"Trojan sirefef" suite d'un fichier ISOFermé

Question

Bonjour, 
J'espère que vous pourrez m'aider . Hier soir, j'ai télécharger un fichier ISO (j'ai déduis que cela venais de l'iso sur internet) et l'ai monter avec "Daemon Tools" . Le soir, j'éteind mon ordinateur sans problème .
Le lendemain, J'allume mon ordinateur et mon moniteur ; tout se lance parfaitement je vois le bootscreen mais lors du démarrage de windows mon moniteur perd le signal .
Je recomance trois fois, attends, puis le lance en Mode Sans Echec .
Je lance une analyse avec Microsoft Security Insentials et il trouve deux menaces, je les supprimes mais rien a faire elle reviennent toujours et moi je ne plus démarrer mon ordinateur correctement . J'ai fait une analyse complète et trouve ces erreurs :


Trojan:Win32/Sirefef.AB
Trojan:Win64/Sirefef.P
Trojan:Win64/Sirefef.P
Trojan:Win32/Sirefef.AB
Trojan:Win32/Sirefef.AB
Trojan:Win64/Sirefef.P
Trojan:Win64/Sirefef.W

Pouvez-vous me dire comment m'en débarrassez ? Merci D'avance .
             


Configuration: Windows 7 / Firefox 12.0

Utilisateur anonyme · Answer

Bonjour

-Télécharge l'utilitaire TDSSKiller (de Kaspersky) sur ton Bureau. 

https://support.kaspersky.com/downloads/utils/tdsskiller.zip

* Lance TDSSKiller.exe 

 -Sous XP double-clic sur l'icône pour lancer l'outil. 
 - Sous Vista/Seven clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel. 

* Clique sur Start scan. 
* Laisse l'outil balayer ton système sans l'interrompre et sans utiliser le PC. 
* Conserve l'action proposée par défaut par l'outil 
- Si TDSS.tdl2 : l'option Delete sera cochée. 
- Si TDSS.tdl3 ou TDSS.tdl4 : assure toi que Cure soit bien cochée. 
- Si "Suspicious object" laisse l'option cochée sur Skip 
- Si Rootkit.Win32.ZAccess.* est détecté règle sur cure en haut , et delete en bas 

* Clique sur Continue puis sur Reboot now si le redémarrage est proposé. 
* Le rapport se trouve à la racine du disque principal : C:\TDSSKiller.n° de version_date_heure_log.txt

HorloTo · Answer

Merci pour ta réponse nanard4700 mais le logiciel ne trouve rien
Plus précisément " no threats found" .
Une autre idée peut-être ?
Merci d'avance

Utilisateur anonyme · Answer

/!\ A l'attention de ceux qui passent sur ce sujet /!\  
Le logiciel qui suit n'est pas à utiliser à la légère et peut faire des dégâts s'il est mal utilisé ! Ne le faites que si un helpeur du forum qui connait bien cet outil vous l'a recommandé.  

/!\ Désactive tous tes logiciels de protection  (Antivirus, Antispywares)  /!\  

* Télécharge combofix(de sUBs) sur ton Bureau.  
* Double-clique sur ComboFix.exe afin de le lancer.  
* Il va te demander d'installer la console de récupération : accepte. (important en cas de problème) 
/!\ Ne touche ni à la souris, ni au clavier durant le scan /!\  
* Lorsque la recherche sera terminée, un rapport apparaîtra.   
* Héberge le rapport C:\Combofix.txt  sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles  puis copie/colle le lien fournit dans ta prochaine réponse sur le forum 
#Si combofix ne veut pas se lancer renommes le en ccm.exe et éxécutes le en mode sans échec . 
Tutoriel officiel de Combofix : Tuto Combofix

HorloTo · Answer

Euh, je crois que mon ordi a un sérieux problème ...   
J'ai télécharger combofix, je le lance il ne me propose pas d'installer quelque chose mais juste d'accepter leur formulaire . A l'arrache, j'accepte le scan dure 2.5sec et je n'ai pas de fichier texte . Juste une sorte de raccourcis qui me fait revenir à mon poste de travail .   
Je n'y comprends pas grand chose,   
Merci a toi nanard4700 de vouloir m'aider   
Et merci a vous tous pour vos futures réponses .   

http://www.imagup.com/data/1152712111.html

Utilisateur anonyme · Answer

Téléchargez l'outil de désinfection yorkyt.exe (1,31 Mo). 

http://www.pandasecurity.com/resources/tools/yorkyt.exe 

Enregistrez le fichier  sur le bureau Windows. 
Double-cliquez sur le fichier yorkyt.exe. 
Un redémarrage sera demandé afin d'installer un pilote. 
Un autre redémarrage sera demandé pour terminer la désinfection. 
Lorsque la désinfection est terminée, accepter le message qui sera affiché.  
Dis moi si au redémarrage, tu as  le message Cleanup Completed  sur l'écran....

HorloTo · Answer

Merci pour ton conseil mais, lorsque je suis en mode sans échec, et que mon pc redémarre; il lance Windows normalement et mon ecran ne capte plus le signal . Je l'ai ensuite éteind a la "barbare" et lai rallumé e mode sans échec . Je doit re-redémarrer mon ordinateur et tout recommence . 
Une autre idée peut-être ? Je sais je demande beaucoup :) .
Merci d'avance et mille merci pour avoir essayer de m'aider

Utilisateur anonyme · Answer

On va tester un autre programme.

*  Télécharger aswMBR.exe sur votre bureau.
*  Double cliquez sur le aswMBR.exe pour l'exécuter
*  Cliquez sur le bouton «Scan» pour commencer le balayage
*  Cliquez sur Save log pour sauvegarder le rapport
*  Enregistrez le aswASW.log sur le bureau
*	Poster le rapport sur le forum.

HorloTo · Answer

Alors, voilà le rapport d'aswMBR : 
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software 
Run date: 2012-05-26 21:36:13 
----------------------------- 
21:36:13.076    OS Version: Windows x64 6.1.7601 Service Pack 1 
21:36:13.076    Number of processors: 4 586 0x2A07 
21:36:13.076    ComputerName: DAVID-HP  UserName: David 
21:36:16.648    Initialize success 
21:36:25.168    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 
21:36:25.170    Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 3 
21:36:25.178    Disk 0 MBR read successfully 
21:36:25.179    Disk 0 MBR scan 
21:36:25.181    Disk 0 Windows 7 default MBR code 
21:36:25.184    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048 
21:36:25.190    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       940447 MB offset 206848 
21:36:25.225    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        13320 MB offset 1926242304 
21:36:25.266    Disk 0 scanning C:\Windows\system32\drivers 
21:36:29.163    Service scanning 
21:36:37.917    Modules scanning 
21:36:37.921    Disk 0 trace - called modules: 
21:36:37.928    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll  
21:36:37.930    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005f64790] 
21:36:37.933    3 CLASSPNP.SYS[fffff88001f8f43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a27050] 
21:36:37.936    Scan finished successfully 
21:36:43.351    Disk 0 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat" 
21:36:43.361    The log file has been saved successfully to "C:\Users\David\Desktop\aswMBR.txt"



------------------------------------------------------------------------
Yorkit m'a aussi laissé un fichier txt nommé "yorkit.exe" :

2012-05-26 19:23:32: ****************************************************
2012-05-26 19:23:32:  Starting UP ... v 0.0.0.220
2012-05-26 19:23:32: ****************************************************
2012-05-26 19:23:32: Stop TPSRV returns: 2
2012-05-26 19:23:47: Listing processes...
2012-05-26 19:23:47:    :[System Process]:0
2012-05-26 19:23:47:    :System:4
2012-05-26 19:23:47:    :smss.exe:332
2012-05-26 19:23:47:    :csrss.exe:412
2012-05-26 19:23:47:    :csrss.exe:448
2012-05-26 19:23:47:    :wininit.exe:456
2012-05-26 19:23:47:    :winlogon.exe:504
2012-05-26 19:23:47:    :services.exe:548
2012-05-26 19:23:47:    :lsass.exe:556
2012-05-26 19:23:47:    :lsm.exe:564
2012-05-26 19:23:47:    :svchost.exe:676
2012-05-26 19:23:47:    :svchost.exe:748
2012-05-26 19:23:47:    :MsMpEng.exe:828
2012-05-26 19:23:47:    :svchost.exe:896
2012-05-26 19:23:47:    :svchost.exe:932
2012-05-26 19:23:47:    :svchost.exe:968
2012-05-26 19:23:47:    :svchost.exe:1008
2012-05-26 19:23:47:    :svchost.exe:116
2012-05-26 19:23:47:    :hamachi-2.exe:988
2012-05-26 19:23:47:    :explorer.exe:1420
2012-05-26 19:23:47:    :ctfmon.exe:1468
2012-05-26 19:23:47:    :PING.EXE:1144
2012-05-26 19:23:47:    :conhost.exe:1296
2012-05-26 19:23:47:    :PING.EXE:1432
2012-05-26 19:23:47:    :conhost.exe:836
2012-05-26 19:23:47:    :PING.EXE:1820
2012-05-26 19:23:47:    :conhost.exe:1164
2012-05-26 19:23:47:    :yorkyt.exe:1312
2012-05-26 19:23:47:    :WmiPrvSE.exe:1332
2012-05-26 19:23:47: 
2012-05-26 19:23:47: Setting restore point
2012-05-26 19:23:47: RUN mode
2012-05-26 19:23:47: Determining autonomous or dropped mode...
2012-05-26 19:23:47: Autonomus mode
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: AeLookupSvc
2012-05-26 19:23:47: Real Path: C:\Windows\System32\aelupsvc.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\system32\aelupsvc.dll,-1
2012-05-26 19:23:47: Description: @%SystemRoot%\system32\aelupsvc.dll,-2
2012-05-26 19:23:47: ServiceDLL: System32\aelupsvc.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: aelupsvc.dll
2012-05-26 19:23:47: Original File Name: aelupsvc.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: AppIDSvc
2012-05-26 19:23:47: Real Path: C:\Windows\System32\appidsvc.dll
2012-05-26 19:23:47: Display Name: @%systemroot%\system32\appidsvc.dll,-100
2012-05-26 19:23:47: Description: @%systemroot%\system32\appidsvc.dll,-101
2012-05-26 19:23:47: ServiceDLL: System32\appidsvc.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: appidsvc.dll
2012-05-26 19:23:47: Original File Name: appidsvc.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: Appinfo
2012-05-26 19:23:47: Real Path: C:\Windows\System32\appinfo.dll
2012-05-26 19:23:47: Display Name: @%systemroot%\system32\appinfo.dll,-100
2012-05-26 19:23:47: Description: @%systemroot%\system32\appinfo.dll,-101
2012-05-26 19:23:47: ServiceDLL: System32\appinfo.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: appinfo.dll
2012-05-26 19:23:47: Original File Name: appinfo.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: !!!!!!!
2012-05-26 19:23:47: Found Service: AppMgmt
2012-05-26 19:23:47: Real Path: C:\Windows\System32\appmgmts.dll
2012-05-26 19:23:47: Display Name: 
2012-05-26 19:23:47: Description: 
2012-05-26 19:23:47: ServiceDLL: System32\appmgmts.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: appmgmts.dll
2012-05-26 19:23:47: Original File Name: 
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: !!!!!!!!!
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: AudioEndpointBuilder
2012-05-26 19:23:47: Real Path: C:\Windows\System32\Audiosrv.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\system32\audiosrv.dll,-204
2012-05-26 19:23:47: Description: @%SystemRoot%\System32\audiosrv.dll,-205
2012-05-26 19:23:47: ServiceDLL: System32\Audiosrv.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: Audiosrv.dll
2012-05-26 19:23:47: Original File Name: audiosrv.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: AudioSrv
2012-05-26 19:23:47: Real Path: C:\Windows\System32\Audiosrv.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\system32\audiosrv.dll,-200
2012-05-26 19:23:47: Description: @%SystemRoot%\System32\audiosrv.dll,-201
2012-05-26 19:23:47: ServiceDLL: System32\Audiosrv.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: Audiosrv.dll
2012-05-26 19:23:47: Original File Name: audiosrv.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: AxInstSV
2012-05-26 19:23:47: Real Path: C:\Windows\System32\AxInstSV.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\system32\AxInstSV.dll,-103
2012-05-26 19:23:47: Description: @%SystemRoot%\system32\AxInstSV.dll,-104
2012-05-26 19:23:47: ServiceDLL: System32\AxInstSV.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: AxInstSV.dll
2012-05-26 19:23:47: Original File Name: AxInstSv.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: BDESVC
2012-05-26 19:23:47: Real Path: C:\Windows\System32\bdesvc.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\system32\bdesvc.dll,-100
2012-05-26 19:23:47: Description: @%SystemRoot%\system32\bdesvc.dll,-101
2012-05-26 19:23:47: ServiceDLL: System32\bdesvc.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: bdesvc.dll
2012-05-26 19:23:47: Original File Name: BDESVC.DLL.MUI
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: BITS
2012-05-26 19:23:47: Real Path: C:\Windows\System32\qmgr.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\system32\qmgr.dll,-1000
2012-05-26 19:23:47: Description: @%SystemRoot%\system32\qmgr.dll,-1001
2012-05-26 19:23:47: ServiceDLL: System32\qmgr.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: qmgr.dll
2012-05-26 19:23:47: Original File Name: qmgr.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: Browser
2012-05-26 19:23:47: Real Path: C:\Windows\System32\browser.dll
2012-05-26 19:23:47: Display Name: @%systemroot%\system32\browser.dll,-100
2012-05-26 19:23:47: Description: @%systemroot%\system32\browser.dll,-101
2012-05-26 19:23:47: ServiceDLL: System32\browser.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: browser.dll
2012-05-26 19:23:47: Original File Name: browser.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: bthserv
2012-05-26 19:23:47: Real Path: C:\Windows\system32\bthserv.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\System32\bthserv.dll,-101
2012-05-26 19:23:47: Description: @%SystemRoot%\System32\bthserv.dll,-102
2012-05-26 19:23:47: ServiceDLL: system32\bthserv.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: bthserv.dll
2012-05-26 19:23:47: Original File Name: BTHSERV.DLL.MUI
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: CertPropSvc
2012-05-26 19:23:47: Real Path: C:\Windows\System32\certprop.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\System32\certprop.dll,-11
2012-05-26 19:23:47: Description: @%SystemRoot%\System32\certprop.dll,-12
2012-05-26 19:23:47: ServiceDLL: System32\certprop.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: certprop.dll
2012-05-26 19:23:47: Original File Name: certprop.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: CryptSvc
2012-05-26 19:23:47: Real Path: C:\Windows\system32\cryptsvc.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\system32\cryptsvc.dll,-1001
2012-05-26 19:23:47: Description: @%SystemRoot%\system32\cryptsvc.dll,-1002
2012-05-26 19:23:47: ServiceDLL: system32\cryptsvc.dll
2012-05-26 19:23:47: File size: 136192
2012-05-26 19:23:47: DLL File name: cryptsvc.dll
2012-05-26 19:23:47: Original File Name: cryptsvc.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time: 20101121052432 20101121052432 20120525182447
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: DcomLaunch
2012-05-26 19:23:47: Real Path: C:\Windows\system32pcss.dll
2012-05-26 19:23:47: Display Name: @oleres.dll,-5012
2012-05-26 19:23:47: Description: @oleres.dll,-5013
2012-05-26 19:23:47: ServiceDLL: system32pcss.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: rpcss.dll
2012-05-26 19:23:47: Original File Name: rpcss.dll
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: defragsvc
2012-05-26 19:23:47: Real Path: C:\Windows\System32\defragsvc.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\system32\defragsvc.dll,-101
2012-05-26 19:23:47: Description: @%SystemRoot%\system32\defragsvc.dll,-102
2012-05-26 19:23:47: ServiceDLL: System32\defragsvc.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: defragsvc.dll
2012-05-26 19:23:47: Original File Name: defragsvc.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: Dhcp
2012-05-26 19:23:47: Real Path: C:\Windows\system32\dhcpcore.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\system32\dhcpcore.dll,-100
2012-05-26 19:23:47: Description: @%SystemRoot%\system32\dhcpcore.dll,-101
2012-05-26 19:23:47: ServiceDLL: system32\dhcpcore.dll
2012-05-26 19:23:47: File size: 254464
2012-05-26 19:23:47: DLL File name: dhcpcore.dll
2012-05-26 19:23:47: Original File Name: dhcpcore.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time: 20101121052409 20101121052409 20120525182450
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: Dnscache
2012-05-26 19:23:47: Real Path: C:\Windows\System32\dnsrslvr.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\System32\dnsapi.dll,-101
2012-05-26 19:23:47: Description: @%SystemRoot%\System32\dnsapi.dll,-102
2012-05-26 19:23:47: ServiceDLL: System32\dnsrslvr.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: dnsrslvr.dll
2012-05-26 19:23:47: Original File Name: dnsrslvr.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: dot3svc
2012-05-26 19:23:47: Real Path: C:\Windows\System32\dot3svc.dll
2012-05-26 19:23:47: Display Name: @%systemroot%\system32\dot3svc.dll,-1102
2012-05-26 19:23:47: Description: @%systemroot%\system32\dot3svc.dll,-1103
2012-05-26 19:23:47: ServiceDLL: System32\dot3svc.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: dot3svc.dll
2012-05-26 19:23:47: Original File Name: dot3svc.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: DPS
2012-05-26 19:23:47: Real Path: C:\Windows\system32\dps.dll
2012-05-26 19:23:47: Display Name: @%systemroot%\system32\dps.dll,-500
2012-05-26 19:23:47: Description: @%systemroot%\system32\dps.dll,-501
2012-05-26 19:23:47: ServiceDLL: system32\dps.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: dps.dll
2012-05-26 19:23:47: Original File Name: dps.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: EapHost
2012-05-26 19:23:47: Real Path: C:\Windows\System32\eapsvc.dll
2012-05-26 19:23:47: Display Name: @%systemroot%\system32\eapsvc.dll,-1
2012-05-26 19:23:47: Description: @%systemroot%\system32\eapsvc.dll,-2
2012-05-26 19:23:47: ServiceDLL: System32\eapsvc.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: eapsvc.dll
2012-05-26 19:23:47: Original File Name: eapsvc.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: EventSystem
2012-05-26 19:23:47: Real Path: C:\Windows\system32\es.dll
2012-05-26 19:23:47: Display Name: @comres.dll,-2450
2012-05-26 19:23:47: Description: @comres.dll,-2451
2012-05-26 19:23:47: ServiceDLL: system32\es.dll
2012-05-26 19:23:47: File size: 271360
2012-05-26 19:23:47: DLL File name: es.dll
2012-05-26 19:23:47: Original File Name: ES.DLL
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time: 20090714031519 20090714014438 20120525182453
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: fdPHost
2012-05-26 19:23:47: Real Path: C:\Windows\system32\fdPHost.dll
2012-05-26 19:23:47: Display Name: @%systemroot%\system32\fdPHost.dll,-100
2012-05-26 19:23:47: Description: @%systemroot%\system32\fdPHost.dll,-101
2012-05-26 19:23:47: ServiceDLL: system32\fdPHost.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: fdPHost.dll
2012-05-26 19:23:47: Original File Name: fdPHost.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: FDResPub
2012-05-26 19:23:47: Real Path: C:\Windows\system32\fdrespub.dll
2012-05-26 19:23:47: Display Name: @%systemroot%\system32\fdrespub.dll,-100
2012-05-26 19:23:47: Description: @%systemroot%\system32\fdrespub.dll,-101
2012-05-26 19:23:47: ServiceDLL: system32\fdrespub.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: fdrespub.dll
2012-05-26 19:23:47: Original File Name: FDResPub.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: !!!!!!!
2012-05-26 19:23:47: Found Service: FontCache
2012-05-26 19:23:47: Real Path: C:\Windows\system32\FntCache.dll
2012-05-26 19:23:47: Display Name: @%systemroot%\system32\FntCache.dll,-100
2012-05-26 19:23:47: Description: @%systemroot%\system32\FntCache.dll,-101
2012-05-26 19:23:47: ServiceDLL: system32\FntCache.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: FntCache.dll
2012-05-26 19:23:47: Original File Name: FontCacheService
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: !!!!!!!!!
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: gpsvc
2012-05-26 19:23:47: Real Path: C:\Windows\System32\gpsvc.dll
2012-05-26 19:23:47: Display Name: @gpapi.dll,-112
2012-05-26 19:23:47: Description: @gpapi.dll,-113
2012-05-26 19:23:47: ServiceDLL: System32\gpsvc.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: gpsvc.dll
2012-05-26 19:23:47: Original File Name: gpsvc.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: hidserv
2012-05-26 19:23:47: Real Path: C:\Windows\System32\hidserv.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\System32\hidserv.dll,-101
2012-05-26 19:23:47: Description: @%SystemRoot%\System32\hidserv.dll,-102
2012-05-26 19:23:47: ServiceDLL: System32\hidserv.dll
2012-05-26 19:23:47: File size: 49152
2012-05-26 19:23:47: DLL File name: hidserv.dll
2012-05-26 19:23:47: Original File Name: HIDSERV.DLL.MUI
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time: 20090714031524 20090714015109 20120525182456
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: hkmsvc
2012-05-26 19:23:47: Real Path: C:\Windows\system32\kmsvc.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\system32\kmsvc.dll,-6
2012-05-26 19:23:47: Description: @%SystemRoot%\system32\kmsvc.dll,-7
2012-05-26 19:23:47: ServiceDLL: system32\kmsvc.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: kmsvc.dll
2012-05-26 19:23:47: Original File Name: KmSvc.DLL.MUI
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: HomeGroupListener
2012-05-26 19:23:47: Real Path: C:\Windows\system32\ListSvc.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\System32\ListSvc.dll,-100
2012-05-26 19:23:47: Description: @%SystemRoot%\System32\ListSvc.dll,-101
2012-05-26 19:23:47: ServiceDLL: system32\ListSvc.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: ListSvc.dll
2012-05-26 19:23:47: Original File Name: ListSvc.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: HomeGroupProvider
2012-05-26 19:23:47: Real Path: C:\Windows\system32\provsvc.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\System32\provsvc.dll,-100
2012-05-26 19:23:47: Description: @%SystemRoot%\System32\provsvc.dll,-101
2012-05-26 19:23:47: ServiceDLL: system32\provsvc.dll
2012-05-26 19:23:47: File size: 165376
2012-05-26 19:23:47: DLL File name: provsvc.dll
2012-05-26 19:23:47: Original File Name: provsvc.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time: 20101121052510 20101121052510 20120526192321
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: IKEEXT
2012-05-26 19:23:47: Real Path: C:\Windows\System32\ikeext.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\system32\ikeext.dll,-501
2012-05-26 19:23:47: Description: @%SystemRoot%\system32\ikeext.dll,-502
2012-05-26 19:23:47: ServiceDLL: System32\ikeext.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: ikeext.dll
2012-05-26 19:23:47: Original File Name: IKEEXT.DLL.MUI
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: IPBusEnum
2012-05-26 19:23:47: Real Path: C:\Windows\system32\ipbusenum.dll
2012-05-26 19:23:47: Display Name: @%systemroot%\system32\IPBusEnum.dll,-102
2012-05-26 19:23:47: Description: @%systemroot%\system32\IPBusEnum.dll,-103
2012-05-26 19:23:47: ServiceDLL: system32\ipbusenum.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:47: DLL File name: ipbusenum.dll
2012-05-26 19:23:47: Original File Name: IPBusEnum.dll.mui
2012-05-26 19:23:47: Company: 
2012-05-26 19:23:47: Mod/Cre/Acc time:   
2012-05-26 19:23:47: ---------------------------------------------------------------------
2012-05-26 19:23:47: Found Service: iphlpsvc
2012-05-26 19:23:47: Real Path: C:\Windows\System32\iphlpsvc.dll
2012-05-26 19:23:47: Display Name: @%SystemRoot%\system32\iphlpsvc.dll,-500
2012-05-26 19:23:47: Description: @%SystemRoot%\system32\iphlpsvc.dll,-501
2012-05-26 19:23:47: ServiceDLL: System32\iphlpsvc.dll
2012-05-26 19:23:47: File size: 0
2012-05-26 19:23:48: DLL File name: iphlpsvc.dll
2012-05-26 19:23:48: Original File Name: iphlpsvc.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: KtmRm
2012-05-26 19:23:48: Real Path: C:\Windows\system32\msdtckrm.dll
2012-05-26 19:23:48: Display Name: @comres.dll,-2946
2012-05-26 19:23:48: Description: @comres.dll,-2947
2012-05-26 19:23:48: ServiceDLL: system32\msdtckrm.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: msdtckrm.dll
2012-05-26 19:23:48: Original File Name: MSDTCKRM.DLL
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: LanmanServer
2012-05-26 19:23:48: Real Path: C:\Windows\System32\srvsvc.dll
2012-05-26 19:23:48: Display Name: @%systemroot%\system32\srvsvc.dll,-100
2012-05-26 19:23:48: Description: @%systemroot%\system32\srvsvc.dll,-101
2012-05-26 19:23:48: ServiceDLL: System32\srvsvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: srvsvc.dll
2012-05-26 19:23:48: Original File Name: SRVSVC.DLL.MUI
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: LanmanWorkstation
2012-05-26 19:23:48: Real Path: C:\Windows\System32\wkssvc.dll
2012-05-26 19:23:48: Display Name: @%systemroot%\system32\wkssvc.dll,-100
2012-05-26 19:23:48: Description: @%systemroot%\system32\wkssvc.dll,-101
2012-05-26 19:23:48: ServiceDLL: System32\wkssvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: wkssvc.dll
2012-05-26 19:23:48: Original File Name: WKSSVC.DLL.MUI
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: lltdsvc
2012-05-26 19:23:48: Real Path: C:\Windows\System32\lltdsvc.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\lltdres.dll,-1
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\lltdres.dll,-2
2012-05-26 19:23:48: ServiceDLL: System32\lltdsvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: lltdsvc.dll
2012-05-26 19:23:48: Original File Name: LLTDSVC.DLL
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: lmhosts
2012-05-26 19:23:48: Real Path: C:\Windows\System32\lmhsvc.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\lmhsvc.dll,-101
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\lmhsvc.dll,-102
2012-05-26 19:23:48: ServiceDLL: System32\lmhsvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: lmhsvc.dll
2012-05-26 19:23:48: Original File Name: lmhsvc.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: Mcx2Svc
2012-05-26 19:23:48: Real Path: C:\Windows\system32\Mcx2Svc.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\ehome\ehres.dll,-15501
2012-05-26 19:23:48: Description: @%SystemRoot%\ehome\ehres.dll,-15502
2012-05-26 19:23:48: ServiceDLL: system32\Mcx2Svc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: Mcx2Svc.dll
2012-05-26 19:23:48: Original File Name: Mcx2Svc.dll
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: MMCSS
2012-05-26 19:23:48: Real Path: C:\Windows\system32\mmcss.dll
2012-05-26 19:23:48: Display Name: @%systemroot%\system32\mmcss.dll,-100
2012-05-26 19:23:48: Description: @%systemroot%\system32\mmcss.dll,-101
2012-05-26 19:23:48: ServiceDLL: system32\mmcss.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: mmcss.dll
2012-05-26 19:23:48: Original File Name: mmcss.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: MSiSCSI
2012-05-26 19:23:48: Real Path: C:\Windows\system32\iscsiexe.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\iscsidsc.dll,-5000
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\iscsidsc.dll,-5001
2012-05-26 19:23:48: ServiceDLL: system32\iscsiexe.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: iscsiexe.dll
2012-05-26 19:23:48: Original File Name: iscsiexe.exe.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: napagent
2012-05-26 19:23:48: Real Path: C:\Windows\system32\qagentRT.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\qagentrt.dll,-6
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\qagentrt.dll,-7
2012-05-26 19:23:48: ServiceDLL: system32\qagentRT.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: qagentRT.dll
2012-05-26 19:23:48: Original File Name: QAgentRT.DLL.MUI
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: Netman
2012-05-26 19:23:48: Real Path: C:\Windows\System32
etman.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32
etman.dll,-109
2012-05-26 19:23:48: Description: @%SystemRoot%\system32
etman.dll,-110
2012-05-26 19:23:48: ServiceDLL: System32
etman.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: netman.dll
2012-05-26 19:23:48: Original File Name: netman.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: netprofm
2012-05-26 19:23:48: Real Path: C:\Windows\System32
etprofm.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32
etprofm.dll,-202
2012-05-26 19:23:48: Description: @%SystemRoot%\system32
etprofm.dll,-203
2012-05-26 19:23:48: ServiceDLL: System32
etprofm.dll
2012-05-26 19:23:48: File size: 360448
2012-05-26 19:23:48: DLL File name: netprofm.dll
2012-05-26 19:23:48: Original File Name: netprofm.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time: 20090714031603 20090714015658 20120526171656
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: NlaSvc
2012-05-26 19:23:48: Real Path: C:\Windows\System32
lasvc.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\System32
lasvc.dll,-1
2012-05-26 19:23:48: Description: @%SystemRoot%\System32
lasvc.dll,-2
2012-05-26 19:23:48: ServiceDLL: System32
lasvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: nlasvc.dll
2012-05-26 19:23:48: Original File Name: nlasvc.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: nsi
2012-05-26 19:23:48: Real Path: C:\Windows\system32
sisvc.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32
sisvc.dll,-200
2012-05-26 19:23:48: Description: @%SystemRoot%\system32
sisvc.dll,-201
2012-05-26 19:23:48: ServiceDLL: system32
sisvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: nsisvc.dll
2012-05-26 19:23:48: Original File Name: nsisvc.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: p2pimsvc
2012-05-26 19:23:48: Real Path: C:\Windows\system32\pnrpsvc.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\pnrpsvc.dll,-8004
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\pnrpsvc.dll,-8005
2012-05-26 19:23:48: ServiceDLL: system32\pnrpsvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: pnrpsvc.dll
2012-05-26 19:23:48: Original File Name: pnrpsvc.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: p2psvc
2012-05-26 19:23:48: Real Path: C:\Windows\system32\p2psvc.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\p2psvc.dll,-8006
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\p2psvc.dll,-8007
2012-05-26 19:23:48: ServiceDLL: system32\p2psvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: p2psvc.dll
2012-05-26 19:23:48: Original File Name: p2psvc.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: !!!!!!!
2012-05-26 19:23:48: Found Service: PcaSvc
2012-05-26 19:23:48: Real Path: C:\Windows\System32\pcasvc.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\pcasvc.dll,-1
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\pcasvc.dll,-2
2012-05-26 19:23:48: ServiceDLL: System32\pcasvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: pcasvc.dll
2012-05-26 19:23:48: Original File Name: 
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: !!!!!!!!!
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: pla
2012-05-26 19:23:48: Real Path: C:\Windows\system32\pla.dll
2012-05-26 19:23:48: Display Name: @%systemroot%\system32\pla.dll,-500
2012-05-26 19:23:48: Description: @%systemroot%\system32\pla.dll,-501
2012-05-26 19:23:48: ServiceDLL: system32\pla.dll
2012-05-26 19:23:48: File size: 1508864
2012-05-26 19:23:48: DLL File name: pla.dll
2012-05-26 19:23:48: Original File Name: PLA.DLL.MUI
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time: 20101121052408 20101121052408 20120525182512
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: PlugPlay
2012-05-26 19:23:48: Real Path: C:\Windows\system32\umpnpmgr.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\umpnpmgr.dll,-100
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\umpnpmgr.dll,-101
2012-05-26 19:23:48: ServiceDLL: system32\umpnpmgr.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: umpnpmgr.dll
2012-05-26 19:23:48: Original File Name: Umpnpmgr.DLL.MUI
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: PNRPAutoReg
2012-05-26 19:23:48: Real Path: C:\Windows\system32\pnrpauto.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\pnrpauto.dll,-8002
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\pnrpauto.dll,-8003
2012-05-26 19:23:48: ServiceDLL: system32\pnrpauto.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: pnrpauto.dll
2012-05-26 19:23:48: Original File Name: pnrpauto.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: PNRPsvc
2012-05-26 19:23:48: Real Path: C:\Windows\system32\pnrpsvc.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\pnrpsvc.dll,-8000
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\pnrpsvc.dll,-8001
2012-05-26 19:23:48: ServiceDLL: system32\pnrpsvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: pnrpsvc.dll
2012-05-26 19:23:48: Original File Name: pnrpsvc.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: PolicyAgent
2012-05-26 19:23:48: Real Path: C:\Windows\System32\ipsecsvc.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\System32\polstore.dll,-5010
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\polstore.dll,-5011
2012-05-26 19:23:48: ServiceDLL: System32\ipsecsvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: ipsecsvc.dll
2012-05-26 19:23:48: Original File Name: ipsecsvc.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: Power
2012-05-26 19:23:48: Real Path: C:\Windows\system32\umpo.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\umpo.dll,-100
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\umpo.dll,-101
2012-05-26 19:23:48: ServiceDLL: system32\umpo.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: umpo.dll
2012-05-26 19:23:48: Original File Name: Umpo.DLL.MUI
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: ProfSvc
2012-05-26 19:23:48: Real Path: C:\Windows\system32\profsvc.dll
2012-05-26 19:23:48: Display Name: @%systemroot%\system32\profsvc.dll,-300
2012-05-26 19:23:48: Description: @%systemroot%\system32\profsvc.dll,-301
2012-05-26 19:23:48: ServiceDLL: system32\profsvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: profsvc.dll
2012-05-26 19:23:48: Original File Name: ProfSvc.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: QWAVE
2012-05-26 19:23:48: Real Path: C:\Windows\system32\qwave.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\qwave.dll,-1
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\qwave.dll,-2
2012-05-26 19:23:48: ServiceDLL: system32\qwave.dll
2012-05-26 19:23:48: File size: 210944
2012-05-26 19:23:48: DLL File name: qwave.dll
2012-05-26 19:23:48: Original File Name: qwave.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time: 20090714031612 20090714015415 20120525182513
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: RasAuto
2012-05-26 19:23:48: Real Path: C:\Windows\System32asauto.dll
2012-05-26 19:23:48: Display Name: @%Systemroot%\system32asauto.dll,-200
2012-05-26 19:23:48: Description: @%Systemroot%\system32asauto.dll,-201
2012-05-26 19:23:48: ServiceDLL: System32asauto.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: rasauto.dll
2012-05-26 19:23:48: Original File Name: rasauto.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: RasMan
2012-05-26 19:23:48: Real Path: C:\Windows\System32asmans.dll
2012-05-26 19:23:48: Display Name: @%Systemroot%\system32asmans.dll,-200
2012-05-26 19:23:48: Description: @%Systemroot%\system32asmans.dll,-201
2012-05-26 19:23:48: ServiceDLL: System32asmans.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: rasmans.dll
2012-05-26 19:23:48: Original File Name: Rasmans.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: RemoteAccess
2012-05-26 19:23:48: Real Path: C:\Windows\System32\mprdim.dll
2012-05-26 19:23:48: Display Name: @%Systemroot%\system32\mprdim.dll,-200
2012-05-26 19:23:48: Description: @%Systemroot%\system32\mprdim.dll,-201
2012-05-26 19:23:48: ServiceDLL: System32\mprdim.dll
2012-05-26 19:23:48: File size: 75264
2012-05-26 19:23:48: DLL File name: mprdim.dll
2012-05-26 19:23:48: Original File Name: MPRDIM.DLL.MUI
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time: 20090714031541 20090714015426 20120525182502
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: RemoteRegistry
2012-05-26 19:23:48: Real Path: C:\Windows\system32egsvc.dll
2012-05-26 19:23:48: Display Name: @regsvc.dll,-1
2012-05-26 19:23:48: Description: @regsvc.dll,-2
2012-05-26 19:23:48: ServiceDLL: system32egsvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: regsvc.dll
2012-05-26 19:23:48: Original File Name: REGSVC.DLL.MUI
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: RpcEptMapper
2012-05-26 19:23:48: Real Path: C:\Windows\System32\RpcEpMap.dll
2012-05-26 19:23:48: Display Name: @%windir%\system32\RpcEpMap.dll,-1001
2012-05-26 19:23:48: Description: @%windir%\system32\RpcEpMap.dll,-1002
2012-05-26 19:23:48: ServiceDLL: System32\RpcEpMap.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: RpcEpMap.dll
2012-05-26 19:23:48: Original File Name: RpcEpMap.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: RpcSs
2012-05-26 19:23:48: Real Path: C:\Windows\system32pcss.dll
2012-05-26 19:23:48: Display Name: @oleres.dll,-5010
2012-05-26 19:23:48: Description: @oleres.dll,-5011
2012-05-26 19:23:48: ServiceDLL: system32pcss.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: rpcss.dll
2012-05-26 19:23:48: Original File Name: rpcss.dll
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: SCardSvr
2012-05-26 19:23:48: Real Path: C:\Windows\System32\SCardSvr.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\System32\SCardSvr.dll,-1
2012-05-26 19:23:48: Description: @%SystemRoot%\System32\SCardSvr.dll,-5
2012-05-26 19:23:48: ServiceDLL: System32\SCardSvr.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: SCardSvr.dll
2012-05-26 19:23:48: Original File Name: SCardSvr.exe.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: Schedule
2012-05-26 19:23:48: Real Path: C:\Windows\system32\schedsvc.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\schedsvc.dll,-100
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\schedsvc.dll,-101
2012-05-26 19:23:48: ServiceDLL: system32\schedsvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: schedsvc.dll
2012-05-26 19:23:48: Original File Name: schedsvc.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: SCPolicySvc
2012-05-26 19:23:48: Real Path: C:\Windows\System32\certprop.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\System32\certprop.dll,-13
2012-05-26 19:23:48: Description: @%SystemRoot%\System32\certprop.dll,-14
2012-05-26 19:23:48: ServiceDLL: System32\certprop.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: certprop.dll
2012-05-26 19:23:48: Original File Name: certprop.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: SDRSVC
2012-05-26 19:23:48: Real Path: C:\Windows\System32\SDRSVC.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\sdrsvc.dll,-107
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\sdrsvc.dll,-102
2012-05-26 19:23:48: ServiceDLL: System32\SDRSVC.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: SDRSVC.dll
2012-05-26 19:23:48: Original File Name: SDRSVC.DLL.MUI
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: seclogon
2012-05-26 19:23:48: Real Path: C:\Windows\system32\seclogon.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\seclogon.dll,-7001
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\seclogon.dll,-7000
2012-05-26 19:23:48: ServiceDLL: system32\seclogon.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: seclogon.dll
2012-05-26 19:23:48: Original File Name: SECLOGON.EXE.MUI
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: SENS
2012-05-26 19:23:48: Real Path: C:\Windows\System32\sens.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\Sens.dll,-200
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\Sens.dll,-201
2012-05-26 19:23:48: ServiceDLL: System32\sens.dll
2012-05-26 19:23:48: File size: 49664
2012-05-26 19:23:48: DLL File name: sens.dll
2012-05-26 19:23:48: Original File Name: sens.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time: 20090714031613 20090714012158 20120525182514
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: SensrSvc
2012-05-26 19:23:48: Real Path: C:\Windows\system32\sensrsvc.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\System32\sensrsvc.dll,-1000
2012-05-26 19:23:48: Description: @%SystemRoot%\System32\sensrsvc.dll,-1001
2012-05-26 19:23:48: ServiceDLL: system32\sensrsvc.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: sensrsvc.dll
2012-05-26 19:23:48: Original File Name: sensrsvc.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: SessionEnv
2012-05-26 19:23:48: Real Path: C:\Windows\system32\sessenv.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\System32\SessEnv.dll,-1026
2012-05-26 19:23:48: Description: @%SystemRoot%\System32\SessEnv.dll,-1027
2012-05-26 19:23:48: ServiceDLL: system32\sessenv.dll
2012-05-26 19:23:48: File size: 113664
2012-05-26 19:23:48: DLL File name: sessenv.dll
2012-05-26 19:23:48: Original File Name: SessEnv.DLL.MUI
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time: 20101121052355 20101121052355 20120525182515
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: ShellHWDetection
2012-05-26 19:23:48: Real Path: C:\Windows\System32\shsvcs.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\System32\shsvcs.dll,-12288
2012-05-26 19:23:48: Description: @%SystemRoot%\System32\shsvcs.dll,-12289
2012-05-26 19:23:48: ServiceDLL: System32\shsvcs.dll
2012-05-26 19:23:48: File size: 328192
2012-05-26 19:23:48: DLL File name: shsvcs.dll
2012-05-26 19:23:48: Original File Name: SHSVCS.DLL.MUI
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time: 20101121052403 20101121052403 20120525182515
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: sppuinotify
2012-05-26 19:23:48: Real Path: C:\Windows\system32\sppuinotify.dll
2012-05-26 19:23:48: Display Name: @%SystemRoot%\system32\sppuinotify.dll,-103
2012-05-26 19:23:48: Description: @%SystemRoot%\system32\sppuinotify.dll,-102
2012-05-26 19:23:48: ServiceDLL: system32\sppuinotify.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: sppuinotify.dll
2012-05-26 19:23:48: Original File Name: sppuinotify.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:48: ---------------------------------------------------------------------
2012-05-26 19:23:48: Found Service: SSDPSRV
2012-05-26 19:23:48: Real Path: C:\Windows\System32\ssdpsrv.dll
2012-05-26 19:23:48: Display Name: @%systemroot%\system32\ssdpsrv.dll,-100
2012-05-26 19:23:48: Description: @%systemroot%\system32\ssdpsrv.dll,-101
2012-05-26 19:23:48: ServiceDLL: System32\ssdpsrv.dll
2012-05-26 19:23:48: File size: 0
2012-05-26 19:23:48: DLL File name: ssdpsrv.dll
2012-05-26 19:23:48: Original File Name: ssdpsrv.dll.mui
2012-05-26 19:23:48: Company: 
2012-05-26 19:23:48: Mod/Cre/Acc time:   
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: SstpSvc
2012-05-26 19:23:49: Real Path: C:\Windows\system32\sstpsvc.dll
2012-05-26 19:23:49: Display Name: @%SystemRoot%\system32\sstpsvc.dll,-200
2012-05-26 19:23:49: Description: @%SystemRoot%\system32\sstpsvc.dll,-201
2012-05-26 19:23:49: ServiceDLL: system32\sstpsvc.dll
2012-05-26 19:23:49: File size: 0
2012-05-26 19:23:49: DLL File name: sstpsvc.dll
2012-05-26 19:23:49: Original File Name: sstpsvc.dll.mui
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time:   
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: stisvc
2012-05-26 19:23:49: Real Path: C:\Windows\System32\wiaservc.dll
2012-05-26 19:23:49: Display Name: @%SystemRoot%\system32\wiaservc.dll,-9
2012-05-26 19:23:49: Description: @%SystemRoot%\system32\wiaservc.dll,-10
2012-05-26 19:23:49: ServiceDLL: System32\wiaservc.dll
2012-05-26 19:23:49: File size: 0
2012-05-26 19:23:49: DLL File name: wiaservc.dll
2012-05-26 19:23:49: Original File Name: WIASERVC.DLL.MUI
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time:   
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: swprv
2012-05-26 19:23:49: Real Path: C:\Windows\System32\swprv.dll
2012-05-26 19:23:49: Display Name: @%SystemRoot%\System32\swprv.dll,-103
2012-05-26 19:23:49: Description: @%SystemRoot%\System32\swprv.dll,-102
2012-05-26 19:23:49: ServiceDLL: System32\swprv.dll
2012-05-26 19:23:49: File size: 0
2012-05-26 19:23:49: DLL File name: swprv.dll
2012-05-26 19:23:49: Original File Name: SWPRV.DLL.MUI
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time:   
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: SysMain
2012-05-26 19:23:49: Real Path: C:\Windows\system32\sysmain.dll
2012-05-26 19:23:49: Display Name: @%SystemRoot%\system32\sysmain.dll,-1000
2012-05-26 19:23:49: Description: @%SystemRoot%\system32\sysmain.dll,-1001
2012-05-26 19:23:49: ServiceDLL: system32\sysmain.dll
2012-05-26 19:23:49: File size: 0
2012-05-26 19:23:49: DLL File name: sysmain.dll
2012-05-26 19:23:49: Original File Name: sysmain.dll.mui
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time:   
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: TabletInputService
2012-05-26 19:23:49: Real Path: C:\Windows\System32\TabSvc.dll
2012-05-26 19:23:49: Display Name: @%SystemRoot%\system32\TabSvc.dll,-100
2012-05-26 19:23:49: Description: @%SystemRoot%\system32\TabSvc.dll,-101
2012-05-26 19:23:49: ServiceDLL: System32\TabSvc.dll
2012-05-26 19:23:49: File size: 0
2012-05-26 19:23:49: DLL File name: TabSvc.dll
2012-05-26 19:23:49: Original File Name: TabSvc.dll.mui
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time:   
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: TapiSrv
2012-05-26 19:23:49: Real Path: C:\Windows\System32	apisrv.dll
2012-05-26 19:23:49: Display Name: @%SystemRoot%\system32	apisrv.dll,-10100
2012-05-26 19:23:49: Description: @%SystemRoot%\system32	apisrv.dll,-10101
2012-05-26 19:23:49: ServiceDLL: System32	apisrv.dll
2012-05-26 19:23:49: File size: 242176
2012-05-26 19:23:49: DLL File name: tapisrv.dll
2012-05-26 19:23:49: Original File Name: TAPISRV.EXE.MUI
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time: 20101121052400 20101121052400 20120525182516
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: TBS
2012-05-26 19:23:49: Real Path: C:\Windows\System32	bssvc.dll
2012-05-26 19:23:49: Display Name: @%SystemRoot%\system32	bssvc.dll,-100
2012-05-26 19:23:49: Description: @%SystemRoot%\system32	bssvc.dll,-101
2012-05-26 19:23:49: ServiceDLL: System32	bssvc.dll
2012-05-26 19:23:49: File size: 0
2012-05-26 19:23:49: DLL File name: tbssvc.dll
2012-05-26 19:23:49: Original File Name: TBSSVC.DLL.MUI
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time:   
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: TermService
2012-05-26 19:23:49: Real Path: C:\Windows\System32	ermsrv.dll
2012-05-26 19:23:49: Display Name: @%SystemRoot%\System32	ermsrv.dll,-268
2012-05-26 19:23:49: Description: @%SystemRoot%\System32	ermsrv.dll,-267
2012-05-26 19:23:49: ServiceDLL: System32	ermsrv.dll
2012-05-26 19:23:49: File size: 0
2012-05-26 19:23:49: DLL File name: termsrv.dll
2012-05-26 19:23:49: Original File Name: termsrv.dll.mui
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time:   
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: Themes
2012-05-26 19:23:49: Real Path: C:\Windows\system32	hemeservice.dll
2012-05-26 19:23:49: Display Name: @%SystemRoot%\System32	hemeservice.dll,-8192
2012-05-26 19:23:49: Description: @%SystemRoot%\System32	hemeservice.dll,-8193
2012-05-26 19:23:49: ServiceDLL: system32	hemeservice.dll
2012-05-26 19:23:49: File size: 0
2012-05-26 19:23:49: DLL File name: themeservice.dll
2012-05-26 19:23:49: Original File Name: THEMESERVICE.DLL.MUI
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time:   
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: THREADORDER
2012-05-26 19:23:49: Real Path: C:\Windows\system32\mmcss.dll
2012-05-26 19:23:49: Display Name: @%systemroot%\system32\mmcss.dll,-102
2012-05-26 19:23:49: Description: @%systemroot%\system32\mmcss.dll,-103
2012-05-26 19:23:49: ServiceDLL: system32\mmcss.dll
2012-05-26 19:23:49: File size: 0
2012-05-26 19:23:49: DLL File name: mmcss.dll
2012-05-26 19:23:49: Original File Name: mmcss.dll.mui
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time:   
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: TrkWks
2012-05-26 19:23:49: Real Path: C:\Windows\System32	rkwks.dll
2012-05-26 19:23:49: Display Name: @%SystemRoot%\system32	rkwks.dll,-1
2012-05-26 19:23:49: Description: @%SystemRoot%\system32	rkwks.dll,-2
2012-05-26 19:23:49: ServiceDLL: System32	rkwks.dll
2012-05-26 19:23:49: File size: 0
2012-05-26 19:23:49: DLL File name: trkwks.dll
2012-05-26 19:23:49: Original File Name: trkwks.dll.mui
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time:   
2012-05-26 19:23:49: !!!!!!!
2012-05-26 19:23:49: Found Service: upnphost
2012-05-26 19:23:49: Real Path: C:\Windows\System32\upnphost.dll
2012-05-26 19:23:49: Display Name: @%systemroot%\system32\upnphost.dll,-213
2012-05-26 19:23:49: Description: @%systemroot%\system32\upnphost.dll,-214
2012-05-26 19:23:49: ServiceDLL: System32\upnphost.dll
2012-05-26 19:23:49: File size: 266752
2012-05-26 19:23:49: DLL File name: upnphost.dll
2012-05-26 19:23:49: Original File Name: unpnhost.dll.mui
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time: 20090714031617 20090714015541 20120525182517
2012-05-26 19:23:49: !!!!!!!!!
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: UxSms
2012-05-26 19:23:49: Real Path: C:\Windows\System32\uxsms.dll
2012-05-26 19:23:49: Display Name: @%SystemRoot%\system32\dwm.exe,-2000
2012-05-26 19:23:49: Description: @%SystemRoot%\system32\dwm.exe,-2001
2012-05-26 19:23:49: ServiceDLL: System32\uxsms.dll
2012-05-26 19:23:49: File size: 0
2012-05-26 19:23:49: DLL File name: uxsms.dll
2012-05-26 19:23:49: Original File Name: UxSms.dll
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time:   
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: W32Time
2012-05-26 19:23:49: Real Path: C:\Windows\system32\w32time.dll
2012-05-26 19:23:49: Display Name: @%SystemRoot%\system32\w32time.dll,-200
2012-05-26 19:23:49: Description: @%SystemRoot%\system32\w32time.dll,-201
2012-05-26 19:23:49: ServiceDLL: system32\w32time.dll
2012-05-26 19:23:49: File size: 0
2012-05-26 19:23:49: DLL File name: w32time.dll
2012-05-26 19:23:49: Original File Name: w32time.dll.mui
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time:   
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: WbioSrvc
2012-05-26 19:23:49: Real Path: C:\Windows\System32\wbiosrvc.dll
2012-05-26 19:23:49: Display Name: @%systemroot%\system32\wbiosrvc.dll,-100
2012-05-26 19:23:49: Description: @%systemroot%\system32\wbiosrvc.dll,-101
2012-05-26 19:23:49: ServiceDLL: System32\wbiosrvc.dll
2012-05-26 19:23:49: File size: 0
2012-05-26 19:23:49: DLL File name: wbiosrvc.dll
2012-05-26 19:23:49: Original File Name: wbiosrvc.dll.mui
2012-05-26 19:23:49: Company: 
2012-05-26 19:23:49: Mod/Cre/Acc time:   
2012-05-26 19:23:49: ---------------------------------------------------------------------
2012-05-26 19:23:49: Found Service: wcncsvc
2012-05-26 19:23:49: Real Path: C:\Windows\System32\wcncsvc.dll
2012-05-26 19:23:49: Display Name: @%SystemRoot%\system32\wcncsvc.dll,-3
2012-05-26 19:23:49: Description: @%SystemRoot%\system32\wcncsvc.dll,-4
2012-05-26 19:23:49: ServiceDLL: System32\wcncsvc.dll
2012-05-26 19:23:49: File size: 276992
2012-05-26 19:23:49: DLL File name: wcncsvc.dll
2012-05-26 19:23:49: Original File Name: WCNCSVC.DLL.MUI
2012-05-26 19:23:49: Co

Utilisateur anonyme · Answer

Ce live CD contient DrWeb CureIt, un antivirus. Le principal avantage du live CD est qu'il permet d'être chargé avant le démarrage de windows. 
 Il peut donc être utilisé même si l'ordinateur ne démarre plus. 

/!\ Le temps d'analyse peut être très long si l'ordinateur possède beaucoup de données /!\ 

 La partie n°1 s'effectue sur un PC fonctionnel disposant d'un graveur, la partie n°2 s'effectue sur le PC infecté ne démarrant plus. 

                                          Partie n°1 : Téléchargement/Gravure du Live CD 

 Télécharge le live CD de DrWeb à ici

 Une fois le téléchargement fini, il faut que tu graves l'image ISO sur un CD vierge. Pour ce faire, suis ce tuto

                                        Partie n°2 : Utilisation du Live CD

 Une fois en possession du CD correctement gravé, place le dans le lecteur CD du PC infecté. 

Redémarre celui ci. Au redémarrage, le live CD se chargera de lui même. 

A l'écran principal, sélectionne [Dr.Web LiveCD (Default)] puis appuie sur [Entrée] 

Patiente pendant le chargement du système. 

Une fois arrivé sur le bureau, une fenêtre "Dr.Web Scanner" s'ouvrira. 

Dans la partie supérieure, coche toutes les partitions présentes ( C: , etc.. ) et vérifie que la case "Scan subdirectories" est également cochée. 

Clique maintenant sur le rond vert ( Update Bases ) afin de mettre à jour DrWeb. 

Une fois la mise à jour terminée, clique sur [Start] pour lancer l'analyse. 

Une fois l'analyse terminée, clique sur [Select All] puis sur [Cure] 

Clique sur l'icône " Terminal " ( icône en forme de carré noir tout en bas à gauche du bureau ) 

Tape la commande suivante dans le terminal : 

leafpad /root/.drweb/logs/scanner.log 

Valide en appuyant sur [Entrée] pour ouvrir le rapport de DrWeb. 

Poste son contenu dans ton prochain message en accédant à ce sujet directement via le live CD de DrWeb ( Firefox ). 


Note : Si le PC ne démarre pas sur le CD, c'est qu'il faut modifier la séquence de démarrage du BIOS. 
Un tutoriel est disponible ici  pour t'aider à modifier ces paramètres.

HorloTo · Answer

Euh ... je crois que j'ai foirer un truc . 
Comme je n'avais pas de CD vierge je me suis dis autant perdre du temps et pas d'argent . J'ai restaurer mon ordinateur à l'état d'origine pensant que cela allait supprimer ce truc . Mais non, je le redémarre ( il est en anglais ) cela lance windows, il y a un chargement pour la première utilisation, le moniteur perd le signal et mon ordi séteind . Ta technique marche t'elle toujours ? J'ai penser à installer linux, est-ce-une bonne idée  ?
Merci d'avance pour vos réponses .

Utilisateur anonyme · Answer

En mode sans echec sa donne quoi??

HorloTo · Answer

Et bien Windows se lance normalement,
on a le chargement "Setup is preparing your computer for first use"
Puis un message d'erreur "Windows cannot complete the installation in Safe Mode. To continue installing windows, restart the computer"
--> Windows ne peut pas finir l'installation en mode sans echec, pour terminer d'installer windowsredémarrer votre ordinateur .
Merci de ta réponse si rapide .

"Trojan sirefef" suite d'un fichier ISO

12 réponses

Discussions similaires

Newsletters