[CODE] 2008-05-25,19:27:22 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] <"D:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPFW32.EXE" -startup> [(Verified)KINGSOFT CORPORATION] <"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033> [(Verified)DAEMON Tools Code Signing Services] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] [] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [Realtek Semiconductor Corp.] <%systemroot%\system32\dumprep 0 -k> [N/A] <"D:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION] [AMD] <360Safetray> [(Verified)Qizhi Software (beijing) Co. Ltd] <"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [(Verified)"RealNetworks, Inc."] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Component Publisher] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Publisher] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [Microsoft Corporation] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <浏览器自定义组件> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] [(Verified)Microsoft Windows Publisher] ================================== 启动文件夹 [腾讯QQ] D:\PROGRA~1\tencent\QQ\QQ.exe [TENCENT]> ================================== 服务 [BoBoTurbo / BoBoTurbo][Running/Auto Start] <广州易播信息科技有限公司> [DCOM Server Process Launcher / DcomLaunch][Running/Auto Start] %SystemRoot%\system32\rpcss.dll> [DHCP Client / Dhcp][Running/Auto Start] %SystemRoot%\System32\dhcpcsvc.dll> [COM+ Event System / EventSystem][Running/Manual Start] C:\WINDOWS\system32\es.dll> [Fast User Switching Compatibility / FastUserSwitchingCompatibility][Stopped/Manual Start] %SystemRoot%\System32\shsvcs.dll> [Human Interface Device Access / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [Kingsoft Internet Security Common Service / KISSvc][Running/Auto Start] [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start] <"D:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"> [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start] <"D:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"> [Server / lanmanserver][Running/Manual Start] %SystemRoot%\System32\srvsvc.dll> [Workstation / lanmanworkstation][Running/Auto Start] %SystemRoot%\System32\wkssvc.dll> [Network Connections / Netman][Running/Manual Start] %SystemRoot%\System32\netman.dll> [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] [Remote Procedure Call (RPC) / RpcSs][Running/Auto Start] %SystemRoot%\system32\rpcss.dll> [Shell Hardware Detection / ShellHWDetection][Running/Auto Start] %SystemRoot%\System32\shsvcs.dll> [Print Spooler / Spooler][Running/Auto Start] [Windows Image Acquisition (WIA) / stisvc][Running/Auto Start] %SystemRoot%\system32\wiaservc.dll> [Telephony / TapiSrv][Running/Manual Start] %SystemRoot%\System32\tapisrv.dll> [Themes / Themes][Running/Auto Start] %SystemRoot%\System32\shsvcs.dll> [Universal Plug and Play Device Host / upnphost][Stopped/Manual Start] %SystemRoot%\System32\upnphost.dll> [WebClient / WebClient][Stopped/Manual Start] %SystemRoot%\System32\webclnt.dll> ================================== 驱动程序 [abfzzxcw / abfzzxcw][Running/] <2 - 系统找不到指定的文件。 > [Microsoft Kernel Acoustic Echo Canceller / aec][Stopped/Manual Start] [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] [AMD Low Level Device Driver / AmdLLD][Running/Manual Start] [BIOS / BIOS][Running/System Start] <\??\C:\WINDOWS\system32\drivers\BIOS.sys> [FltMgr / FltMgr][Running/Boot Start] <\SystemRoot\system32\DRIVERS\fltMgr.sys> [HTTP / HTTP][Stopped/Manual Start] [IP Network Address Translator / IpNat][Running/Manual Start] [KAVBase / KAVBase][Running/Auto Start] <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys> [KAVBootC / KAVBootC][Running/Boot Start] <\SystemRoot\system32\Drivers\KAVBootC.sys> [KAVSafe / KAVSafe][Running/Auto Start] <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys> [Microsoft Kernel Wave Audio Mixer / kmixer][Running/Manual Start] [KNetWch / KNetWch][Running/System Start] <\??\D:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS> [KWatch3 / KWatch3][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS> [MRxSmb / MRxSmb][Running/System Start] [ntptdb / ntptdb][Stopped/] <2 - 系统找不到指定的文件。 > [nv / nv][Running/Manual Start] [NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start] [NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start] [Fantasia Sango 3 CH (Pro_CD) File System Driver (pf2ahvub) / pf2ahvub][Running/Disabled] [Fantasia Sango 3 CH (Pro_CD) Synchronization Driver (ps6ahvub) / ps6ahvub][Running/Disabled] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [Rdbss / Rdbss][Running/System Start] [Secdrv / Secdrv][Running/Auto Start] [Microsoft Kernel Audio Splitter / splitter][Stopped/Manual Start] [sptd / sptd][Running/Boot Start] <\SystemRoot\System32\Drivers\sptd.sys> [Srv / Srv][Running/Manual Start] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [TQAT_Hooker By FZH / TQAT][Stopped/Manual Start] <\??\E:\Program Files\魔域-王者之翼\TQAT\tqat.sys> [Microcode Update Driver / Update][Running/Manual Start] [vmfilter303 / vmfilter303][Stopped/Manual Start] [Microsoft WINMM WDM Audio Compatibility Driver / wdmaud][Running/Manual Start] [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start] [USB PC Camera (Vimicro301 Neptune) / ZSMC303][Stopped/Manual Start] ================================== 浏览器加载项 [QQCycloneHelper Class] {00000000-12C9-4305-82F9-43058F20E8D2} [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [Kingsoft Trojan Webshield] {4E8A5278-C04E-4FE3-BF78-8A7CCD6EF333} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [kingsoft browser shield] {D963BE1A-6B35-47DB-B002-49FAE71D85CC} [启动迅雷5] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} [IEBuddyExtControl Class] {3AECD3C1-7085-4731-96DC-47B6CF7EF749} [PhotoDraw Class] {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [BoBoControl Class] {EC0978ED-24E3-403C-AB7A-060E388553E6} [QQCycloneHelper Class] {00000000-12C9-4305-82F9-43058F20E8D2} [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [GerneralPeerID Class] {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} [Fade] {16B280C5-EE70-11D1-9066-00C04FD9189D} [ThunderServer.WebThunder] {1DE5794D-B609-4A3E-9E40-22594D5BEAAC} [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} [PhotoDraw Class] {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} [XML DOM Document] {2933BF90-7B36-11D2-B20E-00C04F983E60} [DHTML Edit Control Safe for Scripting for IE5] {2D360201-FFF5-11D1-8D03-00A0C959BC0A} [RealPlayer RAM Download Handler] {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} [IEBuddyExtControl Class] {3AECD3C1-7085-4731-96DC-47B6CF7EF749} [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} [QQRightClick Class] {4836C333-208E-4BCE-B30B-00B9545B0F6E} [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [Kingsoft Trojan Webshield] {4E8A5278-C04E-4FE3-BF78-8A7CCD6EF333} [VaCom.Application] {51E88884-1306-4444-B22D-C34119E44232} [HHCtrl Object] {52A2AAAE-085D-4187-97EA-8C30DB990436} [Shell Name Space] {55136805-B2DE-11D1-B9F2-00A0C98BC547} [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} [JetCar.Netscape] {69C7BEA7-0A70-4291-81ED-405D19AEE270} [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [Microsoft Web Browser] {8856F961-340A-11D0-A96B-00C04FD705A2} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [RMGetLicense Class] {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [Thunder DapCtrl] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} [QQPlayerSvr Proxy Control] {CD108273-D434-43E6-AA90-1469F97EB398} [AUDIO__MID Moniker Class] {CD3AFA74-B84F-48F0-9393-7EDC34128127} [AUDIO__MP3 Moniker Class] {CD3AFA76-B84F-48F0-9393-7EDC34128127} [AUDIO__X_MS_WMA Moniker Class] {CD3AFA84-B84F-48F0-9393-7EDC34128127} [VIDEO__X_MS_ASF Moniker Class] {CD3AFA8F-B84F-48F0-9393-7EDC34128127} [VIDEO__X_MS_WMV Moniker Class] {CD3AFA94-B84F-48F0-9393-7EDC34128127} [RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [kingsoft browser shield] {D963BE1A-6B35-47DB-B002-49FAE71D85CC} [RevealTrans] {E31E87C4-86EA-4940-9B8A-5BD5D179A737} [QQIEHelper.QQRightClick] {E654770F-10E4-47BC-A309-4CAD96A096E6} [BoBoControl Class] {EC0978ED-24E3-403C-AB7A-060E388553E6} [TimwpDll.TimwpCheck] {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} [XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} [Thunder DapPlayer] {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [XML DOM Document 3.0] {F5078F32-C551-11D3-89B9-0000F81FE221} [Free Threaded XML DOM Document 3.0] {F5078F33-C551-11D3-89B9-0000F81FE221} [XML HTTP 3.0] {F5078F35-C551-11D3-89B9-0000F81FE221} [XSL Template 3.0] {F5078F36-C551-11D3-89B9-0000F81FE221} [XML DOM Document] {F6D90F11-9C73-11D3-B32E-00C04F990BB4} [XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} [IERPCtl Class] {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} [&使用超级旋风下载] [&使用超级旋风下载全部链接] [使用迅雷下载] [使用迅雷下载全部链接] [添加到QQ表情] ================================== 正在运行的进程 [PID: 660 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 724 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CSRSRV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\basesrv.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\winsrv.dll] [Microsoft Corporation, 5.1.2600.3272 (xpsp_sp2_qfe.071212-1253)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\KERNEL32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\sxs.dll] [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)] [PID: 748 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\AUTHZ.dll] [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.3272 (xpsp_sp2_qfe.071212-1253)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\NDdeApi.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\PROFMAP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\REGAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [C:\WINDOWS\system32\ODBC32.dll] [Microsoft Corporation, 3.525.1117.0 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\odbcint.dll] [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)] [C:\WINDOWS\system32\SHSVCS.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)] [C:\WINDOWS\system32\sfc.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINSCARD.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WTSAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\cscdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WlNotify.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)] [C:\WINDOWS\system32\WgaLogon.dll] [Microsoft Corporation, 1.7.0018.5] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.258] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [C:\WINDOWS\system32\cscui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\wbem\wbemprox.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\wbem\wbemcomn.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\wbem\wbemsvc.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\wbem\fastprox.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\NTDSAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [PID: 800 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SCESRV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\AUTHZ.dll] [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\umpnpmgr.dll] [Microsoft Corporation, 5.1.2600.2744 (xpsp_sp2_gdr.050822-1647)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)] [C:\WINDOWS\system32\NCObjAPI.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\eventlog.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\wtsapi32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 812 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LSASRV.dll] [Microsoft Corporation, 5.1.2600.3249 (xpsp_sp2_gdr.071106-1716)] [C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)] [C:\WINDOWS\system32\NTDSAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SAMSRV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\cryptdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [C:\WINDOWS\system32\msprivs.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kerberos.dll] [Microsoft Corporation, 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [C:\WINDOWS\system32\netlogon.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\w32time.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\schannel.dll] [Microsoft Corporation, 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.3272 (xpsp_sp2_qfe.071212-1253)] [C:\WINDOWS\system32\wdigest.dll] [Microsoft Corporation, 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)] [C:\WINDOWS\system32\scecli.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\pstorsvc.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\psbase.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\dssenh.dll] [Microsoft Corporation, 5.1.2600.2133 (xpsp.040514-1639)] [PID: 960 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\rpcss.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.258] [c:\windows\system32\termsrv.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\ICAAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.3272 (xpsp_sp2_qfe.071212-1253)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\AUTHZ.dll] [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [c:\windows\system32\mstlsapi.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\ACTIVEDS.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\adsldpc.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)] [c:\windows\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\REGAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WTSAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [PID: 1008 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [c:\windows\system32\rpcss.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.258] [PID: 1092 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\System32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\System32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [C:\WINDOWS\System32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\shsvcs.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)] [C:\WINDOWS\System32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)] [c:\windows\system32\dhcpcsvc.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [c:\windows\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [C:\WINDOWS\System32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308] [C:\WINDOWS\System32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.258] [C:\WINDOWS\System32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.3272 (xpsp_sp2_qfe.071212-1253)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\schedsvc.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\NTDSAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\WTSAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\MSIDLE.DLL] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\audiosrv.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\wkssvc.dll] [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)] [c:\windows\system32\cryptsvc.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\certcli.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)] [c:\windows\system32\ESENT.dll] [Microsoft Corporation, 5.1.2468.0 (Lab03_N(jliem).010306-1456)] [c:\windows\system32\es.dll] [Microsoft Corporation, 2001.12.4414.308] [c:\windows\system32\srvsvc.dll] [Microsoft Corporation, 5.1.2600.2577 (xpsp_sp2_gdr.041130-1729)] [c:\windows\system32\netman.dll] [Microsoft Corporation, 5.1.2600.2743 (xpsp_sp2_gdr.050819-1525)] [c:\windows\system32\MPRAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\ACTIVEDS.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\adsldpc.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\netshell.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\credui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\RASAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\WZCSAPI.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\WZCSvc.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\WMI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\wbem\wmisvc.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VSSAPI.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\w32time.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [c:\windows\system32\sens.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\HNETCFG.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\SXS.DLL] [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comsvcs.dll] [Microsoft Corporation, 2001.12.4414.308] [C:\WINDOWS\system32\colbact.DLL] [Microsoft Corporation, 2001.12.4414.308] [C:\WINDOWS\system32\MTXCLU.DLL] [Microsoft Corporation, 2001.12.4414.311] [C:\WINDOWS\system32\WSOCK32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\CLUSAPI.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\RESUTILS.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\browser.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\ipnathlp.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\AUTHZ.dll] [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\System32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)] [C:\WINDOWS\System32\Wbem\wbemcore.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\Wbem\esscli.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\Wbem\wbemcomn.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\Wbem\FastProx.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\wbem\wbemsvc.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] [C:\WINDOWS\system32\wbem\wmiutils.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\wbem\repdrvfs.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\wbem\wmiprvsd.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NCObjAPI.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\netcfgx.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\rasmans.dll] [Microsoft Corporation, 5.1.2600.2936 (xpsp_sp2_gdr.060621-2347)] [C:\WINDOWS\System32\WINIPSEC.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\tapisrv.dll] [Microsoft Corporation, 5.1.2600.2716 (xpsp_sp2_gdr.050707-1657)] [c:\windows\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\rastapi.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\unimdm.tsp] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\uniplat.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\kmddsp.tsp] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\ndptsp.tsp] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\h323.tsp] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\hidphone.tsp] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\HID.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\rasppp.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\ntlsapi.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kerberos.dll] [Microsoft Corporation, 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522)] [C:\WINDOWS\System32\cryptdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\raschap.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\rastls.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\SCHANNEL.dll] [Microsoft Corporation, 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226)] [C:\WINDOWS\System32\WinSCard.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\RASDLG.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1148 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [c:\windows\system32\dnsrslvr.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [c:\windows\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MPRAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ACTIVEDS.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\adsldpc.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1184 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\lmhsvc.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1440 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [C:\WINDOWS\system32\SPOOLSS.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] [C:\WINDOWS\system32\localspl.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.3272 (xpsp_sp2_qfe.071212-1253)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\winspool.drv] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\netapi32.dll] [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)] [C:\WINDOWS\system32\tcpmon.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\usbmon.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\mswsock.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\win32spl.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NETRAP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NTDSAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.258] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\inetpp.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1536 / SYSTEM][C:\WINDOWS\system32\BoBoTurbo\BoBoTurbo.exe] [广州易播信息科技有限公司, 1, 4, 1011, 2] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)] [C:\WINDOWS\system32\IPHLPAPI.DLL] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.258] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] [C:\WINDOWS\system32\RASAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)] [C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\sensapi.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)] [PID: 1688 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.8132] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\POWRPROF.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\wtsapi32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.3272 (xpsp_sp2_qfe.071212-1253)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1772 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [c:\windows\system32\wiaservc.dll] [Microsoft Corporation, 5.1.2600.3051 (xpsp_sp2_gdr.061219-0316)] [c:\windows\system32\CFGMGR32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\setupapi.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\mscms.dll] [Microsoft Corporation, 5.1.2600.2709 (xpsp_sp2_gdr.050628-1518)] [c:\windows\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.258] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.3272 (xpsp_sp2_qfe.071212-1253)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ACTXPRXY.DLL] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\sti.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 428 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\BROWSEUI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\SHDOCVW.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.3272 (xpsp_sp2_qfe.071212-1253)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\appHelp.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.258] [C:\WINDOWS\System32\cscui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\CSCDLL.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\themeui.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msutb.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.3284 (xpsp_sp2_gdr.071231-1252)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntshrui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\LINKINFO.dll] [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MLANG.dll] [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\webcheck.dll] [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)] [C:\WINDOWS\system32\wpdshserviceobj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\WINHTTP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\stobject.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\BatMeter.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\POWRPROF.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WTSAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\mydocs.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\portabledevicetypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\portabledeviceapi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NETSHELL.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\credui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)] [C:\WINDOWS\system32\RASDLG.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MPRAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ACTIVEDS.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\adsldpc.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RASAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)] [C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.8132] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\OLEACC.dll] [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.8132] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\nvshell.dll] [, ] [C:\WINDOWS\system32\browselc.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96] [D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll] [, 1, 0, 0, 17] [D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\drprov.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\ntlanman.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\NETUI0.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\NETUI1.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\NETRAP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\davclnt.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ODBC32.dll] [Microsoft Corporation, 3.525.1117.0 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\odbcint.dll] [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\WINDOWS\system32\ACTXPRXY.DLL] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\sti.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CFGMGR32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.16] [D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001] [D:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373] [C:\WINDOWS\system32\sendmail.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\wpdshext.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\shgina.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\audiodev.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\WMVCore.DLL] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\WMASF.DLL] [Microsoft Corporation, 11.0.5721.5238 (WMP_11.071025-0642)] [C:\WINDOWS\system32\wiashext.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 552 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\System32\WSOCK32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\MSWSOCK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [C:\WINDOWS\System32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308] [C:\WINDOWS\System32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.258] [C:\WINDOWS\System32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1928 / Administrator][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5.1.0.40] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\HID.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.3272 (xpsp_sp2_qfe.071212-1253)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.3284 (xpsp_sp2_gdr.071231-1252)] [PID: 188 / Administrator][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.1.45] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\shell32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.258] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.3284 (xpsp_sp2_gdr.071231-1252)] [PID: 1748 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.3284 (xpsp_sp2_gdr.071231-1252)] [C:\WINDOWS\system32\MSUTB.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2352 / Administrator][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\IMM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.3284 (xpsp_sp2_gdr.071231-1252)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3200 / Administrator][C:\WINDOWS\123.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\oledlg.dll] [Microsoft Corporation, 1.0 (xpsp_sp2_gdr.061016-0148)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.3266] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.3272 (xpsp_sp2_qfe.071212-1253)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RICHED20.DLL] [Microsoft Corporation, 5.30.23.1228] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.3284 (xpsp_sp2_gdr.071231-1252)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)] [C:\WINDOWS\system32\sfc.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\WINDOWS\system32\Winsta.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)] [C:\WINDOWS\system32\utildll.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)] [C:\WINDOWS\system32\userenv.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RASAPI32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [C:\WINDOWS\System32\mswsock.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\cryptnet.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINHTTP.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SensApi.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.258] [C:\WINDOWS\system32\LINKINFO.dll] [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)] [C:\WINDOWS\system32\ntshrui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] ================================== 文件关联 .TXT Error. [C:\WINDOWS\notepad.exe %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP Error. [winhlp32.exe %1] .INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 125.65.113.205 125.65.113.205 ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 1440, C:\WINDOWS\SYSTEM32\SPOOLSV.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1928, C:\WINDOWS\SOUNDMAN.EXE] ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]