:47: :Ati2evxx.exe:1100
2012-04-20 15:47:47: :svchost.exe:1116
2012-04-20 15:47:47: :svchost.exe:1200
2012-04-20 15:47:47: :svchost.exe:1220
2012-04-20 15:47:47: :audiodg.exe:1288
2012-04-20 15:47:48: :svchost.exe:1312
2012-04-20 15:47:48: :SLsvc.exe:1328
2012-04-20 15:47:48: :svchost.exe:1376
2012-04-20 15:47:48: :Ati2evxx.exe:1456
2012-04-20 15:47:48: :svchost.exe:1536
2012-04-20 15:47:48: :dwm.exe:1820
2012-04-20 15:47:48: :explorer.exe:1856
2012-04-20 15:47:48: :spoolsv.exe:1976
2012-04-20 15:47:48: :taskeng.exe:2028
2012-04-20 15:47:48: :sched.exe:272
2012-04-20 15:47:48: :MSASCui.exe:284
2012-04-20 15:47:48: :RtHDVCpl.exe:460
2012-04-20 15:47:48: :svchost.exe:544
2012-04-20 15:47:48: :taskeng.exe:580
2012-04-20 15:47:48: :dmhkcore.exe:564
2012-04-20 15:47:48: :MOM.exe:800
2012-04-20 15:47:48: :armsvc.exe:1368
2012-04-20 15:47:48: :agrsmsvc.exe:280
2012-04-20 15:47:48: :avguard.exe:2076
2012-04-20 15:47:48: :FortKnox.exe:2160
2012-04-20 15:47:48: :taskeng.exe:2176
2012-04-20 15:47:48: :LSSrvc.exe:2324
2012-04-20 15:47:48: :svchost.exe:2380
2012-04-20 15:47:48: :RichVideo.exe:2420
2012-04-20 15:47:48: :svchost.exe:2484
2012-04-20 15:47:48: :svchost.exe:2596
2012-04-20 15:47:48: :svchost.exe:2628
2012-04-20 15:47:48: :SearchIndexer.exe:2672
2012-04-20 15:47:48: :CCC.exe:3216
2012-04-20 15:47:48: :avshadow.exe:3644
2012-04-20 15:47:48: :SynTPEnh.exe:4008
2012-04-20 15:47:48: :PDVDServ.exe:4016
2012-04-20 15:47:48: :avgnt.exe:4032
2012-04-20 15:47:48: :jusched.exe:4040
2012-04-20 15:47:48: :Updater.exe:4048
2012-04-20 15:47:48: :soffice.exe:1048
2012-04-20 15:47:48: :soffice.bin:12
2012-04-20 15:47:48: :wmpnscfg.exe:2772
2012-04-20 15:47:48: :wmpnetwk.exe:856
2012-04-20 15:47:48: :svchost.exe:3012
2012-04-20 15:47:48: :wuauclt.exe:2332
2012-04-20 15:47:48: :iexplore.exe:172
2012-04-20 15:47:48: :iexplore.exe:2052
2012-04-20 15:47:48: :FlashUtil11e_ActiveX.exe:4248
2012-04-20 15:47:48: :MpCmdRun.exe:9332
2012-04-20 15:47:48: :iexplore.exe:7352
2012-04-20 15:47:48: :SearchProtocolHost.exe:10972
2012-04-20 15:47:48: :SearchFilterHost.exe:10984
2012-04-20 15:47:48: :yorkyt.exe:4028
2012-04-20 15:47:48: :WmiPrvSE.exe:10496
2012-04-20 15:47:48: :conime.exe:3032
2012-04-20 15:47:48:
2012-04-20 15:47:48: Setting restore point
2012-04-20 15:48:15: Determining autonomous or dropped mode...
2012-04-20 15:48:15: Autonomus mode
2012-04-20 15:48:16: Installing drivers...
2012-04-20 15:48:19: Checking that it installed...
2012-04-20 15:48:19: Driver is installed...
2012-04-20 15:48:19: cmd.exe /c start "C:\Users\Zarelli\Desktop\yorkyt.exe"
2012-04-20 15:48:41: Restarting...
2012-04-20 18:49:30: ****************************************************
2012-04-20 18:49:30: Starting UP ... v 0.0.0.220
2012-04-20 18:49:30: ****************************************************
2012-04-20 18:49:30: Stop TPSRV returns: 2
2012-04-20 18:49:45: Listing processes...
2012-04-20 18:49:45: :[System Process]:0
2012-04-20 18:49:45: :System:4
2012-04-20 18:49:45: :smss.exe:360
2012-04-20 18:49:45: :csrss.exe:484
2012-04-20 18:49:45: :csrss.exe:520
2012-04-20 18:49:45: :wininit.exe:528
2012-04-20 18:49:45: :winlogon.exe:572
2012-04-20 18:49:45: :services.exe:604
2012-04-20 18:49:45: :lsass.exe:616
2012-04-20 18:49:45: :lsm.exe:624
2012-04-20 18:49:45: :svchost.exe:764
2012-04-20 18:49:45: :svchost.exe:820
2012-04-20 18:49:45: :svchost.exe:856
2012-04-20 18:49:45: :svchost.exe:940
2012-04-20 18:49:45: :svchost.exe:972
2012-04-20 18:49:45: :svchost.exe:1012
2012-04-20 18:49:45: :svchost.exe:1060
2012-04-20 18:49:45: :svchost.exe:1076
2012-04-20 18:49:45: :svchost.exe:1232
2012-04-20 18:49:45: :svchost.exe:1336
2012-04-20 18:49:45: :explorer.exe:1556
2012-04-20 18:49:45: :wmpnscfg.exe:120
2012-04-20 18:49:45: :yorkyt.exe:1524
2012-04-20 18:49:45: :WmiPrvSE.exe:1648
2012-04-20 18:49:45:
2012-04-20 18:49:45: Computer not restarted. Please restart
2012-04-21 18:30:47: ****************************************************
2012-04-21 18:30:47: Starting UP ... v 0.0.0.220
2012-04-21 18:30:47: ****************************************************
2012-04-21 18:30:50: Stop TPSRV returns: 2
2012-04-21 18:31:05: Listing processes...
2012-04-21 18:31:05: :[System Process]:0
2012-04-21 18:31:05: :System:4
2012-04-21 18:31:05: :smss.exe:504
2012-04-21 18:31:05: :csrss.exe:572
2012-04-21 18:31:05: :csrss.exe:628
2012-04-21 18:31:05: :wininit.exe:636
2012-04-21 18:31:05: :winlogon.exe:664
2012-04-21 18:31:05: :services.exe:720
2012-04-21 18:31:05: :lsass.exe:732
2012-04-21 18:31:05: :lsm.exe:748
2012-04-21 18:31:05: :svchost.exe:888
2012-04-21 18:31:05: :svchost.exe:956
2012-04-21 18:31:05: :svchost.exe:992
2012-04-21 18:31:05: :Ati2evxx.exe:1088
2012-04-21 18:31:05: :svchost.exe:1108
2012-04-21 18:31:05: :svchost.exe:1172
2012-04-21 18:31:05: :svchost.exe:1192
2012-04-21 18:31:05: :audiodg.exe:1276
2012-04-21 18:31:05: :svchost.exe:1300
2012-04-21 18:31:05: :SLsvc.exe:1320
2012-04-21 18:31:05: :svchost.exe:1388
2012-04-21 18:31:05: :Ati2evxx.exe:1492
2012-04-21 18:31:05: :svchost.exe:1552
2012-04-21 18:31:05: :spoolsv.exe:1852
2012-04-21 18:31:05: :sched.exe:1880
2012-04-21 18:31:05: :svchost.exe:1904
2012-04-21 18:31:05: :dwm.exe:2024
2012-04-21 18:31:05: :taskeng.exe:124
2012-04-21 18:31:05: :explorer.exe:372
2012-04-21 18:31:05: :taskeng.exe:12
2012-04-21 18:31:05: :dmhkcore.exe:564
2012-04-21 18:31:05: :armsvc.exe:1188
2012-04-21 18:31:05: :agrsmsvc.exe:1400
2012-04-21 18:31:05: :avguard.exe:1240
2012-04-21 18:31:05: :FortKnox.exe:2056
2012-04-21 18:31:05: :LSSrvc.exe:2172
2012-04-21 18:31:05: :taskeng.exe:2200
2012-04-21 18:31:05: :svchost.exe:2208
2012-04-21 18:31:05: :RichVideo.exe:2236
2012-04-21 18:31:05: :svchost.exe:2256
2012-04-21 18:31:05: :svchost.exe:2288
2012-04-21 18:31:05: :svchost.exe:2336
2012-04-21 18:31:05: :SearchIndexer.exe:2408
2012-04-21 18:31:05: :avshadow.exe:2940
2012-04-21 18:31:05: :conime.exe:3136
2012-04-21 18:31:05: :yorkyt.exe:3156
2012-04-21 18:31:05: :MSASCui.exe:3268
2012-04-21 18:31:05: :CLIStart.exe:3288
2012-04-21 18:31:05: :MOM.exe:3308
2012-04-21 18:31:05: :WmiPrvSE.exe:3388
2012-04-21 18:31:05: :RtHDVCpl.exe:3404
2012-04-21 18:31:05: :SynTPEnh.exe:3628
2012-04-21 18:31:05: :PDVDServ.exe:3656
2012-04-21 18:31:05: :avgnt.exe:3676
2012-04-21 18:31:05: :jusched.exe:3704
2012-04-21 18:31:05: :Updater.exe:3712
2012-04-21 18:31:05: :FortKnoxGUI.exe:3748
2012-04-21 18:31:05: :AdobeARM.exe:3768
2012-04-21 18:31:05: :OSA.EXE:3796
2012-04-21 18:31:05: :soffice.exe:3832
2012-04-21 18:31:05: :dllhost.exe:3888
2012-04-21 18:31:05: :soffice.bin:3960
2012-04-21 18:31:05:
2012-04-21 18:31:05: RUN mode
2012-04-21 18:31:05: Determining autonomous or dropped mode...
2012-04-21 18:31:05: Autonomus mode
2012-04-21 18:31:05: Waiting for Explorer.exe...
2012-04-21 18:31:36: Launching parsers...
2012-04-21 18:31:58: ---------------------------------------------------------------------
2012-04-21 18:31:58: Found Service: AeLookupSvc
2012-04-21 18:31:58: Real Path: C:\Windows\System32\aelupsvc.dll
2012-04-21 18:31:58: Display Name: @%SystemRoot%\system32\aelupsvc.dll,-1
2012-04-21 18:31:58: Description: @%SystemRoot%\system32\aelupsvc.dll,-2
2012-04-21 18:31:58: ServiceDLL: System32\aelupsvc.dll
2012-04-21 18:31:58: File size: 24576
2012-04-21 18:31:58: DLL File name: aelupsvc.dll
2012-04-21 18:31:58: Original File Name: aelupsvc.dll.mui
2012-04-21 18:31:58: Company:
2012-04-21 18:31:58: Mod/Cre/Acc time: 20061102114602 20061102102954 20061102124310
2012-04-21 18:31:58: ---------------------------------------------------------------------
2012-04-21 18:31:58: Found Service: Appinfo
2012-04-21 18:31:58: Real Path: C:\Windows\System32\appinfo.dll
2012-04-21 18:31:58: Display Name: @%systemroot%\system32\appinfo.dll,-100
2012-04-21 18:31:58: Description: @%systemroot%\system32\appinfo.dll,-101
2012-04-21 18:31:58: ServiceDLL: System32\appinfo.dll
2012-04-21 18:31:58: File size: 33280
2012-04-21 18:31:58: DLL File name: appinfo.dll
2012-04-21 18:31:58: Original File Name: appinfo.dll.mui
2012-04-21 18:31:58: Company:
2012-04-21 18:31:58: Mod/Cre/Acc time: 20080119003344 20111226205322 20111226205322
2012-04-21 18:31:58: ---------------------------------------------------------------------
2012-04-21 18:31:58: Found Service: AudioEndpointBuilder
2012-04-21 18:31:58: Real Path: C:\Windows\System32\Audiosrv.dll
2012-04-21 18:31:58: Display Name: @%SystemRoot%\system32\audiosrv.dll,-204
2012-04-21 18:31:58: Description: @%SystemRoot%\System32\audiosrv.dll,-205
2012-04-21 18:31:58: ServiceDLL: System32\Audiosrv.dll
2012-04-21 18:31:58: File size: 315392
2012-04-21 18:31:58: DLL File name: Audiosrv.dll
2012-04-21 18:31:58: Original File Name: audiosrv.dll.mui
2012-04-21 18:31:58: Company:
2012-04-21 18:31:58: Mod/Cre/Acc time: 20090411002820 20111226221131 20111226221131
2012-04-21 18:31:58: ---------------------------------------------------------------------
2012-04-21 18:31:58: Found Service: Audiosrv
2012-04-21 18:31:58: Real Path: C:\Windows\System32\Audiosrv.dll
2012-04-21 18:31:58: Display Name: @%SystemRoot%\system32\audiosrv.dll,-200
2012-04-21 18:31:58: Description: @%SystemRoot%\System32\audiosrv.dll,-201
2012-04-21 18:31:58: ServiceDLL: System32\Audiosrv.dll
2012-04-21 18:31:58: File size: 315392
2012-04-21 18:31:58: DLL File name: Audiosrv.dll
2012-04-21 18:31:58: Original File Name: audiosrv.dll.mui
2012-04-21 18:31:58: Company:
2012-04-21 18:31:58: Mod/Cre/Acc time: 20090411002820 20111226221131 20111226221131
2012-04-21 18:31:58: ---------------------------------------------------------------------
2012-04-21 18:31:58: Found Service: BFE
2012-04-21 18:31:58: Real Path: C:\Windows\System32\bfe.dll
2012-04-21 18:31:58: Display Name: @%SystemRoot%\system32\bfe.dll,-1001
2012-04-21 18:31:58: Description: @%SystemRoot%\system32\bfe.dll,-1002
2012-04-21 18:31:58: ServiceDLL: System32\bfe.dll
2012-04-21 18:31:58: File size: 334848
2012-04-21 18:31:58: DLL File name: bfe.dll
2012-04-21 18:31:58: Original File Name: BFE.DLL.MUI
2012-04-21 18:31:58: Company:
2012-04-21 18:31:58: Mod/Cre/Acc time: 20090411002820 20111226221126 20111226221126
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: BITS
2012-04-21 18:31:59: Real Path: C:\Windows\System32\qmgr.dll
2012-04-21 18:31:59: Display Name: @%SystemRoot%\system32\qmgr.dll,-1000
2012-04-21 18:31:59: Description: @%SystemRoot%\system32\qmgr.dll,-1001
2012-04-21 18:31:59: ServiceDLL: System32\qmgr.dll
2012-04-21 18:31:59: File size: 758784
2012-04-21 18:31:59: DLL File name: qmgr.dll
2012-04-21 18:31:59: Original File Name: qmgr.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20090411002824 20111226221202 20111226221202
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: Browser
2012-04-21 18:31:59: Real Path: C:\Windows\System32\browser.dll
2012-04-21 18:31:59: Display Name: @%systemroot%\system32\browser.dll,-100
2012-04-21 18:31:59: Description: @%systemroot%\system32\browser.dll,-101
2012-04-21 18:31:59: ServiceDLL: System32\browser.dll
2012-04-21 18:31:59: File size: 81920
2012-04-21 18:31:59: DLL File name: browser.dll
2012-04-21 18:31:59: Original File Name: browser.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20080119003350 20111226205318 20111226205318
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: CertPropSvc
2012-04-21 18:31:59: Real Path: C:\Windows\System32\certprop.dll
2012-04-21 18:31:59: Display Name: @%SystemRoot%\System32\certprop.dll,-11
2012-04-21 18:31:59: Description: @%SystemRoot%\System32\certprop.dll,-12
2012-04-21 18:31:59: ServiceDLL: System32\certprop.dll
2012-04-21 18:31:59: File size: 40448
2012-04-21 18:31:59: DLL File name: certprop.dll
2012-04-21 18:31:59: Original File Name: certprop.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20090411002820 20111226221115 20111226221115
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: CryptSvc
2012-04-21 18:31:59: Real Path: C:\Windows\system32\cryptsvc.dll
2012-04-21 18:31:59: Display Name: @%SystemRoot%\system32\cryptsvc.dll,-1001
2012-04-21 18:31:59: Description: @%SystemRoot%\system32\cryptsvc.dll,-1002
2012-04-21 18:31:59: ServiceDLL: system32\cryptsvc.dll
2012-04-21 18:31:59: File size: 129024
2012-04-21 18:31:59: DLL File name: cryptsvc.dll
2012-04-21 18:31:59: Original File Name: cryptsvc.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20090411002820 20111226221119 20111226221119
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: DcomLaunch
2012-04-21 18:31:59: Real Path: C:\Windows\system32\rpcss.dll
2012-04-21 18:31:59: Display Name: @oleres.dll,-5012
2012-04-21 18:31:59: Description: @oleres.dll,-5013
2012-04-21 18:31:59: ServiceDLL: system32\rpcss.dll
2012-04-21 18:31:59: File size: 550400
2012-04-21 18:31:59: DLL File name: rpcss.dll
2012-04-21 18:31:59: Original File Name: rpcss.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20090411002826 20111226221219 20111226221219
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: Dhcp
2012-04-21 18:31:59: Real Path: C:\Windows\System32\dhcpcsvc.dll
2012-04-21 18:31:59: Display Name: @%SystemRoot%\system32\dhcpcsvc.dll,-100
2012-04-21 18:31:59: Description: @%SystemRoot%\system32\dhcpcsvc.dll,-101
2012-04-21 18:31:59: ServiceDLL: System32\dhcpcsvc.dll
2012-04-21 18:31:59: File size: 204288
2012-04-21 18:31:59: DLL File name: dhcpcsvc.dll
2012-04-21 18:31:59: Original File Name: dhcpcsvc.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20090411002820 20111226221139 20111226221139
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: Dnscache
2012-04-21 18:31:59: Real Path: C:\Windows\System32\dnsrslvr.dll
2012-04-21 18:31:59: Display Name: @%SystemRoot%\System32\dnsapi.dll,-101
2012-04-21 18:31:59: Description: @%SystemRoot%\System32\dnsapi.dll,-102
2012-04-21 18:31:59: ServiceDLL: System32\dnsrslvr.dll
2012-04-21 18:31:59: File size: 86528
2012-04-21 18:31:59: DLL File name: dnsrslvr.dll
2012-04-21 18:31:59: Original File Name: dnsrslvr.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20110302174427 20111227135202 20111227135202
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: dot3svc
2012-04-21 18:31:59: Real Path: C:\Windows\System32\dot3svc.dll
2012-04-21 18:31:59: Display Name: @%systemroot%\system32\dot3svc.dll,-1102
2012-04-21 18:31:59: Description: @%systemroot%\system32\dot3svc.dll,-1103
2012-04-21 18:31:59: ServiceDLL: System32\dot3svc.dll
2012-04-21 18:31:59: File size: 175616
2012-04-21 18:31:59: DLL File name: dot3svc.dll
2012-04-21 18:31:59: Original File Name: dot3svc.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20090411002820 20111226221139 20111226221139
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: DPS
2012-04-21 18:31:59: Real Path: C:\Windows\system32\dps.dll
2012-04-21 18:31:59: Display Name: @%systemroot%\system32\dps.dll,-500
2012-04-21 18:31:59: Description: @%systemroot%\system32\dps.dll,-501
2012-04-21 18:31:59: ServiceDLL: system32\dps.dll
2012-04-21 18:31:59: File size: 134656
2012-04-21 18:31:59: DLL File name: dps.dll
2012-04-21 18:31:59: Original File Name: dps.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20080119003408 20111226205338 20111226205338
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: EapHost
2012-04-21 18:31:59: Real Path: C:\Windows\System32\eapsvc.dll
2012-04-21 18:31:59: Display Name: @%systemroot%\system32\eapsvc.dll,-1
2012-04-21 18:31:59: Description: @%systemroot%\system32\eapsvc.dll,-2
2012-04-21 18:31:59: ServiceDLL: System32\eapsvc.dll
2012-04-21 18:31:59: File size: 57344
2012-04-21 18:31:59: DLL File name: eapsvc.dll
2012-04-21 18:31:59: Original File Name: eapsvc.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20080119003410 20111226205342 20111226205342
2012-04-21 18:32:00: ---------------------------------------------------------------------
2012-04-21 18:32:00: Found Service: EMDMgmt
2012-04-21 18:32:00: Real Path: C:\Windows\system32\emdmgmt.dll
2012-04-21 18:32:00: Display Name: @%SystemRoot%\system32\emdmgmt.dll,-1000
2012-04-21 18:32:00: Description: @%SystemRoot%\system32\emdmgmt.dll,-1001
2012-04-21 18:32:00: ServiceDLL: system32\emdmgmt.dll
2012-04-21 18:32:00: File size: 564224
2012-04-21 18:32:00: DLL File name: emdmgmt.dll
2012-04-21 18:32:00: Original File Name: emdmgmt.dll.mui
2012-04-21 18:32:00: Company:
2012-04-21 18:32:00: Mod/Cre/Acc time: 20090411002820 20111226221143 20111226221143
2012-04-21 18:32:00: ---------------------------------------------------------------------
2012-04-21 18:32:00: Found Service: EventSystem
2012-04-21 18:32:00: Real Path: C:\Windows\system32\es.dll
2012-04-21 18:32:00: Display Name: @comres.dll,-2450
2012-04-21 18:32:00: Description: @comres.dll,-2451
2012-04-21 18:32:00: ServiceDLL: system32\es.dll
2012-04-21 18:32:00: File size: 268800
2012-04-21 18:32:00: DLL File name: es.dll
2012-04-21 18:32:00: Original File Name: ES.DLL
2012-04-21 18:32:00: Company:
2012-04-21 18:32:00: Mod/Cre/Acc time: 20090411002820 20111226221142 20111226221142
2012-04-21 18:32:00: ---------------------------------------------------------------------
2012-04-21 18:32:00: Found Service: fdPHost
2012-04-21 18:32:00: Real Path: C:\Windows\system32\fdPHost.dll
2012-04-21 18:32:00: Display Name: @%systemroot%\system32\fdPHost.dll,-100
2012-04-21 18:32:00: Description: @%systemroot%\system32\fdPHost.dll,-101
2012-04-21 18:32:00: ServiceDLL: system32\fdPHost.dll
2012-04-21 18:32:00: File size: 13312
2012-04-21 18:32:00: DLL File name: fdPHost.dll
2012-04-21 18:32:00: Original File Name: fdPHost.dll.mui
2012-04-21 18:32:00: Company:
2012-04-21 18:32:00: Mod/Cre/Acc time: 20080119003422 20111226205341 20111226205341
2012-04-21 18:32:00: ---------------------------------------------------------------------
2012-04-21 18:32:00: Found Service: FDResPub
2012-04-21 18:32:00: Real Path: C:\Windows\system32\fdrespub.dll
2012-04-21 18:32:00: Display Name: @%systemroot%\system32\fdrespub.dll,-100
2012-04-21 18:32:00: Description: @%systemroot%\system32\fdrespub.dll,-101
2012-04-21 18:32:00: ServiceDLL: system32\fdrespub.dll
2012-04-21 18:32:00: File size: 27648
2012-04-21 18:32:00: DLL File name: fdrespub.dll
2012-04-21 18:32:00: Original File Name: FDResPub.dll.mui
2012-04-21 18:32:00: Company:
2012-04-21 18:32:00: Mod/Cre/Acc time: 20061102114604 20061102103723 20061102124016
2012-04-21 18:32:00: !!!!!!!
2012-04-21 18:32:00: Found Service: FontCache
2012-04-21 18:32:00: Real Path: C:\Windows\system32\FntCache.dll
2012-04-21 18:32:00: Display Name: @%systemroot%\system32\FntCache.dll,-100
2012-04-21 18:32:00: Description: @%systemroot%\system32\FntCache.dll,-101
2012-04-21 18:32:00: ServiceDLL: system32\FntCache.dll
2012-04-21 18:32:00: File size: 797696
2012-04-21 18:32:00: DLL File name: FntCache.dll
2012-04-21 18:32:00: Original File Name: FontCacheService
2012-04-21 18:32:00: Company:
2012-04-21 18:32:00: Mod/Cre/Acc time: 20110222153309 20111227134904 20111227134904
2012-04-21 18:32:00: !!!!!!!!!
2012-04-21 18:32:01: ---------------------------------------------------------------------
2012-04-21 18:32:01: Found Service: gpsvc
2012-04-21 18:32:01: Real Path: C:\Windows\System32\gpsvc.dll
2012-04-21 18:32:01: Display Name: @gpapi.dll,-112
2012-04-21 18:32:01: Description: @gpapi.dll,-113
2012-04-21 18:32:01: ServiceDLL: System32\gpsvc.dll
2012-04-21 18:32:01: File size: 576512
2012-04-21 18:32:01: DLL File name: gpsvc.dll
2012-04-21 18:32:01: Original File Name: gpsvc.dll.mui
2012-04-21 18:32:01: Company:
2012-04-21 18:32:01: Mod/Cre/Acc time: 20090411002820 20111226221136 20111226221136
2012-04-21 18:32:01: ---------------------------------------------------------------------
2012-04-21 18:32:01: Found Service: hidserv
2012-04-21 18:32:01: Real Path: C:\Windows\system32\hidserv.dll
2012-04-21 18:32:01: Display Name: @%SystemRoot%\System32\hidserv.dll,-101
2012-04-21 18:32:01: Description: @%SystemRoot%\System32\hidserv.dll,-102
2012-04-21 18:32:01: ServiceDLL: system32\hidserv.dll
2012-04-21 18:32:01: File size: 26112
2012-04-21 18:32:01: DLL File name: hidserv.dll
2012-04-21 18:32:01: Original File Name: HIDSERV.DLL.MUI
2012-04-21 18:32:01: Company:
2012-04-21 18:32:01: Mod/Cre/Acc time: 20090411002820 20111226221134 20111226221134
2012-04-21 18:32:01: ---------------------------------------------------------------------
2012-04-21 18:32:01: Found Service: hkmsvc
2012-04-21 18:32:01: Real Path: C:\Windows\system32\kmsvc.dll
2012-04-21 18:32:01: Display Name: @%SystemRoot%\system32\kmsvc.dll,-6
2012-04-21 18:32:01: Description: @%SystemRoot%\system32\kmsvc.dll,-7
2012-04-21 18:32:01: ServiceDLL: system32\kmsvc.dll
2012-04-21 18:32:01: File size: 68096
2012-04-21 18:32:01: DLL File name: kmsvc.dll
2012-04-21 18:32:01: Original File Name: KmSvc.DLL.MUI
2012-04-21 18:32:01: Company:
2012-04-21 18:32:01: Mod/Cre/Acc time: 20080119003438 20111226205444 20111226205444
2012-04-21 18:32:02: ---------------------------------------------------------------------
2012-04-21 18:32:02: Found Service: IKEEXT
2012-04-21 18:32:02: Real Path: C:\Windows\System32\ikeext.dll
2012-04-21 18:32:02: Display Name: @%SystemRoot%\system32\ikeext.dll,-501
2012-04-21 18:32:02: Description: @%SystemRoot%\system32\ikeext.dll,-502
2012-04-21 18:32:02: ServiceDLL: System32\ikeext.dll
2012-04-21 18:32:02: File size: 438784
2012-04-21 18:32:02: DLL File name: ikeext.dll
2012-04-21 18:32:02: Original File Name: IKEEXT.DLL.MUI
2012-04-21 18:32:02: Company:
2012-04-21 18:32:02: Mod/Cre/Acc time: 20090411002822 20111226221051 20111226221051
2012-04-21 18:32:02: ---------------------------------------------------------------------
2012-04-21 18:32:02: Found Service: IPBusEnum
2012-04-21 18:32:02: Real Path: C:\Windows\system32\ipbusenum.dll
2012-04-21 18:32:02: Display Name: @%systemroot%\system32\IPBusEnum.dll,-102
2012-04-21 18:32:02: Description: @%systemroot%\system32\IPBusEnum.dll,-103
2012-04-21 18:32:02: ServiceDLL: system32\ipbusenum.dll
2012-04-21 18:32:02: File size: 74240
2012-04-21 18:32:02: DLL File name: ipbusenum.dll
2012-04-21 18:32:02: Original File Name: IPBusEnum.dll.mui
2012-04-21 18:32:02: Company:
2012-04-21 18:32:02: Mod/Cre/Acc time: 20080119003436 20111226205444 20111226205444
2012-04-21 18:32:03: ---------------------------------------------------------------------
2012-04-21 18:32:03: Found Service: iphlpsvc
2012-04-21 18:32:03: Real Path: C:\Windows\System32\iphlpsvc.dll
2012-04-21 18:32:03: Display Name: @%SystemRoot%\system32\iphlpsvc.dll,-200
2012-04-21 18:32:03: Description: @%SystemRoot%\system32\iphlpsvc.dll,-201
2012-04-21 18:32:03: ServiceDLL: System32\iphlpsvc.dll
2012-04-21 18:32:03: File size: 200704
2012-04-21 18:32:03: DLL File name: iphlpsvc.dll
2012-04-21 18:32:03: Original File Name: iphlpsvc.dll.mui
2012-04-21 18:32:03: Company:
2012-04-21 18:32:03: Mod/Cre/Acc time: 20100218153003 20111226193541 20111226193541
2012-04-21 18:32:03: ---------------------------------------------------------------------
2012-04-21 18:32:03: Found Service: KtmRm
2012-04-21 18:32:03: Real Path: C:\Windows\system32\msdtckrm.dll
2012-04-21 18:32:03: Display Name: @comres.dll,-2946
2012-04-21 18:32:03: Description: @comres.dll,-2947
2012-04-21 18:32:03: ServiceDLL: system32\msdtckrm.dll
2012-04-21 18:32:03: File size: 344576
2012-04-21 18:32:03: DLL File name: msdtckrm.dll
2012-04-21 18:32:03: Original File Name: MSDTCKRM.DLL
2012-04-21 18:32:03: Company:
2012-04-21 18:32:03: Mod/Cre/Acc time: 20080119003458 20111226205511 20111226205511
2012-04-21 18:32:03: ---------------------------------------------------------------------
2012-04-21 18:32:03: Found Service: LanmanServer
2012-04-21 18:32:03: Real Path: C:\Windows\system32\srvsvc.dll
2012-04-21 18:32:03: Display Name: @%systemroot%\system32\srvsvc.dll,-100
2012-04-21 18:32:03: Description: @%systemroot%\system32\srvsvc.dll,-101
2012-04-21 18:32:03: ServiceDLL: system32\srvsvc.dll
2012-04-21 18:32:03: File size: 125952
2012-04-21 18:32:03: DLL File name: srvsvc.dll
2012-04-21 18:32:03: Original File Name: SRVSVC.DLL.MUI
2012-04-21 18:32:03: Company:
2012-04-21 18:32:03: Mod/Cre/Acc time: 20100906182029 20111227135333 20111227135333
2012-04-21 18:32:03: ---------------------------------------------------------------------
2012-04-21 18:32:03: Found Service: lltdsvc
2012-04-21 18:32:03: Real Path: C:\Windows\System32\lltdsvc.dll
2012-04-21 18:32:03: Display Name: @%SystemRoot%\system32\lltdres.dll,-1
2012-04-21 18:32:03: Description: @%SystemRoot%\system32\lltdres.dll,-2
2012-04-21 18:32:03: ServiceDLL: System32\lltdsvc.dll
2012-04-21 18:32:03: File size: 188928
2012-04-21 18:32:03: DLL File name: lltdsvc.dll
2012-04-21 18:32:03: Original File Name: LLTDSVC.DLL
2012-04-21 18:32:03: Company:
2012-04-21 18:32:03: Mod/Cre/Acc time: 20080119003444 20111226205443 20111226205443
2012-04-21 18:32:03: ---------------------------------------------------------------------
2012-04-21 18:32:03: Found Service: lmhosts
2012-04-21 18:32:03: Real Path: C:\Windows\System32\lmhsvc.dll
2012-04-21 18:32:03: Display Name: @%SystemRoot%\system32\lmhsvc.dll,-101
2012-04-21 18:32:03: Description: @%SystemRoot%\system32\lmhsvc.dll,-102
2012-04-21 18:32:03: ServiceDLL: System32\lmhsvc.dll
2012-04-21 18:32:03: File size: 18944
2012-04-21 18:32:03: DLL File name: lmhsvc.dll
2012-04-21 18:32:03: Original File Name: lmhsvc.dll.mui
2012-04-21 18:32:03: Company:
2012-04-21 18:32:03: Mod/Cre/Acc time: 20061102114605 20061102105709 20061102124046
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: Mcx2Svc
2012-04-21 18:32:04: Real Path: C:\Windows\system32\Mcx2Svc.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\ehome\ehres.dll,-15501
2012-04-21 18:32:04: Description: @%SystemRoot%\ehome\ehres.dll,-15502
2012-04-21 18:32:04: ServiceDLL: system32\Mcx2Svc.dll
2012-04-21 18:32:04: File size: 53760
2012-04-21 18:32:04: DLL File name: Mcx2Svc.dll
2012-04-21 18:32:04: Original File Name: Mcx2Svc.dll
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003446 20111226205445 20111226205445
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: MMCSS
2012-04-21 18:32:04: Real Path: C:\Windows\system32\mmcss.dll
2012-04-21 18:32:04: Display Name: @%systemroot%\system32\mmcss.dll,-100
2012-04-21 18:32:04: Description: @%systemroot%\system32\mmcss.dll,-101
2012-04-21 18:32:04: ServiceDLL: system32\mmcss.dll
2012-04-21 18:32:04: File size: 45056
2012-04-21 18:32:04: DLL File name: mmcss.dll
2012-04-21 18:32:04: Original File Name: mmcss.dll.mui
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003450 20111226205433 20111226205433
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: MpsSvc
2012-04-21 18:32:04: Real Path: C:\Windows\system32\mpssvc.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\system32\FirewallAPI.dll,-23090
2012-04-21 18:32:04: Description: @%SystemRoot%\system32\FirewallAPI.dll,-23091
2012-04-21 18:32:04: ServiceDLL: system32\mpssvc.dll
2012-04-21 18:32:04: File size: 407552
2012-04-21 18:32:04: DLL File name: mpssvc.dll
2012-04-21 18:32:04: Original File Name: mpssvc.dll.mui
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20090411002822 20111226221111 20111226221111
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: MSiSCSI
2012-04-21 18:32:04: Real Path: C:\Windows\system32\iscsiexe.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\system32\iscsidsc.dll,-5000
2012-04-21 18:32:04: Description: @%SystemRoot%\system32\iscsidsc.dll,-5001
2012-04-21 18:32:04: ServiceDLL: system32\iscsiexe.dll
2012-04-21 18:32:04: File size: 111616
2012-04-21 18:32:04: DLL File name: iscsiexe.dll
2012-04-21 18:32:04: Original File Name: iscsiexe.exe.mui
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003436 20111226205445 20111226205445
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: napagent
2012-04-21 18:32:04: Real Path: C:\Windows\system32\qagentRT.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\system32\qagentrt.dll,-6
2012-04-21 18:32:04: Description: @%SystemRoot%\system32\qagentrt.dll,-7
2012-04-21 18:32:04: ServiceDLL: system32\qagentRT.dll
2012-04-21 18:32:04: File size: 302592
2012-04-21 18:32:04: DLL File name: qagentRT.dll
2012-04-21 18:32:04: Original File Name: QAgentRT.DLL.MUI
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20090411002824 20111226221158 20111226221158
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: Netman
2012-04-21 18:32:04: Real Path: C:\Windows\System32\netman.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\system32\netman.dll,-109
2012-04-21 18:32:04: Description: @%SystemRoot%\system32\netman.dll,-110
2012-04-21 18:32:04: ServiceDLL: System32\netman.dll
2012-04-21 18:32:04: File size: 274432
2012-04-21 18:32:04: DLL File name: netman.dll
2012-04-21 18:32:04: Original File Name: netman.dll.mui
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003538 20111226205452 20111226205452
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: netprofm
2012-04-21 18:32:04: Real Path: C:\Windows\System32\netprofm.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\system32\netprof.dll,-246
2012-04-21 18:32:04: Description: @%SystemRoot%\system32\netprof.dll,-247
2012-04-21 18:32:04: ServiceDLL: System32\netprofm.dll
2012-04-21 18:32:04: File size: 237056
2012-04-21 18:32:04: DLL File name: netprofm.dll
2012-04-21 18:32:04: Original File Name: netprofm.dll
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003538 20111226205452 20111226205452
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: NlaSvc
2012-04-21 18:32:04: Real Path: C:\Windows\System32\nlasvc.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\System32\nlasvc.dll,-1
2012-04-21 18:32:04: Description: @%SystemRoot%\System32\nlasvc.dll,-2
2012-04-21 18:32:04: ServiceDLL: System32\nlasvc.dll
2012-04-21 18:32:04: File size: 168448
2012-04-21 18:32:04: DLL File name: nlasvc.dll
2012-04-21 18:32:04: Original File Name: nlasvc.dll.mui
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003540 20111226205453 20111226205453
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: nsi
2012-04-21 18:32:04: Real Path: C:\Windows\system32\nsisvc.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\system32\nsisvc.dll,-200
2012-04-21 18:32:04: Description: @%SystemRoot%\system32\nsisvc.dll,-201
2012-04-21 18:32:04: ServiceDLL: system32\nsisvc.dll
2012-04-21 18:32:04: File size: 18432
2012-04-21 18:32:04: DLL File name: nsisvc.dll
2012-04-21 18:32:04: Original File Name: nsisvc.dll.mui
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003558 20111226205457 20111226205457
2012-04-21 18:32:05: ---------------------------------------------------------------------
2012-04-21 18:32:05: Found Service: p2pimsvc
2012-04-21 18:32:05: Real Path: C:\Windows\system32\p2psvc.dll
2012-04-21 18:32:05: Display Name: @%SystemRoot%\system32\p2psvc.dll,-8004
2012-04-21 18:32:05: Description: @%SystemRoot%\system32\p2psvc.dll,-8005
2012-04-21 18:32:05: ServiceDLL: system32\p2psvc.dll
2012-04-21 18:32:05: File size: 644608
2012-04-21 18:32:05: DLL File name: p2psvc.dll
2012-04-21 18:32:05: Original File Name: p2psvc.dll.mui
2012-04-21 18:32:05: Company:
2012-04-21 18:32:05: Mod/Cre/Acc time: 20090411002824 20111226221213 20111226221213
2012-04-21 18:32:05: ---------------------------------------------------------------------
2012-04-21 18:32:05: Found Service: p2psvc
2012-04-21 18:32:05: Real Path: C:\Windows\system32\p2psvc.dll
2012-04-21 18:32:05: Display Name: @%SystemRoot%\system32\p2psvc.dll,-8006
2012-04-21 18:32:05: Description: @%SystemRoot%\system32\p2psvc.dll,-8007
2012-04-21 18:32:05: ServiceDLL: system32\p2psvc.dll
2012-04-21 18:32:05: File size: 644608
2012-04-21 18:32:05: DLL File name: p2psvc.dll
2012-04-21 18:32:05: Original File Name: p2psvc.dll.mui
2012-04-21 18:32:05: Company:
2012-04-21 18:32:05: Mod/Cre/Acc time: 20090411002824 20111226221213 20111226221213
2012-04-21 18:32:05: !!!!!!!
2012-04-21 18:32:05: Found Service: PcaSvc
2012-04-21 18:32:05: Real Path: C:\Windows\System32\pcasvc.dll
2012-04-21 18:32:05: Display Name: @%SystemRoot%\system32\pcasvc.dll,-1
2012-04-21 18:32:05: Description: @%SystemRoot%\system32\pcasvc.dll,-2
2012-04-21 18:32:05: ServiceDLL: System32\pcasvc.dll
2012-04-21 18:32:05: File size: 37888
2012-04-21 18:32:05: DLL File name: pcasvc.dll
2012-04-21 18:32:05: Original File Name:
2012-04-21 18:32:05: Company:
2012-04-21 18:32:05: Mod/Cre/Acc time: 20080119003604 20111226205409 20111226205409
2012-04-21 18:32:05: !!!!!!!!!
2012-04-21 18:32:05: ---------------------------------------------------------------------
2012-04-21 18:32:05: Found Service: pla
2012-04-21 18:32:05: Real Path: C:\Windows\system32\pla.dll
2012-04-21 18:32:05: Display Name: @%systemroot%\system32\pla.dll,-500
2012-04-21 18:32:05: Description: @%systemroot%\system32\pla.dll,-501
2012-04-21 18:32:05: ServiceDLL: system32\pla.dll
2012-04-21 18:32:05: File size: 1502208
2012-04-21 18:32:05: DLL File name: pla.dll
2012-04-21 18:32:05: Original File Name: PLA.DLL.MUI
2012-04-21 18:32:05: Company:
2012-04-21 18:32:05: Mod/Cre/Acc time: 20080119003608 20111226205405 20111226205405
2012-04-21 18:32:05: ---------------------------------------------------------------------
2012-04-21 18:32:05: Found Service: PlugPlay
2012-04-21 18:32:05: Real Path: C:\Windows\system32\umpnpmgr.dll
2012-04-21 18:32:05: Display Name: @%SystemRoot%\system32\umpnpmgr.dll,-100
2012-04-21 18:32:05: Description: @%SystemRoot%\system32\umpnpmgr.dll,-101
2012-04-21 18:32:05: ServiceDLL: system32\umpnpmgr.dll
2012-04-21 18:32:05: File size: 222720
2012-04-21 18:32:05: DLL File name: umpnpmgr.dll
2012-04-21 18:32:05: Original File Name: Umpnpmgr.DLL.MUI
2012-04-21 18:32:05: Company:
2012-04-21 18:32:05: Mod/Cre/Acc time: 20090411002826 20111226221005 20111226221005
2012-04-21 18:32:05: ---------------------------------------------------------------------
2012-04-21 18:32:05: Found Service: PNRPAutoReg
2012-04-21 18:32:05: Real Path: C:\Windows\system32\p2psvc.dll
2012-04-21 18:32:05: Display Name: @%SystemRoot%\system32\p2psvc.dll,-8002
2012-04-21 18:32:05: Description: @%SystemRoot%\system32\p2psvc.dll,-8003
2012-04-21 18:32:05: ServiceDLL: system32\p2psvc.dll
2012-04-21 18:32:05: File size: 644608
2012-04-21 18:32:05: DLL File name: p2psvc.dll
2012-04-21 18:32:05: Original File Name: p2psvc.dll.mui
2012-04-21 18:32:05: Company:
2012-04-21 18:32:05: Mod/Cre/Acc time: 20090411002824 20111226221213 20111226221213
2012-04-21 18:32:06: ---------------------------------------------------------------------
2012-04-21 18:32:06: Found Service: PNRPsvc
2012-04-21 18:32:06: Real Path: C:\Windows\system32\p2psvc.dll
2012-04-21 18:32:06: Display Name: @%SystemRoot%\system32\p2psvc.dll,-8000
2012-04-21 18:32:06: Description: @%SystemRoot%\system32\p2psvc.dll,-8001
2012-04-21 18:32:06: ServiceDLL: system32\p2psvc.dll
2012-04-21 18:32:06: File size: 644608
2012-04-21 18:32:06: DLL File name: p2psvc.dll
2012-04-21 18:32:06: Original File Name: p2psvc.dll.mui
2012-04-21 18:32:06: Company:
2012-04-21 18:32:06: Mod/Cre/Acc time: 20090411002824 20111226221213 20111226221213
2012-04-21 18:32:06: ---------------------------------------------------------------------
2012-04-21 18:32:06: Found Service: PolicyAgent
2012-04-21 18:32:06: Real Path: C:\Windows\System32\ipsecsvc.dll
2012-04-21 18:32:06: Display Name: @%SystemRoot%\System32\polstore.dll,-5010
2012-04-21 18:32:06: Description: @%SystemRoot%\system32\polstore.dll,-5011
2012-04-21 18:32:06: ServiceDLL: System32\ipsecsvc.dll
2012-04-21 18:32:06: File size: 364032
2012-04-21 18:32:06: DLL File name: ipsecsvc.dll
2012-04-21 18:32:06: Original File Name: ipsecsvc.dll
2012-04-21 18:32:06: Company:
2012-04-21 18:32:06: Mod/Cre/Acc time: 20090411002822 20111226221056 20111226221056
2012-04-21 18:32:06: ---------------------------------------------------------------------
2012-04-21 18:32:06: Found Service: ProfSvc
2012-04-21 18:32:06: Real Path: C:\Windows\system32\profsvc.dll
2012-04-21 18:32:06: Display Name: @%systemroot%\system32\profsvc.dll,-300
2012-04-21 18:32:06: Description: @%systemroot%\system32\profsvc.dll,-301
2012-04-21 18:32:06: ServiceDLL: system32\profsvc.dll
2012-04-21 18:32:06: File size: 153088
2012-04-21 18:32:06: DLL File name: profsvc.dll
2012-04-21 18:32:06: Original File Name: ProfSvc.dll.mui
2012-04-21 18:32:06: Company:
2012-04-21 18:32:06: Mod/Cre/Acc time: 20090411002824 20111226221157 20111226221157
2012-04-21 18:32:06: ---------------------------------------------------------------------
2012-04-21 18:32:06: Found Service: QWAVE
2012-04-21 18:32:06: Real Path: C:\Windows\system32\qwave.dll
2012-04-21 18:32:06: Display Name: @%SystemRoot%\system32\qwave.dll,-1
2012-04-21 18:32:06: Description: @%SystemRoot%\system32\qwave.dll,-2
2012-04-21 18:32:06: ServiceDLL: system32\qwave.dll
2012-04-21 18:32:06: File size: 243712
2012-04-21 18:32:06: DLL File name: qwave.dll
2012-04-21 18:32:06: Original File Name: qwave.dll.mui
2012-04-21 18:32:06: Company:
2012-04-21 18:32:06: Mod/Cre/Acc time: 20080119003616 20111226205357 20111226205357
2012-04-21 18:32:07: ---------------------------------------------------------------------
2012-04-21 18:32:07: Found Service: RasAuto
2012-04-21 18:32:07: Real Path: C:\Windows\System32\rasauto.dll
2012-04-21 18:32:07: Display Name: @%Systemroot%\system32\rasauto.dll,-200
2012-04-21 18:32:07: Description: @%Systemroot%\system32\rasauto.dll,-201
2012-04-21 18:32:07: ServiceDLL: System32\rasauto.dll
2012-04-21 18:32:07: File size: 90624
2012-04-21 18:32:07: DLL File name: rasauto.dll
2012-04-21 18:32:07: Original File Name: rasauto.dll.mui
2012-04-21 18:32:07: Company:
2012-04-21 18:32:07: Mod/Cre/Acc time: 20080119003616 20111226205358 20111226205358
2012-04-21 18:32:07: ---------------------------------------------------------------------
2012-04-21 18:32:07: Found Service: RasMan
2012-04-21 18:32:07: Real Path: C:\Windows\System32\rasmans.dll
2012-04-21 18:32:07: Display Name: @%Systemroot%\system32\rasmans.dll,-200
2012-04-21 18:32:07: Description: @%Systemroot%\system32\rasmans.dll,-201
2012-04-21 18:32:07: ServiceDLL: System32\rasmans.dll
2012-04-21 18:32:07: File size: 262144
2012-04-21 18:32:07: DLL File name: rasmans.dll
2012-04-21 18:32:07: Original File Name: Rasmans.dll.mui
2012-04-21 18:32:07: Company:
2012-04-21 18:32:07: Mod/Cre/Acc time: 20090411002826 20111226221203 20111226221203
2012-04-21 18:32:07: ---------------------------------------------------------------------
2012-04-21 18:32:07: Found Service: RemoteAccess
2012-04-21 18:32:07: Real Path: C:\Windows\System32\mprdim.dll
2012-04-21 18:32:07: Display Name: @%Systemroot%\system32\mprdim.dll,-200
2012-04-21 18:32:07: Description: @%Systemroot%\system32\mprdim.dll,-201
2012-04-21 18:32:07: ServiceDLL: System32\mprdim.dll
2012-04-21 18:32:07: File size: 68608
2012-04-21 18:32:07: DLL File name: mprdim.dll
2012-04-21 18:32:07: Original File Name: MPRDIM.DLL.MUI
2012-04-21 18:32:07: Company:
2012-04-21 18:32:07: Mod/Cre/Acc time: 20080119003454 20111226205442 20111226205442
2012-04-21 18:32:07: ---------------------------------------------------------------------
2012-04-21 18:32:07: Found Service: RemoteRegistry
2012-04-21 18:32:07: Real Path: C:\Windows\system32\regsvc.dll
2012-04-21 18:32:07: Display Name: @regsvc.dll,-1
2012-04-21 18:32:07: Description: @regsvc.dll,-2
2012-04-21 18:32:07: ServiceDLL: system32\regsvc.dll
2012-04-21 18:32:07: File size: 107008
2012-04-21 18:32:07: DLL File name: regsvc.dll
2012-04-21 18:32:07: Original File Name: REGSVC.DLL.MUI
2012-04-21 18:32:07: Company:
2012-04-21 18:32:07: Mod/Cre/Acc time: 20090411002826 20111226221201 20111226221201
2012-04-21 18:32:07: ---------------------------------------------------------------------
2012-04-21 18:32:07: Found Service: RpcSs
2012-04-21 18:32:07: Real Path: C:\Windows\system32\rpcss.dll
2012-04-21 18:32:07: Display Name: @oleres.dll,-5010
2012-04-21 18:32:07: Description: @oleres.dll,-5011
2012-04-21 18:32:07: ServiceDLL: system32\rpcss.dll
2012-04-21 18:32:07: File size: 550400
2012-04-21 18:32:07: DLL File name: rpcss.dll
2012-04-21 18:32:07: Original File Name: rpcss.dll.mui
2012-04-21 18:32:07: Company:
2012-04-21 18:32:07: Mod/Cre/Acc time: 20090411002826 20111226221219 20111226221219
2012-04-21 18:32:07: ---------------------------------------------------------------------
2012-04-21 18:32:07: Found Service: SCardSvr
2012-04-21 18:32:07: Real Path: C:\Windows\System32\SCardSvr.dll
2012-04-21 18:32:07: Display Name: @%SystemRoot%\System32\SCardSvr.dll,-1
2012-04-21 18:32:07: Description: @%SystemRoot%\System32\SCardSvr.dll,-5
2012-04-21 18:32:07: ServiceDLL: System32\SCardSvr.dll
2012-04-21 18:32:07: File size: 95232
2012-04-21 18:32:07: DLL File name: SCardSvr.dll
2012-04-21 18:32:07: Original File Name: SCardSvr.exe.mui
2012-04-21 18:32:07: Company:
2012-04-21 18:32:07: Mod/Cre/Acc time: 20090411002826 20111226221218 20111226221218
2012-04-21 18:32:08: ---------------------------------------------------------------------
2012-04-21 18:32:08: Found Service: Schedule
2012-04-21 18:32:08: Real Path: C:\Windows\system32\schedsvc.dll
2012-04-21 18:32:08: Display Name: @%SystemRoot%\system32\schedsvc.dll,-100
2012-04-21 18:32:08: Description: @%SystemRoot%\system32\schedsvc.dll,-101
2012-04-21 18:32:08: ServiceDLL: system32\schedsvc.dll
2012-04-21 18:32:08: File size: 601600
2012-04-21 18:32:08: DLL File name: schedsvc.dll
2012-04-21 18:32:08: Original File Name: schedsvc.dll.mui
2012-04-21 18:32:08: Company:
2012-04-21 18:32:08: Mod/Cre/Acc time: 20101104205512 20111227134706 20111227134706
2012-04-21 18:32:08: ---------------------------------------------------------------------
2012-04-21 18:32:08: Found Service: SCPolicySvc
2012-04-21 18:32:08: Real Path: C:\Windows\System32\certprop.dll
2012-04-21 18:32:08: Display Name: @%SystemRoot%\System32\certprop.dll,-13
2012-04-21 18:32:08: Description: @%SystemRoot%\System32\certprop.dll,-14
2012-04-21 18:32:08: ServiceDLL: System32\certprop.dll
2012-04-21 18:32:08: File size: 40448
2012-04-21 18:32:08: DLL File name: certprop.dll
2012-04-21 18:32:08: Original File Name: certprop.dll.mui
2012-04-21 18:32:08: Company:
2012-04-21 18:32:08: Mod/Cre/Acc time: 20090411002820 20111226221115 20111226221115
2012-04-21 18:32:08: ---------------------------------------------------------------------
2012-04-21 18:32:08: Found Service: SDRSVC
2012-04-21 18:32:08: Real Path: C:\Windows\System32\SDRSVC.dll
2012-04-21 18:32:08: Display Name: @%SystemRoot%\system32\sdrsvc.dll,-107
2012-04-21 18:32:08: Description: @%SystemRoot%\system32\sdrsvc.dll,-102
2012-04-21 18:32:08: ServiceDLL: System32\SDRSVC.dll
2012-04-21 18:32:08: File size: 104960
2012-04-21 18:32:08: DLL File name: SDRSVC.dll
2012-04-21 18:32:08: Original File Name: SDRSVC.DLL.MUI
2012-04-21 18:32:08: Company:
2012-04-21 18:32:08: Mod/Cre/Acc time: 20080119003622 20111226205429 20111226205429
2012-04-21 18:32:08: ---------------------------------------------------------------------
2012-04-21 18:32:08: Found Service: seclogon
2012-04-21 18:32:08: Real Path: C:\Windows\system32\seclogon.dll
2012-04-21 18:32:08: Display Name: @%SystemRoot%\system32\seclogon.dll,-7001
2012-04-21 18:32:08: Description: @%SystemRoot%\system32\seclogon.dll,-7000
2012-04-21 18:32:08: ServiceDLL: system32\seclogon.dll
2012-04-21 18:32:08: File size: 19968
2012-04-21 18:32:08: DLL File name: seclogon.dll
2012-04-21 18:32:08: Original File Name: SECLOGON.EXE.MUI
2012-04-21 18:32:08: Company:
2012-04-21 18:32:08: Mod/Cre/Acc time: 20080119003622 20111226205429 20111226205429
2012-04-21 18:32:08: ---------------------------------------------------------------------
2012-04-21 18:32:08: Found Service: SENS
2012-04-21 18:32:08: Real Path: C:\Windows\System32\sens.dll
2012-04-21 18:32:08: Display Name: @%SystemRoot%\system32\Sens.dll,-200
2012-04-21 18:32:08: Description: @%SystemRoot%\system32\Sens.dll,-201
2012-04-21 18:32:08: ServiceDLL: System32\sens.dll
2012-04-21 18:32:08: File size: 47104
2012-04-21 18:32:08: DLL File name: sens.dll
2012-04-21 18:32:08: Original File Name: sens.dll.mui
2012-04-21 18:32:08: Company:
2012-04-21 18:32:08: Mod/Cre/Acc time: 20080119003622 20111226205414 20111226205414
2012-04-21 18:32:08: ---------------------------------------------------------------------
2012-04-21 18:32:08: Found Service: SessionEnv
2012-04-21 18:32:08: Real Path: C:\Windows\system32\sessenv.dll
2012-04-21 18:32:08: Display Name: @%SystemRoot%\System32\SessEnv.dll,-1026
2012-04-21 18:32:08: Description: @%SystemRoot%\System32\SessEnv.dll,-1027
2012-04-21 18:32:08: ServiceDLL: system32\sessenv.dll
2012-04-21 18:32:08: File size: 84992
2012-04-21 18:32:08: DLL File name: sessenv.dll
2012-04-21 18:32:08: Original File Name: SessEnv.DLL.MUI
2012-04-21 18:32:08: Company:
2012-04-21 18:32:08: Mod/Cre/Acc time: 20080119003622 20111226205416 20111226205416
2012-04-21 18:32:09: ---------------------------------------------------------------------
2012-04-21 18:32:09: Found Service: SharedAccess
2012-04-21 18:32:09: Real Path: C:\Windows\System32\ipnathlp.dll
2012-04-21 18:32:09: Display Name: @%SystemRoot%\system32\ipnathlp.dll,-106
2012-04-21 18:32:09: Description: @%SystemRoot%\system32\ipnathlp.dll,-107
2012-04-21 18:32:09: ServiceDLL: System32\ipnathlp.dll
2012-04-21 18:32:09: File size: 288256
2012-04-21 18:32:09: DLL File name: ipnathlp.dll
2012-04-21 18:32:09: Original File Name: IPNATHLP.DLL.MUI
2012-04-21 18:32:09: Company:
2012-04-21 18:32:09: Mod/Cre/Acc time: 20080119003436 20111226205444 20111226205444
2012-04-21 18:32:09: ---------------------------------------------------------------------
2012-04-21 18:32:09: Found Service: ShellHWDetection
2012-04-21 18:32:09: Real Path: C:\Windows\System32\shsvcs.dll
2012-04-21 18:32:09: Display Name: @%SystemRoot%\System32\shsvcs.dll,-12288
2012-04-21 18:32:09: Description: @%SystemRoot%\System32\shsvcs.dll,-12289
2012-04-21 18:32:09: ServiceDLL: System32\shsvcs.dll
2012-04-21 18:32:09: File size: 247808
2012-04-21 18:32:09: DLL File name: shsvcs.dll
2012-04-21 18:32:09: Original File Name: SHSVCS.DLL.MUI
2012-04-21 18:32:09: Company:
2012-04-21 18:32:09: Mod/Cre/Acc time: 20090710134742 20111227134949 20111227134949
2012-04-21 18:32:09: ---------------------------------------------------------------------
2012-04-21 18:32:09: Found Service: SLUINotify
2012-04-21 18:32:09: Real Path: C:\Windows\system32\SLUINotify.dll
2012-04-21 18:32:09: Display Name: @%SystemRoot%\system32\SLUINotify.dll,-103
2012-04-21 18:32:09: Description: @%SystemRoot%\system32\SLUINotify.dll,-102
2012-04-21 18:32:09: ServiceDLL: system32\SLUINotify.dll
2012-04-21 18:32:09: File size: 60928
2012-04-21 18:32:09: DLL File name: SLUINotify.dll
2012-04-21 18:32:09: Original File Name: SLUINotify.dll.mui
2012-04-21 18:32:09: Company:
2012-04-21 18:32:09: Mod/Cre/Acc time: 20090411002826 20111226221013 20111226221013
2012-04-21 18:32:10: ---------------------------------------------------------------------
2012-04-21 18:32:10: Found Service: SSDPSRV
2012-04-21 18:32:10: Real Path: C:\Windows\System32\ssdpsrv.dll
2012-04-21 18:32:10: Display Name: @%systemroot%\system32\ssdpsrv.dll,-100
2012-04-21 18:32:10: Description: @%systemroot%\system32\ssdpsrv.dll,-101
2012-04-21 18:32:10: ServiceDLL: System32\ssdpsrv.dll
2012-04-21 18:32:10: File size: 155648
2012-04-21 18:32:10: DLL File name: ssdpsrv.dll
2012-04-21 18:32:10: Original File Name: ssdpsrv.dll.mui
2012-04-21 18:32:10: Company:
2012-04-21 18:32:10: Mod/Cre/Acc time: 20080119003638 20111226205144 20111226205144
2012-04-21 18:32:10: ---------------------------------------------------------------------
2012-04-21 18:32:10: Found Service: SstpSvc
2012-04-21 18:32:10: Real Path: C:\Windows\system32\sstpsvc.dll
2012-04-21 18:32:10: Display Name: @%SystemRoot%\system32\sstpsvc.dll,-200
2012-04-21 18:32:10: Description: @%SystemRoot%\system32\sstpsvc.dll,-201
2012-04-21 18:32:10: ServiceDLL: system32\sstpsvc.dll
2012-04-21 18:32:10: File size: 116736
2012-04-21 18:32:10: DLL File name: sstpsvc.dll
2012-04-21 18:32:10: Original File Name: sstpsvc.dll.mui
2012-04-21 18:32:10: Company:
2012-04-21 18:32:10: Mod/Cre/Acc time: 20080119003638 20111226205144 20111226205144
2012-04-21 18:32:10: ---------------------------------------------------------------------
2012-04-21 18:32:10: Found Service: stisvc
2012-04-21 18:32:10: Real Path: C:\Windows\System32\wiaservc.dll
2012-04-21 18:32:10: Display Name: @%SystemRoot%\system32\wiaservc.dll,-9
2012-04-21 18:32:10: Description: @%SystemRoot%\system32\wiaservc.dll,-10
2012-04-21 18:32:10: ServiceDLL: System32\wiaservc.dll
2012-04-21 18:32:10: File size: 453120
2012-04-21 18:32:10: DLL File name: wiaservc.dll
2012-04-21 18:32:10: Original File Name: WIASERVC.DLL.MUI
2012-04-21 18:32:10: Company:
2012-04-21 18:32:10: Mod/Cre/Acc time: 20090411002826 20111226221035 20111226221035
2012-04-21 18:32:11: ---------------------------------------------------------------------
2012-04-21 18:32:11: Found Service: swprv
2012-04-21 18:32:11: Real Path: C:\Windows\System32\swprv.dll
2012-04-21 18:32:11: Display Name: @%SystemRoot%\System32\swprv.dll,-103
2012-04-21 18:32:11: Description: @%SystemRoot%\System32\swprv.dll,-102
2012-04-21 18:32:11: ServiceDLL: System32\swprv.dll
2012-04-21 18:32:11: File size: 311808
2012-04-21 18:32:11: DLL File name: swprv.dll
2012-04-21 18:32:11: Original File Name: SWPRV.DLL.MUI
2012-04-21 18:32:11: Company:
2012-04-21 18:32:11: Mod/Cre/Acc time: 20090411002826 20111226221017 20111226221017
2012-04-21 18:32:11: ---------------------------------------------------------------------
2012-04-21 18:32:11: Found Service: SysMain
2012-04-21 18:32:11: Real Path: C:\Windows\system32\sysmain.dll
2012-04-21 18:32:11: Display Name: @%SystemRoot%\system32\sysmain.dll,-1000
2012-04-21 18:32:11: Description: @%SystemRoot%\system32\sysmain.dll,-1001
2012-04-21 18:32:11: ServiceDLL: system32\sysmain.dll
2012-04-21 18:32:11: File size: 558080
2012-04-21 18:32:11: DLL File name: sysmain.dll
2012-04-21 18:32:11: Original File Name: sysmain.dll.mui
2012-04-21 18:32:11: Company:
2012-04-21 18:32:11: Mod/Cre/Acc time: 20090411002826 20111226221017 20111226221017
2012-04-21 18:32:11: !!!!!!!
2012-04-21 18:32:11: Found Service: TabletInputService
2012-04-21 18:32:11: Real Path: C:\Windows\System32\TabSvc.dll
2012-04-21 18:32:11: Display Name: @%SystemRoot%\system32\TabSvc.dll,-100
2012-04-21 18:32:11: Description: @%SystemRoot%\system32\TabSvc.dll,-101
2012-04-21 18:32:11: ServiceDLL: System32\TabSvc.dll
2012-04-21 18:32:11: File size: 68096
2012-04-21 18:32:11: DLL File name: TabSvc.dll
2012-04-21 18:32:11: Original File Name: PenService.EXE.MUI
2012-04-21 18:32:11: Company:
2012-04-21 18:32:11: Mod/Cre/Acc time: 20061102143524 20061102143524 20061102143524
2012-04-21 18:32:11: !!!!!!!!!
2012-04-21 18:32:11: ---------------------------------------------------------------------
2012-04-21 18:32:11: Found Service: TapiSrv
2012-04-21 18:32:11: Real Path: C:\Windows\System32\tapisrv.dll
2012-04-21 18:32:11: Display Name: @%SystemRoot%\system32\tapisrv.dll,-10100
2012-04-21 18:32:11: Description: @%SystemRoot%\system32\tapisrv.dll,-10101
2012-04-21 18:32:11: ServiceDLL: System32\tapisrv.dll
2012-04-21 18:32:11: File size: 242688
2012-04-21 18:32:11: DLL File name: tapisrv.dll
2012-04-21 18:32:11: Original File Name: TAPISRV.EXE.MUI
2012-04-21 18:32:11: Company:
2012-04-21 18:32:11: Mod/Cre/Acc time: 20090411002826 20111226220956 20111226220956
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: TBS
2012-04-21 18:32:12: Real Path: C:\Windows\System32\tbssvc.dll
2012-04-21 18:32:12: Display Name: @%SystemRoot%\system32\tbssvc.dll,-100
2012-04-21 18:32:12: Description: @%SystemRoot%\system32\tbssvc.dll,-101
2012-04-21 18:32:12: ServiceDLL: System32\tbssvc.dll
2012-04-21 18:32:12: File size: 56320
2012-04-21 18:32:12: DLL File name: tbssvc.dll
2012-04-21 18:32:12: Original File Name: TBSSVC.DLL.MUI
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20080119003640 20111226205150 20111226205150
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: TermService
2012-04-21 18:32:12: Real Path: C:\Windows\System32\termsrv.dll
2012-04-21 18:32:12: Display Name: @%SystemRoot%\System32\termsrv.dll,-268
2012-04-21 18:32:12: Description: @%SystemRoot%\System32\termsrv.dll,-267
2012-04-21 18:32:12: ServiceDLL: System32\termsrv.dll
2012-04-21 18:32:12: File size: 449024
2012-04-21 18:32:12: DLL File name: termsrv.dll
2012-04-21 18:32:12: Original File Name: termsrv.dll.mui
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20090411002826 20111226220955 20111226220955
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: Themes
2012-04-21 18:32:12: Real Path: C:\Windows\system32\shsvcs.dll
2012-04-21 18:32:12: Display Name: @%SystemRoot%\System32\shsvcs.dll,-8192
2012-04-21 18:32:12: Description: @%SystemRoot%\System32\shsvcs.dll,-8193
2012-04-21 18:32:12: ServiceDLL: system32\shsvcs.dll
2012-04-21 18:32:12: File size: 247808
2012-04-21 18:32:12: DLL File name: shsvcs.dll
2012-04-21 18:32:12: Original File Name: SHSVCS.DLL.MUI
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20090710134742 20111227134949 20111227134949
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: THREADORDER
2012-04-21 18:32:12: Real Path: C:\Windows\system32\mmcss.dll
2012-04-21 18:32:12: Display Name: @%systemroot%\system32\mmcss.dll,-102
2012-04-21 18:32:12: Description: @%systemroot%\system32\mmcss.dll,-103
2012-04-21 18:32:12: ServiceDLL: system32\mmcss.dll
2012-04-21 18:32:12: File size: 45056
2012-04-21 18:32:12: DLL File name: mmcss.dll
2012-04-21 18:32:12: Original File Name: mmcss.dll.mui
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20080119003450 20111226205433 20111226205433
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: TrkWks
2012-04-21 18:32:12: Real Path: C:\Windows\System32\trkwks.dll
2012-04-21 18:32:12: Display Name: @%SystemRoot%\system32\trkwks.dll,-1
2012-04-21 18:32:12: Description: @%SystemRoot%\system32\trkwks.dll,-2
2012-04-21 18:32:12: ServiceDLL: System32\trkwks.dll
2012-04-21 18:32:12: File size: 75264
2012-04-21 18:32:12: DLL File name: trkwks.dll
2012-04-21 18:32:12: Original File Name: trkwks.dll.mui
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20080119003644 20111226205123 20111226205123
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: Update-Service
2012-04-21 18:32:12: Real Path: C:\Windows\System32\UpdSvc.dll
2012-04-21 18:32:12: Display Name: Update-Service
2012-04-21 18:32:12: Description: Überprüft auf Software-Aktualisierungen und bietet gegebenenfalls ein Update an.
2012-04-21 18:32:12: ServiceDLL: System32\UpdSvc.dll
2012-04-21 18:32:12: File size: 114000
2012-04-21 18:32:12: DLL File name: UpdSvc.dll
2012-04-21 18:32:12: Original File Name: UpdSvc.dll
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20111226175729 20111226175729 20111226175729
2012-04-21 18:32:12: !!!!!!!
2012-04-21 18:32:12: Found Service: upnphost
2012-04-21 18:32:12: Real Path: C:\Windows\System32\upnphost.dll
2012-04-21 18:32:12: Display Name: @%systemroot%\system32\upnphost.dll,-213
2012-04-21 18:32:12: Description: @%systemroot%\system32\upnphost.dll,-214
2012-04-21 18:32:12: ServiceDLL: System32\upnphost.dll
2012-04-21 18:32:12: File size: 259072
2012-04-21 18:32:12: DLL File name: upnphost.dll
2012-04-21 18:32:12: Original File Name: unpnhost.dll.mui
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20080119003648 20111226205131 20111226205131
2012-04-21 18:32:12: !!!!!!!!!
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: UxSms
2012-04-21 18:32:12: Real Path: C:\Windows\System32\uxsms.dll
2012-04-21 18:32:12: Display Name: @%SystemRoot%\system32\dwm.exe,-2000
2012-04-21 18:32:12: Description: @%SystemRoot%\system32\dwm.exe,-2001
2012-04-21 18:32:12: ServiceDLL: System32\uxsms.dll
2012-04-21 18:32:12: File size: 29184
2012-04-21 18:32:12: DLL File name: uxsms.dll
2012-04-21 18:32:12: Original File Name: UxSms.dll
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20090411002826 20111226221033 20111226221033
2012-04-21 18:32:13: ---------------------------------------------------------------------
2012-04-21 18:32:13: Found Service: W32Time
2012-04-21 18:32:13: Real Path: C:\Windows\system32\w32time.dll
2012-04-21 18:32:13: Display Name: @%SystemRoot%\system32\w32time.dll,-200
2012-04-21 18:32:13: Description: @%SystemRoot%\system32\w32time.dll,-201
2012-04-21 18:32:13: ServiceDLL: system32\w32time.dll
2012-04-21 18:32:13: File size: 282624
2012-04-21 18:32:13: DLL File name: w32time.dll
2012-04-21 18:32:13: Original File Name: w32time.dll.mui
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20090411002826 20111226221030 20111226221030
2012-04-21 18:32:13: ---------------------------------------------------------------------
2012-04-21 18:32:13: Found Service: wcncsvc
2012-04-21 18:32:13: Real Path: C:\Windows\System32\wcncsvc.dll
2012-04-21 18:32:13: Display Name: @%SystemRoot%\system32\wcncsvc.dll,-3
2012-04-21 18:32:13: Description: @%SystemRoot%\system32\wcncsvc.dll,-4
2012-04-21 18:32:13: ServiceDLL: System32\wcncsvc.dll
2012-04-21 18:32:13: File size: 413696
2012-04-21 18:32:13: DLL File name: wcncsvc.dll
2012-04-21 18:32:13: Original File Name: WCNCSVC.DLL.MUI
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20090411002826 20111226221032 20111226221032
2012-04-21 18:32:13: ---------------------------------------------------------------------
2012-04-21 18:32:13: Found Service: WcsPlugInService
2012-04-21 18:32:13: Real Path: C:\Windows\System32\WcsPlugInService.dll
2012-04-21 18:32:13: Display Name: @%SystemRoot%\system32\WcsPlugInService.dll,-200
2012-04-21 18:32:13: Description: @%SystemRoot%\system32\WcsPlugInService.dll,-201
2012-04-21 18:32:13: ServiceDLL: System32\WcsPlugInService.dll
2012-04-21 18:32:13: File size: 32256
2012-04-21 18:32:13: DLL File name: WcsPlugInService.dll
2012-04-21 18:32:13: Original File Name: WcsPlugInService.DLL.MUI
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20061102114613 20061102103813 20061102123930
2012-04-21 18:32:13: ---------------------------------------------------------------------
2012-04-21 18:32:13: Found Service: WdiServiceHost
2012-04-21 18:32:13: Real Path: C:\Windows\system32\wdi.dll
2012-04-21 18:32:13: Display Name: @%systemroot%\system32\wdi.dll,-502
2012-04-21 18:32:13: Description: @%systemroot%\system32\wdi.dll,-503
2012-04-21 18:32:13: ServiceDLL: system32\wdi.dll
2012-04-21 18:32:13: File size: 73728
2012-04-21 18:32:13: DLL File name: wdi.dll
2012-04-21 18:32:13: Original File Name: wdi.dll.mui
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20080119003652 20111226205219 20111226205219
2012-04-21 18:32:13: ---------------------------------------------------------------------
2012-04-21 18:32:13: Found Service: WdiSystemHost
2012-04-21 18:32:13: Real Path: C:\Windows\system32\wdi.dll
2012-04-21 18:32:13: Display Name: @%systemroot%\system32\wdi.dll,-500
2012-04-21 18:32:13: Description: @%systemroot%\system32\wdi.dll,-501
2012-04-21 18:32:13: ServiceDLL: system32\wdi.dll
2012-04-21 18:32:13: File size: 73728
2012-04-21 18:32:13: DLL File name: wdi.dll
2012-04-21 18:32:13: Original File Name: wdi.dll.mui
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20080119003652 20111226205219 20111226205219
2012-04-21 18:32:13: !!!!!!!
2012-04-21 18:32:13: Found Service: WebClient
2012-04-21 18:32:13: Real Path: C:\Windows\System32\webclnt.dll
2012-04-21 18:32:13: Display Name: @%systemroot%\system32\webclnt.dll,-100
2012-04-21 18:32:13: Description: @%systemroot%\system32\webclnt.dll,-101
2012-04-21 18:32:13: ServiceDLL: System32\webclnt.dll
2012-04-21 18:32:13: File size: 199680
2012-04-21 18:32:13: DLL File name: webclnt.dll
2012-04-21 18:32:13: Original File Name: davsvc.dll.mui
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20090411002826 20111226221041 20111226221041
2012-04-21 18:32:13: !!!!!!!!!
2012-04-21 18:32:13: ---------------------------------------------------------------------
2012-04-21 18:32:13: Found Service: Wecsvc
2012-04-21 18:32:13: Real Path: C:\Windows\system32\wecsvc.dll
2012-04-21 18:32:13: Display Name: @%SystemRoot%\system32\wecsvc.dll,-200
2012-04-21 18:32:13: Description: @%SystemRoot%\system32\wecsvc.dll,-201
2012-04-21 18:32:13: ServiceDLL: system32\wecsvc.dll
2012-04-21 18:32:13: File size: 146944
2012-04-21 18:32:13: DLL File name: wecsvc.dll
2012-04-21 18:32:13: Original File Name: wecsvc.dll.mui
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20091009235552 20111228105636 20111228105636
2012-04-21 18:32:13: !!!!!!!
2012-04-21 18:32:14: Found Service: wercplsupport
2012-04-21 18:32:14: Real Path: C:\Windows\System32\wercplsupport.dll
2012-04-21 18:32:14: Display Name: @%SystemRoot%\System32\wercplsupport.dll,-101
2012-04-21 18:32:14: Description: @%SystemRoot%\System32\wercplsupport.dll,-100
2012-04-21 18:32:14: ServiceDLL: System32\wercplsupport.dll
2012-04-21 18:32:14: File size: 62976
2012-04-21 18:32:14: DLL File name: wercplsupport.dll
2012-04-21 18:32:14: Original File Name: ERC
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20080119003654 20111226205220 20111226205220
2012-04-21 18:32:14: !!!!!!!!!
2012-04-21 18:32:14: !!!!!!!
2012-04-21 18:32:14: Found Service: WerSvc
2012-04-21 18:32:14: Real Path: C:\Windows\System32\WerSvc.dll
2012-04-21 18:32:14: Display Name: @%SystemRoot%\System32\wersvc.dll,-100
2012-04-21 18:32:14: Description: @%SystemRoot%\System32\wersvc.dll,-101
2012-04-21 18:32:14: ServiceDLL: System32\WerSvc.dll
2012-04-21 18:32:14: File size: 126976
2012-04-21 18:32:14: DLL File name: WerSvc.dll
2012-04-21 18:32:14: Original File Name: wersvc
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20090411002826 20111226221036 20111226221036
2012-04-21 18:32:14: !!!!!!!!!
2012-04-21 18:32:14: ---------------------------------------------------------------------
2012-04-21 18:32:14: Found Service: Winmgmt
2012-04-21 18:32:14: Real Path: C:\Windows\system32\wbem\WMIsvc.dll
2012-04-21 18:32:14: Display Name: @%Systemroot%\system32\wbem\wmisvc.dll,-205
2012-04-21 18:32:14: Description: @%Systemroot%\system32\wbem\wmisvc.dll,-204
2012-04-21 18:32:14: ServiceDLL: system32\wbem\WMIsvc.dll
2012-04-21 18:32:14: File size: 162304
2012-04-21 18:32:14: DLL File name: WMIsvc.dll
2012-04-21 18:32:14: Original File Name: wmisvc.dll.mui
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20090411002826 20111226221023 20111226221023
2012-04-21 18:32:14: ---------------------------------------------------------------------
2012-04-21 18:32:14: Found Service: WinRM
2012-04-21 18:32:14: Real Path: C:\Windows\system32\WsmSvc.dll
2012-04-21 18:32:14: Display Name: @%Systemroot%\system32\wsmsvc.dll,-101
2012-04-21 18:32:14: Description: @%Systemroot%\system32\wsmsvc.dll,-102
2012-04-21 18:32:14: ServiceDLL: system32\WsmSvc.dll
2012-04-21 18:32:14: File size: 1181696
2012-04-21 18:32:14: DLL File name: WsmSvc.dll
2012-04-21 18:32:14: Original File Name: WsmSvc.dll.mui
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20091009235618 20111228105627 20111228105627
2012-04-21 18:32:14: ---------------------------------------------------------------------
2012-04-21 18:32:14: Found Service: Wlansvc
2012-04-21 18:32:14: Real Path: C:\Windows\System32\wlansvc.dll
2012-04-21 18:32:14: Display Name: @%SystemRoot%\System32\wlansvc.dll,-257
2012-04-21 18:32:14: Description: @%SystemRoot%\System32\wlansvc.dll,-258
2012-04-21 18:32:14: ServiceDLL: System32\wlansvc.dll
2012-04-21 18:32:14: File size: 513536
2012-04-21 18:32:14: DLL File name: wlansvc.dll
2012-04-21 18:32:14: Original File Name: wlansvc.dll.mui
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20090711210142 20111226195658 20111226195658
2012-04-21 18:32:14: ---------------------------------------------------------------------
2012-04-21 18:32:14: Found Service: WPCSvc
2012-04-21 18:32:14: Real Path: C:\Windows\System32\wpcsvc.dll
2012-04-21 18:32:14: Display Name: @%SystemRoot%\system32\wpcsvc.dll,-100
2012-04-21 18:32:14: Description: @%SystemRoot%\system32\wpcsvc.dll,-101
2012-04-21 18:32:14: ServiceDLL: System32\wpcsvc.dll
2012-04-21 18:32:14: File size: 140288
2012-04-21 18:32:14: DLL File name: wpcsvc.dll
2012-04-21 18:32:14: Original File Name: wpcsvc.exe.mui
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20090411002826 20111226221028 20111226221028
2012-04-21 18:32:14: ---------------------------------------------------------------------
2012-04-21 18:32:14: Found Service: WPDBusEnum
2012-04-21 18:32:14: Real Path: C:\Windows\system32\wpdbusenum.dll
2012-04-21 18:32:14: Display Name: @%SystemRoot%\system32\wpdbusenum.dll,-100
2012-04-21 18:32:14: Description: @%SystemRoot%\system32\wpdbusenum.dll,-101
2012-04-21 18:32:14: ServiceDLL: system32\wpdbusenum.dll
2012-04-21 18:32:14: File size: 81920
2012-04-21 18:32:14: DLL File name: wpdbusenum.dll
2012-04-21 18:32:14: Original File Name: WpdBusEnum.DLL.MUI
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20091001030154 20111228112922 20111228112922
2012-04-21 18:32:14: ---------------------------------------------------------------------
2012-04-21 18:32:14: Found Service: wscsvc
2012-04-21 18:32:14: Real Path: C:\Windows\System32\wscsvc.dll
2012-04-21 18:32:14: Display Name: @%SystemRoot%\System32\wscsvc.dll,-200
2012-04-21 18:32:14: Description: @%SystemRoot%\System32\wscsvc.dll,-201
2012-04-21 18:32:14: ServiceDLL: System32\wscsvc.dll
2012-04-21 18:32:14: File size: 61440
2012-04-21 18:32:14: DLL File name: wscsvc.dll
2012-04-21 18:32:14: Original File Name: wscsvc.dll.mui
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20090411002828 20111226221029 20111226221029
2012-04-21 18:32:15: ---------------------------------------------------------------------
2012-04-21 18:32:15: Found Service: wuauserv
2012-04-21 18:32:15: Real Path: C:\Windows\system32\wuaueng.dll
2012-04-21 18:32:15: Display Name: @%systemroot%\system32\wuaueng.dll,-105
2012-04-21 18:32:15: Description: @%systemroot%\system32\wuaueng.dll,-106
2012-04-21 18:32:15: ServiceDLL: system32\wuaueng.dll
2012-04-21 18:32:15: File size: 1929952
2012-04-21 18:32:15: DLL File name: wuaueng.dll
2012-04-21 18:32:15: Original File Name: wuaueng.dll.mui
2012-04-21 18:32:15: Company:
2012-04-21 18:32:15: Mod/Cre/Acc time: 20111226170524 20111226170524 20111226170524
2012-04-21 18:32:15: ---------------------------------------------------------------------
2012-04-21 18:32:15: Found Service: wudfsvc
2012-04-21 18:32:15: Real Path: C:\Windows\System32\WUDFSvc.dll
2012-04-21 18:32:15: Display Name: @%SystemRoot%\system32\wudfsvc.dll,-1000
2012-04-21 18:32:15: Description: @%SystemRoot%\system32\wudfsvc.dll,-1001
2012-04-21 18:32:15: ServiceDLL: System32\WUDFSvc.dll
2012-04-21 18:32:15: File size: 55296
2012-04-21 18:32:15: DLL File name: WUDFSvc.dll
2012-04-21 18:32:15: Original File Name: WUDFSvc.dll.mui
2012-04-21 18:32:15: Company:
2012-04-21 18:32:15: Mod/Cre/Acc time: 20080119003714 20111226205212 20111226205212
2012-04-21 18:32:15:
2012-04-21 18:32:15: Looking for SHELL key
2012-04-21 18:32:15: Now looking for bad DLL files in system32
2012-04-21 18:33:54: Folder: GAC
2012-04-21 18:33:54: Folder: GAC_32
2012-04-21 18:33:54: Folder: GAC_MSIL
2012-04-21 18:33:54: Folder: NativeImages_v2.0.50727_32
2012-04-21 18:33:54: Folder: NativeImages_v4.0.30319_32
2012-04-21 18:33:54: Folder: temp
2012-04-21 18:33:54: Folder: tmp
2012-04-21 18:33:54: Checking for bad folder
2012-04-21 18:33:54: Found 1 folders.
2012-04-21 18:33:54: Checking C:\Windows\assembly\tmp
2012-04-21 18:33:54: ... Folder test returns: 1
2012-04-21 18:33:54: Done with folder list in C:\Windows\assembly\ tmp
2012-04-21 18:33:54: Some drivers where replaced. We need to enforce...
2012-04-21 18:33:54: Drivers replaced:
2012-04-21 18:33:54: B89CFBE8CB247B57D8C10ADAA66B462B
11028C6A84A967070CB1286550F2058F
2012-04-21 18:33:54: Autonomous mode, clearing out yt folder
2012-04-21 18:33:55: cmd.exe /c start "C:\Users\Zarelli\Desktop\yorkyt.exe"
|
|
22.04.2012, 10:06
| #18 |
| | TR/ATRAPS.Gen + TR/Rootkit.Gen8 Hab jetzt einfach JA gedrückt. Hier das Log nach dem Abschluss des Killers:
__________________Code:
ATTFilter 2012-04-20 15:47:32: ****************************************************
2012-04-20 15:47:32: Starting UP ... v 0.0.0.220
2012-04-20 15:47:32: ****************************************************
2012-04-20 15:47:32: Stop TPSRV returns: 2
2012-04-20 15:47:47: Listing processes...
2012-04-20 15:47:47: :[System Process]:0
2012-04-20 15:47:47: :System:4
2012-04-20 15:47:47: :smss.exe:448
2012-04-20 15:47:47: :csrss.exe:576
2012-04-20 15:47:47: :wininit.exe:632
2012-04-20 15:47:47: :csrss.exe:640
2012-04-20 15:47:47: :services.exe:676
2012-04-20 15:47:47: :lsass.exe:692
2012-04-20 15:47:47: :lsm.exe:704
2012-04-20 15:47:47: :winlogon.exe:728
2012-04-20 15:47:47: :svchost.exe:888
2012-04-20 15:47:47: :svchost.exe:960
2012-04-20 15:47:47: :svchost.exe:1024
2012-04-20 15:47:47: :Ati2evxx.exe:1100
2012-04-20 15:47:47: :svchost.exe:1116
2012-04-20 15:47:47: :svchost.exe:1200
2012-04-20 15:47:47: :svchost.exe:1220
2012-04-20 15:47:47: :audiodg.exe:1288
2012-04-20 15:47:48: :svchost.exe:1312
2012-04-20 15:47:48: :SLsvc.exe:1328
2012-04-20 15:47:48: :svchost.exe:1376
2012-04-20 15:47:48: :Ati2evxx.exe:1456
2012-04-20 15:47:48: :svchost.exe:1536
2012-04-20 15:47:48: :dwm.exe:1820
2012-04-20 15:47:48: :explorer.exe:1856
2012-04-20 15:47:48: :spoolsv.exe:1976
2012-04-20 15:47:48: :taskeng.exe:2028
2012-04-20 15:47:48: :sched.exe:272
2012-04-20 15:47:48: :MSASCui.exe:284
2012-04-20 15:47:48: :RtHDVCpl.exe:460
2012-04-20 15:47:48: :svchost.exe:544
2012-04-20 15:47:48: :taskeng.exe:580
2012-04-20 15:47:48: :dmhkcore.exe:564
2012-04-20 15:47:48: :MOM.exe:800
2012-04-20 15:47:48: :armsvc.exe:1368
2012-04-20 15:47:48: :agrsmsvc.exe:280
2012-04-20 15:47:48: :avguard.exe:2076
2012-04-20 15:47:48: :FortKnox.exe:2160
2012-04-20 15:47:48: :taskeng.exe:2176
2012-04-20 15:47:48: :LSSrvc.exe:2324
2012-04-20 15:47:48: :svchost.exe:2380
2012-04-20 15:47:48: :RichVideo.exe:2420
2012-04-20 15:47:48: :svchost.exe:2484
2012-04-20 15:47:48: :svchost.exe:2596
2012-04-20 15:47:48: :svchost.exe:2628
2012-04-20 15:47:48: :SearchIndexer.exe:2672
2012-04-20 15:47:48: :CCC.exe:3216
2012-04-20 15:47:48: :avshadow.exe:3644
2012-04-20 15:47:48: :SynTPEnh.exe:4008
2012-04-20 15:47:48: :PDVDServ.exe:4016
2012-04-20 15:47:48: :avgnt.exe:4032
2012-04-20 15:47:48: :jusched.exe:4040
2012-04-20 15:47:48: :Updater.exe:4048
2012-04-20 15:47:48: :soffice.exe:1048
2012-04-20 15:47:48: :soffice.bin:12
2012-04-20 15:47:48: :wmpnscfg.exe:2772
2012-04-20 15:47:48: :wmpnetwk.exe:856
2012-04-20 15:47:48: :svchost.exe:3012
2012-04-20 15:47:48: :wuauclt.exe:2332
2012-04-20 15:47:48: :iexplore.exe:172
2012-04-20 15:47:48: :iexplore.exe:2052
2012-04-20 15:47:48: :FlashUtil11e_ActiveX.exe:4248
2012-04-20 15:47:48: :MpCmdRun.exe:9332
2012-04-20 15:47:48: :iexplore.exe:7352
2012-04-20 15:47:48: :SearchProtocolHost.exe:10972
2012-04-20 15:47:48: :SearchFilterHost.exe:10984
2012-04-20 15:47:48: :yorkyt.exe:4028
2012-04-20 15:47:48: :WmiPrvSE.exe:10496
2012-04-20 15:47:48: :conime.exe:3032
2012-04-20 15:47:48:
2012-04-20 15:47:48: Setting restore point
2012-04-20 15:48:15: Determining autonomous or dropped mode...
2012-04-20 15:48:15: Autonomus mode
2012-04-20 15:48:16: Installing drivers...
2012-04-20 15:48:19: Checking that it installed...
2012-04-20 15:48:19: Driver is installed...
2012-04-20 15:48:19: cmd.exe /c start "C:\Users\Zarelli\Desktop\yorkyt.exe"
2012-04-20 15:48:41: Restarting...
2012-04-20 18:49:30: ****************************************************
2012-04-20 18:49:30: Starting UP ... v 0.0.0.220
2012-04-20 18:49:30: ****************************************************
2012-04-20 18:49:30: Stop TPSRV returns: 2
2012-04-20 18:49:45: Listing processes...
2012-04-20 18:49:45: :[System Process]:0
2012-04-20 18:49:45: :System:4
2012-04-20 18:49:45: :smss.exe:360
2012-04-20 18:49:45: :csrss.exe:484
2012-04-20 18:49:45: :csrss.exe:520
2012-04-20 18:49:45: :wininit.exe:528
2012-04-20 18:49:45: :winlogon.exe:572
2012-04-20 18:49:45: :services.exe:604
2012-04-20 18:49:45: :lsass.exe:616
2012-04-20 18:49:45: :lsm.exe:624
2012-04-20 18:49:45: :svchost.exe:764
2012-04-20 18:49:45: :svchost.exe:820
2012-04-20 18:49:45: :svchost.exe:856
2012-04-20 18:49:45: :svchost.exe:940
2012-04-20 18:49:45: :svchost.exe:972
2012-04-20 18:49:45: :svchost.exe:1012
2012-04-20 18:49:45: :svchost.exe:1060
2012-04-20 18:49:45: :svchost.exe:1076
2012-04-20 18:49:45: :svchost.exe:1232
2012-04-20 18:49:45: :svchost.exe:1336
2012-04-20 18:49:45: :explorer.exe:1556
2012-04-20 18:49:45: :wmpnscfg.exe:120
2012-04-20 18:49:45: :yorkyt.exe:1524
2012-04-20 18:49:45: :WmiPrvSE.exe:1648
2012-04-20 18:49:45:
2012-04-20 18:49:45: Computer not restarted. Please restart
2012-04-21 18:30:47: ****************************************************
2012-04-21 18:30:47: Starting UP ... v 0.0.0.220
2012-04-21 18:30:47: ****************************************************
2012-04-21 18:30:50: Stop TPSRV returns: 2
2012-04-21 18:31:05: Listing processes...
2012-04-21 18:31:05: :[System Process]:0
2012-04-21 18:31:05: :System:4
2012-04-21 18:31:05: :smss.exe:504
2012-04-21 18:31:05: :csrss.exe:572
2012-04-21 18:31:05: :csrss.exe:628
2012-04-21 18:31:05: :wininit.exe:636
2012-04-21 18:31:05: :winlogon.exe:664
2012-04-21 18:31:05: :services.exe:720
2012-04-21 18:31:05: :lsass.exe:732
2012-04-21 18:31:05: :lsm.exe:748
2012-04-21 18:31:05: :svchost.exe:888
2012-04-21 18:31:05: :svchost.exe:956
2012-04-21 18:31:05: :svchost.exe:992
2012-04-21 18:31:05: :Ati2evxx.exe:1088
2012-04-21 18:31:05: :svchost.exe:1108
2012-04-21 18:31:05: :svchost.exe:1172
2012-04-21 18:31:05: :svchost.exe:1192
2012-04-21 18:31:05: :audiodg.exe:1276
2012-04-21 18:31:05: :svchost.exe:1300
2012-04-21 18:31:05: :SLsvc.exe:1320
2012-04-21 18:31:05: :svchost.exe:1388
2012-04-21 18:31:05: :Ati2evxx.exe:1492
2012-04-21 18:31:05: :svchost.exe:1552
2012-04-21 18:31:05: :spoolsv.exe:1852
2012-04-21 18:31:05: :sched.exe:1880
2012-04-21 18:31:05: :svchost.exe:1904
2012-04-21 18:31:05: :dwm.exe:2024
2012-04-21 18:31:05: :taskeng.exe:124
2012-04-21 18:31:05: :explorer.exe:372
2012-04-21 18:31:05: :taskeng.exe:12
2012-04-21 18:31:05: :dmhkcore.exe:564
2012-04-21 18:31:05: :armsvc.exe:1188
2012-04-21 18:31:05: :agrsmsvc.exe:1400
2012-04-21 18:31:05: :avguard.exe:1240
2012-04-21 18:31:05: :FortKnox.exe:2056
2012-04-21 18:31:05: :LSSrvc.exe:2172
2012-04-21 18:31:05: :taskeng.exe:2200
2012-04-21 18:31:05: :svchost.exe:2208
2012-04-21 18:31:05: :RichVideo.exe:2236
2012-04-21 18:31:05: :svchost.exe:2256
2012-04-21 18:31:05: :svchost.exe:2288
2012-04-21 18:31:05: :svchost.exe:2336
2012-04-21 18:31:05: :SearchIndexer.exe:2408
2012-04-21 18:31:05: :avshadow.exe:2940
2012-04-21 18:31:05: :conime.exe:3136
2012-04-21 18:31:05: :yorkyt.exe:3156
2012-04-21 18:31:05: :MSASCui.exe:3268
2012-04-21 18:31:05: :CLIStart.exe:3288
2012-04-21 18:31:05: :MOM.exe:3308
2012-04-21 18:31:05: :WmiPrvSE.exe:3388
2012-04-21 18:31:05: :RtHDVCpl.exe:3404
2012-04-21 18:31:05: :SynTPEnh.exe:3628
2012-04-21 18:31:05: :PDVDServ.exe:3656
2012-04-21 18:31:05: :avgnt.exe:3676
2012-04-21 18:31:05: :jusched.exe:3704
2012-04-21 18:31:05: :Updater.exe:3712
2012-04-21 18:31:05: :FortKnoxGUI.exe:3748
2012-04-21 18:31:05: :AdobeARM.exe:3768
2012-04-21 18:31:05: :OSA.EXE:3796
2012-04-21 18:31:05: :soffice.exe:3832
2012-04-21 18:31:05: :dllhost.exe:3888
2012-04-21 18:31:05: :soffice.bin:3960
2012-04-21 18:31:05:
2012-04-21 18:31:05: RUN mode
2012-04-21 18:31:05: Determining autonomous or dropped mode...
2012-04-21 18:31:05: Autonomus mode
2012-04-21 18:31:05: Waiting for Explorer.exe...
2012-04-21 18:31:36: Launching parsers...
2012-04-21 18:31:58: ---------------------------------------------------------------------
2012-04-21 18:31:58: Found Service: AeLookupSvc
2012-04-21 18:31:58: Real Path: C:\Windows\System32\aelupsvc.dll
2012-04-21 18:31:58: Display Name: @%SystemRoot%\system32\aelupsvc.dll,-1
2012-04-21 18:31:58: Description: @%SystemRoot%\system32\aelupsvc.dll,-2
2012-04-21 18:31:58: ServiceDLL: System32\aelupsvc.dll
2012-04-21 18:31:58: File size: 24576
2012-04-21 18:31:58: DLL File name: aelupsvc.dll
2012-04-21 18:31:58: Original File Name: aelupsvc.dll.mui
2012-04-21 18:31:58: Company:
2012-04-21 18:31:58: Mod/Cre/Acc time: 20061102114602 20061102102954 20061102124310
2012-04-21 18:31:58: ---------------------------------------------------------------------
2012-04-21 18:31:58: Found Service: Appinfo
2012-04-21 18:31:58: Real Path: C:\Windows\System32\appinfo.dll
2012-04-21 18:31:58: Display Name: @%systemroot%\system32\appinfo.dll,-100
2012-04-21 18:31:58: Description: @%systemroot%\system32\appinfo.dll,-101
2012-04-21 18:31:58: ServiceDLL: System32\appinfo.dll
2012-04-21 18:31:58: File size: 33280
2012-04-21 18:31:58: DLL File name: appinfo.dll
2012-04-21 18:31:58: Original File Name: appinfo.dll.mui
2012-04-21 18:31:58: Company:
2012-04-21 18:31:58: Mod/Cre/Acc time: 20080119003344 20111226205322 20111226205322
2012-04-21 18:31:58: ---------------------------------------------------------------------
2012-04-21 18:31:58: Found Service: AudioEndpointBuilder
2012-04-21 18:31:58: Real Path: C:\Windows\System32\Audiosrv.dll
2012-04-21 18:31:58: Display Name: @%SystemRoot%\system32\audiosrv.dll,-204
2012-04-21 18:31:58: Description: @%SystemRoot%\System32\audiosrv.dll,-205
2012-04-21 18:31:58: ServiceDLL: System32\Audiosrv.dll
2012-04-21 18:31:58: File size: 315392
2012-04-21 18:31:58: DLL File name: Audiosrv.dll
2012-04-21 18:31:58: Original File Name: audiosrv.dll.mui
2012-04-21 18:31:58: Company:
2012-04-21 18:31:58: Mod/Cre/Acc time: 20090411002820 20111226221131 20111226221131
2012-04-21 18:31:58: ---------------------------------------------------------------------
2012-04-21 18:31:58: Found Service: Audiosrv
2012-04-21 18:31:58: Real Path: C:\Windows\System32\Audiosrv.dll
2012-04-21 18:31:58: Display Name: @%SystemRoot%\system32\audiosrv.dll,-200
2012-04-21 18:31:58: Description: @%SystemRoot%\System32\audiosrv.dll,-201
2012-04-21 18:31:58: ServiceDLL: System32\Audiosrv.dll
2012-04-21 18:31:58: File size: 315392
2012-04-21 18:31:58: DLL File name: Audiosrv.dll
2012-04-21 18:31:58: Original File Name: audiosrv.dll.mui
2012-04-21 18:31:58: Company:
2012-04-21 18:31:58: Mod/Cre/Acc time: 20090411002820 20111226221131 20111226221131
2012-04-21 18:31:58: ---------------------------------------------------------------------
2012-04-21 18:31:58: Found Service: BFE
2012-04-21 18:31:58: Real Path: C:\Windows\System32\bfe.dll
2012-04-21 18:31:58: Display Name: @%SystemRoot%\system32\bfe.dll,-1001
2012-04-21 18:31:58: Description: @%SystemRoot%\system32\bfe.dll,-1002
2012-04-21 18:31:58: ServiceDLL: System32\bfe.dll
2012-04-21 18:31:58: File size: 334848
2012-04-21 18:31:58: DLL File name: bfe.dll
2012-04-21 18:31:58: Original File Name: BFE.DLL.MUI
2012-04-21 18:31:58: Company:
2012-04-21 18:31:58: Mod/Cre/Acc time: 20090411002820 20111226221126 20111226221126
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: BITS
2012-04-21 18:31:59: Real Path: C:\Windows\System32\qmgr.dll
2012-04-21 18:31:59: Display Name: @%SystemRoot%\system32\qmgr.dll,-1000
2012-04-21 18:31:59: Description: @%SystemRoot%\system32\qmgr.dll,-1001
2012-04-21 18:31:59: ServiceDLL: System32\qmgr.dll
2012-04-21 18:31:59: File size: 758784
2012-04-21 18:31:59: DLL File name: qmgr.dll
2012-04-21 18:31:59: Original File Name: qmgr.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20090411002824 20111226221202 20111226221202
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: Browser
2012-04-21 18:31:59: Real Path: C:\Windows\System32\browser.dll
2012-04-21 18:31:59: Display Name: @%systemroot%\system32\browser.dll,-100
2012-04-21 18:31:59: Description: @%systemroot%\system32\browser.dll,-101
2012-04-21 18:31:59: ServiceDLL: System32\browser.dll
2012-04-21 18:31:59: File size: 81920
2012-04-21 18:31:59: DLL File name: browser.dll
2012-04-21 18:31:59: Original File Name: browser.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20080119003350 20111226205318 20111226205318
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: CertPropSvc
2012-04-21 18:31:59: Real Path: C:\Windows\System32\certprop.dll
2012-04-21 18:31:59: Display Name: @%SystemRoot%\System32\certprop.dll,-11
2012-04-21 18:31:59: Description: @%SystemRoot%\System32\certprop.dll,-12
2012-04-21 18:31:59: ServiceDLL: System32\certprop.dll
2012-04-21 18:31:59: File size: 40448
2012-04-21 18:31:59: DLL File name: certprop.dll
2012-04-21 18:31:59: Original File Name: certprop.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20090411002820 20111226221115 20111226221115
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: CryptSvc
2012-04-21 18:31:59: Real Path: C:\Windows\system32\cryptsvc.dll
2012-04-21 18:31:59: Display Name: @%SystemRoot%\system32\cryptsvc.dll,-1001
2012-04-21 18:31:59: Description: @%SystemRoot%\system32\cryptsvc.dll,-1002
2012-04-21 18:31:59: ServiceDLL: system32\cryptsvc.dll
2012-04-21 18:31:59: File size: 129024
2012-04-21 18:31:59: DLL File name: cryptsvc.dll
2012-04-21 18:31:59: Original File Name: cryptsvc.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20090411002820 20111226221119 20111226221119
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: DcomLaunch
2012-04-21 18:31:59: Real Path: C:\Windows\system32\rpcss.dll
2012-04-21 18:31:59: Display Name: @oleres.dll,-5012
2012-04-21 18:31:59: Description: @oleres.dll,-5013
2012-04-21 18:31:59: ServiceDLL: system32\rpcss.dll
2012-04-21 18:31:59: File size: 550400
2012-04-21 18:31:59: DLL File name: rpcss.dll
2012-04-21 18:31:59: Original File Name: rpcss.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20090411002826 20111226221219 20111226221219
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: Dhcp
2012-04-21 18:31:59: Real Path: C:\Windows\System32\dhcpcsvc.dll
2012-04-21 18:31:59: Display Name: @%SystemRoot%\system32\dhcpcsvc.dll,-100
2012-04-21 18:31:59: Description: @%SystemRoot%\system32\dhcpcsvc.dll,-101
2012-04-21 18:31:59: ServiceDLL: System32\dhcpcsvc.dll
2012-04-21 18:31:59: File size: 204288
2012-04-21 18:31:59: DLL File name: dhcpcsvc.dll
2012-04-21 18:31:59: Original File Name: dhcpcsvc.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20090411002820 20111226221139 20111226221139
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: Dnscache
2012-04-21 18:31:59: Real Path: C:\Windows\System32\dnsrslvr.dll
2012-04-21 18:31:59: Display Name: @%SystemRoot%\System32\dnsapi.dll,-101
2012-04-21 18:31:59: Description: @%SystemRoot%\System32\dnsapi.dll,-102
2012-04-21 18:31:59: ServiceDLL: System32\dnsrslvr.dll
2012-04-21 18:31:59: File size: 86528
2012-04-21 18:31:59: DLL File name: dnsrslvr.dll
2012-04-21 18:31:59: Original File Name: dnsrslvr.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20110302174427 20111227135202 20111227135202
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: dot3svc
2012-04-21 18:31:59: Real Path: C:\Windows\System32\dot3svc.dll
2012-04-21 18:31:59: Display Name: @%systemroot%\system32\dot3svc.dll,-1102
2012-04-21 18:31:59: Description: @%systemroot%\system32\dot3svc.dll,-1103
2012-04-21 18:31:59: ServiceDLL: System32\dot3svc.dll
2012-04-21 18:31:59: File size: 175616
2012-04-21 18:31:59: DLL File name: dot3svc.dll
2012-04-21 18:31:59: Original File Name: dot3svc.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20090411002820 20111226221139 20111226221139
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: DPS
2012-04-21 18:31:59: Real Path: C:\Windows\system32\dps.dll
2012-04-21 18:31:59: Display Name: @%systemroot%\system32\dps.dll,-500
2012-04-21 18:31:59: Description: @%systemroot%\system32\dps.dll,-501
2012-04-21 18:31:59: ServiceDLL: system32\dps.dll
2012-04-21 18:31:59: File size: 134656
2012-04-21 18:31:59: DLL File name: dps.dll
2012-04-21 18:31:59: Original File Name: dps.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20080119003408 20111226205338 20111226205338
2012-04-21 18:31:59: ---------------------------------------------------------------------
2012-04-21 18:31:59: Found Service: EapHost
2012-04-21 18:31:59: Real Path: C:\Windows\System32\eapsvc.dll
2012-04-21 18:31:59: Display Name: @%systemroot%\system32\eapsvc.dll,-1
2012-04-21 18:31:59: Description: @%systemroot%\system32\eapsvc.dll,-2
2012-04-21 18:31:59: ServiceDLL: System32\eapsvc.dll
2012-04-21 18:31:59: File size: 57344
2012-04-21 18:31:59: DLL File name: eapsvc.dll
2012-04-21 18:31:59: Original File Name: eapsvc.dll.mui
2012-04-21 18:31:59: Company:
2012-04-21 18:31:59: Mod/Cre/Acc time: 20080119003410 20111226205342 20111226205342
2012-04-21 18:32:00: ---------------------------------------------------------------------
2012-04-21 18:32:00: Found Service: EMDMgmt
2012-04-21 18:32:00: Real Path: C:\Windows\system32\emdmgmt.dll
2012-04-21 18:32:00: Display Name: @%SystemRoot%\system32\emdmgmt.dll,-1000
2012-04-21 18:32:00: Description: @%SystemRoot%\system32\emdmgmt.dll,-1001
2012-04-21 18:32:00: ServiceDLL: system32\emdmgmt.dll
2012-04-21 18:32:00: File size: 564224
2012-04-21 18:32:00: DLL File name: emdmgmt.dll
2012-04-21 18:32:00: Original File Name: emdmgmt.dll.mui
2012-04-21 18:32:00: Company:
2012-04-21 18:32:00: Mod/Cre/Acc time: 20090411002820 20111226221143 20111226221143
2012-04-21 18:32:00: ---------------------------------------------------------------------
2012-04-21 18:32:00: Found Service: EventSystem
2012-04-21 18:32:00: Real Path: C:\Windows\system32\es.dll
2012-04-21 18:32:00: Display Name: @comres.dll,-2450
2012-04-21 18:32:00: Description: @comres.dll,-2451
2012-04-21 18:32:00: ServiceDLL: system32\es.dll
2012-04-21 18:32:00: File size: 268800
2012-04-21 18:32:00: DLL File name: es.dll
2012-04-21 18:32:00: Original File Name: ES.DLL
2012-04-21 18:32:00: Company:
2012-04-21 18:32:00: Mod/Cre/Acc time: 20090411002820 20111226221142 20111226221142
2012-04-21 18:32:00: ---------------------------------------------------------------------
2012-04-21 18:32:00: Found Service: fdPHost
2012-04-21 18:32:00: Real Path: C:\Windows\system32\fdPHost.dll
2012-04-21 18:32:00: Display Name: @%systemroot%\system32\fdPHost.dll,-100
2012-04-21 18:32:00: Description: @%systemroot%\system32\fdPHost.dll,-101
2012-04-21 18:32:00: ServiceDLL: system32\fdPHost.dll
2012-04-21 18:32:00: File size: 13312
2012-04-21 18:32:00: DLL File name: fdPHost.dll
2012-04-21 18:32:00: Original File Name: fdPHost.dll.mui
2012-04-21 18:32:00: Company:
2012-04-21 18:32:00: Mod/Cre/Acc time: 20080119003422 20111226205341 20111226205341
2012-04-21 18:32:00: ---------------------------------------------------------------------
2012-04-21 18:32:00: Found Service: FDResPub
2012-04-21 18:32:00: Real Path: C:\Windows\system32\fdrespub.dll
2012-04-21 18:32:00: Display Name: @%systemroot%\system32\fdrespub.dll,-100
2012-04-21 18:32:00: Description: @%systemroot%\system32\fdrespub.dll,-101
2012-04-21 18:32:00: ServiceDLL: system32\fdrespub.dll
2012-04-21 18:32:00: File size: 27648
2012-04-21 18:32:00: DLL File name: fdrespub.dll
2012-04-21 18:32:00: Original File Name: FDResPub.dll.mui
2012-04-21 18:32:00: Company:
2012-04-21 18:32:00: Mod/Cre/Acc time: 20061102114604 20061102103723 20061102124016
2012-04-21 18:32:00: !!!!!!!
2012-04-21 18:32:00: Found Service: FontCache
2012-04-21 18:32:00: Real Path: C:\Windows\system32\FntCache.dll
2012-04-21 18:32:00: Display Name: @%systemroot%\system32\FntCache.dll,-100
2012-04-21 18:32:00: Description: @%systemroot%\system32\FntCache.dll,-101
2012-04-21 18:32:00: ServiceDLL: system32\FntCache.dll
2012-04-21 18:32:00: File size: 797696
2012-04-21 18:32:00: DLL File name: FntCache.dll
2012-04-21 18:32:00: Original File Name: FontCacheService
2012-04-21 18:32:00: Company:
2012-04-21 18:32:00: Mod/Cre/Acc time: 20110222153309 20111227134904 20111227134904
2012-04-21 18:32:00: !!!!!!!!!
2012-04-21 18:32:01: ---------------------------------------------------------------------
2012-04-21 18:32:01: Found Service: gpsvc
2012-04-21 18:32:01: Real Path: C:\Windows\System32\gpsvc.dll
2012-04-21 18:32:01: Display Name: @gpapi.dll,-112
2012-04-21 18:32:01: Description: @gpapi.dll,-113
2012-04-21 18:32:01: ServiceDLL: System32\gpsvc.dll
2012-04-21 18:32:01: File size: 576512
2012-04-21 18:32:01: DLL File name: gpsvc.dll
2012-04-21 18:32:01: Original File Name: gpsvc.dll.mui
2012-04-21 18:32:01: Company:
2012-04-21 18:32:01: Mod/Cre/Acc time: 20090411002820 20111226221136 20111226221136
2012-04-21 18:32:01: ---------------------------------------------------------------------
2012-04-21 18:32:01: Found Service: hidserv
2012-04-21 18:32:01: Real Path: C:\Windows\system32\hidserv.dll
2012-04-21 18:32:01: Display Name: @%SystemRoot%\System32\hidserv.dll,-101
2012-04-21 18:32:01: Description: @%SystemRoot%\System32\hidserv.dll,-102
2012-04-21 18:32:01: ServiceDLL: system32\hidserv.dll
2012-04-21 18:32:01: File size: 26112
2012-04-21 18:32:01: DLL File name: hidserv.dll
2012-04-21 18:32:01: Original File Name: HIDSERV.DLL.MUI
2012-04-21 18:32:01: Company:
2012-04-21 18:32:01: Mod/Cre/Acc time: 20090411002820 20111226221134 20111226221134
2012-04-21 18:32:01: ---------------------------------------------------------------------
2012-04-21 18:32:01: Found Service: hkmsvc
2012-04-21 18:32:01: Real Path: C:\Windows\system32\kmsvc.dll
2012-04-21 18:32:01: Display Name: @%SystemRoot%\system32\kmsvc.dll,-6
2012-04-21 18:32:01: Description: @%SystemRoot%\system32\kmsvc.dll,-7
2012-04-21 18:32:01: ServiceDLL: system32\kmsvc.dll
2012-04-21 18:32:01: File size: 68096
2012-04-21 18:32:01: DLL File name: kmsvc.dll
2012-04-21 18:32:01: Original File Name: KmSvc.DLL.MUI
2012-04-21 18:32:01: Company:
2012-04-21 18:32:01: Mod/Cre/Acc time: 20080119003438 20111226205444 20111226205444
2012-04-21 18:32:02: ---------------------------------------------------------------------
2012-04-21 18:32:02: Found Service: IKEEXT
2012-04-21 18:32:02: Real Path: C:\Windows\System32\ikeext.dll
2012-04-21 18:32:02: Display Name: @%SystemRoot%\system32\ikeext.dll,-501
2012-04-21 18:32:02: Description: @%SystemRoot%\system32\ikeext.dll,-502
2012-04-21 18:32:02: ServiceDLL: System32\ikeext.dll
2012-04-21 18:32:02: File size: 438784
2012-04-21 18:32:02: DLL File name: ikeext.dll
2012-04-21 18:32:02: Original File Name: IKEEXT.DLL.MUI
2012-04-21 18:32:02: Company:
2012-04-21 18:32:02: Mod/Cre/Acc time: 20090411002822 20111226221051 20111226221051
2012-04-21 18:32:02: ---------------------------------------------------------------------
2012-04-21 18:32:02: Found Service: IPBusEnum
2012-04-21 18:32:02: Real Path: C:\Windows\system32\ipbusenum.dll
2012-04-21 18:32:02: Display Name: @%systemroot%\system32\IPBusEnum.dll,-102
2012-04-21 18:32:02: Description: @%systemroot%\system32\IPBusEnum.dll,-103
2012-04-21 18:32:02: ServiceDLL: system32\ipbusenum.dll
2012-04-21 18:32:02: File size: 74240
2012-04-21 18:32:02: DLL File name: ipbusenum.dll
2012-04-21 18:32:02: Original File Name: IPBusEnum.dll.mui
2012-04-21 18:32:02: Company:
2012-04-21 18:32:02: Mod/Cre/Acc time: 20080119003436 20111226205444 20111226205444
2012-04-21 18:32:03: ---------------------------------------------------------------------
2012-04-21 18:32:03: Found Service: iphlpsvc
2012-04-21 18:32:03: Real Path: C:\Windows\System32\iphlpsvc.dll
2012-04-21 18:32:03: Display Name: @%SystemRoot%\system32\iphlpsvc.dll,-200
2012-04-21 18:32:03: Description: @%SystemRoot%\system32\iphlpsvc.dll,-201
2012-04-21 18:32:03: ServiceDLL: System32\iphlpsvc.dll
2012-04-21 18:32:03: File size: 200704
2012-04-21 18:32:03: DLL File name: iphlpsvc.dll
2012-04-21 18:32:03: Original File Name: iphlpsvc.dll.mui
2012-04-21 18:32:03: Company:
2012-04-21 18:32:03: Mod/Cre/Acc time: 20100218153003 20111226193541 20111226193541
2012-04-21 18:32:03: ---------------------------------------------------------------------
2012-04-21 18:32:03: Found Service: KtmRm
2012-04-21 18:32:03: Real Path: C:\Windows\system32\msdtckrm.dll
2012-04-21 18:32:03: Display Name: @comres.dll,-2946
2012-04-21 18:32:03: Description: @comres.dll,-2947
2012-04-21 18:32:03: ServiceDLL: system32\msdtckrm.dll
2012-04-21 18:32:03: File size: 344576
2012-04-21 18:32:03: DLL File name: msdtckrm.dll
2012-04-21 18:32:03: Original File Name: MSDTCKRM.DLL
2012-04-21 18:32:03: Company:
2012-04-21 18:32:03: Mod/Cre/Acc time: 20080119003458 20111226205511 20111226205511
2012-04-21 18:32:03: ---------------------------------------------------------------------
2012-04-21 18:32:03: Found Service: LanmanServer
2012-04-21 18:32:03: Real Path: C:\Windows\system32\srvsvc.dll
2012-04-21 18:32:03: Display Name: @%systemroot%\system32\srvsvc.dll,-100
2012-04-21 18:32:03: Description: @%systemroot%\system32\srvsvc.dll,-101
2012-04-21 18:32:03: ServiceDLL: system32\srvsvc.dll
2012-04-21 18:32:03: File size: 125952
2012-04-21 18:32:03: DLL File name: srvsvc.dll
2012-04-21 18:32:03: Original File Name: SRVSVC.DLL.MUI
2012-04-21 18:32:03: Company:
2012-04-21 18:32:03: Mod/Cre/Acc time: 20100906182029 20111227135333 20111227135333
2012-04-21 18:32:03: ---------------------------------------------------------------------
2012-04-21 18:32:03: Found Service: lltdsvc
2012-04-21 18:32:03: Real Path: C:\Windows\System32\lltdsvc.dll
2012-04-21 18:32:03: Display Name: @%SystemRoot%\system32\lltdres.dll,-1
2012-04-21 18:32:03: Description: @%SystemRoot%\system32\lltdres.dll,-2
2012-04-21 18:32:03: ServiceDLL: System32\lltdsvc.dll
2012-04-21 18:32:03: File size: 188928
2012-04-21 18:32:03: DLL File name: lltdsvc.dll
2012-04-21 18:32:03: Original File Name: LLTDSVC.DLL
2012-04-21 18:32:03: Company:
2012-04-21 18:32:03: Mod/Cre/Acc time: 20080119003444 20111226205443 20111226205443
2012-04-21 18:32:03: ---------------------------------------------------------------------
2012-04-21 18:32:03: Found Service: lmhosts
2012-04-21 18:32:03: Real Path: C:\Windows\System32\lmhsvc.dll
2012-04-21 18:32:03: Display Name: @%SystemRoot%\system32\lmhsvc.dll,-101
2012-04-21 18:32:03: Description: @%SystemRoot%\system32\lmhsvc.dll,-102
2012-04-21 18:32:03: ServiceDLL: System32\lmhsvc.dll
2012-04-21 18:32:03: File size: 18944
2012-04-21 18:32:03: DLL File name: lmhsvc.dll
2012-04-21 18:32:03: Original File Name: lmhsvc.dll.mui
2012-04-21 18:32:03: Company:
2012-04-21 18:32:03: Mod/Cre/Acc time: 20061102114605 20061102105709 20061102124046
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: Mcx2Svc
2012-04-21 18:32:04: Real Path: C:\Windows\system32\Mcx2Svc.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\ehome\ehres.dll,-15501
2012-04-21 18:32:04: Description: @%SystemRoot%\ehome\ehres.dll,-15502
2012-04-21 18:32:04: ServiceDLL: system32\Mcx2Svc.dll
2012-04-21 18:32:04: File size: 53760
2012-04-21 18:32:04: DLL File name: Mcx2Svc.dll
2012-04-21 18:32:04: Original File Name: Mcx2Svc.dll
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003446 20111226205445 20111226205445
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: MMCSS
2012-04-21 18:32:04: Real Path: C:\Windows\system32\mmcss.dll
2012-04-21 18:32:04: Display Name: @%systemroot%\system32\mmcss.dll,-100
2012-04-21 18:32:04: Description: @%systemroot%\system32\mmcss.dll,-101
2012-04-21 18:32:04: ServiceDLL: system32\mmcss.dll
2012-04-21 18:32:04: File size: 45056
2012-04-21 18:32:04: DLL File name: mmcss.dll
2012-04-21 18:32:04: Original File Name: mmcss.dll.mui
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003450 20111226205433 20111226205433
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: MpsSvc
2012-04-21 18:32:04: Real Path: C:\Windows\system32\mpssvc.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\system32\FirewallAPI.dll,-23090
2012-04-21 18:32:04: Description: @%SystemRoot%\system32\FirewallAPI.dll,-23091
2012-04-21 18:32:04: ServiceDLL: system32\mpssvc.dll
2012-04-21 18:32:04: File size: 407552
2012-04-21 18:32:04: DLL File name: mpssvc.dll
2012-04-21 18:32:04: Original File Name: mpssvc.dll.mui
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20090411002822 20111226221111 20111226221111
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: MSiSCSI
2012-04-21 18:32:04: Real Path: C:\Windows\system32\iscsiexe.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\system32\iscsidsc.dll,-5000
2012-04-21 18:32:04: Description: @%SystemRoot%\system32\iscsidsc.dll,-5001
2012-04-21 18:32:04: ServiceDLL: system32\iscsiexe.dll
2012-04-21 18:32:04: File size: 111616
2012-04-21 18:32:04: DLL File name: iscsiexe.dll
2012-04-21 18:32:04: Original File Name: iscsiexe.exe.mui
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003436 20111226205445 20111226205445
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: napagent
2012-04-21 18:32:04: Real Path: C:\Windows\system32\qagentRT.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\system32\qagentrt.dll,-6
2012-04-21 18:32:04: Description: @%SystemRoot%\system32\qagentrt.dll,-7
2012-04-21 18:32:04: ServiceDLL: system32\qagentRT.dll
2012-04-21 18:32:04: File size: 302592
2012-04-21 18:32:04: DLL File name: qagentRT.dll
2012-04-21 18:32:04: Original File Name: QAgentRT.DLL.MUI
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20090411002824 20111226221158 20111226221158
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: Netman
2012-04-21 18:32:04: Real Path: C:\Windows\System32\netman.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\system32\netman.dll,-109
2012-04-21 18:32:04: Description: @%SystemRoot%\system32\netman.dll,-110
2012-04-21 18:32:04: ServiceDLL: System32\netman.dll
2012-04-21 18:32:04: File size: 274432
2012-04-21 18:32:04: DLL File name: netman.dll
2012-04-21 18:32:04: Original File Name: netman.dll.mui
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003538 20111226205452 20111226205452
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: netprofm
2012-04-21 18:32:04: Real Path: C:\Windows\System32\netprofm.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\system32\netprof.dll,-246
2012-04-21 18:32:04: Description: @%SystemRoot%\system32\netprof.dll,-247
2012-04-21 18:32:04: ServiceDLL: System32\netprofm.dll
2012-04-21 18:32:04: File size: 237056
2012-04-21 18:32:04: DLL File name: netprofm.dll
2012-04-21 18:32:04: Original File Name: netprofm.dll
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003538 20111226205452 20111226205452
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: NlaSvc
2012-04-21 18:32:04: Real Path: C:\Windows\System32\nlasvc.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\System32\nlasvc.dll,-1
2012-04-21 18:32:04: Description: @%SystemRoot%\System32\nlasvc.dll,-2
2012-04-21 18:32:04: ServiceDLL: System32\nlasvc.dll
2012-04-21 18:32:04: File size: 168448
2012-04-21 18:32:04: DLL File name: nlasvc.dll
2012-04-21 18:32:04: Original File Name: nlasvc.dll.mui
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003540 20111226205453 20111226205453
2012-04-21 18:32:04: ---------------------------------------------------------------------
2012-04-21 18:32:04: Found Service: nsi
2012-04-21 18:32:04: Real Path: C:\Windows\system32\nsisvc.dll
2012-04-21 18:32:04: Display Name: @%SystemRoot%\system32\nsisvc.dll,-200
2012-04-21 18:32:04: Description: @%SystemRoot%\system32\nsisvc.dll,-201
2012-04-21 18:32:04: ServiceDLL: system32\nsisvc.dll
2012-04-21 18:32:04: File size: 18432
2012-04-21 18:32:04: DLL File name: nsisvc.dll
2012-04-21 18:32:04: Original File Name: nsisvc.dll.mui
2012-04-21 18:32:04: Company:
2012-04-21 18:32:04: Mod/Cre/Acc time: 20080119003558 20111226205457 20111226205457
2012-04-21 18:32:05: ---------------------------------------------------------------------
2012-04-21 18:32:05: Found Service: p2pimsvc
2012-04-21 18:32:05: Real Path: C:\Windows\system32\p2psvc.dll
2012-04-21 18:32:05: Display Name: @%SystemRoot%\system32\p2psvc.dll,-8004
2012-04-21 18:32:05: Description: @%SystemRoot%\system32\p2psvc.dll,-8005
2012-04-21 18:32:05: ServiceDLL: system32\p2psvc.dll
2012-04-21 18:32:05: File size: 644608
2012-04-21 18:32:05: DLL File name: p2psvc.dll
2012-04-21 18:32:05: Original File Name: p2psvc.dll.mui
2012-04-21 18:32:05: Company:
2012-04-21 18:32:05: Mod/Cre/Acc time: 20090411002824 20111226221213 20111226221213
2012-04-21 18:32:05: ---------------------------------------------------------------------
2012-04-21 18:32:05: Found Service: p2psvc
2012-04-21 18:32:05: Real Path: C:\Windows\system32\p2psvc.dll
2012-04-21 18:32:05: Display Name: @%SystemRoot%\system32\p2psvc.dll,-8006
2012-04-21 18:32:05: Description: @%SystemRoot%\system32\p2psvc.dll,-8007
2012-04-21 18:32:05: ServiceDLL: system32\p2psvc.dll
2012-04-21 18:32:05: File size: 644608
2012-04-21 18:32:05: DLL File name: p2psvc.dll
2012-04-21 18:32:05: Original File Name: p2psvc.dll.mui
2012-04-21 18:32:05: Company:
2012-04-21 18:32:05: Mod/Cre/Acc time: 20090411002824 20111226221213 20111226221213
2012-04-21 18:32:05: !!!!!!!
2012-04-21 18:32:05: Found Service: PcaSvc
2012-04-21 18:32:05: Real Path: C:\Windows\System32\pcasvc.dll
2012-04-21 18:32:05: Display Name: @%SystemRoot%\system32\pcasvc.dll,-1
2012-04-21 18:32:05: Description: @%SystemRoot%\system32\pcasvc.dll,-2
2012-04-21 18:32:05: ServiceDLL: System32\pcasvc.dll
2012-04-21 18:32:05: File size: 37888
2012-04-21 18:32:05: DLL File name: pcasvc.dll
2012-04-21 18:32:05: Original File Name:
2012-04-21 18:32:05: Company:
2012-04-21 18:32:05: Mod/Cre/Acc time: 20080119003604 20111226205409 20111226205409
2012-04-21 18:32:05: !!!!!!!!!
2012-04-21 18:32:05: ---------------------------------------------------------------------
2012-04-21 18:32:05: Found Service: pla
2012-04-21 18:32:05: Real Path: C:\Windows\system32\pla.dll
2012-04-21 18:32:05: Display Name: @%systemroot%\system32\pla.dll,-500
2012-04-21 18:32:05: Description: @%systemroot%\system32\pla.dll,-501
2012-04-21 18:32:05: ServiceDLL: system32\pla.dll
2012-04-21 18:32:05: File size: 1502208
2012-04-21 18:32:05: DLL File name: pla.dll
2012-04-21 18:32:05: Original File Name: PLA.DLL.MUI
2012-04-21 18:32:05: Company:
2012-04-21 18:32:05: Mod/Cre/Acc time: 20080119003608 20111226205405 20111226205405
2012-04-21 18:32:05: ---------------------------------------------------------------------
2012-04-21 18:32:05: Found Service: PlugPlay
2012-04-21 18:32:05: Real Path: C:\Windows\system32\umpnpmgr.dll
2012-04-21 18:32:05: Display Name: @%SystemRoot%\system32\umpnpmgr.dll,-100
2012-04-21 18:32:05: Description: @%SystemRoot%\system32\umpnpmgr.dll,-101
2012-04-21 18:32:05: ServiceDLL: system32\umpnpmgr.dll
2012-04-21 18:32:05: File size: 222720
2012-04-21 18:32:05: DLL File name: umpnpmgr.dll
2012-04-21 18:32:05: Original File Name: Umpnpmgr.DLL.MUI
2012-04-21 18:32:05: Company:
2012-04-21 18:32:05: Mod/Cre/Acc time: 20090411002826 20111226221005 20111226221005
2012-04-21 18:32:05: ---------------------------------------------------------------------
2012-04-21 18:32:05: Found Service: PNRPAutoReg
2012-04-21 18:32:05: Real Path: C:\Windows\system32\p2psvc.dll
2012-04-21 18:32:05: Display Name: @%SystemRoot%\system32\p2psvc.dll,-8002
2012-04-21 18:32:05: Description: @%SystemRoot%\system32\p2psvc.dll,-8003
2012-04-21 18:32:05: ServiceDLL: system32\p2psvc.dll
2012-04-21 18:32:05: File size: 644608
2012-04-21 18:32:05: DLL File name: p2psvc.dll
2012-04-21 18:32:05: Original File Name: p2psvc.dll.mui
2012-04-21 18:32:05: Company:
2012-04-21 18:32:05: Mod/Cre/Acc time: 20090411002824 20111226221213 20111226221213
2012-04-21 18:32:06: ---------------------------------------------------------------------
2012-04-21 18:32:06: Found Service: PNRPsvc
2012-04-21 18:32:06: Real Path: C:\Windows\system32\p2psvc.dll
2012-04-21 18:32:06: Display Name: @%SystemRoot%\system32\p2psvc.dll,-8000
2012-04-21 18:32:06: Description: @%SystemRoot%\system32\p2psvc.dll,-8001
2012-04-21 18:32:06: ServiceDLL: system32\p2psvc.dll
2012-04-21 18:32:06: File size: 644608
2012-04-21 18:32:06: DLL File name: p2psvc.dll
2012-04-21 18:32:06: Original File Name: p2psvc.dll.mui
2012-04-21 18:32:06: Company:
2012-04-21 18:32:06: Mod/Cre/Acc time: 20090411002824 20111226221213 20111226221213
2012-04-21 18:32:06: ---------------------------------------------------------------------
2012-04-21 18:32:06: Found Service: PolicyAgent
2012-04-21 18:32:06: Real Path: C:\Windows\System32\ipsecsvc.dll
2012-04-21 18:32:06: Display Name: @%SystemRoot%\System32\polstore.dll,-5010
2012-04-21 18:32:06: Description: @%SystemRoot%\system32\polstore.dll,-5011
2012-04-21 18:32:06: ServiceDLL: System32\ipsecsvc.dll
2012-04-21 18:32:06: File size: 364032
2012-04-21 18:32:06: DLL File name: ipsecsvc.dll
2012-04-21 18:32:06: Original File Name: ipsecsvc.dll
2012-04-21 18:32:06: Company:
2012-04-21 18:32:06: Mod/Cre/Acc time: 20090411002822 20111226221056 20111226221056
2012-04-21 18:32:06: ---------------------------------------------------------------------
2012-04-21 18:32:06: Found Service: ProfSvc
2012-04-21 18:32:06: Real Path: C:\Windows\system32\profsvc.dll
2012-04-21 18:32:06: Display Name: @%systemroot%\system32\profsvc.dll,-300
2012-04-21 18:32:06: Description: @%systemroot%\system32\profsvc.dll,-301
2012-04-21 18:32:06: ServiceDLL: system32\profsvc.dll
2012-04-21 18:32:06: File size: 153088
2012-04-21 18:32:06: DLL File name: profsvc.dll
2012-04-21 18:32:06: Original File Name: ProfSvc.dll.mui
2012-04-21 18:32:06: Company:
2012-04-21 18:32:06: Mod/Cre/Acc time: 20090411002824 20111226221157 20111226221157
2012-04-21 18:32:06: ---------------------------------------------------------------------
2012-04-21 18:32:06: Found Service: QWAVE
2012-04-21 18:32:06: Real Path: C:\Windows\system32\qwave.dll
2012-04-21 18:32:06: Display Name: @%SystemRoot%\system32\qwave.dll,-1
2012-04-21 18:32:06: Description: @%SystemRoot%\system32\qwave.dll,-2
2012-04-21 18:32:06: ServiceDLL: system32\qwave.dll
2012-04-21 18:32:06: File size: 243712
2012-04-21 18:32:06: DLL File name: qwave.dll
2012-04-21 18:32:06: Original File Name: qwave.dll.mui
2012-04-21 18:32:06: Company:
2012-04-21 18:32:06: Mod/Cre/Acc time: 20080119003616 20111226205357 20111226205357
2012-04-21 18:32:07: ---------------------------------------------------------------------
2012-04-21 18:32:07: Found Service: RasAuto
2012-04-21 18:32:07: Real Path: C:\Windows\System32\rasauto.dll
2012-04-21 18:32:07: Display Name: @%Systemroot%\system32\rasauto.dll,-200
2012-04-21 18:32:07: Description: @%Systemroot%\system32\rasauto.dll,-201
2012-04-21 18:32:07: ServiceDLL: System32\rasauto.dll
2012-04-21 18:32:07: File size: 90624
2012-04-21 18:32:07: DLL File name: rasauto.dll
2012-04-21 18:32:07: Original File Name: rasauto.dll.mui
2012-04-21 18:32:07: Company:
2012-04-21 18:32:07: Mod/Cre/Acc time: 20080119003616 20111226205358 20111226205358
2012-04-21 18:32:07: ---------------------------------------------------------------------
2012-04-21 18:32:07: Found Service: RasMan
2012-04-21 18:32:07: Real Path: C:\Windows\System32\rasmans.dll
2012-04-21 18:32:07: Display Name: @%Systemroot%\system32\rasmans.dll,-200
2012-04-21 18:32:07: Description: @%Systemroot%\system32\rasmans.dll,-201
2012-04-21 18:32:07: ServiceDLL: System32\rasmans.dll
2012-04-21 18:32:07: File size: 262144
2012-04-21 18:32:07: DLL File name: rasmans.dll
2012-04-21 18:32:07: Original File Name: Rasmans.dll.mui
2012-04-21 18:32:07: Company:
2012-04-21 18:32:07: Mod/Cre/Acc time: 20090411002826 20111226221203 20111226221203
2012-04-21 18:32:07: ---------------------------------------------------------------------
2012-04-21 18:32:07: Found Service: RemoteAccess
2012-04-21 18:32:07: Real Path: C:\Windows\System32\mprdim.dll
2012-04-21 18:32:07: Display Name: @%Systemroot%\system32\mprdim.dll,-200
2012-04-21 18:32:07: Description: @%Systemroot%\system32\mprdim.dll,-201
2012-04-21 18:32:07: ServiceDLL: System32\mprdim.dll
2012-04-21 18:32:07: File size: 68608
2012-04-21 18:32:07: DLL File name: mprdim.dll
2012-04-21 18:32:07: Original File Name: MPRDIM.DLL.MUI
2012-04-21 18:32:07: Company:
2012-04-21 18:32:07: Mod/Cre/Acc time: 20080119003454 20111226205442 20111226205442
2012-04-21 18:32:07: ---------------------------------------------------------------------
2012-04-21 18:32:07: Found Service: RemoteRegistry
2012-04-21 18:32:07: Real Path: C:\Windows\system32\regsvc.dll
2012-04-21 18:32:07: Display Name: @regsvc.dll,-1
2012-04-21 18:32:07: Description: @regsvc.dll,-2
2012-04-21 18:32:07: ServiceDLL: system32\regsvc.dll
2012-04-21 18:32:07: File size: 107008
2012-04-21 18:32:07: DLL File name: regsvc.dll
2012-04-21 18:32:07: Original File Name: REGSVC.DLL.MUI
2012-04-21 18:32:07: Company:
2012-04-21 18:32:07: Mod/Cre/Acc time: 20090411002826 20111226221201 20111226221201
2012-04-21 18:32:07: ---------------------------------------------------------------------
2012-04-21 18:32:07: Found Service: RpcSs
2012-04-21 18:32:07: Real Path: C:\Windows\system32\rpcss.dll
2012-04-21 18:32:07: Display Name: @oleres.dll,-5010
2012-04-21 18:32:07: Description: @oleres.dll,-5011
2012-04-21 18:32:07: ServiceDLL: system32\rpcss.dll
2012-04-21 18:32:07: File size: 550400
2012-04-21 18:32:07: DLL File name: rpcss.dll
2012-04-21 18:32:07: Original File Name: rpcss.dll.mui
2012-04-21 18:32:07: Company:
2012-04-21 18:32:07: Mod/Cre/Acc time: 20090411002826 20111226221219 20111226221219
2012-04-21 18:32:07: ---------------------------------------------------------------------
2012-04-21 18:32:07: Found Service: SCardSvr
2012-04-21 18:32:07: Real Path: C:\Windows\System32\SCardSvr.dll
2012-04-21 18:32:07: Display Name: @%SystemRoot%\System32\SCardSvr.dll,-1
2012-04-21 18:32:07: Description: @%SystemRoot%\System32\SCardSvr.dll,-5
2012-04-21 18:32:07: ServiceDLL: System32\SCardSvr.dll
2012-04-21 18:32:07: File size: 95232
2012-04-21 18:32:07: DLL File name: SCardSvr.dll
2012-04-21 18:32:07: Original File Name: SCardSvr.exe.mui
2012-04-21 18:32:07: Company:
2012-04-21 18:32:07: Mod/Cre/Acc time: 20090411002826 20111226221218 20111226221218
2012-04-21 18:32:08: ---------------------------------------------------------------------
2012-04-21 18:32:08: Found Service: Schedule
2012-04-21 18:32:08: Real Path: C:\Windows\system32\schedsvc.dll
2012-04-21 18:32:08: Display Name: @%SystemRoot%\system32\schedsvc.dll,-100
2012-04-21 18:32:08: Description: @%SystemRoot%\system32\schedsvc.dll,-101
2012-04-21 18:32:08: ServiceDLL: system32\schedsvc.dll
2012-04-21 18:32:08: File size: 601600
2012-04-21 18:32:08: DLL File name: schedsvc.dll
2012-04-21 18:32:08: Original File Name: schedsvc.dll.mui
2012-04-21 18:32:08: Company:
2012-04-21 18:32:08: Mod/Cre/Acc time: 20101104205512 20111227134706 20111227134706
2012-04-21 18:32:08: ---------------------------------------------------------------------
2012-04-21 18:32:08: Found Service: SCPolicySvc
2012-04-21 18:32:08: Real Path: C:\Windows\System32\certprop.dll
2012-04-21 18:32:08: Display Name: @%SystemRoot%\System32\certprop.dll,-13
2012-04-21 18:32:08: Description: @%SystemRoot%\System32\certprop.dll,-14
2012-04-21 18:32:08: ServiceDLL: System32\certprop.dll
2012-04-21 18:32:08: File size: 40448
2012-04-21 18:32:08: DLL File name: certprop.dll
2012-04-21 18:32:08: Original File Name: certprop.dll.mui
2012-04-21 18:32:08: Company:
2012-04-21 18:32:08: Mod/Cre/Acc time: 20090411002820 20111226221115 20111226221115
2012-04-21 18:32:08: ---------------------------------------------------------------------
2012-04-21 18:32:08: Found Service: SDRSVC
2012-04-21 18:32:08: Real Path: C:\Windows\System32\SDRSVC.dll
2012-04-21 18:32:08: Display Name: @%SystemRoot%\system32\sdrsvc.dll,-107
2012-04-21 18:32:08: Description: @%SystemRoot%\system32\sdrsvc.dll,-102
2012-04-21 18:32:08: ServiceDLL: System32\SDRSVC.dll
2012-04-21 18:32:08: File size: 104960
2012-04-21 18:32:08: DLL File name: SDRSVC.dll
2012-04-21 18:32:08: Original File Name: SDRSVC.DLL.MUI
2012-04-21 18:32:08: Company:
2012-04-21 18:32:08: Mod/Cre/Acc time: 20080119003622 20111226205429 20111226205429
2012-04-21 18:32:08: ---------------------------------------------------------------------
2012-04-21 18:32:08: Found Service: seclogon
2012-04-21 18:32:08: Real Path: C:\Windows\system32\seclogon.dll
2012-04-21 18:32:08: Display Name: @%SystemRoot%\system32\seclogon.dll,-7001
2012-04-21 18:32:08: Description: @%SystemRoot%\system32\seclogon.dll,-7000
2012-04-21 18:32:08: ServiceDLL: system32\seclogon.dll
2012-04-21 18:32:08: File size: 19968
2012-04-21 18:32:08: DLL File name: seclogon.dll
2012-04-21 18:32:08: Original File Name: SECLOGON.EXE.MUI
2012-04-21 18:32:08: Company:
2012-04-21 18:32:08: Mod/Cre/Acc time: 20080119003622 20111226205429 20111226205429
2012-04-21 18:32:08: ---------------------------------------------------------------------
2012-04-21 18:32:08: Found Service: SENS
2012-04-21 18:32:08: Real Path: C:\Windows\System32\sens.dll
2012-04-21 18:32:08: Display Name: @%SystemRoot%\system32\Sens.dll,-200
2012-04-21 18:32:08: Description: @%SystemRoot%\system32\Sens.dll,-201
2012-04-21 18:32:08: ServiceDLL: System32\sens.dll
2012-04-21 18:32:08: File size: 47104
2012-04-21 18:32:08: DLL File name: sens.dll
2012-04-21 18:32:08: Original File Name: sens.dll.mui
2012-04-21 18:32:08: Company:
2012-04-21 18:32:08: Mod/Cre/Acc time: 20080119003622 20111226205414 20111226205414
2012-04-21 18:32:08: ---------------------------------------------------------------------
2012-04-21 18:32:08: Found Service: SessionEnv
2012-04-21 18:32:08: Real Path: C:\Windows\system32\sessenv.dll
2012-04-21 18:32:08: Display Name: @%SystemRoot%\System32\SessEnv.dll,-1026
2012-04-21 18:32:08: Description: @%SystemRoot%\System32\SessEnv.dll,-1027
2012-04-21 18:32:08: ServiceDLL: system32\sessenv.dll
2012-04-21 18:32:08: File size: 84992
2012-04-21 18:32:08: DLL File name: sessenv.dll
2012-04-21 18:32:08: Original File Name: SessEnv.DLL.MUI
2012-04-21 18:32:08: Company:
2012-04-21 18:32:08: Mod/Cre/Acc time: 20080119003622 20111226205416 20111226205416
2012-04-21 18:32:09: ---------------------------------------------------------------------
2012-04-21 18:32:09: Found Service: SharedAccess
2012-04-21 18:32:09: Real Path: C:\Windows\System32\ipnathlp.dll
2012-04-21 18:32:09: Display Name: @%SystemRoot%\system32\ipnathlp.dll,-106
2012-04-21 18:32:09: Description: @%SystemRoot%\system32\ipnathlp.dll,-107
2012-04-21 18:32:09: ServiceDLL: System32\ipnathlp.dll
2012-04-21 18:32:09: File size: 288256
2012-04-21 18:32:09: DLL File name: ipnathlp.dll
2012-04-21 18:32:09: Original File Name: IPNATHLP.DLL.MUI
2012-04-21 18:32:09: Company:
2012-04-21 18:32:09: Mod/Cre/Acc time: 20080119003436 20111226205444 20111226205444
2012-04-21 18:32:09: ---------------------------------------------------------------------
2012-04-21 18:32:09: Found Service: ShellHWDetection
2012-04-21 18:32:09: Real Path: C:\Windows\System32\shsvcs.dll
2012-04-21 18:32:09: Display Name: @%SystemRoot%\System32\shsvcs.dll,-12288
2012-04-21 18:32:09: Description: @%SystemRoot%\System32\shsvcs.dll,-12289
2012-04-21 18:32:09: ServiceDLL: System32\shsvcs.dll
2012-04-21 18:32:09: File size: 247808
2012-04-21 18:32:09: DLL File name: shsvcs.dll
2012-04-21 18:32:09: Original File Name: SHSVCS.DLL.MUI
2012-04-21 18:32:09: Company:
2012-04-21 18:32:09: Mod/Cre/Acc time: 20090710134742 20111227134949 20111227134949
2012-04-21 18:32:09: ---------------------------------------------------------------------
2012-04-21 18:32:09: Found Service: SLUINotify
2012-04-21 18:32:09: Real Path: C:\Windows\system32\SLUINotify.dll
2012-04-21 18:32:09: Display Name: @%SystemRoot%\system32\SLUINotify.dll,-103
2012-04-21 18:32:09: Description: @%SystemRoot%\system32\SLUINotify.dll,-102
2012-04-21 18:32:09: ServiceDLL: system32\SLUINotify.dll
2012-04-21 18:32:09: File size: 60928
2012-04-21 18:32:09: DLL File name: SLUINotify.dll
2012-04-21 18:32:09: Original File Name: SLUINotify.dll.mui
2012-04-21 18:32:09: Company:
2012-04-21 18:32:09: Mod/Cre/Acc time: 20090411002826 20111226221013 20111226221013
2012-04-21 18:32:10: ---------------------------------------------------------------------
2012-04-21 18:32:10: Found Service: SSDPSRV
2012-04-21 18:32:10: Real Path: C:\Windows\System32\ssdpsrv.dll
2012-04-21 18:32:10: Display Name: @%systemroot%\system32\ssdpsrv.dll,-100
2012-04-21 18:32:10: Description: @%systemroot%\system32\ssdpsrv.dll,-101
2012-04-21 18:32:10: ServiceDLL: System32\ssdpsrv.dll
2012-04-21 18:32:10: File size: 155648
2012-04-21 18:32:10: DLL File name: ssdpsrv.dll
2012-04-21 18:32:10: Original File Name: ssdpsrv.dll.mui
2012-04-21 18:32:10: Company:
2012-04-21 18:32:10: Mod/Cre/Acc time: 20080119003638 20111226205144 20111226205144
2012-04-21 18:32:10: ---------------------------------------------------------------------
2012-04-21 18:32:10: Found Service: SstpSvc
2012-04-21 18:32:10: Real Path: C:\Windows\system32\sstpsvc.dll
2012-04-21 18:32:10: Display Name: @%SystemRoot%\system32\sstpsvc.dll,-200
2012-04-21 18:32:10: Description: @%SystemRoot%\system32\sstpsvc.dll,-201
2012-04-21 18:32:10: ServiceDLL: system32\sstpsvc.dll
2012-04-21 18:32:10: File size: 116736
2012-04-21 18:32:10: DLL File name: sstpsvc.dll
2012-04-21 18:32:10: Original File Name: sstpsvc.dll.mui
2012-04-21 18:32:10: Company:
2012-04-21 18:32:10: Mod/Cre/Acc time: 20080119003638 20111226205144 20111226205144
2012-04-21 18:32:10: ---------------------------------------------------------------------
2012-04-21 18:32:10: Found Service: stisvc
2012-04-21 18:32:10: Real Path: C:\Windows\System32\wiaservc.dll
2012-04-21 18:32:10: Display Name: @%SystemRoot%\system32\wiaservc.dll,-9
2012-04-21 18:32:10: Description: @%SystemRoot%\system32\wiaservc.dll,-10
2012-04-21 18:32:10: ServiceDLL: System32\wiaservc.dll
2012-04-21 18:32:10: File size: 453120
2012-04-21 18:32:10: DLL File name: wiaservc.dll
2012-04-21 18:32:10: Original File Name: WIASERVC.DLL.MUI
2012-04-21 18:32:10: Company:
2012-04-21 18:32:10: Mod/Cre/Acc time: 20090411002826 20111226221035 20111226221035
2012-04-21 18:32:11: ---------------------------------------------------------------------
2012-04-21 18:32:11: Found Service: swprv
2012-04-21 18:32:11: Real Path: C:\Windows\System32\swprv.dll
2012-04-21 18:32:11: Display Name: @%SystemRoot%\System32\swprv.dll,-103
2012-04-21 18:32:11: Description: @%SystemRoot%\System32\swprv.dll,-102
2012-04-21 18:32:11: ServiceDLL: System32\swprv.dll
2012-04-21 18:32:11: File size: 311808
2012-04-21 18:32:11: DLL File name: swprv.dll
2012-04-21 18:32:11: Original File Name: SWPRV.DLL.MUI
2012-04-21 18:32:11: Company:
2012-04-21 18:32:11: Mod/Cre/Acc time: 20090411002826 20111226221017 20111226221017
2012-04-21 18:32:11: ---------------------------------------------------------------------
2012-04-21 18:32:11: Found Service: SysMain
2012-04-21 18:32:11: Real Path: C:\Windows\system32\sysmain.dll
2012-04-21 18:32:11: Display Name: @%SystemRoot%\system32\sysmain.dll,-1000
2012-04-21 18:32:11: Description: @%SystemRoot%\system32\sysmain.dll,-1001
2012-04-21 18:32:11: ServiceDLL: system32\sysmain.dll
2012-04-21 18:32:11: File size: 558080
2012-04-21 18:32:11: DLL File name: sysmain.dll
2012-04-21 18:32:11: Original File Name: sysmain.dll.mui
2012-04-21 18:32:11: Company:
2012-04-21 18:32:11: Mod/Cre/Acc time: 20090411002826 20111226221017 20111226221017
2012-04-21 18:32:11: !!!!!!!
2012-04-21 18:32:11: Found Service: TabletInputService
2012-04-21 18:32:11: Real Path: C:\Windows\System32\TabSvc.dll
2012-04-21 18:32:11: Display Name: @%SystemRoot%\system32\TabSvc.dll,-100
2012-04-21 18:32:11: Description: @%SystemRoot%\system32\TabSvc.dll,-101
2012-04-21 18:32:11: ServiceDLL: System32\TabSvc.dll
2012-04-21 18:32:11: File size: 68096
2012-04-21 18:32:11: DLL File name: TabSvc.dll
2012-04-21 18:32:11: Original File Name: PenService.EXE.MUI
2012-04-21 18:32:11: Company:
2012-04-21 18:32:11: Mod/Cre/Acc time: 20061102143524 20061102143524 20061102143524
2012-04-21 18:32:11: !!!!!!!!!
2012-04-21 18:32:11: ---------------------------------------------------------------------
2012-04-21 18:32:11: Found Service: TapiSrv
2012-04-21 18:32:11: Real Path: C:\Windows\System32\tapisrv.dll
2012-04-21 18:32:11: Display Name: @%SystemRoot%\system32\tapisrv.dll,-10100
2012-04-21 18:32:11: Description: @%SystemRoot%\system32\tapisrv.dll,-10101
2012-04-21 18:32:11: ServiceDLL: System32\tapisrv.dll
2012-04-21 18:32:11: File size: 242688
2012-04-21 18:32:11: DLL File name: tapisrv.dll
2012-04-21 18:32:11: Original File Name: TAPISRV.EXE.MUI
2012-04-21 18:32:11: Company:
2012-04-21 18:32:11: Mod/Cre/Acc time: 20090411002826 20111226220956 20111226220956
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: TBS
2012-04-21 18:32:12: Real Path: C:\Windows\System32\tbssvc.dll
2012-04-21 18:32:12: Display Name: @%SystemRoot%\system32\tbssvc.dll,-100
2012-04-21 18:32:12: Description: @%SystemRoot%\system32\tbssvc.dll,-101
2012-04-21 18:32:12: ServiceDLL: System32\tbssvc.dll
2012-04-21 18:32:12: File size: 56320
2012-04-21 18:32:12: DLL File name: tbssvc.dll
2012-04-21 18:32:12: Original File Name: TBSSVC.DLL.MUI
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20080119003640 20111226205150 20111226205150
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: TermService
2012-04-21 18:32:12: Real Path: C:\Windows\System32\termsrv.dll
2012-04-21 18:32:12: Display Name: @%SystemRoot%\System32\termsrv.dll,-268
2012-04-21 18:32:12: Description: @%SystemRoot%\System32\termsrv.dll,-267
2012-04-21 18:32:12: ServiceDLL: System32\termsrv.dll
2012-04-21 18:32:12: File size: 449024
2012-04-21 18:32:12: DLL File name: termsrv.dll
2012-04-21 18:32:12: Original File Name: termsrv.dll.mui
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20090411002826 20111226220955 20111226220955
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: Themes
2012-04-21 18:32:12: Real Path: C:\Windows\system32\shsvcs.dll
2012-04-21 18:32:12: Display Name: @%SystemRoot%\System32\shsvcs.dll,-8192
2012-04-21 18:32:12: Description: @%SystemRoot%\System32\shsvcs.dll,-8193
2012-04-21 18:32:12: ServiceDLL: system32\shsvcs.dll
2012-04-21 18:32:12: File size: 247808
2012-04-21 18:32:12: DLL File name: shsvcs.dll
2012-04-21 18:32:12: Original File Name: SHSVCS.DLL.MUI
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20090710134742 20111227134949 20111227134949
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: THREADORDER
2012-04-21 18:32:12: Real Path: C:\Windows\system32\mmcss.dll
2012-04-21 18:32:12: Display Name: @%systemroot%\system32\mmcss.dll,-102
2012-04-21 18:32:12: Description: @%systemroot%\system32\mmcss.dll,-103
2012-04-21 18:32:12: ServiceDLL: system32\mmcss.dll
2012-04-21 18:32:12: File size: 45056
2012-04-21 18:32:12: DLL File name: mmcss.dll
2012-04-21 18:32:12: Original File Name: mmcss.dll.mui
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20080119003450 20111226205433 20111226205433
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: TrkWks
2012-04-21 18:32:12: Real Path: C:\Windows\System32\trkwks.dll
2012-04-21 18:32:12: Display Name: @%SystemRoot%\system32\trkwks.dll,-1
2012-04-21 18:32:12: Description: @%SystemRoot%\system32\trkwks.dll,-2
2012-04-21 18:32:12: ServiceDLL: System32\trkwks.dll
2012-04-21 18:32:12: File size: 75264
2012-04-21 18:32:12: DLL File name: trkwks.dll
2012-04-21 18:32:12: Original File Name: trkwks.dll.mui
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20080119003644 20111226205123 20111226205123
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: Update-Service
2012-04-21 18:32:12: Real Path: C:\Windows\System32\UpdSvc.dll
2012-04-21 18:32:12: Display Name: Update-Service
2012-04-21 18:32:12: Description: Überprüft auf Software-Aktualisierungen und bietet gegebenenfalls ein Update an.
2012-04-21 18:32:12: ServiceDLL: System32\UpdSvc.dll
2012-04-21 18:32:12: File size: 114000
2012-04-21 18:32:12: DLL File name: UpdSvc.dll
2012-04-21 18:32:12: Original File Name: UpdSvc.dll
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20111226175729 20111226175729 20111226175729
2012-04-21 18:32:12: !!!!!!!
2012-04-21 18:32:12: Found Service: upnphost
2012-04-21 18:32:12: Real Path: C:\Windows\System32\upnphost.dll
2012-04-21 18:32:12: Display Name: @%systemroot%\system32\upnphost.dll,-213
2012-04-21 18:32:12: Description: @%systemroot%\system32\upnphost.dll,-214
2012-04-21 18:32:12: ServiceDLL: System32\upnphost.dll
2012-04-21 18:32:12: File size: 259072
2012-04-21 18:32:12: DLL File name: upnphost.dll
2012-04-21 18:32:12: Original File Name: unpnhost.dll.mui
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20080119003648 20111226205131 20111226205131
2012-04-21 18:32:12: !!!!!!!!!
2012-04-21 18:32:12: ---------------------------------------------------------------------
2012-04-21 18:32:12: Found Service: UxSms
2012-04-21 18:32:12: Real Path: C:\Windows\System32\uxsms.dll
2012-04-21 18:32:12: Display Name: @%SystemRoot%\system32\dwm.exe,-2000
2012-04-21 18:32:12: Description: @%SystemRoot%\system32\dwm.exe,-2001
2012-04-21 18:32:12: ServiceDLL: System32\uxsms.dll
2012-04-21 18:32:12: File size: 29184
2012-04-21 18:32:12: DLL File name: uxsms.dll
2012-04-21 18:32:12: Original File Name: UxSms.dll
2012-04-21 18:32:12: Company:
2012-04-21 18:32:12: Mod/Cre/Acc time: 20090411002826 20111226221033 20111226221033
2012-04-21 18:32:13: ---------------------------------------------------------------------
2012-04-21 18:32:13: Found Service: W32Time
2012-04-21 18:32:13: Real Path: C:\Windows\system32\w32time.dll
2012-04-21 18:32:13: Display Name: @%SystemRoot%\system32\w32time.dll,-200
2012-04-21 18:32:13: Description: @%SystemRoot%\system32\w32time.dll,-201
2012-04-21 18:32:13: ServiceDLL: system32\w32time.dll
2012-04-21 18:32:13: File size: 282624
2012-04-21 18:32:13: DLL File name: w32time.dll
2012-04-21 18:32:13: Original File Name: w32time.dll.mui
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20090411002826 20111226221030 20111226221030
2012-04-21 18:32:13: ---------------------------------------------------------------------
2012-04-21 18:32:13: Found Service: wcncsvc
2012-04-21 18:32:13: Real Path: C:\Windows\System32\wcncsvc.dll
2012-04-21 18:32:13: Display Name: @%SystemRoot%\system32\wcncsvc.dll,-3
2012-04-21 18:32:13: Description: @%SystemRoot%\system32\wcncsvc.dll,-4
2012-04-21 18:32:13: ServiceDLL: System32\wcncsvc.dll
2012-04-21 18:32:13: File size: 413696
2012-04-21 18:32:13: DLL File name: wcncsvc.dll
2012-04-21 18:32:13: Original File Name: WCNCSVC.DLL.MUI
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20090411002826 20111226221032 20111226221032
2012-04-21 18:32:13: ---------------------------------------------------------------------
2012-04-21 18:32:13: Found Service: WcsPlugInService
2012-04-21 18:32:13: Real Path: C:\Windows\System32\WcsPlugInService.dll
2012-04-21 18:32:13: Display Name: @%SystemRoot%\system32\WcsPlugInService.dll,-200
2012-04-21 18:32:13: Description: @%SystemRoot%\system32\WcsPlugInService.dll,-201
2012-04-21 18:32:13: ServiceDLL: System32\WcsPlugInService.dll
2012-04-21 18:32:13: File size: 32256
2012-04-21 18:32:13: DLL File name: WcsPlugInService.dll
2012-04-21 18:32:13: Original File Name: WcsPlugInService.DLL.MUI
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20061102114613 20061102103813 20061102123930
2012-04-21 18:32:13: ---------------------------------------------------------------------
2012-04-21 18:32:13: Found Service: WdiServiceHost
2012-04-21 18:32:13: Real Path: C:\Windows\system32\wdi.dll
2012-04-21 18:32:13: Display Name: @%systemroot%\system32\wdi.dll,-502
2012-04-21 18:32:13: Description: @%systemroot%\system32\wdi.dll,-503
2012-04-21 18:32:13: ServiceDLL: system32\wdi.dll
2012-04-21 18:32:13: File size: 73728
2012-04-21 18:32:13: DLL File name: wdi.dll
2012-04-21 18:32:13: Original File Name: wdi.dll.mui
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20080119003652 20111226205219 20111226205219
2012-04-21 18:32:13: ---------------------------------------------------------------------
2012-04-21 18:32:13: Found Service: WdiSystemHost
2012-04-21 18:32:13: Real Path: C:\Windows\system32\wdi.dll
2012-04-21 18:32:13: Display Name: @%systemroot%\system32\wdi.dll,-500
2012-04-21 18:32:13: Description: @%systemroot%\system32\wdi.dll,-501
2012-04-21 18:32:13: ServiceDLL: system32\wdi.dll
2012-04-21 18:32:13: File size: 73728
2012-04-21 18:32:13: DLL File name: wdi.dll
2012-04-21 18:32:13: Original File Name: wdi.dll.mui
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20080119003652 20111226205219 20111226205219
2012-04-21 18:32:13: !!!!!!!
2012-04-21 18:32:13: Found Service: WebClient
2012-04-21 18:32:13: Real Path: C:\Windows\System32\webclnt.dll
2012-04-21 18:32:13: Display Name: @%systemroot%\system32\webclnt.dll,-100
2012-04-21 18:32:13: Description: @%systemroot%\system32\webclnt.dll,-101
2012-04-21 18:32:13: ServiceDLL: System32\webclnt.dll
2012-04-21 18:32:13: File size: 199680
2012-04-21 18:32:13: DLL File name: webclnt.dll
2012-04-21 18:32:13: Original File Name: davsvc.dll.mui
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20090411002826 20111226221041 20111226221041
2012-04-21 18:32:13: !!!!!!!!!
2012-04-21 18:32:13: ---------------------------------------------------------------------
2012-04-21 18:32:13: Found Service: Wecsvc
2012-04-21 18:32:13: Real Path: C:\Windows\system32\wecsvc.dll
2012-04-21 18:32:13: Display Name: @%SystemRoot%\system32\wecsvc.dll,-200
2012-04-21 18:32:13: Description: @%SystemRoot%\system32\wecsvc.dll,-201
2012-04-21 18:32:13: ServiceDLL: system32\wecsvc.dll
2012-04-21 18:32:13: File size: 146944
2012-04-21 18:32:13: DLL File name: wecsvc.dll
2012-04-21 18:32:13: Original File Name: wecsvc.dll.mui
2012-04-21 18:32:13: Company:
2012-04-21 18:32:13: Mod/Cre/Acc time: 20091009235552 20111228105636 20111228105636
2012-04-21 18:32:13: !!!!!!!
2012-04-21 18:32:14: Found Service: wercplsupport
2012-04-21 18:32:14: Real Path: C:\Windows\System32\wercplsupport.dll
2012-04-21 18:32:14: Display Name: @%SystemRoot%\System32\wercplsupport.dll,-101
2012-04-21 18:32:14: Description: @%SystemRoot%\System32\wercplsupport.dll,-100
2012-04-21 18:32:14: ServiceDLL: System32\wercplsupport.dll
2012-04-21 18:32:14: File size: 62976
2012-04-21 18:32:14: DLL File name: wercplsupport.dll
2012-04-21 18:32:14: Original File Name: ERC
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20080119003654 20111226205220 20111226205220
2012-04-21 18:32:14: !!!!!!!!!
2012-04-21 18:32:14: !!!!!!!
2012-04-21 18:32:14: Found Service: WerSvc
2012-04-21 18:32:14: Real Path: C:\Windows\System32\WerSvc.dll
2012-04-21 18:32:14: Display Name: @%SystemRoot%\System32\wersvc.dll,-100
2012-04-21 18:32:14: Description: @%SystemRoot%\System32\wersvc.dll,-101
2012-04-21 18:32:14: ServiceDLL: System32\WerSvc.dll
2012-04-21 18:32:14: File size: 126976
2012-04-21 18:32:14: DLL File name: WerSvc.dll
2012-04-21 18:32:14: Original File Name: wersvc
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20090411002826 20111226221036 20111226221036
2012-04-21 18:32:14: !!!!!!!!!
2012-04-21 18:32:14: ---------------------------------------------------------------------
2012-04-21 18:32:14: Found Service: Winmgmt
2012-04-21 18:32:14: Real Path: C:\Windows\system32\wbem\WMIsvc.dll
2012-04-21 18:32:14: Display Name: @%Systemroot%\system32\wbem\wmisvc.dll,-205
2012-04-21 18:32:14: Description: @%Systemroot%\system32\wbem\wmisvc.dll,-204
2012-04-21 18:32:14: ServiceDLL: system32\wbem\WMIsvc.dll
2012-04-21 18:32:14: File size: 162304
2012-04-21 18:32:14: DLL File name: WMIsvc.dll
2012-04-21 18:32:14: Original File Name: wmisvc.dll.mui
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20090411002826 20111226221023 20111226221023
2012-04-21 18:32:14: ---------------------------------------------------------------------
2012-04-21 18:32:14: Found Service: WinRM
2012-04-21 18:32:14: Real Path: C:\Windows\system32\WsmSvc.dll
2012-04-21 18:32:14: Display Name: @%Systemroot%\system32\wsmsvc.dll,-101
2012-04-21 18:32:14: Description: @%Systemroot%\system32\wsmsvc.dll,-102
2012-04-21 18:32:14: ServiceDLL: system32\WsmSvc.dll
2012-04-21 18:32:14: File size: 1181696
2012-04-21 18:32:14: DLL File name: WsmSvc.dll
2012-04-21 18:32:14: Original File Name: WsmSvc.dll.mui
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20091009235618 20111228105627 20111228105627
2012-04-21 18:32:14: ---------------------------------------------------------------------
2012-04-21 18:32:14: Found Service: Wlansvc
2012-04-21 18:32:14: Real Path: C:\Windows\System32\wlansvc.dll
2012-04-21 18:32:14: Display Name: @%SystemRoot%\System32\wlansvc.dll,-257
2012-04-21 18:32:14: Description: @%SystemRoot%\System32\wlansvc.dll,-258
2012-04-21 18:32:14: ServiceDLL: System32\wlansvc.dll
2012-04-21 18:32:14: File size: 513536
2012-04-21 18:32:14: DLL File name: wlansvc.dll
2012-04-21 18:32:14: Original File Name: wlansvc.dll.mui
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20090711210142 20111226195658 20111226195658
2012-04-21 18:32:14: ---------------------------------------------------------------------
2012-04-21 18:32:14: Found Service: WPCSvc
2012-04-21 18:32:14: Real Path: C:\Windows\System32\wpcsvc.dll
2012-04-21 18:32:14: Display Name: @%SystemRoot%\system32\wpcsvc.dll,-100
2012-04-21 18:32:14: Description: @%SystemRoot%\system32\wpcsvc.dll,-101
2012-04-21 18:32:14: ServiceDLL: System32\wpcsvc.dll
2012-04-21 18:32:14: File size: 140288
2012-04-21 18:32:14: DLL File name: wpcsvc.dll
2012-04-21 18:32:14: Original File Name: wpcsvc.exe.mui
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20090411002826 20111226221028 20111226221028
2012-04-21 18:32:14: ---------------------------------------------------------------------
2012-04-21 18:32:14: Found Service: WPDBusEnum
2012-04-21 18:32:14: Real Path: C:\Windows\system32\wpdbusenum.dll
2012-04-21 18:32:14: Display Name: @%SystemRoot%\system32\wpdbusenum.dll,-100
2012-04-21 18:32:14: Description: @%SystemRoot%\system32\wpdbusenum.dll,-101
2012-04-21 18:32:14: ServiceDLL: system32\wpdbusenum.dll
2012-04-21 18:32:14: File size: 81920
2012-04-21 18:32:14: DLL File name: wpdbusenum.dll
2012-04-21 18:32:14: Original File Name: WpdBusEnum.DLL.MUI
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20091001030154 20111228112922 20111228112922
2012-04-21 18:32:14: ---------------------------------------------------------------------
2012-04-21 18:32:14: Found Service: wscsvc
2012-04-21 18:32:14: Real Path: C:\Windows\System32\wscsvc.dll
2012-04-21 18:32:14: Display Name: @%SystemRoot%\System32\wscsvc.dll,-200
2012-04-21 18:32:14: Description: @%SystemRoot%\System32\wscsvc.dll,-201
2012-04-21 18:32:14: ServiceDLL: System32\wscsvc.dll
2012-04-21 18:32:14: File size: 61440
2012-04-21 18:32:14: DLL File name: wscsvc.dll
2012-04-21 18:32:14: Original File Name: wscsvc.dll.mui
2012-04-21 18:32:14: Company:
2012-04-21 18:32:14: Mod/Cre/Acc time: 20090411002828 20111226221029 20111226221029
2012-04-21 18:32:15: ---------------------------------------------------------------------
2012-04-21 18:32:15: Found Service: wuauserv
2012-04-21 18:32:15: Real Path: C:\Windows\system32\wuaueng.dll
2012-04-21 18:32:15: Display Name: @%systemroot%\system32\wuaueng.dll,-105
2012-04-21 18:32:15: Description: @%systemroot%\system32\wuaueng.dll,-106
2012-04-21 18:32:15: ServiceDLL: system32\wuaueng.dll
2012-04-21 18:32:15: File size: 1929952
2012-04-21 18:32:15: DLL File name: wuaueng.dll
2012-04-21 18:32:15: Original File Name: wuaueng.dll.mui
2012-04-21 18:32:15: Company:
2012-04-21 18:32:15: Mod/Cre/Acc time: 20111226170524 20111226170524 20111226170524
2012-04-21 18:32:15: ---------------------------------------------------------------------
2012-04-21 18:32:15: Found Service: wudfsvc
2012-04-21 18:32:15: Real Path: C:\Windows\System32\WUDFSvc.dll
2012-04-21 18:32:15: Display Name: @%SystemRoot%\system32\wudfsvc.dll,-1000
2012-04-21 18:32:15: Description: @%SystemRoot%\system32\wudfsvc.dll,-1001
2012-04-21 18:32:15: ServiceDLL: System32\WUDFSvc.dll
2012-04-21 18:32:15: File size: 55296
2012-04-21 18:32:15: DLL File name: WUDFSvc.dll
2012-04-21 18:32:15: Original File Name: WUDFSvc.dll.mui
2012-04-21 18:32:15: Company:
2012-04-21 18:32:15: Mod/Cre/Acc time: 20080119003714 20111226205212 20111226205212
2012-04-21 18:32:15:
2012-04-21 18:32:15: Looking for SHELL key
2012-04-21 18:32:15: Now looking for bad DLL files in system32
2012-04-21 18:33:54: Folder: GAC
2012-04-21 18:33:54: Folder: GAC_32
2012-04-21 18:33:54: Folder: GAC_MSIL
2012-04-21 18:33:54: Folder: NativeImages_v2.0.50727_32
2012-04-21 18:33:54: Folder: NativeImages_v4.0.30319_32
2012-04-21 18:33:54: Folder: temp
2012-04-21 18:33:54: Folder: tmp
2012-04-21 18:33:54: Checking for bad folder
2012-04-21 18:33:54: Found 1 folders.
2012-04-21 18:33:54: Checking C:\Windows\assembly\tmp
2012-04-21 18:33:54: ... Folder test returns: 1
2012-04-21 18:33:54: Done with folder list in C:\Windows\assembly\ tmp
2012-04-21 18:33:54: Some drivers where replaced. We need to enforce...
2012-04-21 18:33:54: Drivers replaced:
2012-04-21 18:33:54: B89CFBE8CB247B57D8C10ADAA66B462B
11028C6A84A967070CB1286550F2058F
2012-04-21 18:33:54: Autonomous mode, clearing out yt folder
2012-04-21 18:33:55: cmd.exe /c start "C:\Users\Zarelli\Desktop\yorkyt.exe"
2012-04-22 10:53:32: Restarting...
2012-04-22 10:56:15: ****************************************************
2012-04-22 10:56:15: Starting UP ... v 0.0.0.220
2012-04-22 10:56:15: ****************************************************
2012-04-22 10:56:16: Stop TPSRV returns: 2
2012-04-22 10:56:31: Listing processes...
2012-04-22 10:56:31: :[System Process]:0
2012-04-22 10:56:31: :System:4
2012-04-22 10:56:31: :smss.exe:456
2012-04-22 10:56:31: :csrss.exe:580
2012-04-22 10:56:31: :wininit.exe:636
2012-04-22 10:56:31: :csrss.exe:644
2012-04-22 10:56:31: :services.exe:680
2012-04-22 10:56:31: :lsass.exe:692
2012-04-22 10:56:31: :lsm.exe:700
2012-04-22 10:56:31: :winlogon.exe:728
2012-04-22 10:56:31: :svchost.exe:912
2012-04-22 10:56:31: :svchost.exe:980
2012-04-22 10:56:31: :svchost.exe:1012
2012-04-22 10:56:31: :Ati2evxx.exe:1112
2012-04-22 10:56:31: :svchost.exe:1132
2012-04-22 10:56:31: :svchost.exe:1188
2012-04-22 10:56:31: :svchost.exe:1220
2012-04-22 10:56:31: :audiodg.exe:1296
2012-04-22 10:56:31: :svchost.exe:1320
2012-04-22 10:56:31: :SLsvc.exe:1336
2012-04-22 10:56:31: :svchost.exe:1376
2012-04-22 10:56:31: :svchost.exe:1524
2012-04-22 10:56:31: :Ati2evxx.exe:1548
2012-04-22 10:56:31: :spoolsv.exe:1848
2012-04-22 10:56:31: :sched.exe:1908
2012-04-22 10:56:31: :taskeng.exe:1916
2012-04-22 10:56:31: :dwm.exe:1924
2012-04-22 10:56:31: :svchost.exe:1948
2012-04-22 10:56:31: :explorer.exe:1984
2012-04-22 10:56:31: :taskeng.exe:2020
2012-04-22 10:56:31: :dmhkcore.exe:2036
2012-04-22 10:56:31: :taskeng.exe:1516
2012-04-22 10:56:31: :armsvc.exe:1520
2012-04-22 10:56:31: :agrsmsvc.exe:896
2012-04-22 10:56:31: :avguard.exe:2060
2012-04-22 10:56:31: :FortKnox.exe:2088
2012-04-22 10:56:31: :LSSrvc.exe:2196
2012-04-22 10:56:31: :svchost.exe:2236
2012-04-22 10:56:31: :RichVideo.exe:2376
2012-04-22 10:56:31: :svchost.exe:2400
2012-04-22 10:56:31: :svchost.exe:2432
2012-04-22 10:56:31: :svchost.exe:2460
2012-04-22 10:56:31: :SearchIndexer.exe:2500
2012-04-22 10:56:31: :avshadow.exe:2968
2012-04-22 10:56:31: :conime.exe:3212
2012-04-22 10:56:31: :yorkyt.exe:3224
2012-04-22 10:56:31: :MSASCui.exe:3352
2012-04-22 10:56:31: :MOM.exe:3380
2012-04-22 10:56:31: :RtHDVCpl.exe:3444
2012-04-22 10:56:31: :WmiPrvSE.exe:3592
2012-04-22 10:56:31: :SynTPEnh.exe:3732
2012-04-22 10:56:31: :PDVDServ.exe:3740
2012-04-22 10:56:31: :avgnt.exe:3756
2012-04-22 10:56:31: :jusched.exe:3764
2012-04-22 10:56:31: :Updater.exe:3788
2012-04-22 10:56:31: :FortKnoxGUI.exe:3848
2012-04-22 10:56:31: :AdobeARM.exe:3868
2012-04-22 10:56:31: :soffice.exe:3908
2012-04-22 10:56:31: :soffice.bin:3920
2012-04-22 10:56:31: :reader_sl.exe:3952
2012-04-22 10:56:31: :CCC.exe:2744
2012-04-22 10:56:31:
2012-04-22 10:56:31: Starting cleanup mode...
2012-04-22 10:58:23: ... Done with files, now folders
2012-04-22 11:00:07: All DONE
 Ach ja, hier das Log vom Hitman. Code:
ATTFilter
<?xml version="1.0"?>
-<Log filesProcessed="25494" timeSpentInSecs="264" reboot="yes" date="2012-04-22T11:31:49" version="3.6.0.153" scan="Normal" computer="ZARELLI-PC">-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Microsoft\Windows\Cookies\4405USQB.txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Microsoft\Windows\Cookies\6TLE201V.txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Microsoft\Windows\Cookies\CD16B3N9.txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Microsoft\Windows\Cookies\CSOE6IIZ.txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Microsoft\Windows\Cookies\GTLFCQYZ.txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Microsoft\Windows\Cookies\HXQBEQ1V.txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Microsoft\Windows\Cookies\NWOT76W0.txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Microsoft\Windows\Cookies\Q4T9LEV7.txt"/></Item>+<Item status="Deleted" score="0.0" type="Repair">-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Microsoft\Windows\Cookies\TOH3HXM0.txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Microsoft\Windows\Cookies\zarelli@ad.yieldmanager[2].txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Microsoft\Windows\Cookies\zarelli@atdmt[2].txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Microsoft\Windows\Cookies\zarelli@invitemedia[1].txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Microsoft\Windows\Cookies\zarelli@yadro[1].txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:ad.360yield.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:ad.ad-srv.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:ad.adserver01.de"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:ad.yieldmanager.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:ad.zanox.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:adtech.de"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:apmebf.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:atdmt.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:bs.serving-sys.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:c.atdmt.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:c1.atdmt.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:collective-media.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:doubleclick.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:eas.apm.emediate.eu"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:emjcd.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:fastclick.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:ipswitch.112.2o7.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:james.adbutler.de"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:mediaplex.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:msnportal.112.2o7.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:serving-sys.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:specificclick.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:tradedoubler.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:www.emjcd.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Zarelli\AppData\Roaming\Mozilla\Firefox\Profiles\ylb8aagz.default\cookies.sqlite:www.googleadservices.com"/></Item>-<Item status="Quarantiend" score="111.0" type="Malware" malwareName="Trojan">-<Scanners><Scanner name="Trojan.MulDrop3.44950" id="DrWeb"/></Scanners><File path="C:\Users\Zarelli\Desktop\yorkyt.exe" hash="5DFF403E1EBD8E01F86C43FBC466F03E8A4BACFA995C8078D9B3584E72640934"/>-<References><Key path="HKU\S-1-5-21-2163139811-3375977317-3925729395-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Zarelli\Desktop\yorkyt.exe"/></References></Item>-<Item status="PendingDelete" score="111.0" type="Malware" malwareName="Malware">-<Scanners><Scanner name="Gen:Variant.Barys.596 (Engine A)" id="G Data"/></Scanners><File path="C:\Windows\System32\aptwuw9yk.dll" hash="0EA12BB238FA51F344CB7813F9F118433826493D33A805E6FFADD76DDF6BF20C"/>-<Startup><Key path="HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\"/></Startup></Item>-<Item status="Quarantiend" score="102.0" type="Malware" malwareName="Malware">-<Scanners><Scanner name="Gen:Variant.Graftor.20485 (Engine A)" id="G Data"/></Scanners><File path="C:\Windows\system32\jpgz1d5e.dll" hash="4808CB04F0DFB227810033CE5BEF7B6767541204B1814F6B935A01FA4FA5C0E6"/></Item></Log>
|
|
23.04.2012, 07:13
| #19 |
  | TR/ATRAPS.Gen + TR/Rootkit.Gen8 Hi, wir sollten durch sein, wie verhält sich der Rechner? Hitman hat noch was ausgegraben: Code:
ATTFilter <File path="C:\Windows\System32\aptwuw9yk.dll" hash="0EA12BB238FA51F344CB7813F9F118433826493D33A805E6FFADD76DDF6BF20C"/>-<Startup><Key path="HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\"/></Startup></Item>-<Item status="Quarantiend" score="102.0" type="Malware" malwareName="Malware">-<Scanners><Scanner name="Gen:Variant.Graftor.20485 (Engine A)" id="G Data"/></Scanners>
<File path="C:\Windows\system32\jpgz1d5e.dll" hash="4808CB04F0DFB227810033CE5BEF7B6767541204B1814F6B935A01FA4FA5C0E6"/></Item></Log>..
chris
__________________  Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden  ) |
|
23.04.2012, 15:01
| #20 |
| | TR/ATRAPS.Gen + TR/Rootkit.Gen8 Hi, noch einen kleinen Nachtrag an der Stelle: Folgendes OTL-Script abfahren: Fix für OTL:
 Code:
ATTFilter
:OTL
SRV - (Update-Service) -- C:\Windows\System32\UpdSvc.dll (Joosoft.com GmbH)
:Commands
[emptytemp]
[Reboot]
Das Verzeichnis C:\_OTL kanns Du dann löschen (Reste der Infektion)... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
25.04.2012, 22:05
| #21 |
| | TR/ATRAPS.Gen + TR/Rootkit.Gen8 Ich hab auch deine letzte Anweisung ausgeführt. Vom Schädling ist nichts mehr zu sehen. Der PC läuft auch wieder einwandfrei. Vielen Dank für Deine Hilfe. D A N K E |
|
| Themen zu TR/ATRAPS.Gen + TR/Rootkit.Gen8 |
| .dll, antivir, avg, avira, browser, ccc.exe, desktop, e-banking, entfernen, fontcache, iexplore.exe, infiziert, internet, lanmanworkstation, löschen, modul, mom.exe, neustart, nt.dll, policyagent, programm, prozesse, schädling, server, services.exe, svchost.exe, tr/atraps.gen tr/rootkit.gen8, tr/rootkit.gen, tr/rootkit.gen8, verweise, windows, winlogon.exe, wlansvc, wmp, wuauclt.exe |
Linear-Darstellung
