| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows Sicherheitcenter läst sich nicht aktivierenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.04.2012, 09:45
| #1 |
 |  Windows Sicherheitcenter läst sich nicht aktivieren Seit kuzem lässt sich mein Windows Sicherheitscenter (Windows 7 home Premium 64bit) nicht aktivieren. Beim surfen im Internet werde ich auf Seiten geleitet wo Malewarebytes sofort als gefährlich meldet. Avira, Malwarebites fincet nichts, Spybot findet was und löst die Probleme, kurz darauf sind sie wieder da, die Probleme. Hab im abgesicherten Modus gestartet und alles laufen lassen, lediglich Spybot findet die Probleme erneut und löst sie auch nach dem beheben. Neustart und die Probleme sind wieder da. Avira free Antivir Malwarebytes rKill CCleaner Spybot search and destroi Im Anhang ein Screenshot von den Funden die Spybot ständig findet |
|
23.04.2012, 10:22
| #2 |
  | Windows Sicherheitcenter läst sich nicht aktivieren Hi,
__________________äh, ja, das ist ein Symptom was da von Spybot beseitigt wird, nicht die Ursache dafür... OTL Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
Malwarebytes Antimalware (MAM) Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen: http://filepony.de/download-chameleon/ Danach bitte update der Signaturdateien (Reiter "Aktualisierungen" -> Suche nach Aktualisierungen") Fullscan und alles bereinigen lassen! Log posten. chris -> ev. TDSS
__________________ Geändert von Chris4You (23.04.2012 um 11:02 Uhr) |
|
23.04.2012, 21:30
| #3 |
| | Windows Sicherheitcenter läst sich nicht aktivieren Malwarebytes ist bereits instaliert und auf dem aktuellsten Stand.
__________________Lanman hat das hier ausgespuckt: DLL im Lanmanworkstation Schlüssel: %SystemRoot%\System32\wkssvc.dll Geladene DLL: C:\Windows\System32\wkssvc.dll Signatur der DLL: Microsoft Windows Rückgabe der Signaturermittlung: Der Vorgang wurde erfolgreich beendet. MD5 der DLL: 851A1382EED3E3A7476DB004F4EE3E1A Alles OK, der Rechner ist nicht vom Lanmanworkstation Trojaner befallen! Die OTL Dateien sind im Anhang. Hier die Logfile von Malwarebytes: Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.04.23.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Mein Name :: MEINNAME-PC [Administrator] Schutz: Aktiviert 23.04.2012 22:13:07 mbam-log-2012-04-23 (22-26-45).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 334003 Laufzeit: 13 Minute(n), 6 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Georg Mehrer\AppData\Local\Opera\Opera\temporary_downloads\SoftonicDownloader_fuer_combofix.exe (PUP.ToolbarDownloader) -> Keine Aktion durchgeführt. (Ende) Die letzte Zeile nach der Bereinigung: Infizierte Dateien: 1 C:\Users\Georg Mehrer\AppData\Local\Opera\Opera\temporary_downloads\SoftonicDownloader_fuer_combofix.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Rechner wird nun neu gestartet um die Entfernung zu vervollständigen Vielen Dank schon mal im Vorraus |
|
24.04.2012, 06:49
| #4 |
| | Windows Sicherheitcenter läst sich nicht aktivieren Hi, CF bitte nicht ohne Anweisung ausführen... Eine versteckte Datei gefunden (comctl32Y.dll), die bitte prüfen lassen. Falls sie nicht erkannt wird aus dem OTL-Script entfernen... Bitte folgende Files prüfen: Dateien Online überprüfen lassen:
Code:
ATTFilter C:\Windows\SysWow64\comctl32Y.dll
Fix für OTL:
 Code:
ATTFilter
:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
[2012.04.20 13:49:31 | 000,114,688 | RHS- | M] () -- C:\Windows\SysWow64\comctl32Y.dll
:Commands
[emptytemp]
[Reboot]
Panda-TLD4-Killer Den Killler auf das Desktop runterladen: TDSS-Killer Starte den Killer, den anschließenden Neustart erlauben! Falls die Sicherheitslösung mosert, bitte ausschalten oder yorkyt.exe als Ausnahme zulassen! Nach dem Reboot sollte der Killer von alleine starten (Please wait... Running...), nicht unterbrechen, nichts am Rechner machen (Laufzeit ca. 5 Minuten). Wird etwas gefunden, (Detected and requested some bad files) zuerst das Log posten (liegt da wo die Exe liegt, also auf dem Desktop), ->poste den Inhalt der yorkyt.exe.log. Falls Freigabe erteilt Ja auswählen, der Rechner wird neu gestartet und die erkannten (verseuchten) Treiber ausgetauscht, die TLD-Files gelöscht (yorkyt startet wieder automatisch, nicht unterbrechen!). Poste nach der Bereinigung noch mal das Log... chris
__________________  Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden  ) |
|
24.04.2012, 10:00
| #5 |
| | Windows Sicherheitcenter läst sich nicht aktivieren die Datei C:\Windows\SysWow64\comctl32Y.dll wird nicht gefunden und wenn ich sie direkt in den Dateipfad eingebe und sie direkt dem Tdss-Killer hinzufüge geht ein Fenster auf "sie besitzen keine Adminrechte um diese Aktion durchzuführen" Hier die Logs: All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{00000000-0000-0000-0000-000000000000} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-0000-0000-0000-000000000000}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully. C:\Windows\SysWOW64\comctl32Y.dll moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Georg Mehrer ->Temp folder emptied: 3475234 bytes ->Temporary Internet Files folder emptied: 557143 bytes ->Java cache emptied: 800355 bytes ->Google Chrome cache emptied: 0 bytes ->Opera cache emptied: 9788506 bytes ->Flash cache emptied: 5240 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1213160 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 15,00 mb OTL by OldTimer - Version 3.2.41.0 log created on 04242012_101240 Files\Folders moved on Reboot... C:\Users\Georg Mehrer\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Georg Mehrer\AppData\Local\Temp\~DFA203CBE500D3243F.TMP moved successfully. File\Folder C:\Windows\temp\ZLT01782.TMP not found! Registry entries deleted on Reboot... 2012-04-24 10:21:01: **************************************************** 2012-04-24 10:21:01: Starting UP ... v 0.0.0.220 2012-04-24 10:21:01: **************************************************** 2012-04-24 10:21:01: Stop TPSRV returns: 2 2012-04-24 10:21:16: Listing processes... 2012-04-24 10:21:16: :[System Process]:0 2012-04-24 10:21:16: :System:4 2012-04-24 10:21:16: :smss.exe:252 2012-04-24 10:21:16: :csrss.exe:404 2012-04-24 10:21:16: :wininit.exe:460 2012-04-24 10:21:16: :csrss.exe:484 2012-04-24 10:21:16: :services.exe:528 2012-04-24 10:21:16: :lsass.exe:544 2012-04-24 10:21:16: :lsm.exe:552 2012-04-24 10:21:16: :winlogon.exe:584 2012-04-24 10:21:16: :svchost.exe:704 2012-04-24 10:21:16: :nvvsvc.exe:768 2012-04-24 10:21:16: :svchost.exe:812 2012-04-24 10:21:16: :svchost.exe:900 2012-04-24 10:21:16: :svchost.exe:940 2012-04-24 10:21:16: :svchost.exe:972 2012-04-24 10:21:16: :audiodg.exe:300 2012-04-24 10:21:16: :svchost.exe:316 2012-04-24 10:21:16: :NvXDSync.exe:1088 2012-04-24 10:21:16: :nvvsvc.exe:1100 2012-04-24 10:21:16: :svchost.exe:1148 2012-04-24 10:21:16: :vsmon.exe:1272 2012-04-24 10:21:16: :ISWSVC.exe:1492 2012-04-24 10:21:16: :spoolsv.exe:1576 2012-04-24 10:21:16: :taskeng.exe:1584 2012-04-24 10:21:16: :sched.exe:1628 2012-04-24 10:21:16: :svchost.exe:1648 2012-04-24 10:21:16: :rundll32.exe:1712 2012-04-24 10:21:16: :armsvc.exe:1772 2012-04-24 10:21:16: :avguard.exe:1808 2012-04-24 10:21:16: :AODAssist.exe:1836 2012-04-24 10:21:16: :E_S40STB.EXE:1892 2012-04-24 10:21:16: :E_S40RPB.EXE:1924 2012-04-24 10:21:16: :MSCamS64.exe:1956 2012-04-24 10:21:16: :PnkBstrA.exe:2008 2012-04-24 10:21:16: :svchost.exe:2040 2012-04-24 10:21:16: :WLIDSVC.EXE:1280 2012-04-24 10:21:16: :WLIDSVCM.EXE:2052 2012-04-24 10:21:16: :ForceField.exe:2412 2012-04-24 10:21:16: :taskhost.exe:2420 2012-04-24 10:21:16: :taskeng.exe:2448 2012-04-24 10:21:16: :dwm.exe:2596 2012-04-24 10:21:16: :explorer.exe:2644 2012-04-24 10:21:16: :avshadow.exe:3040 2012-04-24 10:21:16: :conhost.exe:3048 2012-04-24 10:21:16: :avwebgrd.exe:2060 2012-04-24 10:21:16: :svchost.exe:2732 2012-04-24 10:21:16: :WmiPrvSE.exe:2740 2012-04-24 10:21:16: :WmiPrvSE.exe:3180 2012-04-24 10:21:16: :RAVCpl64.exe:3352 2012-04-24 10:21:16: :HydraControlPanel.exe:3436 2012-04-24 10:21:16: :Monitor.exe:3444 2012-04-24 10:21:16: :sidebar.exe:3524 2012-04-24 10:21:16: :TeaTimer.exe:3596 2012-04-24 10:21:16: :nusb3mon.exe:3728 2012-04-24 10:21:16: :svchost.exe:3740 2012-04-24 10:21:16: :Updater.exe:3808 2012-04-24 10:21:16: :avgnt.exe:3836 2012-04-24 10:21:16: :realplay.exe:3852 2012-04-24 10:21:16: :jusched.exe:3872 2012-04-24 10:21:16: :mbamgui.exe:3884 2012-04-24 10:21:16: :zatray.exe:3892 2012-04-24 10:21:16: :WmiPrvSE.exe:3108 2012-04-24 10:21:16: :SearchIndexer.exe:936 2012-04-24 10:21:16: :SearchProtocolHost.exe:3432 2012-04-24 10:21:16: :SearchFilterHost.exe:2340 2012-04-24 10:21:16: :wmpnetwk.exe:3828 2012-04-24 10:21:16: :svchost.exe:4196 2012-04-24 10:21:16:  pera.exe:48162012-04-24 10:21:16: :dllhost.exe:5108 2012-04-24 10:21:16: :yorkyt.exe:1976 2012-04-24 10:21:16: 2012-04-24 10:21:16: Setting restore point 2012-04-24 10:21:16: RUN mode 2012-04-24 10:21:16: Determining autonomous or dropped mode... 2012-04-24 10:21:16: Autonomus mode 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: AeLookupSvc 2012-04-24 10:21:16: Real Path: C:\Windows\System32\aelupsvc.dll 2012-04-24 10:21:16: Display Name: @%SystemRoot%\system32\aelupsvc.dll,-1 2012-04-24 10:21:16: Description: @%SystemRoot%\system32\aelupsvc.dll,-2 2012-04-24 10:21:16: ServiceDLL: System32\aelupsvc.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: aelupsvc.dll 2012-04-24 10:21:16: Original File Name: aelupsvc.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: AppIDSvc 2012-04-24 10:21:16: Real Path: C:\Windows\System32\appidsvc.dll 2012-04-24 10:21:16: Display Name: @%systemroot%\system32\appidsvc.dll,-100 2012-04-24 10:21:16: Description: @%systemroot%\system32\appidsvc.dll,-101 2012-04-24 10:21:16: ServiceDLL: System32\appidsvc.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: appidsvc.dll 2012-04-24 10:21:16: Original File Name: appidsvc.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: Appinfo 2012-04-24 10:21:16: Real Path: C:\Windows\System32\appinfo.dll 2012-04-24 10:21:16: Display Name: @%systemroot%\system32\appinfo.dll,-100 2012-04-24 10:21:16: Description: @%systemroot%\system32\appinfo.dll,-101 2012-04-24 10:21:16: ServiceDLL: System32\appinfo.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: appinfo.dll 2012-04-24 10:21:16: Original File Name: appinfo.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: AudioEndpointBuilder 2012-04-24 10:21:16: Real Path: C:\Windows\System32\Audiosrv.dll 2012-04-24 10:21:16: Display Name: @%SystemRoot%\system32\audiosrv.dll,-204 2012-04-24 10:21:16: Description: @%SystemRoot%\System32\audiosrv.dll,-205 2012-04-24 10:21:16: ServiceDLL: System32\Audiosrv.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: Audiosrv.dll 2012-04-24 10:21:16: Original File Name: audiosrv.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: AudioSrv 2012-04-24 10:21:16: Real Path: C:\Windows\System32\Audiosrv.dll 2012-04-24 10:21:16: Display Name: @%SystemRoot%\system32\audiosrv.dll,-200 2012-04-24 10:21:16: Description: @%SystemRoot%\System32\audiosrv.dll,-201 2012-04-24 10:21:16: ServiceDLL: System32\Audiosrv.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: Audiosrv.dll 2012-04-24 10:21:16: Original File Name: audiosrv.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: AxInstSV 2012-04-24 10:21:16: Real Path: C:\Windows\System32\AxInstSV.dll 2012-04-24 10:21:16: Display Name: @%SystemRoot%\system32\AxInstSV.dll,-103 2012-04-24 10:21:16: Description: @%SystemRoot%\system32\AxInstSV.dll,-104 2012-04-24 10:21:16: ServiceDLL: System32\AxInstSV.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: AxInstSV.dll 2012-04-24 10:21:16: Original File Name: AxInstSv.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: BDESVC 2012-04-24 10:21:16: Real Path: C:\Windows\System32\bdesvc.dll 2012-04-24 10:21:16: Display Name: @%SystemRoot%\system32\bdesvc.dll,-100 2012-04-24 10:21:16: Description: @%SystemRoot%\system32\bdesvc.dll,-101 2012-04-24 10:21:16: ServiceDLL: System32\bdesvc.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: bdesvc.dll 2012-04-24 10:21:16: Original File Name: BDESVC.DLL.MUI 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: BFE 2012-04-24 10:21:16: Real Path: C:\Windows\System32\bfe.dll 2012-04-24 10:21:16: Display Name: @%SystemRoot%\system32\bfe.dll,-1001 2012-04-24 10:21:16: Description: @%SystemRoot%\system32\bfe.dll,-1002 2012-04-24 10:21:16: ServiceDLL: System32\bfe.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: bfe.dll 2012-04-24 10:21:16: Original File Name: BFE.DLL.MUI 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: BITS 2012-04-24 10:21:16: Real Path: C:\Windows\System32\qmgr.dll 2012-04-24 10:21:16: Display Name: @%SystemRoot%\system32\qmgr.dll,-1000 2012-04-24 10:21:16: Description: @%SystemRoot%\system32\qmgr.dll,-1001 2012-04-24 10:21:16: ServiceDLL: System32\qmgr.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: qmgr.dll 2012-04-24 10:21:16: Original File Name: qmgr.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: Browser 2012-04-24 10:21:16: Real Path: C:\Windows\System32\browser.dll 2012-04-24 10:21:16: Display Name: @%systemroot%\system32\browser.dll,-100 2012-04-24 10:21:16: Description: @%systemroot%\system32\browser.dll,-101 2012-04-24 10:21:16: ServiceDLL: System32\browser.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: browser.dll 2012-04-24 10:21:16: Original File Name: browser.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: bthserv 2012-04-24 10:21:16: Real Path: C:\Windows\system32\bthserv.dll 2012-04-24 10:21:16: Display Name: @%SystemRoot%\System32\bthserv.dll,-101 2012-04-24 10:21:16: Description: @%SystemRoot%\System32\bthserv.dll,-102 2012-04-24 10:21:16: ServiceDLL: system32\bthserv.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: bthserv.dll 2012-04-24 10:21:16: Original File Name: BTHSERV.DLL.MUI 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: CertPropSvc 2012-04-24 10:21:16: Real Path: C:\Windows\System32\certprop.dll 2012-04-24 10:21:16: Display Name: @%SystemRoot%\System32\certprop.dll,-11 2012-04-24 10:21:16: Description: @%SystemRoot%\System32\certprop.dll,-12 2012-04-24 10:21:16: ServiceDLL: System32\certprop.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: certprop.dll 2012-04-24 10:21:16: Original File Name: certprop.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: CryptSvc 2012-04-24 10:21:16: Real Path: C:\Windows\system32\cryptsvc.dll 2012-04-24 10:21:16: Display Name: @%SystemRoot%\system32\cryptsvc.dll,-1001 2012-04-24 10:21:16: Description: @%SystemRoot%\system32\cryptsvc.dll,-1002 2012-04-24 10:21:16: ServiceDLL: system32\cryptsvc.dll 2012-04-24 10:21:16: File size: 136192 2012-04-24 10:21:16: DLL File name: cryptsvc.dll 2012-04-24 10:21:16: Original File Name: cryptsvc.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 20101120141824 20110614090537 20110614090537 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: DcomLaunch 2012-04-24 10:21:16: Real Path: C:\Windows\system32\rpcss.dll 2012-04-24 10:21:16: Display Name: @oleres.dll,-5012 2012-04-24 10:21:16: Description: @oleres.dll,-5013 2012-04-24 10:21:16: ServiceDLL: system32\rpcss.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: rpcss.dll 2012-04-24 10:21:16: Original File Name: rpcss.dll 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: defragsvc 2012-04-24 10:21:16: Real Path: C:\Windows\System32\defragsvc.dll 2012-04-24 10:21:16: Display Name: @%SystemRoot%\system32\defragsvc.dll,-101 2012-04-24 10:21:16: Description: @%SystemRoot%\system32\defragsvc.dll,-102 2012-04-24 10:21:16: ServiceDLL: System32\defragsvc.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: defragsvc.dll 2012-04-24 10:21:16: Original File Name: defragsvc.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: Dhcp 2012-04-24 10:21:16: Real Path: C:\Windows\system32\dhcpcore.dll 2012-04-24 10:21:16: Display Name: @%SystemRoot%\system32\dhcpcore.dll,-100 2012-04-24 10:21:16: Description: @%SystemRoot%\system32\dhcpcore.dll,-101 2012-04-24 10:21:16: ServiceDLL: system32\dhcpcore.dll 2012-04-24 10:21:16: File size: 254464 2012-04-24 10:21:16: DLL File name: dhcpcore.dll 2012-04-24 10:21:16: Original File Name: dhcpcore.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 20101120141830 20110614090539 20110614090539 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: Dnscache 2012-04-24 10:21:16: Real Path: C:\Windows\System32\dnsrslvr.dll 2012-04-24 10:21:16: Display Name: @%SystemRoot%\System32\dnsapi.dll,-101 2012-04-24 10:21:16: Description: @%SystemRoot%\System32\dnsapi.dll,-102 2012-04-24 10:21:16: ServiceDLL: System32\dnsrslvr.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: dnsrslvr.dll 2012-04-24 10:21:16: Original File Name: dnsrslvr.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: dot3svc 2012-04-24 10:21:16: Real Path: C:\Windows\System32\dot3svc.dll 2012-04-24 10:21:16: Display Name: @%systemroot%\system32\dot3svc.dll,-1102 2012-04-24 10:21:16: Description: @%systemroot%\system32\dot3svc.dll,-1103 2012-04-24 10:21:16: ServiceDLL: System32\dot3svc.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: dot3svc.dll 2012-04-24 10:21:16: Original File Name: dot3svc.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: DPS 2012-04-24 10:21:16: Real Path: C:\Windows\system32\dps.dll 2012-04-24 10:21:16: Display Name: @%systemroot%\system32\dps.dll,-500 2012-04-24 10:21:16: Description: @%systemroot%\system32\dps.dll,-501 2012-04-24 10:21:16: ServiceDLL: system32\dps.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: dps.dll 2012-04-24 10:21:16: Original File Name: dps.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: EapHost 2012-04-24 10:21:16: Real Path: C:\Windows\System32\eapsvc.dll 2012-04-24 10:21:16: Display Name: @%systemroot%\system32\eapsvc.dll,-1 2012-04-24 10:21:16: Description: @%systemroot%\system32\eapsvc.dll,-2 2012-04-24 10:21:16: ServiceDLL: System32\eapsvc.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: eapsvc.dll 2012-04-24 10:21:16: Original File Name: eapsvc.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: EventSystem 2012-04-24 10:21:16: Real Path: C:\Windows\system32\es.dll 2012-04-24 10:21:16: Display Name: @comres.dll,-2450 2012-04-24 10:21:16: Description: @comres.dll,-2451 2012-04-24 10:21:16: ServiceDLL: system32\es.dll 2012-04-24 10:21:16: File size: 271360 2012-04-24 10:21:16: DLL File name: es.dll 2012-04-24 10:21:16: Original File Name: ES.DLL 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 20090714031519 20090714014438 20090714014438 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: fdPHost 2012-04-24 10:21:16: Real Path: C:\Windows\system32\fdPHost.dll 2012-04-24 10:21:16: Display Name: @%systemroot%\system32\fdPHost.dll,-100 2012-04-24 10:21:16: Description: @%systemroot%\system32\fdPHost.dll,-101 2012-04-24 10:21:16: ServiceDLL: system32\fdPHost.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: fdPHost.dll 2012-04-24 10:21:16: Original File Name: fdPHost.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: --------------------------------------------------------------------- 2012-04-24 10:21:16: Found Service: FDResPub 2012-04-24 10:21:16: Real Path: C:\Windows\system32\fdrespub.dll 2012-04-24 10:21:16: Display Name: @%systemroot%\system32\fdrespub.dll,-100 2012-04-24 10:21:16: Description: @%systemroot%\system32\fdrespub.dll,-101 2012-04-24 10:21:16: ServiceDLL: system32\fdrespub.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: fdrespub.dll 2012-04-24 10:21:16: Original File Name: FDResPub.dll.mui 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: !!!!!!! 2012-04-24 10:21:16: Found Service: FontCache 2012-04-24 10:21:16: Real Path: C:\Windows\system32\FntCache.dll 2012-04-24 10:21:16: Display Name: @%systemroot%\system32\FntCache.dll,-100 2012-04-24 10:21:16: Description: @%systemroot%\system32\FntCache.dll,-101 2012-04-24 10:21:16: ServiceDLL: system32\FntCache.dll 2012-04-24 10:21:16: File size: 0 2012-04-24 10:21:16: DLL File name: FntCache.dll 2012-04-24 10:21:16: Original File Name: FontCacheService 2012-04-24 10:21:16: Company: 2012-04-24 10:21:16: Mod/Cre/Acc time: 2012-04-24 10:21:16: !!!!!!!!! 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: gpsvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\gpsvc.dll 2012-04-24 10:21:17: Display Name: @gpapi.dll,-112 2012-04-24 10:21:17: Description: @gpapi.dll,-113 2012-04-24 10:21:17: ServiceDLL: System32\gpsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: gpsvc.dll 2012-04-24 10:21:17: Original File Name: gpsvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: hidserv 2012-04-24 10:21:17: Real Path: C:\Windows\system32\hidserv.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\hidserv.dll,-101 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\hidserv.dll,-102 2012-04-24 10:21:17: ServiceDLL: system32\hidserv.dll 2012-04-24 10:21:17: File size: 49152 2012-04-24 10:21:17: DLL File name: hidserv.dll 2012-04-24 10:21:17: Original File Name: HIDSERV.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20090714031524 20090714015109 20090714015109 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: hkmsvc 2012-04-24 10:21:17: Real Path: C:\Windows\system32\kmsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\kmsvc.dll,-6 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\kmsvc.dll,-7 2012-04-24 10:21:17: ServiceDLL: system32\kmsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: kmsvc.dll 2012-04-24 10:21:17: Original File Name: KmSvc.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: HomeGroupListener 2012-04-24 10:21:17: Real Path: C:\Windows\system32\ListSvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\ListSvc.dll,-100 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\ListSvc.dll,-101 2012-04-24 10:21:17: ServiceDLL: system32\ListSvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: ListSvc.dll 2012-04-24 10:21:17: Original File Name: ListSvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: HomeGroupProvider 2012-04-24 10:21:17: Real Path: C:\Windows\system32\provsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\provsvc.dll,-100 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\provsvc.dll,-101 2012-04-24 10:21:17: ServiceDLL: system32\provsvc.dll 2012-04-24 10:21:17: File size: 165376 2012-04-24 10:21:17: DLL File name: provsvc.dll 2012-04-24 10:21:17: Original File Name: provsvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20101120142057 20110614090521 20110614090521 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: IKEEXT 2012-04-24 10:21:17: Real Path: C:\Windows\System32\ikeext.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\ikeext.dll,-501 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\ikeext.dll,-502 2012-04-24 10:21:17: ServiceDLL: System32\ikeext.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: ikeext.dll 2012-04-24 10:21:17: Original File Name: IKEEXT.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: IPBusEnum 2012-04-24 10:21:17: Real Path: C:\Windows\system32\ipbusenum.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\IPBusEnum.dll,-102 2012-04-24 10:21:17: Description: @%systemroot%\system32\IPBusEnum.dll,-103 2012-04-24 10:21:17: ServiceDLL: system32\ipbusenum.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: ipbusenum.dll 2012-04-24 10:21:17: Original File Name: IPBusEnum.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: iphlpsvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\iphlpsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\iphlpsvc.dll,-500 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\iphlpsvc.dll,-501 2012-04-24 10:21:17: ServiceDLL: System32\iphlpsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: iphlpsvc.dll 2012-04-24 10:21:17: Original File Name: iphlpsvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: KtmRm 2012-04-24 10:21:17: Real Path: C:\Windows\system32\msdtckrm.dll 2012-04-24 10:21:17: Display Name: @comres.dll,-2946 2012-04-24 10:21:17: Description: @comres.dll,-2947 2012-04-24 10:21:17: ServiceDLL: system32\msdtckrm.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: msdtckrm.dll 2012-04-24 10:21:17: Original File Name: MSDTCKRM.DLL 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: LanmanServer 2012-04-24 10:21:17: Real Path: C:\Windows\system32\srvsvc.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\srvsvc.dll,-100 2012-04-24 10:21:17: Description: @%systemroot%\system32\srvsvc.dll,-101 2012-04-24 10:21:17: ServiceDLL: system32\srvsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: srvsvc.dll 2012-04-24 10:21:17: Original File Name: SRVSVC.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: LanmanWorkstation 2012-04-24 10:21:17: Real Path: C:\Windows\System32\wkssvc.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\wkssvc.dll,-100 2012-04-24 10:21:17: Description: @%systemroot%\system32\wkssvc.dll,-101 2012-04-24 10:21:17: ServiceDLL: System32\wkssvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: wkssvc.dll 2012-04-24 10:21:17: Original File Name: WKSSVC.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: lltdsvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\lltdsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\lltdres.dll,-1 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\lltdres.dll,-2 2012-04-24 10:21:17: ServiceDLL: System32\lltdsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: lltdsvc.dll 2012-04-24 10:21:17: Original File Name: LLTDSVC.DLL 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: lmhosts 2012-04-24 10:21:17: Real Path: C:\Windows\System32\lmhsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\lmhsvc.dll,-101 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\lmhsvc.dll,-102 2012-04-24 10:21:17: ServiceDLL: System32\lmhsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: lmhsvc.dll 2012-04-24 10:21:17: Original File Name: lmhsvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: Mcx2Svc 2012-04-24 10:21:17: Real Path: C:\Windows\system32\Mcx2Svc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\ehome\ehres.dll,-15501 2012-04-24 10:21:17: Description: @%SystemRoot%\ehome\ehres.dll,-15502 2012-04-24 10:21:17: ServiceDLL: system32\Mcx2Svc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: Mcx2Svc.dll 2012-04-24 10:21:17: Original File Name: Mcx2Svc.dll 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: MMCSS 2012-04-24 10:21:17: Real Path: C:\Windows\system32\mmcss.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\mmcss.dll,-100 2012-04-24 10:21:17: Description: @%systemroot%\system32\mmcss.dll,-101 2012-04-24 10:21:17: ServiceDLL: system32\mmcss.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: mmcss.dll 2012-04-24 10:21:17: Original File Name: mmcss.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: MpsSvc 2012-04-24 10:21:17: Real Path: C:\Windows\system32\mpssvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\FirewallAPI.dll,-23090 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\FirewallAPI.dll,-23091 2012-04-24 10:21:17: ServiceDLL: system32\mpssvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: mpssvc.dll 2012-04-24 10:21:17: Original File Name: mpssvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: MSiSCSI 2012-04-24 10:21:17: Real Path: C:\Windows\system32\iscsiexe.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\iscsidsc.dll,-5000 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\iscsidsc.dll,-5001 2012-04-24 10:21:17: ServiceDLL: system32\iscsiexe.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: iscsiexe.dll 2012-04-24 10:21:17: Original File Name: iscsiexe.exe.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: napagent 2012-04-24 10:21:17: Real Path: C:\Windows\system32\qagentRT.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\qagentrt.dll,-6 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\qagentrt.dll,-7 2012-04-24 10:21:17: ServiceDLL: system32\qagentRT.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: qagentRT.dll 2012-04-24 10:21:17: Original File Name: QAgentRT.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: Netman 2012-04-24 10:21:17: Real Path: C:\Windows\System32\netman.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\netman.dll,-109 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\netman.dll,-110 2012-04-24 10:21:17: ServiceDLL: System32\netman.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: netman.dll 2012-04-24 10:21:17: Original File Name: netman.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: netprofm 2012-04-24 10:21:17: Real Path: C:\Windows\System32\netprofm.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\netprofm.dll,-202 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\netprofm.dll,-203 2012-04-24 10:21:17: ServiceDLL: System32\netprofm.dll 2012-04-24 10:21:17: File size: 360448 2012-04-24 10:21:17: DLL File name: netprofm.dll 2012-04-24 10:21:17: Original File Name: netprofm.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20090714031603 20090714015658 20090714015658 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: NlaSvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\nlasvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\nlasvc.dll,-1 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\nlasvc.dll,-2 2012-04-24 10:21:17: ServiceDLL: System32\nlasvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: nlasvc.dll 2012-04-24 10:21:17: Original File Name: nlasvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: nsi 2012-04-24 10:21:17: Real Path: C:\Windows\system32\nsisvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\nsisvc.dll,-200 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\nsisvc.dll,-201 2012-04-24 10:21:17: ServiceDLL: system32\nsisvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: nsisvc.dll 2012-04-24 10:21:17: Original File Name: nsisvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: p2pimsvc 2012-04-24 10:21:17: Real Path: C:\Windows\system32\pnrpsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\pnrpsvc.dll,-8004 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\pnrpsvc.dll,-8005 2012-04-24 10:21:17: ServiceDLL: system32\pnrpsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: pnrpsvc.dll 2012-04-24 10:21:17: Original File Name: pnrpsvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: p2psvc 2012-04-24 10:21:17: Real Path: C:\Windows\system32\p2psvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\p2psvc.dll,-8006 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\p2psvc.dll,-8007 2012-04-24 10:21:17: ServiceDLL: system32\p2psvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: p2psvc.dll 2012-04-24 10:21:17: Original File Name: p2psvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: !!!!!!! 2012-04-24 10:21:17: Found Service: PcaSvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\pcasvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\pcasvc.dll,-1 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\pcasvc.dll,-2 2012-04-24 10:21:17: ServiceDLL: System32\pcasvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: pcasvc.dll 2012-04-24 10:21:17: Original File Name: 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: !!!!!!!!! 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: pla 2012-04-24 10:21:17: Real Path: C:\Windows\system32\pla.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\pla.dll,-500 2012-04-24 10:21:17: Description: @%systemroot%\system32\pla.dll,-501 2012-04-24 10:21:17: ServiceDLL: system32\pla.dll 2012-04-24 10:21:17: File size: 1508864 2012-04-24 10:21:17: DLL File name: pla.dll 2012-04-24 10:21:17: Original File Name: PLA.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20101120142054 20110614090533 20110614090533 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: PlugPlay 2012-04-24 10:21:17: Real Path: C:\Windows\system32\umpnpmgr.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\umpnpmgr.dll,-100 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\umpnpmgr.dll,-101 2012-04-24 10:21:17: ServiceDLL: system32\umpnpmgr.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: umpnpmgr.dll 2012-04-24 10:21:17: Original File Name: Umpnpmgr.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: PNRPAutoReg 2012-04-24 10:21:17: Real Path: C:\Windows\system32\pnrpauto.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\pnrpauto.dll,-8002 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\pnrpauto.dll,-8003 2012-04-24 10:21:17: ServiceDLL: system32\pnrpauto.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: pnrpauto.dll 2012-04-24 10:21:17: Original File Name: pnrpauto.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: PNRPsvc 2012-04-24 10:21:17: Real Path: C:\Windows\system32\pnrpsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\pnrpsvc.dll,-8000 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\pnrpsvc.dll,-8001 2012-04-24 10:21:17: ServiceDLL: system32\pnrpsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: pnrpsvc.dll 2012-04-24 10:21:17: Original File Name: pnrpsvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: PolicyAgent 2012-04-24 10:21:17: Real Path: C:\Windows\System32\ipsecsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\polstore.dll,-5010 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\polstore.dll,-5011 2012-04-24 10:21:17: ServiceDLL: System32\ipsecsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: ipsecsvc.dll 2012-04-24 10:21:17: Original File Name: ipsecsvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: Power 2012-04-24 10:21:17: Real Path: C:\Windows\system32\umpo.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\umpo.dll,-100 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\umpo.dll,-101 2012-04-24 10:21:17: ServiceDLL: system32\umpo.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: umpo.dll 2012-04-24 10:21:17: Original File Name: Umpo.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: ProfSvc 2012-04-24 10:21:17: Real Path: C:\Windows\system32\profsvc.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\profsvc.dll,-300 2012-04-24 10:21:17: Description: @%systemroot%\system32\profsvc.dll,-301 2012-04-24 10:21:17: ServiceDLL: system32\profsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: profsvc.dll 2012-04-24 10:21:17: Original File Name: ProfSvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: QWAVE 2012-04-24 10:21:17: Real Path: C:\Windows\system32\qwave.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\qwave.dll,-1 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\qwave.dll,-2 2012-04-24 10:21:17: ServiceDLL: system32\qwave.dll 2012-04-24 10:21:17: File size: 210944 2012-04-24 10:21:17: DLL File name: qwave.dll 2012-04-24 10:21:17: Original File Name: qwave.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20090714031612 20090714015415 20090714015415 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: RasAuto 2012-04-24 10:21:17: Real Path: C:\Windows\System32\rasauto.dll 2012-04-24 10:21:17: Display Name: @%Systemroot%\system32\rasauto.dll,-200 2012-04-24 10:21:17: Description: @%Systemroot%\system32\rasauto.dll,-201 2012-04-24 10:21:17: ServiceDLL: System32\rasauto.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: rasauto.dll 2012-04-24 10:21:17: Original File Name: rasauto.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: RasMan 2012-04-24 10:21:17: Real Path: C:\Windows\System32\rasmans.dll 2012-04-24 10:21:17: Display Name: @%Systemroot%\system32\rasmans.dll,-200 2012-04-24 10:21:17: Description: @%Systemroot%\system32\rasmans.dll,-201 2012-04-24 10:21:17: ServiceDLL: System32\rasmans.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: rasmans.dll 2012-04-24 10:21:17: Original File Name: Rasmans.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: RemoteAccess 2012-04-24 10:21:17: Real Path: C:\Windows\System32\mprdim.dll 2012-04-24 10:21:17: Display Name: @%Systemroot%\system32\mprdim.dll,-200 2012-04-24 10:21:17: Description: @%Systemroot%\system32\mprdim.dll,-201 2012-04-24 10:21:17: ServiceDLL: System32\mprdim.dll 2012-04-24 10:21:17: File size: 75264 2012-04-24 10:21:17: DLL File name: mprdim.dll 2012-04-24 10:21:17: Original File Name: MPRDIM.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20090714031541 20090714015426 20090714015426 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: RemoteRegistry 2012-04-24 10:21:17: Real Path: C:\Windows\system32\regsvc.dll 2012-04-24 10:21:17: Display Name: @regsvc.dll,-1 2012-04-24 10:21:17: Description: @regsvc.dll,-2 2012-04-24 10:21:17: ServiceDLL: system32\regsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: regsvc.dll 2012-04-24 10:21:17: Original File Name: REGSVC.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: RpcEptMapper 2012-04-24 10:21:17: Real Path: C:\Windows\System32\RpcEpMap.dll 2012-04-24 10:21:17: Display Name: @%windir%\system32\RpcEpMap.dll,-1001 2012-04-24 10:21:17: Description: @%windir%\system32\RpcEpMap.dll,-1002 2012-04-24 10:21:17: ServiceDLL: System32\RpcEpMap.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: RpcEpMap.dll 2012-04-24 10:21:17: Original File Name: RpcEpMap.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: RpcSs 2012-04-24 10:21:17: Real Path: C:\Windows\system32\rpcss.dll 2012-04-24 10:21:17: Display Name: @oleres.dll,-5010 2012-04-24 10:21:17: Description: @oleres.dll,-5011 2012-04-24 10:21:17: ServiceDLL: system32\rpcss.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: rpcss.dll 2012-04-24 10:21:17: Original File Name: rpcss.dll 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: SCardSvr 2012-04-24 10:21:17: Real Path: C:\Windows\System32\SCardSvr.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\SCardSvr.dll,-1 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\SCardSvr.dll,-5 2012-04-24 10:21:17: ServiceDLL: System32\SCardSvr.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: SCardSvr.dll 2012-04-24 10:21:17: Original File Name: SCardSvr.exe.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: Schedule 2012-04-24 10:21:17: Real Path: C:\Windows\system32\schedsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\schedsvc.dll,-100 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\schedsvc.dll,-101 2012-04-24 10:21:17: ServiceDLL: system32\schedsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: schedsvc.dll 2012-04-24 10:21:17: Original File Name: schedsvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: SCPolicySvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\certprop.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\certprop.dll,-13 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\certprop.dll,-14 2012-04-24 10:21:17: ServiceDLL: System32\certprop.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: certprop.dll 2012-04-24 10:21:17: Original File Name: certprop.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: SDRSVC 2012-04-24 10:21:17: Real Path: C:\Windows\System32\SDRSVC.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\sdrsvc.dll,-107 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\sdrsvc.dll,-102 2012-04-24 10:21:17: ServiceDLL: System32\SDRSVC.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: SDRSVC.dll 2012-04-24 10:21:17: Original File Name: SDRSVC.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: seclogon 2012-04-24 10:21:17: Real Path: C:\Windows\system32\seclogon.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\seclogon.dll,-7001 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\seclogon.dll,-7000 2012-04-24 10:21:17: ServiceDLL: system32\seclogon.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: seclogon.dll 2012-04-24 10:21:17: Original File Name: SECLOGON.EXE.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: SENS 2012-04-24 10:21:17: Real Path: C:\Windows\System32\sens.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\Sens.dll,-200 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\Sens.dll,-201 2012-04-24 10:21:17: ServiceDLL: System32\sens.dll 2012-04-24 10:21:17: File size: 49664 2012-04-24 10:21:17: DLL File name: sens.dll 2012-04-24 10:21:17: Original File Name: sens.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20090714031613 20090714012158 20090714012158 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: SensrSvc 2012-04-24 10:21:17: Real Path: C:\Windows\system32\sensrsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\sensrsvc.dll,-1000 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\sensrsvc.dll,-1001 2012-04-24 10:21:17: ServiceDLL: system32\sensrsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: sensrsvc.dll 2012-04-24 10:21:17: Original File Name: sensrsvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: SessionEnv 2012-04-24 10:21:17: Real Path: C:\Windows\system32\sessenv.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\SessEnv.dll,-1026 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\SessEnv.dll,-1027 2012-04-24 10:21:17: ServiceDLL: system32\sessenv.dll 2012-04-24 10:21:17: File size: 113664 2012-04-24 10:21:17: DLL File name: sessenv.dll 2012-04-24 10:21:17: Original File Name: SessEnv.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20101120142108 20110614090543 20110614090543 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: SharedAccess 2012-04-24 10:21:17: Real Path: C:\Windows\System32\ipnathlp.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\ipnathlp.dll,-106 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\ipnathlp.dll,-107 2012-04-24 10:21:17: ServiceDLL: System32\ipnathlp.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: ipnathlp.dll 2012-04-24 10:21:17: Original File Name: IPNATHLP.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: ShellHWDetection 2012-04-24 10:21:17: Real Path: C:\Windows\System32\shsvcs.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\shsvcs.dll,-12288 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\shsvcs.dll,-12289 2012-04-24 10:21:17: ServiceDLL: System32\shsvcs.dll 2012-04-24 10:21:17: File size: 328192 2012-04-24 10:21:17: DLL File name: shsvcs.dll 2012-04-24 10:21:17: Original File Name: SHSVCS.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20101120142119 20110614090532 20110614090532 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: sppuinotify 2012-04-24 10:21:17: Real Path: C:\Windows\system32\sppuinotify.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\sppuinotify.dll,-103 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\sppuinotify.dll,-102 2012-04-24 10:21:17: ServiceDLL: system32\sppuinotify.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: sppuinotify.dll 2012-04-24 10:21:17: Original File Name: sppuinotify.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: SSDPSRV 2012-04-24 10:21:17: Real Path: C:\Windows\System32\ssdpsrv.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\ssdpsrv.dll,-100 2012-04-24 10:21:17: Description: @%systemroot%\system32\ssdpsrv.dll,-101 2012-04-24 10:21:17: ServiceDLL: System32\ssdpsrv.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: ssdpsrv.dll 2012-04-24 10:21:17: Original File Name: ssdpsrv.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: SstpSvc 2012-04-24 10:21:17: Real Path: C:\Windows\system32\sstpsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\sstpsvc.dll,-200 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\sstpsvc.dll,-201 2012-04-24 10:21:17: ServiceDLL: system32\sstpsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: sstpsvc.dll 2012-04-24 10:21:17: Original File Name: sstpsvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: stisvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\wiaservc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\wiaservc.dll,-9 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\wiaservc.dll,-10 2012-04-24 10:21:17: ServiceDLL: System32\wiaservc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: wiaservc.dll 2012-04-24 10:21:17: Original File Name: WIASERVC.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: swprv 2012-04-24 10:21:17: Real Path: C:\Windows\System32\swprv.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\swprv.dll,-103 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\swprv.dll,-102 2012-04-24 10:21:17: ServiceDLL: System32\swprv.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: swprv.dll 2012-04-24 10:21:17: Original File Name: SWPRV.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: SysMain 2012-04-24 10:21:17: Real Path: C:\Windows\system32\sysmain.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\sysmain.dll,-1000 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\sysmain.dll,-1001 2012-04-24 10:21:17: ServiceDLL: system32\sysmain.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: sysmain.dll 2012-04-24 10:21:17: Original File Name: sysmain.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: TabletInputService 2012-04-24 10:21:17: Real Path: C:\Windows\System32\TabSvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\TabSvc.dll,-100 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\TabSvc.dll,-101 2012-04-24 10:21:17: ServiceDLL: System32\TabSvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: TabSvc.dll 2012-04-24 10:21:17: Original File Name: TabSvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: TapiSrv 2012-04-24 10:21:17: Real Path: C:\Windows\System32\tapisrv.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\tapisrv.dll,-10100 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\tapisrv.dll,-10101 2012-04-24 10:21:17: ServiceDLL: System32\tapisrv.dll 2012-04-24 10:21:17: File size: 242176 2012-04-24 10:21:17: DLL File name: tapisrv.dll 2012-04-24 10:21:17: Original File Name: TAPISRV.EXE.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20101120142128 20110614090526 20110614090526 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: TBS 2012-04-24 10:21:17: Real Path: C:\Windows\System32\tbssvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\tbssvc.dll,-100 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\tbssvc.dll,-101 2012-04-24 10:21:17: ServiceDLL: System32\tbssvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: tbssvc.dll 2012-04-24 10:21:17: Original File Name: TBSSVC.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: TermService 2012-04-24 10:21:17: Real Path: C:\Windows\System32\termsrv.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\termsrv.dll,-268 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\termsrv.dll,-267 2012-04-24 10:21:17: ServiceDLL: System32\termsrv.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: termsrv.dll 2012-04-24 10:21:17: Original File Name: termsrv.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: Themes 2012-04-24 10:21:17: Real Path: C:\Windows\system32\themeservice.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\themeservice.dll,-8192 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\themeservice.dll,-8193 2012-04-24 10:21:17: ServiceDLL: system32\themeservice.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: themeservice.dll 2012-04-24 10:21:17: Original File Name: THEMESERVICE.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: THREADORDER 2012-04-24 10:21:17: Real Path: C:\Windows\system32\mmcss.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\mmcss.dll,-102 2012-04-24 10:21:17: Description: @%systemroot%\system32\mmcss.dll,-103 2012-04-24 10:21:17: ServiceDLL: system32\mmcss.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: mmcss.dll 2012-04-24 10:21:17: Original File Name: mmcss.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: TrkWks 2012-04-24 10:21:17: Real Path: C:\Windows\System32\trkwks.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\trkwks.dll,-1 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\trkwks.dll,-2 2012-04-24 10:21:17: ServiceDLL: System32\trkwks.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: trkwks.dll 2012-04-24 10:21:17: Original File Name: trkwks.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: !!!!!!! 2012-04-24 10:21:17: Found Service: upnphost 2012-04-24 10:21:17: Real Path: C:\Windows\System32\upnphost.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\upnphost.dll,-213 2012-04-24 10:21:17: Description: @%systemroot%\system32\upnphost.dll,-214 2012-04-24 10:21:17: ServiceDLL: System32\upnphost.dll 2012-04-24 10:21:17: File size: 266752 2012-04-24 10:21:17: DLL File name: upnphost.dll 2012-04-24 10:21:17: Original File Name: unpnhost.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20090714031617 20090714015541 20090714015541 2012-04-24 10:21:17: !!!!!!!!! 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: UxSms 2012-04-24 10:21:17: Real Path: C:\Windows\System32\uxsms.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\dwm.exe,-2000 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\dwm.exe,-2001 2012-04-24 10:21:17: ServiceDLL: System32\uxsms.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: uxsms.dll 2012-04-24 10:21:17: Original File Name: UxSms.dll 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: W32Time 2012-04-24 10:21:17: Real Path: C:\Windows\system32\w32time.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\w32time.dll,-200 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\w32time.dll,-201 2012-04-24 10:21:17: ServiceDLL: system32\w32time.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: w32time.dll 2012-04-24 10:21:17: Original File Name: w32time.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: WbioSrvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\wbiosrvc.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\wbiosrvc.dll,-100 2012-04-24 10:21:17: Description: @%systemroot%\system32\wbiosrvc.dll,-101 2012-04-24 10:21:17: ServiceDLL: System32\wbiosrvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: wbiosrvc.dll 2012-04-24 10:21:17: Original File Name: wbiosrvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: wcncsvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\wcncsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\wcncsvc.dll,-3 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\wcncsvc.dll,-4 2012-04-24 10:21:17: ServiceDLL: System32\wcncsvc.dll 2012-04-24 10:21:17: File size: 276992 2012-04-24 10:21:17: DLL File name: wcncsvc.dll 2012-04-24 10:21:17: Original File Name: WCNCSVC.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20101120142135 20110614090530 20110614090530 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: WcsPlugInService 2012-04-24 10:21:17: Real Path: C:\Windows\System32\WcsPlugInService.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\WcsPlugInService.dll,-200 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\WcsPlugInService.dll,-201 2012-04-24 10:21:17: ServiceDLL: System32\WcsPlugInService.dll 2012-04-24 10:21:17: File size: 32768 2012-04-24 10:21:17: DLL File name: WcsPlugInService.dll 2012-04-24 10:21:17: Original File Name: WcsPlugInService.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20090714031618 20090714012513 20090714012513 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: WdiServiceHost 2012-04-24 10:21:17: Real Path: C:\Windows\system32\wdi.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\wdi.dll,-502 2012-04-24 10:21:17: Description: @%systemroot%\system32\wdi.dll,-503 2012-04-24 10:21:17: ServiceDLL: system32\wdi.dll 2012-04-24 10:21:17: File size: 76288 2012-04-24 10:21:17: DLL File name: wdi.dll 2012-04-24 10:21:17: Original File Name: wdi.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20090714031618 20090714011947 20090714011947 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: WdiSystemHost 2012-04-24 10:21:17: Real Path: C:\Windows\system32\wdi.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\wdi.dll,-500 2012-04-24 10:21:17: Description: @%systemroot%\system32\wdi.dll,-501 2012-04-24 10:21:17: ServiceDLL: system32\wdi.dll 2012-04-24 10:21:17: File size: 76288 2012-04-24 10:21:17: DLL File name: wdi.dll 2012-04-24 10:21:17: Original File Name: wdi.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20090714031618 20090714011947 20090714011947 2012-04-24 10:21:17: !!!!!!! 2012-04-24 10:21:17: Found Service: WebClient 2012-04-24 10:21:17: Real Path: C:\Windows\System32\webclnt.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\webclnt.dll,-100 2012-04-24 10:21:17: Description: @%systemroot%\system32\webclnt.dll,-101 2012-04-24 10:21:17: ServiceDLL: System32\webclnt.dll 2012-04-24 10:21:17: File size: 204800 2012-04-24 10:21:17: DLL File name: webclnt.dll 2012-04-24 10:21:17: Original File Name: davsvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20101120142135 20110614090542 20110614090542 2012-04-24 10:21:17: !!!!!!!!! 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: Wecsvc 2012-04-24 10:21:17: Real Path: C:\Windows\system32\wecsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\wecsvc.dll,-200 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\wecsvc.dll,-201 2012-04-24 10:21:17: ServiceDLL: system32\wecsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: wecsvc.dll 2012-04-24 10:21:17: Original File Name: wecsvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: !!!!!!! 2012-04-24 10:21:17: Found Service: wercplsupport 2012-04-24 10:21:17: Real Path: C:\Windows\System32\wercplsupport.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\wercplsupport.dll,-101 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\wercplsupport.dll,-100 2012-04-24 10:21:17: ServiceDLL: System32\wercplsupport.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: wercplsupport.dll 2012-04-24 10:21:17: Original File Name: ERC 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: !!!!!!!!! 2012-04-24 10:21:17: !!!!!!! 2012-04-24 10:21:17: Found Service: WerSvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\WerSvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\wersvc.dll,-100 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\wersvc.dll,-101 2012-04-24 10:21:17: ServiceDLL: System32\WerSvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: WerSvc.dll 2012-04-24 10:21:17: Original File Name: wersvc 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: !!!!!!!!! 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: Winmgmt 2012-04-24 10:21:17: Real Path: C:\Windows\system32\wbem\WMIsvc.dll 2012-04-24 10:21:17: Display Name: @%Systemroot%\system32\wbem\wmisvc.dll,-205 2012-04-24 10:21:17: Description: @%Systemroot%\system32\wbem\wmisvc.dll,-204 2012-04-24 10:21:17: ServiceDLL: system32\wbem\WMIsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: WMIsvc.dll 2012-04-24 10:21:17: Original File Name: wmisvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: WinRM 2012-04-24 10:21:17: Real Path: C:\Windows\system32\WsmSvc.dll 2012-04-24 10:21:17: Display Name: @%Systemroot%\system32\wsmsvc.dll,-101 2012-04-24 10:21:17: Description: @%Systemroot%\system32\wsmsvc.dll,-102 2012-04-24 10:21:17: ServiceDLL: system32\WsmSvc.dll 2012-04-24 10:21:17: File size: 1175040 2012-04-24 10:21:17: DLL File name: WsmSvc.dll 2012-04-24 10:21:17: Original File Name: WsmSvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20101120142139 20110614090544 20110614090544 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: Wlansvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\wlansvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\wlansvc.dll,-257 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\wlansvc.dll,-258 2012-04-24 10:21:17: ServiceDLL: System32\wlansvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: wlansvc.dll 2012-04-24 10:21:17: Original File Name: wlansvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: WPCSvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\wpcsvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\wpcsvc.dll,-100 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\wpcsvc.dll,-101 2012-04-24 10:21:17: ServiceDLL: System32\wpcsvc.dll 2012-04-24 10:21:17: File size: 10752 2012-04-24 10:21:17: DLL File name: wpcsvc.dll 2012-04-24 10:21:17: Original File Name: wpcsvc.exe.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 20090714031620 20090714014010 20090714014010 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: WPDBusEnum 2012-04-24 10:21:17: Real Path: C:\Windows\system32\wpdbusenum.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\wpdbusenum.dll,-100 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\wpdbusenum.dll,-101 2012-04-24 10:21:17: ServiceDLL: system32\wpdbusenum.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: wpdbusenum.dll 2012-04-24 10:21:17: Original File Name: WpdBusEnum.DLL.MUI 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: wscsvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\wscsvc.dll 2012-04-24 10:21:17: Display Name: Sicherheitscenter 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\wscsvc.dll,-201 2012-04-24 10:21:17: ServiceDLL: System32\wscsvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: wscsvc.dll 2012-04-24 10:21:17: Original File Name: wscsvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: wuauserv 2012-04-24 10:21:17: Real Path: C:\Windows\system32\wuaueng.dll 2012-04-24 10:21:17: Display Name: @%systemroot%\system32\wuaueng.dll,-105 2012-04-24 10:21:17: Description: @%systemroot%\system32\wuaueng.dll,-106 2012-04-24 10:21:17: ServiceDLL: system32\wuaueng.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: wuaueng.dll 2012-04-24 10:21:17: Original File Name: wuaueng.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: wudfsvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\WUDFSvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\system32\wudfsvc.dll,-1000 2012-04-24 10:21:17: Description: @%SystemRoot%\system32\wudfsvc.dll,-1001 2012-04-24 10:21:17: ServiceDLL: System32\WUDFSvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: WUDFSvc.dll 2012-04-24 10:21:17: Original File Name: WUDFSvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: --------------------------------------------------------------------- 2012-04-24 10:21:17: Found Service: WwanSvc 2012-04-24 10:21:17: Real Path: C:\Windows\System32\wwansvc.dll 2012-04-24 10:21:17: Display Name: @%SystemRoot%\System32\wwansvc.dll,-257 2012-04-24 10:21:17: Description: @%SystemRoot%\System32\wwansvc.dll,-258 2012-04-24 10:21:17: ServiceDLL: System32\wwansvc.dll 2012-04-24 10:21:17: File size: 0 2012-04-24 10:21:17: DLL File name: wwansvc.dll 2012-04-24 10:21:17: Original File Name: WwanSvc.dll.mui 2012-04-24 10:21:17: Company: 2012-04-24 10:21:17: Mod/Cre/Acc time: 2012-04-24 10:21:17: 2012-04-24 10:21:17: Looking for SHELL key 2012-04-24 10:21:17: Now looking for bad DLL files in system32 2012-04-24 10:21:28: Folder: GAC 2012-04-24 10:21:28: Folder: GAC_32 2012-04-24 10:21:28: Folder: GAC_64 2012-04-24 10:21:28: Folder: GAC_MSIL 2012-04-24 10:21:28: Folder: NativeImages1_v1.1.4322 2012-04-24 10:21:28: Folder: NativeImages_v2.0.50727_32 2012-04-24 10:21:28: Folder: NativeImages_v2.0.50727_64 2012-04-24 10:21:28: Folder: NativeImages_v4.0.30319_32 2012-04-24 10:21:28: Folder: NativeImages_v4.0.30319_64 2012-04-24 10:21:28: Folder: temp 2012-04-24 10:21:28: Folder: tmp 2012-04-24 10:21:28: Checking for bad folder 2012-04-24 10:21:28: Found 1 folders. 2012-04-24 10:21:28: Checking C:\Windows\assembly\tmp 2012-04-24 10:21:28: ... Folder test returns: 1 2012-04-24 10:21:28: Done with folder list in C:\Windows\assembly\ tmp 2012-04-24 10:21:28: Autonomous mode, clearing out yt folder 2012-04-24 10:21:28: cmd.exe /c start "C:\Users\Georg Mehrer\Desktop\yorkyt.exe" 2012-04-24 10:21:33: Restarting... 2012-04-24 10:22:31: **************************************************** 2012-04-24 10:22:31: Starting UP ... v 0.0.0.220 2012-04-24 10:22:31: **************************************************** 2012-04-24 10:22:33: Stop TPSRV returns: 2 2012-04-24 10:22:48: Listing processes... 2012-04-24 10:22:48: :[System Process]:0 2012-04-24 10:22:48: :System:4 2012-04-24 10:22:48: :smss.exe:252 2012-04-24 10:22:48: :csrss.exe:404 2012-04-24 10:22:48: :wininit.exe:460 2012-04-24 10:22:48: :csrss.exe:484 2012-04-24 10:22:48: :services.exe:528 2012-04-24 10:22:48: :lsass.exe:544 2012-04-24 10:22:48: :lsm.exe:552 2012-04-24 10:22:48: :winlogon.exe:588 2012-04-24 10:22:48: :svchost.exe:708 2012-04-24 10:22:48: :nvvsvc.exe:776 2012-04-24 10:22:48: :svchost.exe:816 2012-04-24 10:22:48: :svchost.exe:904 2012-04-24 10:22:48: :svchost.exe:940 2012-04-24 10:22:48: :svchost.exe:968 2012-04-24 10:22:48: :audiodg.exe:308 2012-04-24 10:22:48: :svchost.exe:684 2012-04-24 10:22:48: :NvXDSync.exe:1072 2012-04-24 10:22:48: :svchost.exe:1080 2012-04-24 10:22:48: :nvvsvc.exe:1096 2012-04-24 10:22:48: :vsmon.exe:1176 2012-04-24 10:22:48: :ISWSVC.exe:1480 2012-04-24 10:22:48: :spoolsv.exe:1564 2012-04-24 10:22:48: :taskeng.exe:1572 2012-04-24 10:22:48: :sched.exe:1608 2012-04-24 10:22:48: :rundll32.exe:1652 2012-04-24 10:22:48: :svchost.exe:1664 2012-04-24 10:22:48: :armsvc.exe:1768 2012-04-24 10:22:48: :avguard.exe:1808 2012-04-24 10:22:48: :AODAssist.exe:1828 2012-04-24 10:22:48: :E_S40STB.EXE:1876 2012-04-24 10:22:48: :E_S40RPB.EXE:1912 2012-04-24 10:22:48: :MSCamS64.exe:1956 2012-04-24 10:22:48: :PnkBstrA.exe:1996 2012-04-24 10:22:48: :svchost.exe:2032 2012-04-24 10:22:48: :WLIDSVC.EXE:1068 2012-04-24 10:22:48: :WLIDSVCM.EXE:2088 2012-04-24 10:22:48: :taskhost.exe:2364 2012-04-24 10:22:48: :ForceField.exe:2384 2012-04-24 10:22:48: :taskeng.exe:2500 2012-04-24 10:22:48: :userinit.exe:2588 2012-04-24 10:22:48: :dwm.exe:2624 2012-04-24 10:22:48: :explorer.exe:2740 2012-04-24 10:22:48: :avshadow.exe:3032 2012-04-24 10:22:48: :conhost.exe:3040 2012-04-24 10:22:48: :avwebgrd.exe:3064 2012-04-24 10:22:48: :svchost.exe:2424 2012-04-24 10:22:48: :WmiPrvSE.exe:2796 2012-04-24 10:22:48: :yorkyt.exe:3076 2012-04-24 10:22:48: :WmiPrvSE.exe:3148 2012-04-24 10:22:48: :RAVCpl64.exe:3296 2012-04-24 10:22:48: :HydraControlPanel.exe:3412 2012-04-24 10:22:48: :Monitor.exe:3428 2012-04-24 10:22:48: :msnmsgr.exe:3544 2012-04-24 10:22:48: :sidebar.exe:3612 2012-04-24 10:22:48: :TeaTimer.exe:3648 2012-04-24 10:22:48: :nusb3mon.exe:3720 2012-04-24 10:22:48: :Updater.exe:3784 2012-04-24 10:22:48: :svchost.exe:3796 2012-04-24 10:22:48: :avgnt.exe:3872 2012-04-24 10:22:48: :realplay.exe:3908 2012-04-24 10:22:48: :jusched.exe:3928 2012-04-24 10:22:48: :reader_sl.exe:3952 2012-04-24 10:22:48: :mbamgui.exe:3968 2012-04-24 10:22:48: :zatray.exe:3980 2012-04-24 10:22:48: :SearchIndexer.exe:4088 2012-04-24 10:22:48: :SearchProtocolHost.exe:1284 2012-04-24 10:22:48: :SearchFilterHost.exe:340 2012-04-24 10:22:48: :WmiPrvSE.exe:3368 2012-04-24 10:22:48: :wmpnetwk.exe:3536 2012-04-24 10:22:48: :svchost.exe:4152 2012-04-24 10:22:48: 2012-04-24 10:22:48: Starting cleanup mode... 2012-04-24 10:22:48: ... Done with files, now folders 2012-04-24 10:22:50: All DONE |
|
24.04.2012, 10:10
| #6 |
| | Windows Sicherheitcenter läst sich nicht aktivieren Ich hab den Spybot nochmal laufen lassen und er meldet keine Syswow datei nur noch die einträge Securitycenter disabled... |
|
24.04.2012, 10:22
| #7 |
| | Windows Sicherheitcenter läst sich nicht aktivieren Hi, wie sieht es mit den Umleitungen aus? Sicherheitscenter wiederbeleben: Wenn sich das Sicherheitscenter nicht starten lässt, steht wahrscheinlich der Dienst auf "disabled" Öffne eine Commandline-Shell mit Adminrechten. Am einfachsten Du erstellst eine entsprechende Verknüpfung auf dem Desktop. Ziel der Verknüpfung ist "C:\Windows\System32\cmd.exe". Ausführen als Administrator ankreuzen nicht vergessen... Code:
ATTFilter sc config wscsvc start=auto
net start wscsvc
Fix für OTL: Code:
ATTFilter :reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = dword:0x01
aswMBR Folge den Anweisungen hier. Kurzanleitung: Von http://filepony.de/download-aswmbr/ die aswMBR.exe runterladen und auf dem Desktop speichern.
chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
24.04.2012, 21:32
| #8 |
| | Windows Sicherheitcenter läst sich nicht aktivieren Windows Sicherheitscenter funktioniert wieder warum? keine Ahnung? Hier das Log: aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-04-24 22:27:21 ----------------------------- 22:27:21.733 OS Version: Windows x64 6.1.7601 Service Pack 1 22:27:21.733 Number of processors: 2 586 0x403 22:27:21.733 ComputerName: Meinname-PC UserName: Mein Name 22:27:21.796 Initialize success 22:27:39.691 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\mv91xx1Port0Path0Target0Lun0 22:27:39.691 Disk 0 Vendor: Corsair_ 2.0_ Size: 57241MB BusType: 11 22:27:39.691 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0 22:27:39.706 Disk 1 Vendor: ST3500418AS CC37 Size: 476940MB BusType: 3 22:27:39.706 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP1T0L0-1 22:27:39.706 Disk 2 Vendor: WDC_WD2000JD-22HBB0 08.02D08 Size: 190782MB BusType: 3 22:27:39.706 Disk 0 MBR read successfully 22:27:39.706 Disk 0 MBR scan 22:27:39.722 Disk 0 Windows 7 default MBR code 22:27:39.722 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 22:27:39.722 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 57139 MB offset 206848 22:27:39.722 Disk 0 scanning C:\Windows\system32\drivers 22:27:41.391 Service scanning 22:27:44.090 Modules scanning 22:27:44.106 Disk 0 trace - called modules: 22:27:44.433 ntoskrnl.exe CLASSPNP.SYS disk.sys SCSIPORT.SYS hal.dll mv91xx.sys 22:27:44.449 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007627730] 22:27:44.464 3 CLASSPNP.SYS[fffff8800199743f] -> nt!IofCallDriver -> \Device\Scsi\mv91xx1Port0Path0Target0Lun0[0xfffffa800762f050] 22:27:44.480 Scan finished successfully 22:28:14.370 Disk 0 MBR has been saved successfully to "C:\Users\Georg Mehrer\Desktop\MBR.dat" 22:28:14.385 The log file has been saved successfully to "C:\Users\Georg Mehrer\Desktop\aswMBR.txt" Allerdings funktioniert Opera Browser nicht mehr, hab ihn mit der Systemsteuerung deinstalliert. Bei einem neuen herunterladeversuch hängt sich das Programm vor dem download nach "Linzenzbestimmungen akzeptieren" auf und reagiert nicht mehr. Ich hab ma nochmal meine 3 Scanner laufen lassen (Avira, Spybot und Malwarebytes). Spybot hat nix gefunden Malwarebytes hat auch nix gefunden Avira hat auf versteckte Dateien hingewiesen und reperatur mit der Avira Rescue CD empfohlen. Hab mir den Bericht zeigen lassen und sämtliche NVIDIA Dateien wurden aufgelistet. Ich hab die Dateien mittels Systemsteuerung, Programme deinstalliert und teilweise manuell gelöscht. NVIDIA neu installiert inclusive aktuelle Treiber, DierctX und 3DConverter usw. zusätzlich das neue optionale Update von Windows für die 3D Leistungsverbesserung Grafikkarte Geeforce GTS250 runter geladen. Rechner neu gestartet Die 3 Scanner erneut laufen lassen... keine Funde Windows Sicherheitscenter funktioniert wieder tadellos Nach der deaktivierung der Scanner konnte ich auch Opera neu installieren und hab gleich die aktuellsten Plugins runter geladen. Falls es noch etwas gibt das ich tun kann um zu sehen dass wieder alles sauber is wäre ich sehr dankbar. Grüße |
|
26.04.2012, 07:16
| #9 |
| | Windows Sicherheitcenter läst sich nicht aktivieren Hi, wenn es keine Umleitungen mehr gibt bzw. sich der Rechner "normal" verhält, sollten wir jetzt durch sein... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
26.04.2012, 08:56
| #10 |
| | Windows Sicherheitcenter läst sich nicht aktivieren ein kleines Problem hab ich aber noch: So ab und zu (nicht immer) wenn ich den Rechner Starte kommt ein schwarzer Bildschirm mit ner Zeile: "select propper boot device and press any Key...." ich kann da drücken was ich will die Zeile kommt dann immer wieder. Drück ich dann STRG+Alt+Entf startet der Rechner neu, manchmal muss ich das 2-3 mal wiederholen bis Windows dann normal startet. Woran kann das liegen |
|
26.04.2012, 09:00
| #11 |
| | Windows Sicherheitcenter läst sich nicht aktivieren Hi, BIOS-Einstellungen zum Booten prüfen (meist F2 bei Booten). Lass mal schauen was sonst noch auf der Festplatte liegt: TLD4 Windows wird über eine versteckte Partition die als BOOT gekennzeichnet ist gestartet (und nicht über die eigentliche “Bootpartition”). Daher muß über ein Paritionierungstool vorgegangen werden. Da bei Fehlbedienung die Festplatte geschrottet werden kann, unbedingt vorher eine komplette Sicherung der Festplatte durchführen. Lade Dir GParted von Download GParted from SourceForge.net oder ISO-Image von PartedMagic runter, ggf. das ZIP-File auspacken und das ISO-Images per Nero oder ImageBurn auf CD brennen.
Wir prüfen noch mal mit einem anderen Tool auf TDS: TDSS-Killer Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft? Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)! Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe. Stelle den Killer wir folgt ein:  Dann den Scan starten durch (Start Scan). Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster, den Text abkopieren und hier posten... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) Geändert von Chris4You (26.04.2012 um 09:15 Uhr) |
|
26.04.2012, 18:11
| #12 |
| | Windows Sicherheitcenter läst sich nicht aktivieren Das mit dem Tdsskiller hat funktioniert er hat keine Funde gemeldet, wenn das Log noch brauchst lad ichs hoch. Das andere hat auch soweit funktioniert bis hin zur Datensicherung auf CD aber wie kann ich das im Bios Umstellen wo muss ich da hin... ich find da irgendwie nix. Grüße |
|
26.04.2012, 19:57
| #13 |
| | Windows Sicherheitcenter läst sich nicht aktivieren Hi, bevor wir da jetzt in die Tiefe gehen, hast Du beim einschalten des Rechners noch irgendwas angeschlossen, wie z.B. ein USB-Stick/Festplatte, eine CD im Laufwerk etc? Der Killer hat kein TDSS-Filesystem gefunden? Dann scheidet das aus. Die übelste Möglichkeit wäre ein baldiger "Tot" der Festplatte, dazu mal die S.M.A.R.T.-Parameter auslesen u. anzeigen lassen... Prüfen ob mit dem Bootblock alles OK ist: MBR-Check Lade Dir http://ad13.geekstogo.com/MBRCheck.exe und speichere die Datei auf dem Desktop.
chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
26.04.2012, 23:55
| #14 |
| | Windows Sicherheitcenter läst sich nicht aktivieren nein war nichts angeschlossen, nur die CD mit der Sicherung war im Laufwerk MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows 7 Home Premium Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: MSI BIOS Manufacturer: American Megatrends Inc. System Manufacturer: MSI System Product Name: MS-7660 Logical Drives Mask: 0x0000007c Kernel Drivers (total 201): 0x02C61000 \SystemRoot\system32\ntoskrnl.exe 0x02C18000 \SystemRoot\system32\hal.dll 0x00BA1000 \SystemRoot\system32\kdcom.dll 0x00C30000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll 0x00C3D000 \SystemRoot\system32\PSHED.dll 0x00C51000 \SystemRoot\system32\CLFS.SYS 0x00CAF000 \SystemRoot\system32\CI.dll 0x00EF6000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00F9A000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00FA9000 \SystemRoot\system32\drivers\ACPI.sys 0x00E00000 \SystemRoot\system32\drivers\WMILIB.SYS 0x00E09000 \SystemRoot\system32\drivers\msisadrv.sys 0x00E13000 \SystemRoot\system32\drivers\pci.sys 0x00E46000 \SystemRoot\system32\drivers\vdrvroot.sys 0x00E53000 \SystemRoot\System32\drivers\partmgr.sys 0x00E68000 \SystemRoot\system32\drivers\volmgr.sys 0x00E7D000 \SystemRoot\System32\drivers\volmgrx.sys 0x00ED9000 \SystemRoot\system32\drivers\pciide.sys 0x00EE0000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x00D6F000 \SystemRoot\System32\drivers\mountmgr.sys 0x00D89000 \SystemRoot\system32\drivers\atapi.sys 0x00D92000 \SystemRoot\system32\drivers\ataport.SYS 0x00DBC000 \SystemRoot\system32\drivers\msahci.sys 0x01041000 \SystemRoot\system32\DRIVERS\mv91xx.sys 0x010CE000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS 0x010FD000 \SystemRoot\system32\DRIVERS\mvxxmm.sys 0x01105000 \SystemRoot\system32\drivers\amdxata.sys 0x01110000 \SystemRoot\system32\drivers\fltmgr.sys 0x0115C000 \SystemRoot\system32\drivers\fileinfo.sys 0x01223000 \SystemRoot\System32\Drivers\Ntfs.sys 0x01170000 \SystemRoot\System32\Drivers\msrpc.sys 0x013C6000 \SystemRoot\System32\Drivers\ksecdd.sys 0x014FA000 \SystemRoot\System32\Drivers\cng.sys 0x0156C000 \SystemRoot\System32\drivers\pcw.sys 0x0157D000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x01400000 \SystemRoot\system32\drivers\ndis.sys 0x01587000 \SystemRoot\system32\drivers\NETIO.SYS 0x011CE000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x016B6000 \SystemRoot\System32\drivers\tcpip.sys 0x018BA000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x01904000 \SystemRoot\system32\drivers\volsnap.sys 0x01950000 \SystemRoot\System32\Drivers\spldr.sys 0x01958000 \SystemRoot\System32\drivers\rdyboost.sys 0x01992000 \SystemRoot\System32\Drivers\mup.sys 0x019A4000 \SystemRoot\System32\drivers\hwpolicy.sys 0x019AD000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x019E7000 \SystemRoot\system32\DRIVERS\disk.sys 0x01600000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x01630000 \SystemRoot\system32\DRIVERS\AtiPcie.sys 0x04588000 \SystemRoot\System32\Drivers\dump_mvxxmm.sys 0x045A3000 \SystemRoot\system32\drivers\cdrom.sys 0x045CD000 \SystemRoot\System32\Drivers\Null.SYS 0x045D6000 \SystemRoot\System32\Drivers\Beep.SYS 0x045DD000 \SystemRoot\System32\drivers\vga.sys 0x04400000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x04425000 \SystemRoot\System32\drivers\watchdog.sys 0x04435000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x0443E000 \SystemRoot\system32\drivers\rdpencdd.sys 0x04447000 \SystemRoot\system32\drivers\rdprefmp.sys 0x04450000 \SystemRoot\System32\Drivers\Msfs.SYS 0x0445B000 \SystemRoot\System32\Drivers\Npfs.SYS 0x0446C000 \SystemRoot\system32\DRIVERS\tdx.sys 0x0448E000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x048C9000 \SystemRoot\system32\drivers\afd.sys 0x04952000 \SystemRoot\System32\DRIVERS\netbt.sys 0x04800000 \SystemRoot\system32\DRIVERS\vsdatant.sys 0x04895000 \SystemRoot\system32\drivers\ws2ifsl.sys 0x048A0000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x04997000 \SystemRoot\system32\DRIVERS\pacer.sys 0x049BD000 \SystemRoot\system32\DRIVERS\netbios.sys 0x049CC000 \SystemRoot\system32\DRIVERS\serial.sys 0x048A9000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x049E9000 \SystemRoot\system32\drivers\termdd.sys 0x0449B000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x044EC000 \SystemRoot\system32\drivers\nsiproxy.sys 0x045EB000 \SystemRoot\system32\drivers\mssmbios.sys 0x01650000 \SystemRoot\System32\drivers\discache.sys 0x0165F000 \SystemRoot\System32\Drivers\dfsc.sys 0x0167D000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x045F6000 \SystemRoot\system32\DRIVERS\avkmgr.sys 0x0168E000 \SystemRoot\system32\DRIVERS\avipbb.sys 0x01000000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x015E7000 \SystemRoot\system32\DRIVERS\amdppm.sys 0x013E1000 \SystemRoot\system32\DRIVERS\HydraWDDM.sys 0x04AB7000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x04BAB000 \SystemRoot\System32\drivers\dxgmms1.sys 0x130D3000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys 0x13DF1000 \SystemRoot\System32\Drivers\nvBridge.kmd 0x13DF3000 \SystemRoot\system32\DRIVERS\HydraPGU_EEP.sys 0x13000000 \SystemRoot\system32\drivers\1394ohci.sys 0x1303E000 \SystemRoot\system32\DRIVERS\Rt64win7.sys 0x13095000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys 0x130C5000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x04BF1000 \SystemRoot\system32\DRIVERS\usbfilter.sys 0x130C7000 \SystemRoot\system32\DRIVERS\usbohci.sys 0x04A00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x04A56000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x04A67000 \SystemRoot\system32\drivers\HDAudBus.sys 0x04A8B000 \SystemRoot\system32\DRIVERS\serenum.sys 0x04A97000 \SystemRoot\system32\drivers\wmiacpi.sys 0x04AA0000 \SystemRoot\system32\drivers\CompositeBus.sys 0x01200000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x00DC7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x01216000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x00C00000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x01026000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x04CA5000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x04CC6000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x04CE0000 \SystemRoot\system32\drivers\kbdclass.sys 0x04CEF000 \SystemRoot\system32\drivers\mouclass.sys 0x04CFE000 \SystemRoot\system32\drivers\swenum.sys 0x04D00000 \SystemRoot\system32\drivers\ks.sys 0x04D43000 \SystemRoot\system32\drivers\umbus.sys 0x04D55000 \SystemRoot\system32\DRIVERS\nusb3hub.sys 0x04D6D000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x04DC7000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x05CE1000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x05F28000 \SystemRoot\system32\drivers\portcls.sys 0x05F65000 \SystemRoot\system32\drivers\drmk.sys 0x05F87000 \SystemRoot\system32\drivers\ksthunk.sys 0x000D0000 \SystemRoot\System32\win32k.sys 0x05F8D000 \SystemRoot\System32\drivers\Dxapi.sys 0x05F99000 \SystemRoot\system32\DRIVERS\cdfs.sys 0x05FB6000 \SystemRoot\System32\Drivers\crashdmp.sys 0x05FC4000 \SystemRoot\System32\Drivers\dump_diskdump.sys 0x05C00000 \SystemRoot\System32\Drivers\dump_mv91xx.sys 0x05C8D000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x05CA0000 \SystemRoot\system32\DRIVERS\monitor.sys 0x05CAE000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x05CCB000 \SystemRoot\system32\drivers\hidusb.sys 0x05FCE000 \SystemRoot\system32\drivers\HIDCLASS.SYS 0x05FE7000 \SystemRoot\system32\drivers\HIDPARSE.SYS 0x05FF0000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x04DDC000 \SystemRoot\System32\Drivers\nx6000.sys 0x04C00000 \SystemRoot\System32\Drivers\usbvideo.sys 0x04C2E000 \SystemRoot\system32\drivers\usbaudio.sys 0x04C49000 \SystemRoot\system32\drivers\kbdhid.sys 0x00590000 \SystemRoot\System32\TSDDD.dll 0x00620000 \SystemRoot\System32\cdd.dll 0x04C57000 \SystemRoot\system32\drivers\luafv.sys 0x04C7A000 \SystemRoot\system32\DRIVERS\avgntflt.sys 0x044F8000 \SystemRoot\system32\drivers\WudfPf.sys 0x04DE9000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x04519000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x04531000 \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys 0x076F2000 \SystemRoot\system32\drivers\HTTP.sys 0x077BB000 \SystemRoot\system32\DRIVERS\bowser.sys 0x077D9000 \SystemRoot\System32\drivers\mpsdrv.sys 0x07600000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x0762D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x0767B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x07C7D000 \SystemRoot\system32\drivers\peauth.sys 0x07D23000 \SystemRoot\System32\Drivers\secdrv.SYS 0x07D2E000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x07D5F000 \SystemRoot\System32\drivers\tcpipreg.sys 0x07D71000 \SystemRoot\System32\DRIVERS\srv2.sys 0x082F6000 \SystemRoot\System32\DRIVERS\srv.sys 0x0838E000 \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys 0x083BF000 \??\C:\Windows\system32\drivers\mbam.sys 0x08271000 \SystemRoot\system32\DRIVERS\asyncmac.sys 0x0829E000 \SystemRoot\system32\DRIVERS\udfs.sys 0x77570000 \Windows\System32\ntdll.dll 0x47840000 \Windows\System32\smss.exe 0xFF890000 \Windows\System32\apisetschema.dll 0xFFAC0000 \Windows\System32\autochk.exe 0xFF860000 \Windows\System32\sechost.dll 0x77360000 \Windows\System32\iertutil.dll 0xFF650000 \Windows\System32\ole32.dll 0x77200000 \Windows\System32\wininet.dll 0xFF5E0000 \Windows\System32\gdi32.dll 0xFF510000 \Windows\System32\usp10.dll 0xFF330000 \Windows\System32\setupapi.dll 0xFF250000 \Windows\System32\oleaut32.dll 0xFF170000 \Windows\System32\advapi32.dll 0xFF060000 \Windows\System32\msctf.dll 0xFEFC0000 \Windows\System32\clbcatq.dll 0xFEF40000 \Windows\System32\difxapi.dll 0xFEEA0000 \Windows\System32\msvcrt.dll 0x770B0000 \Windows\System32\urlmon.dll 0x77740000 \Windows\System32\psapi.dll 0x76FB0000 \Windows\System32\user32.dll 0x76E90000 \Windows\System32\kernel32.dll 0x77730000 \Windows\System32\normaliz.dll 0xFEE00000 \Windows\System32\comdlg32.dll 0xFECD0000 \Windows\System32\rpcrt4.dll 0xFECA0000 \Windows\System32\imm32.dll 0xFEC20000 \Windows\System32\shlwapi.dll 0xFDE90000 \Windows\System32\shell32.dll 0xFDE70000 \Windows\System32\imagehlp.dll 0xFDE60000 \Windows\System32\nsi.dll 0xFDE10000 \Windows\System32\ws2_32.dll 0xFDDB0000 \Windows\System32\Wldap32.dll 0xFDDA0000 \Windows\System32\lpk.dll 0xFDD60000 \Windows\System32\cfgmgr32.dll 0xFDCC0000 \Windows\System32\comctl32.dll 0xFDC80000 \Windows\System32\wintrust.dll 0xFDC10000 \Windows\System32\KernelBase.dll 0xFDBF0000 \Windows\System32\devobj.dll 0xFDA80000 \Windows\System32\crypt32.dll 0xFDA70000 \Windows\System32\msasn1.dll 0x76720000 \Windows\SysWOW64\normaliz.dll Processes (total 73): 0 System Idle Process 4 System 256 C:\Windows\System32\smss.exe 408 csrss.exe 472 C:\Windows\System32\wininit.exe 492 csrss.exe 536 C:\Windows\System32\services.exe 552 C:\Windows\System32\lsass.exe 560 C:\Windows\System32\lsm.exe 592 C:\Windows\System32\winlogon.exe 700 C:\Windows\System32\svchost.exe 768 C:\Windows\System32\nvvsvc.exe 808 C:\Windows\System32\svchost.exe 880 C:\Windows\System32\svchost.exe 940 C:\Windows\System32\svchost.exe 964 C:\Windows\System32\svchost.exe 316 C:\Windows\System32\svchost.exe 1096 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe 1108 C:\Windows\System32\nvvsvc.exe 1120 C:\Windows\System32\svchost.exe 1212 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe 1488 C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe 1572 C:\Windows\System32\spoolsv.exe 1580 C:\Windows\System32\taskeng.exe 1616 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 1652 C:\Windows\System32\svchost.exe 1688 C:\Windows\System32\rundll32.exe 1772 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 1808 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 1828 C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe 1900 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE 1920 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE 1964 C:\Program Files\Microsoft LifeCam\MSCamS64.exe 2004 C:\Windows\SysWOW64\PnkBstrA.exe 2032 C:\Windows\System32\svchost.exe 1192 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 2084 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 2200 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 2672 C:\Windows\System32\taskhost.exe 2680 C:\Program Files\CheckPoint\ZAForceField\ForceField.exe 2868 C:\Windows\System32\dwm.exe 2984 C:\Windows\explorer.exe 2752 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 2884 C:\Program Files\Lucidlogix Technologies\HYDRA\HydraControlPanel.exe 2964 C:\Windows\PixArt\Pac207\Monitor.exe 1304 C:\Program Files\Windows Sidebar\sidebar.exe 3000 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe 3192 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe 3200 C:\Windows\System32\conhost.exe 3288 C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe 3392 C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe 3572 C:\Program Files (x86)\Ask.com\Updater\Updater.exe 3656 C:\Windows\System32\svchost.exe 3716 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 3736 C:\Program Files (x86)\Real\RealPlayer\realplay.exe 3884 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 3896 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 3952 C:\Windows\System32\svchost.exe 3968 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe 3108 C:\Windows\System32\SearchIndexer.exe 2352 C:\Program Files\Windows Media Player\wmpnetwk.exe 4268 C:\Windows\System32\svchost.exe 5072 dllhost.exe 3652 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 4892 C:\Windows\System32\svchost.exe 1456 C:\Windows\System32\taskeng.exe 4464 C:\Windows\System32\audiodg.exe 912 C:\Windows\System32\SearchProtocolHost.exe 4756 C:\Windows\System32\SearchFilterHost.exe 4384 dllhost.exe 3372 dllhost.exe 804 C:\Users\Georg Mehrer\Desktop\MBRCheck.exe 4560 C:\Windows\System32\conhost.exe \\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`06500000 (NTFS) \\.\E: --> \\.\PhysicalDrive2 at offset 0x00000000`00007e00 (NTFS) \\.\F: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS) PhysicalDrive1 Model Number: CorsairCSSD-F60GB2, Rev: 2.0 PhysicalDrive2 Model Number: ST3500418AS, Rev: CC37 PhysicalDrive0 Model Number: WDCWD2000JD-22HBB0, Rev: 08.02D08 Size Device Name MBR Status -------------------------------------------- 55 GB \\.\PhysicalDrive1 |
|
27.04.2012, 07:51
| #15 |
| | Windows Sicherheitcenter läst sich nicht aktivieren Hi, poste noch die letzten Zeile, die fehlen (MBR-Check)... wie ist der SMART-Status der HDs. Du hast eine SSD im System, BIOs etc. ist noch richtig eingestellt (F2 beim Booten, manchmal auch DEL-Taste etc., wird beim Booten kurz angezeigt).... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
| Themen zu Windows Sicherheitcenter läst sich nicht aktivieren |
| abgesicherten, aktivieren, anhang, center, erneut, free, gefährlich, gestartet, home, interne, internet, melde, modus, neustart, nichts, probleme, screenshot, search, seite, seiten, sicherheitscenter, spybot, surfen, windows, windows 7, windows 7 home |
Linear-Darstellung
