[CODE] 2010-01-12,17:13:50 SysLog Scanner 3.0 - build 20091220 Arswp (http://www.arswp.com) Windows Server 2003, Enterprise Edition Service Pack 2 (build 3790) ================================================================ 注册项 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation, 8.1.7103.0] [Microsoft Corporation, 6.2.3959.0] [Microsoft Corporation, 5.2.2906] [Microsoft Corporation, 5.2.2906] <"C:\IBMSGTK\uxsp\PerformUXSPUpdates.cmd"> [] <"C:\IBMSGTK\asu\PerformASUPost.cmd"> [] [Seeyon, 2.8.2.0] [brother, 3, 5, 1, 0] <1.bat> [] <2.vbs> [] <"C:\Program Files\Rising\Ris\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.10] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [HKEY_CURRENT_USER\Control Panel\Desktop] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.4202] [Microsoft Corporation, 1.07 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 1.09 (srv03_rtm.030324-2048)] [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders] [Microsoft Corporation, 6.00.7755 | Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611) | Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 6.1.1825.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [ATI Technologies Inc., 6.14.10.4131] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt] <添加到QQ表情> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt] <添加到QQ表情> [N/A] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors] [Microsoft Corporation, 5.2.3790.1224 (dnsrv(skatari).040514-1058)] [Microsoft Corporation, 5.2.3790.4509 (srv03_sp2_gdr.090507-1245)] [Microsoft Corporation, 11.3.1897.0] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] ================================================================ 启动组 ================================================================ 任务计划 ================================================================ 组件 -------------------------------- ShellServiceObjectDelayLoad [PostBootReminder 对象] <{7849596a-48ea-486e-8937-a2a3009f31a9}> <%SystemRoot%\system32\SHELL32.dll> [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] [WebCheck] <{E6FB5E20-DE35-11CF-9C87-00AA005127ED}> <%SystemRoot%\system32\webcheck.dll> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [SysTray] <{35CEC8A3-2BE6-11D2-8773-92E220524153}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] -------------------------------- UrlSeachHook [Microsoft Url 搜索挂接] <{CFBFAE00-17A6-11D0-99CB-00C04FD64497}> <%SystemRoot%\system32\shdocvw.dll> [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] -------------------------------- ShredTaskScheduler [Browseui 预加载程序] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}> <%SystemRoot%\system32\browseui.dll> [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] -------------------------------- ShellExecuteHook [URL 执行挂钩] <{AEB6717E-7E19-11d0-97EE-00C04FD91972}> [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] -------------------------------- Shell Extension [Multimedia File Property Sheet] <{00022613-0000-0000-C000-000000000046}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [ICM 扫描仪管理] <{176d6597-26d3-11d1-b350-080036a75b03}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [NTFS Security Page] <{1F2E5C40-9550-11CE-99D2-00AA006E086C}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [OLE Docfile Property Page] <{3EA48300-8CF6-101B-84FB-666CCB9BCD32}> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Shell extensions for sharing] <{40dd6e20-7c17-11ce-a804-00aa003ca9f6}> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [PlusPack CPL Extension] <{41E300E0-78B6-11ce-849B-444553540000}> <%SystemRoot%\system32\themeui.dll> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Display Adapter CPL Extension] <{42071712-76d4-11d1-8b24-00a0c9068ff3}> [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)] [Display Monitor CPL Extension] <{42071713-76d4-11d1-8b24-00a0c9068ff3}> [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)] [DS Security Page] <{4E40F770-369C-11d0-8922-00A024AB2DBB}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Compatibility Page] <{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}> [Microsoft Corporation, 6,0,5,0] [Shell Scrap DataHandler] <{56117100-C0CD-101B-81E2-00AA004AE837}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Disk Copy Extension] <{59099400-57FF-11CE-BD94-0020AF85B590}> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Shell extensions for Microsoft Windows Network objects] <{59be4990-f85c-11ce-aff7-00aa003ca9f6}> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [ICM 监视器管理] <{5DB2625A-54DF-11D0-B6C4-0800091AA605}> <%SystemRoot%\System32\icmui.dll> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Web Printer Shell Extension] <{77597368-7b15-11d0-a0c2-080036af3f03}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Disk Quota UI] <{7988B573-EC89-11cf-9C00-00AA00A14F56}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [公文包] <{85BBD920-42A0-1069-A2E4-08002B30309D}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [HyperTerminal Icon Ext] <{88895560-9AA2-1069-930E-00AA0030EBC8}> [Hilgraeve, Inc., 5.2] [字体] <{BD84B380-8CA2-1069-AB1D-08000948F534}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Display TroubleShoot CPL Extension] <{f92e8c40-3d33-11d2-b1aa-080036a75b03}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Crypto PKO Extension] <{7444C717-39BF-11D1-8CD9-00C04FC29D45}> [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] [网络连接] <{7007ACC7-3202-11D1-AAD2-00805FC1270E}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [扫描仪和照相机] <{E211B736-43FD-11D1-9EFB-0000F8757FCD}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Remote Sessions CPL Extension] <{F0152790-D56E-4445-850E-4F3117DB740C}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Fusion Cache] <{1D2680C9-0E2A-469d-B787-065558BC7D43}> [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [IIS Shell Extension] <{5a61f7a0-cde1-11cf-9113-00aa00425c62}> [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] [Windows Script Host 的外壳扩展] <{60254CA5-953B-11CF-8C96-00AA00B8708C}> [Microsoft Corporation, 5.6.0.8832] [Microsoft 数据链接] <{2206CDB2-19C1-11D1-89E0-00C04FD7A829}> [Microsoft Corporation, 2.82.3959.0 (srv03_sp2_rtm.070216-1710)] [Tasks Folder Icon Handler] <{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [任务栏和「开始」菜单] <{0DF44EAA-FF21-4412-828E-260A8728E7F1}> <> [] [搜索] <{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}> <%SystemRoot%\system32\shdocvw.dll> [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] [Audio Media Properties Handler] <{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}> <%SystemRoot%\system32\shmedia.dll> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Internet 工具栏] <{5E6AB780-7743-11CF-A12B-00AA004AE837}> <%SystemRoot%\system32\browseui.dll> [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] [InternetShortcut] <{FBF23B40-E3F0-101B-8488-00AA003E56F8}> [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] [Sendmail service] <{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [ActiveX 高速缓存文件夹] <{88C6C381-2E85-11D0-94DE-444553540000}> <%SystemRoot%\system32\occache.dll> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [WebCheck] <{E6FB5E20-DE35-11CF-9C87-00AA005127ED}> <%SystemRoot%\system32\webcheck.dll> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Shell Application Manager] <{352EC2B7-8B9A-11D1-B8AE-006008059382}> <%SystemRoot%\system32\appwiz.cpl> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Shell Image Verbs] <{e84fda7c-1d6a-45f6-b725-cb260c236066}> <%SystemRoot%\system32\shimgvw.dll> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [GDI+ 文件缩略图解压缩程序] <{3F30C968-480A-4C6C-862D-EFC0897BB84B}> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Web 发布向导] <{CC6EEFFB-43F6-46c5-9619-51D571967F7D}> <%SystemRoot%\system32\netplwiz.dll> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [压缩(zipped)文件夹] <{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31}> <%SystemRoot%\system32\zipfldr.dll> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [频道文件] <{f39a0dc0-9cc8-11d0-a599-00c04fd64433}> <%SystemRoot%\system32\cdfview.dll> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Extensions Manager Folder] <{692F0339-CBAA-47e6-B5B5-3B84DB604E87}> <%SystemRoot%\system32\extmgr.dll> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [以前版本的属性页] <{596AB062-B4D2-4215-9F74-E9109B0A8153}> <%SystemRoot%\system32\twext.dll> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [FTP Folders Webview] <{63da6ec0-2e98-11cf-8d82-444553540000}> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft DocProp Shell Ext] <{883373C3-BF89-11D1-BE35-080036B11A03}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Directory Query UI] <{8A23E65E-31C2-11d0-891C-00A024AB2DBB}> <%SystemRoot%\system32\dsquery.dll> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Directory Property UI] <{0D45D530-764B-11d0-A1CA-00AA00C16E65}> <%SystemRoot%\system32\dsuiext.dll> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [MyDocs Copy Hook] <{ECF03A33-103D-11d2-854D-006008059367}> <%SystemRoot%\system32\mydocs.dll> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Offline Files Menu] <{750fdf0e-2a26-11d1-a3ea-080036587f03}> <%SystemRoot%\System32\cscui.dll> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Agent Character Property Sheet Handler] <{143A62C8-C33B-11D1-84FE-00C04FA34A14}> [Microsoft Corporation, 5.2.3790.1242] [DfsShell] <{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [%DESC_PublishDropTarget%] <{60fd46de-f830-4894-a628-6fa81bc0190d}> <%SystemRoot%\system32\photowiz.dll> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [MMC Icon Handler] <{7A80E4A8-8005-11D2-BCF8-00C04F72C717}> <%SystemRoot%\System32\mmcshext.dll> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [.CAB file viewer] <{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [VSSShellExt] <{4648F940-EFE3-4BAB-9211-3BE45CD5029D}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [个人(&P)...] <{32714800-2E5F-11d0-8B85-00AA0044F941}> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Portable Media Devices] <{640167b4-59b0-47a6-b335-a6b3c0695aea}> <%SystemRoot%\system32\audiodev.dll> [Microsoft Corporation, 5.2.3810.3997 (srv03_sp2_rtm.070216-1710)] [Windows Media Player Play as Playlist Context Menu Handler] <{8DD448E6-C188-4aed-AF92-44956194EB1F}> [Microsoft Corporation, 10.00.00.3997] [ShellLink for Application References] <{e82a2d71-5b2f-43a0-97b8-81be15854de8}> [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [WinRAR shell extension] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [RISING] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] -------------------------------- Protocols [Cor MIME Filter, CorFltr, CorFltr 1] <{1E66F26B-79EE-11D2-8710-00C04F79ED0D}> [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [AP Class Install Handler filter] <{32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}> [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] [WebView MIME Filter] <{733AC4CB-F1A4-11d0-B951-00A0C90312E1}> <%SystemRoot%\system32\SHELL32.dll> [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] [Microsoft HTML About Pluggable Protocol] <{3050F406-98B5-11CF-BB82-00AA00BDCE0B}> <%SystemRoot%\system32\mshtml.dll> [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] [Microsoft InfoTech Protocols for IE 4.0] <{9D148291-B9C8-11D0-A4CC-0000F80149F6}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [MHTML Asychronous Pluggable Protocol Handler] <{05300401-BCBC-11d0-85E3-00C04FD85AB4}> <%SystemRoot%\system32\inetcomm.dll> [Microsoft Corporation, 6.00.3790.4325 (srv03_sp2_gdr.080701-1222)] [Microsoft Infotech Storage Protocol for IE 4.0] <{0A9007C0-4076-11D3-8789-0000F8105754}> [Microsoft Corporation, 05.02.9336.01] [WiaProtocol Class] <{13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] -------------------------------- Context Menu [Offline Files] <{750fdf0e-2a26-11d1-a3ea-080036587f03}> <%SystemRoot%\System32\cscui.dll> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Open With] <{09799AFB-AD67-11d1-ABCD-00C04FC30936}> <%SystemRoot%\system32\SHELL32.dll> [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] [RisingKaKaExt] <{356B11FA-929F-4eb7-8B26-D7E3184DDD16}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [RisingRavExt] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [WinRAR] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [Sharing] <{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] -------------------------------- Property Sheet [Security Shell Extension] <{1F2E5C40-9550-11CE-99D2-00AA006E086C}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [以前版本的属性页] <{596AB062-B4D2-4215-9F74-E9109B0A8153}> <%SystemRoot%\system32\twext.dll> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [IIS Shell Extension] <{5a61f7a0-cde1-11cf-9113-00aa00425c62}> [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] [DfsShell Class] <{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [自定义文件夹选项卡] <{ef43ecfe-2ab9-4632-bf21-58909dd177f0}> <%SystemRoot%\system32\SHELL32.dll> [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] -------------------------------- Copy Hook [CDF Extension Copy Hook] <{67EA19A0-CCEF-11d0-8024-00C04FD75D13}> <%SystemRoot%\system32\shdocvw.dll> [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] [Shell 复制挂钩] <{217FC9C0-3AEA-1069-A2DB-08002B30309D}> [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] [] <{ECF03A33-103D-11d2-854D-006008059367}> <%SystemRoot%\system32\mydocs.dll> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Shell extensions for sharing] <{40dd6e20-7c17-11ce-a804-00aa003ca9f6}> [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] -------------------------------- BrowserHelperObject [卡卡上网安全助手] <{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15] -------------------------------- ActiveX Extension [Microsoft Web 浏览器] <{8856F961-340A-11D0-A96B-00C04FD705A2}> [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] [卡卡上网安全助手] <{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15] [XML HTTP Request] <{ED8C108E-4349-11D2-91A4-00C04F7969E8}> [Microsoft Corporation, 8.100.1048.0] ================================================================ 服务 [Micdrxadqsosoft .Nhjet faFramework COM+ Support / .Nefgst CaasdsdjkLR][Stopped/Auto Start] <%SystemRoot%\System32\svchost.exe -k ".Nefgst CaasdsdjkLR"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Application Experience Lookup Service / AeLookupSvc][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\aelupsvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Alerter / Alerter][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\system32\alrsvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Application Layer Gateway Service / ALG][Running/Manual Start] <%SystemRoot%\System32\alg.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Application Management / AppMgmt][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\appmgmts.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Ati HotKey Poller / Ati HotKey Poller][Running/Disabled] <%SystemRoot%\system32\Ati2evxx.exe> [ATI Technologies Inc., 6.14.10.4131] [Windows Audio / AudioSrv][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\audiosrv.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Background Intelligent Transfer Service / BITS][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\qmgr.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 6.5.3790.0 (srv03_rtm.030324-2048)] [Computer Browser / Browser][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\browser.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Indexing Service / CiSvc][Running/Auto Start] <%SystemRoot%\system32\cisvc.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [ClipBook / ClipSrv][Stopped/Disabled] <%SystemRoot%\system32\clipsrv.exe> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [COM+ System Application / COMSysApp][Stopped/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [kohdb / cryptsvc][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\kohdb.bmp"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | N/A] [DCOM Server Process Launcher / DcomLaunch][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k DcomLaunch --> "%SystemRoot%\system32\rpcss.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Distributed File System / Dfs][Running/Auto Start] <%SystemRoot%\system32\Dfssvc.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [DHCP Client / Dhcp][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k NetworkService --> "%SystemRoot%\System32\dhcpcsvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start] <%SystemRoot%\System32\dmadmin.exe /com> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Logical Disk Manager / dmserver][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\dmserver.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [DNS Client / Dnscache][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k NetworkService --> "%SystemRoot%\System32\dnsrslvr.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.4238 (srv03_sp2_gdr.080218-1400)] [Error Reporting Service / ERSvc][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k WinErr --> "%SystemRoot%\System32\ersvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Event Log / Eventlog][Running/Auto Start] <%SystemRoot%\system32\services.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [COM+ Event System / EventSystem][Running/Auto Start] "C:\WINDOWS\system32\es.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 2001.12.4720.4282 (srv03_sp2_gdr.080429-1914)] [lkjlsdjifiosduo / fsdlfjsldkjl][Stopped/Disabled] [] [Help and Support / helpsvc][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [HTTP SSL / HTTPFilter][Running/Manual Start] "%SystemRoot%\System32\w3ssl.dll"> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048) | Microsoft Corporation, 6.0.3790.0 (srv03_rtm.030324-2048)] [dofgalcr / ias][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\DOCUME~1\DEFAUL~1\APPLIC~1\dofga\dofga.bmp"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | N/A] [IIS Admin Service / IISADMIN][Running/Auto Start] [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] [IMAPI CD-Burning COM Service / ImapiService][Stopped/Disabled] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Remote Proc / Iprip][Stopped/Disabled] <%SYstEmRoot%\SYsTeM32\sVcHosT.eXe -k neTsvcS --> "C:\WINDOWS\system32\addins.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [ctyky / irmon][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\ctyky.bmp"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Intersite Messaging / IsmServ][Stopped/Disabled] <%SystemRoot%\System32\ismserv.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Kerberos Key Distribution Center / kdc][Stopped/Disabled] <%SystemRoot%\System32\lsass.exe> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Server / lanmanserver][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\srvsvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Workstation / lanmanworkstation][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\wkssvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [License Logging / LicenseService][Stopped/Disabled] <%SystemRoot%\System32\llssrv.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [TCP/IP NetBIOS Helper / LmHosts][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\lmhsvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Messenger / Messenger][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\msgsvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Mniscrnic / Mniscrnic][Stopped/Disabled] [] [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Disabled] [Microsoft Corporation, 5.2.3790.3959] [Distributed Transaction Coordinator / MSDTC][Running/Auto Start] [Microsoft Corporation, 2001.12.4720.4340 (srv03_sp2_gdr.080723-1210)] [FTP Publishing Service / MSFtpsvc][Running/Auto Start] <%SystemRoot%\system32\inetsrv\inetinfo.exe> [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] [Windows Installer / MSIServer][Stopped/Manual Start] [Microsoft Corporation, 3.1.4000.3959] [Microsoft Search / MSSEARCH][Running/Auto Start] <"C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe"> [Microsoft Corporation, 9.107.8320.9] [MSSQLSERVER / MSSQLSERVER][Running/Auto Start] [Microsoft Corporation, 2000.080.2039.00] [MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start] [Microsoft Corporation, 2000.080.2039.00] [Network DDE / NetDDE][Stopped/Disabled] <%SystemRoot%\system32\netdde.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Network DDE DSDM / NetDDEdsdm][Stopped/Disabled] <%SystemRoot%\system32\netdde.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Net Logon / Netlogon][Stopped/Manual Start] <%SystemRoot%\system32\lsass.exe> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Network Connections / Netman][Running/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\netman.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Network Location Awareness (NLA) / Nla][Running/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\mswsock.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] [Network News Transfer Protocol (NNTP) / NntpSvc][Running/Auto Start] [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] [File Replication / NtFrs][Stopped/Manual Start] <%SystemRoot%\system32\ntfrs.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [NT LM Security Support Provider / NtLmSsp][Running/Manual Start] <%SystemRoot%\system32\lsass.exe> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Removable Storage / NtmsSvc][Stopped/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\ntmssvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [dlvdg / nwcworkstation][Stopped/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Plug and Play / PlugPlay][Running/Auto Start] <%SystemRoot%\system32\services.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [IPSEC Services / PolicyAgent][Running/Auto Start] <%SystemRoot%\system32\lsass.exe> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Protected Storage / ProtectedStorage][Running/Auto Start] <%SystemRoot%\system32\lsass.exe> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Remote Access Auto Connection Manager / RasAuto][Stopped/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\rasauto.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Remote Access Connection Manager / RasMan][Stopped/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\rasmans.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Remote Desktop Help Session Manager / RDSessMgr][Stopped/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Routing and Remote Access / RemoteAccess][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\mprdim.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Remote Registry / RemoteRegistry][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k regsvc --> "%SystemRoot%\system32\regsvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Remote Procedure Call (RPC) Locator / RpcLocator][Stopped/Manual Start] <%SystemRoot%\system32\locator.exe> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Remote Procedure Call (RPC) / RpcSs][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k rpcss --> "%SystemRoot%\system32\rpcss.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Resultant Set of Policy Provider / RSoPProv][Stopped/Manual Start] <%SystemRoot%\system32\RSoPProv.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Special Administration Console Helper / sacsvr][Stopped/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\sacsvr.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Security Accounts Manager / SamSs][Running/Auto Start] <%SystemRoot%\system32\lsass.exe> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Smart Card / SCardSvr][Stopped/Manual Start] <%SystemRoot%\System32\SCardSvr.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Task Scheduler / Schedule][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\schedsvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Secondary Logon / seclogon][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\seclogon.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [用友致远协同办公系统 / SeeyonOAService][Running/Auto Start] [Seeyon, 2.8.2.0] [System Event Notification / SENS][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\sens.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Windows Firewall/Internet Connection Sharing (ICS) / SharedAccess][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\ipnathlp.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Shell Hardware Detection / ShellHWDetection][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Simple Mail Transfer Protocol (SMTP) / SMTPSVC][Running/Auto Start] [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] [Print Spooler / Spooler][Running/Auto Start] <%SystemRoot%\system32\spoolsv.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start] [Microsoft Corporation, 2000.080.2039.00] [Windows Image Acquisition (WIA) / stisvc][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k imgsvc --> "%SystemRoot%\system32\wiaservc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft Software Shadow Copy Provider / swprv][Stopped/Manual Start] <%SystemRoot%\System32\svchost.exe -k swprv --> "%Systemroot%\System32\swprv.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Performance Logs and Alerts / SysmonLog][Stopped/Auto Start] <%SystemRoot%\system32\smlogsvc.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Telephony / TapiSrv][Stopped/Manual Start] <%SystemRoot%\System32\svchost.exe -k tapisrv --> "%SystemRoot%\System32\tapisrv.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Terminal Services / TermService][Running/Manual Start] <%SystemRoot%\System32\svchost.exe -k termsvcs --> "%SystemRoot%\System32\termsrv.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Terminal Server Licensing / TermServLicensing][Running/Auto Start] <%SystemRoot%\system32\lserver.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Themes / Themes][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [Telnet / TlntSvr][Stopped/Disabled] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Distributed Link Tracking Server / TrkSvr][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\trksvr.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Distributed Link Tracking Client / TrkWks][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\trkwks.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Terminal Services Session Directory / Tssdis][Stopped/Disabled] <%SystemRoot%\System32\tssdis.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Windows User Mode Driver Framework / UMWdf][Stopped/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Uninterruptible Power Supply / UPS][Stopped/Manual Start] <%SystemRoot%\System32\ups.exe> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Virtual Disk Service / vds][Stopped/Manual Start] <%SystemRoot%\System32\vds.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [vs / vsf][Stopped/Disabled] [] [Volume Shadow Copy / VSS][Stopped/Manual Start] <%SystemRoot%\System32\vssvc.exe> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Windows Time / W32Time][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k LocalService --> "C:\WINDOWS\system32\w32time.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [World Wide Web Publishing Service / W3SVC][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k iissvcs --> "C:\WINDOWS\system32\inetsrv\iisw3adm.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] [WebClient / WebClient][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\webclnt.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [WinHTTP Web Proxy Auto-Discovery Service / WinHttpAutoProxySvc][Running/Manual Start] <%SystemRoot%\system32\svchost.exe -k LocalService --> "winhttp.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Windows Management Instrumentation / winmgmt][Running/Auto Start] <%systemroot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\wbem\WMIsvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\mspmsnsv.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 10.0.3790.3997] [gmlwx / wmdmpmsp][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Windows Management Instrumentation Driver Extensions / Wmi][Stopped/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\advapi32.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [WMI Performance Adapter / WmiApSrv][Stopped/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Automatic Updates / wuauserv][Running/Auto Start] <%systemroot%\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\wuauserv.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.7.3790.3959 (srv03_sp2_rtm.070216-1710)] [Wireless Configuration / WZCSVC][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\wzcsvc.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Network Provisioning Service / xmlprov][Stopped/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\xmlprov.dll"> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [JDSMS Service Monitor / XTTSmsMonitor][Running/Auto Start] [XTTSoft, 5, 0, 6, 9] [JDSMS Service / XTTSmsService][Running/Auto Start] [XTTSoft, 5, 0, 6, 6] [Ris Service / RsRisMon][Running/Auto Start] <"C:\Program Files\Rising\Ris\RavMonD.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] ================================================================ 驱动 [Microsoft ACPI Driver / ACPI][Running/Boot Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [adpahci / adpahci][Running/Boot Start] [Adaptec, Inc., 1.2.5576.0 built by: WinDDK] [AFD / AFD][Running/System Start] <\SystemRoot\System32\drivers\afd.sys> [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] [RAS Asynchronous Media Driver / AsyncMac][Stopped/Manual Start] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [ati2mtag / ati2mtag][Running/Manual Start] [ATI Technologies Inc., 6.14.10.6744] [ATM ARP Client Protocol / Atmarpc][Stopped/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [音频存根驱动程序 / audstub][Running/Manual Start] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start] [Broadcom Corporation, 11.7.4.0 (cbuild.12192008-011,b57nd5x-rel_11.7-lhdepot1106.CL-59733)] [CD-ROM Driver / Cdrom][Running/System Start] [Microsoft Corporation, 5.2.3790.4285 (srv03_sp2_qfe.080502-1714)] [群集磁盘驱动程序 / ClusDisk][Stopped/Disabled] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [CRC 磁盘筛选驱动程序 / crcdisk][Running/Boot Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [DfsDriver / DfsDriver][Running/Boot Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [磁盘驱动程序 / Disk][Running/Boot Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [dmboot / dmboot][Stopped/Disabled] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Logical Disk Manager Driver / dmio][Running/Boot Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [dmload / dmload][Running/Boot Start] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [EfiSystemMon / EfiMon][Stopped/System Start] [] [FltMgr / FltMgr][Running/Boot Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [FsVga / FsVga][Running/System Start] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Volume Manager Driver / Ftdisk][Running/Boot Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Generic Packet Classifier / Gpc][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft HID Class Driver / HidUsb][Running/Manual Start] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [HTTP / HTTP][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [i8042 Keyboard and PS/2 Mouse Port Driver / i8042prt][Running/System Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [CD-Burning Filter Driver / imapi][Stopped/System Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [IntelIde / IntelIde][Running/Boot Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Intel Processor Driver / intelppm][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [IPv6 Windows Firewall Driver / Ip6Fw][Stopped/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [IP Traffic Filter Driver / IpFilterDriver][Stopped/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start] [] [IPMI / IPMI][Running/Manual Start] [Avocent Corporation., 2.2.1.2] [IP Network Address Translator / IpNat][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [IPSEC driver / IPSec][Running/System Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PnP ISA/EISA Bus Driver / isapnp][Running/Boot Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Keyboard Class Driver / Kbdclass][Running/System Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Keyboard HID Driver / kbdhid][Running/System Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Mouse Class Driver / Mouclass][Running/System Start] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Mouse HID Driver / mouhid][Running/Manual Start] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [WebDav Client Redirector / MRxDAV][Stopped/Manual Start] [Microsoft Corporation, 5.2.3790.4206 (srv03_sp2_gdr.071217-1230)] [MRXSMB / MRxSmb][Running/System Start] [Microsoft Corporation, 5.2.3790.4369 (srv03_sp2_gdr.080905-1352)] [Microsoft System Management BIOS Driver / mssmbios][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Remote Access NDIS TAPI Driver / NdisTapi][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [NDIS 用户模式 I/O 协议 / Ndisuio][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Remote Access NDIS WAN Driver / NdisWan][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [NetBIOS Interface / NetBIOS][Running/System Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [NetBios over Tcpip / NetBT][Running/System Start] [Microsoft Corporation, 5.2.3790.4331 (srv03_sp2_qfe.080710-1313)] [Parallel port driver / Parport][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Parvdm / Parvdm][Running/Auto Start] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [PCI Bus Driver / PCI][Running/Boot Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PCIIde / PCIIde][Running/Boot Start] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [WAN Miniport (PPTP) / PptpMiniport][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [Parallel Technologies, Inc., 1.10 (srv03_sp2_rtm.070216-1710)] [Remote Access Auto Connection Driver / RasAcd][Running/System Start] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [WAN Miniport (L2TP) / Rasl2tp][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [远程访问 PPPOE 驱动程序 / RasPppoe][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Direct Parallel / Raspti][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Rdbss / Rdbss][Running/System Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [RDPCDD / RDPCDD][Running/System Start] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [Terminal Server Device Redirector Driver / rdpdr][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Digital CD Audio Playback Filter Driver / redbook][Running/System Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Secdrv / Secdrv][Stopped/Manual Start] [Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.00.060] [Serenum Filter Driver / serenum][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Serial port driver / Serial][Running/System Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Srv / Srv][Running/Manual Start] [Microsoft Corporation, 5.2.3790.4425 (srv03_sp2_gdr.081211-1204)] [Software Bus Driver / swenum][Running/Manual Start] [Microsoft Corporation, 5.3.3790.3959 (srv03_sp2_rtm.070216-1710)] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.2.3790.4573 (srv03_sp2_qfe.090815-0925)] [终端设备驱动程序 / TermDD][Running/System Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microcode Update Driver / Update][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft USB 2.0 Enhanced Host Controller Miniport Driver / usbehci][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [USB2 Enabled Hub / usbhub][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [USB 大容量存储驱动程序 / USBSTOR][Stopped/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Microsoft USB Universal Host Controller Miniport Driver / usbuhci][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [vga / vga][Stopped/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [VGA 显示控制器。 / VgaSave][Running/System Start] <\SystemRoot\System32\drivers\vga.sys> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [存储卷 / VolSnap][Running/Boot Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [Remote Access IP ARP Driver / Wanarp][Running/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [网络负载平衡 / WLBS][Stopped/Manual Start] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [AtpKrnl / AtpKrnl][Running/Manual Start] [(Verified)www.arswp.com, 3.00] [hookcont / hookcont][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 1] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 23] [Rising RfwARP Driver / RFWARP][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] [rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\Program Files\Rising\Ris\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [rsassist / rsassist][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 1] [rsfwdrv / rsfwdrv][Running/System Start] <\??\C:\Program Files\Rising\Ris\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.35] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] ================================================================ 活动进程 [PID: 312 / SYSTEM] \SystemRoot\System32\smss.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 376 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CSRSRV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\basesrv.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\winsrv.dll [Microsoft Corporation, 5.2.3790.4043 (srv03_sp2_gdr.070318-2357)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\KERNEL32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\sxs.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] [PID: 404 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\NDdeApi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PROFMAP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\REGAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSGINA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHSVCS.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\sfc.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\Comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSCARD.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WTSAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\sxs.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\shell32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\wldap32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\Ati2evxx.dll [ATI Technologies Inc., 6.14.10.4131] C:\WINDOWS\system32\cscdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\dimsntfy.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WlNotify.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\COMCTL32.dll [Microsoft Corporation, 5.82 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\cscui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wbem\wbemprox.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wbem\wbemcomn.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wbem\wbemsvc.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\wbem\fastprox.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcp60.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTDSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\Cabinet.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\cryptnet.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SensApi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 452 / SYSTEM] C:\WINDOWS\system32\services.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SCESRV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\AUTHZ.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\umpnpmgr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NCObjAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcp60.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\eventlog.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wtsapi32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 464 / SYSTEM] C:\WINDOWS\system32\lsass.exe [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\LSASRV.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\SAMSRV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\cryptdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTDSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msprivs.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\kerberos.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.2.3790.4587 (srv03_sp2_gdr.090910-1205)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\netlogon.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\w32time.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcp60.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\AUTHZ.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\schannel.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wdigest.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\setupapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RASSFM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\KDCSVC.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTDSA.dll [Microsoft Corporation, 5.2.3790.4070 (srv03_sp2_gdr.070427-0455)] C:\WINDOWS\system32\NTDSATQ.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSWSOCK.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\ESENT.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\scecli.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS03RES.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ipsecsvc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\oakley.DLL [Microsoft Corporation, 5.2.3790.4600 (srv03_sp2_gdr.091008-1228)] C:\WINDOWS\system32\WINIPSEC.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\pstorsvc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\psbase.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wlbsctrl.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\w3ssl.dll [Microsoft Corporation, 6.0.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\strmfilt.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\HTTPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 636 / SYSTEM] C:\WINDOWS\system32\Ati2evxx.exe [ATI Technologies Inc., 6.14.10.4131] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\Ati2edxx.dll [ATI Technologies, Inc., 6, 14, 10, 2500] [PID: 656 / SYSTEM] C:\WINDOWS\system32\svchost.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] c:\windows\system32\rpcss.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 732 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] c:\windows\system32\rpcss.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 836 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] c:\windows\system32\dhcpcsvc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] c:\windows\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\dnsrslvr.dll [Microsoft Corporation, 5.2.3790.4238 (srv03_sp2_gdr.080218-1400)] C:\WINDOWS\system32\netman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\netshell.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\credui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation, 3.05.2284] C:\WINDOWS\system32\CLUSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MPRAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ACTIVEDS.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\adsldpc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RASAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\WZCSvc.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WMI.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\WTSAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ESENT.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\WZCSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 876 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\lmhsvc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\w32time.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\msvcp60.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] c:\windows\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.WinHTTP_6595b64144ccf1df_5.1.3790.4427_x-ww_FDB042FC\winhttp.dll [Microsoft Corporation, 5.2.3790.4427 (srv03_sp2_qfe.081215-1322)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DHCPCSVC.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 892 / SYSTEM] C:\WINDOWS\System32\svchost.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\System32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\wzcsvc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\rtutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WMI.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] c:\windows\system32\DHCPCSVC.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] c:\windows\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] c:\windows\system32\WTSAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\ESENT.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\ATL.DLL [Microsoft Corporation, 3.05.2284] C:\WINDOWS\System32\rastls.dll [Microsoft Corporation, 5.2.3790.4600 (srv03_sp2_gdr.091008-1228)] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\MPRAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\ACTIVEDS.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\adsldpc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\credui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\System32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\RASAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\rasman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\TAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\WinSCard.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\COMCTL32.dll [Microsoft Corporation, 5.82 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\Comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\shsvcs.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\raschap.dll [Microsoft Corporation, 5.2.3790.4600 (srv03_sp2_gdr.091008-1228)] c:\windows\system32\schedsvc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\NTDSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\AUTHZ.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wiarpc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\MSIDLE.DLL [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\wkssvc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\aelupsvc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\appmgmts.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\kohdb.bmp [N/A] c:\windows\system32\dmserver.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WININET.DLL [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\System32\sFC.dLl [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\System32\sfc_os.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\devenum.dll [Microsoft Corporation, 6.05.3790.3959] C:\WINDOWS\System32\msdmo.dll [N/A] C:\WINDOWS\System32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\es.dll [Microsoft Corporation, 2001.12.4720.4282 (srv03_sp2_gdr.080429-1914)] c:\windows\pchealth\helpctr\binaries\pchsvc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\docume~1\defaul~1\applic~1\dofga\dofga.bmp [N/A] c:\windows\system32\srvsvc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\netman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\netshell.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\CLUSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WZCSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\seclogon.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\SXS.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\comsvcs.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\sens.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\trksvr.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] c:\windows\system32\trkwks.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\wbem\wmisvc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VSSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\wuauserv.dll [Microsoft Corporation, 5.7.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.WinHTTP_6595b64144ccf1df_5.1.3790.4427_x-ww_FDB042FC\WINHTTP.dll [Microsoft Corporation, 5.2.3790.4427 (srv03_sp2_qfe.081215-1322)] C:\WINDOWS\System32\Cabinet.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\browser.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\ipnathlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WINIPSEC.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\Wbem\wbemcore.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\msvcp60.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\Wbem\esscli.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\Wbem\wbemcomn.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\Wbem\FastProx.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wbem\wbemsvc.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\wbem\wmiutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wbem\repdrvfs.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wbem\wmiprvsd.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NCObjAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wbem\wbemess.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\RASDLG.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\NETRAP.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\wbem\ncprov.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wsock32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\System32\sensapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\System32\xactsrv.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msxml3.dll [Microsoft Corporation, 8.100.1048.0] C:\WINDOWS\System32\cryptnet.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\schannel.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\qmgrprxy.dll [Microsoft Corporation, 6.6.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\WINSPOOL.DRV [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\mspatcha.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\advpack.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msi.dll [Microsoft Corporation, 3.1.4000.4042] C:\WINDOWS\system32\wbem\wbemcons.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 1128 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SPOOLSS.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\localspl.dll [Microsoft Corporation, 5.2.3790.4509 (srv03_sp2_gdr.090507-1245)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\winspool.drv [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\cnbjmon.dll [Microsoft Corporation, 5.2.3790.1224 (dnsrv(skatari).040514-1058)] C:\WINDOWS\system32\mdimon.dll [Microsoft Corporation, 11.3.1897.0] C:\WINDOWS\system32\msi.dll [Microsoft Corporation, 3.1.4000.4042] C:\WINDOWS\system32\pjlmon.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\tcpmon.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wsnmp32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\tcpmib.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\mgmtapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\snmpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\usbmon.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\spool\PRTPROCS\W32X86\mdippr.dll [Microsoft Corporation, 11.3.1897.0] C:\WINDOWS\System32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\win32spl.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETRAP.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\NTDSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetpp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\icmp.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] [PID: 1152 / NETWORK SERVICE] C:\WINDOWS\system32\msdtc.exe [Microsoft Corporation, 2001.12.4720.4340 (srv03_sp2_gdr.080723-1210)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\MSDTCTM.dll [Microsoft Corporation, 2001.12.4720.4340 (srv03_sp2_gdr.080723-1210)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcp60.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSDTCPRX.dll [Microsoft Corporation, 2001.12.4720.4340 (srv03_sp2_gdr.080723-1210)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\MTXCLU.DLL [Microsoft Corporation, 2001.12.4720.4340 (srv03_sp2_gdr.080723-1210)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\MSDTCLOG.dll [Microsoft Corporation, 2001.12.4720.4340 (srv03_sp2_gdr.080723-1210)] C:\WINDOWS\system32\XOLEHLP.dll [Microsoft Corporation, 2001.12.4720.4340 (srv03_sp2_gdr.080723-1210)] C:\WINDOWS\system32\MSWSOCK.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLUSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RESUTILS.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRES.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MTxOCI.Dll [Microsoft Corporation, 2001.12.4720.4340 (srv03_sp2_gdr.080723-1210)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 1312 / SYSTEM] C:\WINDOWS\system32\cisvc.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\query.dll [Microsoft Corporation, 5.2.3790.4554 (srv03_sp2_gdr.090717-1242)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADMWPROX.DLL [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 1340 / SYSTEM] C:\WINDOWS\System32\svchost.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\System32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\ersvc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] [PID: 1440 / SYSTEM] C:\WINDOWS\system32\inetsrv\inetinfo.exe [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\inetsrv\IISUTIL.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\rpcref.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IisRTL.DLL [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\iisadmin.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VSSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation, 3.05.2284] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\COADMIN.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\AUTHZ.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADMWPROX.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\IISCFG.DLL [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\metadata.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\svcext.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\Security.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\IISMAP.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\wamreg.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\SMTPSVC.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\INFOCOMM.dll [Microsoft Corporation, 6.0.3790.4215 (srv03_sp2_gdr.080109-1216)] C:\WINDOWS\system32\inetsrv\ISATQ.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ODBC32.dll [Microsoft Corporation, 3.526.3959.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\COMCTL32.dll [Microsoft Corporation, 5.82 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\FCACHDLL.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RWNH.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\exstrace.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\STAXMEM.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTDSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\odbcint.dll [Microsoft Corporation, 3.526.3959.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\schannel.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\lonsint.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wintrust.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\iscomlog.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\seo.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\netman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\netshell.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\credui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLUSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MPRAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ACTIVEDS.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\adsldpc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RASAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WZCSvc.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WMI.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\DHCPCSVC.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WTSAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ESENT.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\WZCSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\aqueue.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\ftpsvc2.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\NntpSvc.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\ISRPC.dll [Microsoft Corporation, 6.0.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\nntpfs.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\query.dll [Microsoft Corporation, 5.2.3790.4554 (srv03_sp2_gdr.090717-1242)] C:\WINDOWS\system32\inetsrv\mailmsg.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\ntfsdrv.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 1548 / SYSTEM] D:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe [Microsoft Corporation, 2000.080.2039.00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] D:\PROGRA~1\MICROS~1\MSSQL\binn\opends60.dll [Microsoft Corporation, 2000.080.2039.00] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] D:\PROGRA~1\MICROS~1\MSSQL\binn\sqlsort.dll [Microsoft Corporation, 2000.080.2039.00] D:\PROGRA~1\MICROS~1\MSSQL\binn\ums.dll [Microsoft Corporation, 2000.080.2039.00] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] D:\PROGRA~1\MICROS~1\MSSQL\binn\Resources\2052\sqlevn70.RLL [Microsoft Corporation, 2000.080.2039.00] C:\WINDOWS\system32\NETAPI32.DLL [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\AUTHZ.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] D:\Program Files\Microsoft SQL Server\MSSQL\binn\SSNETLIB.dll [Microsoft Corporation, 2000.080.2039.00] C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\security.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] D:\PROGRA~1\MICROS~1\MSSQL\binn\SSmsLPCn.dll [Microsoft Corporation, 2000.080.2039.00] C:\WINDOWS\system32\ntdsapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.2.3790.4587 (srv03_sp2_gdr.090910-1205)] C:\WINDOWS\system32\cryptdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] D:\Program Files\Microsoft SQL Server\MSSQL\binn\SQLFTQRY.DLL [Microsoft Corporation, 2000.080.2039.00] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Common Files\System\Ole DB\sqloledb.dll [Microsoft Corporation, 2000.086.3959.00 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSDART.DLL [Microsoft Corporation, 2.82.3959.0 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Common Files\System\Ole DB\MSDATL3.dll [Microsoft Corporation, 2.82.3959.0 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Common Files\System\Ole DB\oledb32.dll [Microsoft Corporation, 2.82.3959.0 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL [Microsoft Corporation, 2.82.3959.0 (srv03_sp2_rtm.070216-1710)] [PID: 1676 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] c:\windows\system32\regsvc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 1832 / SYSTEM] C:\WINDOWS\system32\lserver.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\mstlsapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ACTIVEDS.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\adsldpc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\credui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation, 3.05.2284] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\REGAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ESENT.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VSSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcp60.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\tls236.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\es.dll [Microsoft Corporation, 2001.12.4720.4282 (srv03_sp2_gdr.080429-1914)] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.2.3790.4587 (srv03_sp2_gdr.090910-1205)] C:\WINDOWS\system32\cryptdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 1924 / SYSTEM] C:\WINDOWS\system32\XTTSmsMonitor.exe [XTTSoft, 5, 0, 6, 9] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\BugTrap.dll [IntelleSoft, 1.2.3248.41806] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\COMCTL32.dll [Microsoft Corporation, 5.82 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\COMDLG32.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 2036 / SYSTEM] C:\WINDOWS\system32\Dfssvc.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\ACTIVEDS.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\adsldpc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\credui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation, 3.05.2284] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\CLUSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTDSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RESUTILS.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] [PID: 2080 / SYSTEM] C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe [Microsoft Corporation, 9.107.8320.9] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\Program Files\Common Files\System\MSSearch\Bin\mssws.dll [Microsoft Corporation, 9.107.8320.9] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\PROGRA~1\COMMON~1\System\MSSearch\Bin\mssrch.dll [Microsoft Corporation, 9.107.8320.9] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\security.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.2.3790.4587 (srv03_sp2_gdr.090910-1205)] C:\WINDOWS\system32\cryptdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Common Files\System\MSSearch\Bin\tquery.dll [Microsoft Corporation, 9.107.8320.9] C:\PROGRA~1\COMMON~1\System\MSSearch\Bin\propdefs.dll [Microsoft Corporation, 9.107.8320.9] C:\PROGRA~1\COMMON~1\System\MSSearch\Bin\srchidx.dll [Microsoft Corporation, 9.107.8320.9] C:\WINDOWS\system32\IPROP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 2200 / SYSTEM] C:\WINDOWS\System32\svchost.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\System32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\inetsrv\iisw3adm.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\HTTPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\inetsrv\IISUTIL.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] c:\windows\system32\inetsrv\W3CACHE.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\inetsrv\W3TP.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\inetsrv\LONSINT.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IisRTL.DLL [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\System32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\ADMWPROX.DLL [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 2616 / Administrator] C:\WINDOWS\system32\Ati2evxx.exe [ATI Technologies Inc., 6.14.10.4131] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\tsappcmp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\Ati2edxx.dll [ATI Technologies, Inc., 6, 14, 10, 2500] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 2688 / Administrator] C:\WINDOWS\Explorer.EXE [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\BROWSEUI.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\SHDOCVW.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\cscui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\CSCDLL.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\themeui.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSIMG32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\tsappcmp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\msutb.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LINKINFO.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntshrui.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msi.dll [Microsoft Corporation, 3.1.4000.4042] C:\WINDOWS\system32\browselc.dll [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\COMCTL32.dll [Microsoft Corporation, 5.82 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\MLANG.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\webcheck.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\stobject.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\BatMeter.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\POWRPROF.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WTSAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETSHELL.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\credui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation, 3.05.2284] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLUSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mydocs.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\w3ext.dll [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcp60.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetsrv\uihelper.DLL [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)] C:\Program Files\WinRAR\rarext.dll [N/A] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\WINDOWS\system32\KakaExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\Program Files\Rising\Ris\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\jscript.dll [Microsoft Corporation, 5.6.0.8837] C:\WINDOWS\system32\vbscript.dll [Microsoft Corporation, 5.6.0.8835] C:\WINDOWS\system32\dfshim.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] C:\WINDOWS\system32\mscoree.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] C:\WINDOWS\system32\query.dll [Microsoft Corporation, 5.2.3790.4554 (srv03_sp2_gdr.090717-1242)] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Fusion.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\culture.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PRINTUI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ACTIVEDS.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\adsldpc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CFGMGR32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\zipfldr.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\shimgvw.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_F0B4C2DF\gdiplus.dll [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)] C:\WINDOWS\system32\actxprxy.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\JPWB.IME [常诚研制, 4.00.950] C:\WINDOWS\system32\RASDLG.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MPRAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RASAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\netcfgx.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINIPSEC.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WZCSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wlbsctrl.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADMWPROX.DLL [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 2776 / SYSTEM] C:\WINDOWS\system32\wbem\wmiprvse.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\wbem\wbemcomn.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wbem\FastProx.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcp60.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTDSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\NCObjAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\faultrep.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wbem\wbemsvc.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\wbem\wmiutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wbem\wmiprov.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WMI.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\authz.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wbem\esscli.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 2900 / Administrator] D:\UFseeyon\OA\Service\OAAdmin.EXE [Seeyon, 2.8.2.0] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\user32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\oleaut32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] D:\UFseeyon\OA\Service\borlndmm.dll [Borland Software Corporation, 7.0.4.453] C:\WINDOWS\system32\mpr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\version.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\comctl32.dll [Microsoft Corporation, 5.82 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\winspool.drv [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\shell32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wsock32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\cfgmgr32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\setupapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\tsappcmp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\HID.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\icmp.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mlang.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RICHED32.DLL [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\RICHED20.dll [Microsoft Corporation, 5.31.23.1225] D:\UFseeyon\OA\jdk\jre\bin\client\jvm.dll [Sun Microsystems, Inc., 5.0.130.5] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] D:\UFseeyon\OA\jdk\jre\bin\hpi.dll [Sun Microsystems, Inc., 5.0.130.5] D:\UFseeyon\OA\jdk\jre\bin\verify.dll [Sun Microsystems, Inc., 5.0.130.5] D:\UFseeyon\OA\jdk\jre\bin\java.dll [Sun Microsystems, Inc., 5.0.130.5] D:\UFseeyon\OA\jdk\jre\bin\zip.dll [Sun Microsystems, Inc., 5.0.130.5] D:\UFseeyon\OA\jdk\jre\bin\net.dll [Sun Microsystems, Inc., 5.0.130.5] C:\WINDOWS\System32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] D:\UFseeyon\OA\Service\dbexpmda.dll [Core Lab, 3.10.4.0] [PID: 2916 / Administrator] C:\Program Files\Rising\Ris\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.10] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\COMCTL32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\tsappcmp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\comserv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\Program Files\Rising\Ris\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\Program Files\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\WINDOWS\system32\Wtsapi32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\Program Files\Rising\Ris\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\Program Files\Rising\Ris\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\Program Files\Rising\Ris\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] C:\Program Files\Rising\Ris\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57] C:\Program Files\Rising\Ris\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\Program Files\Rising\Ris\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\Ris\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7] C:\Program Files\Rising\Ris\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\Ris\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\Program Files\Rising\Ris\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7] C:\Program Files\Rising\Ris\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.74] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] C:\Program Files\Rising\Ris\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 39] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\Program Files\Rising\Ris\scanleak.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] C:\Program Files\Rising\Ris\ravppops.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21] C:\Program Files\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\Program Files\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Ris\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] C:\Program Files\Rising\Ris\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.14] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MPRAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ACTIVEDS.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\adsldpc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\credui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation, 3.05.2284] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wsock32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\RASAPI32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\sensapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\System32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 2924 / Administrator] C:\Program Files\Rising\AntiSpyware\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\COMCTL32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\tsappcmp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\AntiSpyware\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ATL.dll [Microsoft Corporation, 3.05.2284] C:\Program Files\Rising\AntiSpyware\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\AntiSpyware\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\AntiSpyware\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\WINDOWS\system32\Wtsapi32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\AntiSpyware\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\AntiSpyware\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.44] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11] C:\Program Files\Rising\AntiSpyware\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\WINDOWS\system32\wsock32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RASAPI32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\sensapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\System32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\AntiSpyware\pscan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.94] C:\Program Files\Rising\AntiSpyware\MFC71.DLL [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msxml3.dll [Microsoft Corporation, 8.100.1048.0] C:\WINDOWS\system32\shdocvw.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mshtml.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\msls31.dll [Microsoft Corporation, 3.10.349.0] C:\WINDOWS\system32\mlang.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msimtf.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 2936 / Administrator] C:\WINDOWS\system32\ctfmon.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSUTB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 2968 / Administrator] C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation, 2000.080.2039.00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\SQLUNIRL.dll [Microsoft Corporation, 2000.080.0194.00] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\COMCTL32.dll [Microsoft Corporation, 5.82 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Microsoft SQL Server\80\Tools\Binn\W95SCM.dll [Microsoft Corporation, 2000.080.2039.00] C:\WINDOWS\system32\ODBC32.dll [Microsoft Corporation, 3.526.3959.0 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLSVC.dll [Microsoft Corporation, 2000.080.2039.00] C:\WINDOWS\system32\odbcbcp.dll [Microsoft Corporation, 2000.086.3959.00 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLRESLD.dll [Microsoft Corporation, 2000.080.2039.00] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\tsappcmp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NDDEAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\odbcint.dll [Microsoft Corporation, 3.526.3959.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\clusapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\resutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\SQLSVC.RLL [Microsoft Corporation, 2000.080.0194.00] C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\sqlmangr.RLL [Microsoft Corporation, 2000.080.0194.00] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETRAP.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 3984 / SYSTEM] C:\WINDOWS\System32\svchost.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\System32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\termsrv.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\ICAAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] c:\windows\system32\AUTHZ.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\mstlsapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\ACTIVEDS.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\adsldpc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] c:\windows\system32\credui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\ATL.DLL [Microsoft Corporation, 3.05.2284] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] c:\windows\system32\REGAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.2.3790.4587 (srv03_sp2_gdr.090910-1205)] C:\WINDOWS\System32\cryptdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 4028 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\ATL.DLL [Microsoft Corporation, 3.05.2284] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\System32\WSOCK32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\System32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\MSWSOCK.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 2888 / SYSTEM] C:\WINDOWS\system32\XTTSmsService.exe [XTTSoft, 5, 0, 6, 6] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\BugTrap.dll [IntelleSoft, 1.2.3248.41806] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\COMCTL32.dll [Microsoft Corporation, 5.82 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\COMDLG32.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\JDSmsService\XTTSmsCom.dll [XTTSoft, 5, 0, 6, 9] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ODBC32.dll [Microsoft Corporation, 3.526.3959.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\odbcint.dll [Microsoft Corporation, 3.526.3959.0 (srv03_sp2_rtm.070216-1710)] C:\Program Files\JDSmsService\XTTDBEngine.dll [XTTSOFT, 5, 0, 5, 7] C:\WINDOWS\system32\msxml3.dll [Microsoft Corporation, 8.100.1048.0] C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\mlang.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\odbccp32.dll [Microsoft Corporation, 3.526.3959.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.2.3790.4587 (srv03_sp2_gdr.090910-1205)] C:\WINDOWS\system32\cryptdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SQLSRV32.dll [Microsoft Corporation, 2000.086.3959.00 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SQLUNIRL.dll [Microsoft Corporation, 2000.080.0194.00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\NDDEAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\sqlsrv32.rll [Microsoft Corporation, 2000.086.3959.00 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DBNETLIB.DLL [Microsoft Corporation, 2000.086.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\security.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\ntdsapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DBmsLPCn.dll [Microsoft Corporation, 2000.080.2039.00] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] [PID: 2540 / SYSTEM] C:\WINDOWS\system32\cidaemon.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\query.dll [Microsoft Corporation, 5.2.3790.4554 (srv03_sp2_gdr.090717-1242)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 3788 / SYSTEM] C:\WINDOWS\system32\cidaemon.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\query.dll [Microsoft Corporation, 5.2.3790.4554 (srv03_sp2_gdr.090717-1242)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADMWPROX.DLL [Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 2564 / Administrator] C:\Program Files\Rising\AntiSpyware\knownsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\tsappcmp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\WINDOWS\system32\Wtsapi32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] [PID: 976 / Administrator] C:\WINDOWS\system32\conime.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\IMM32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 768 / SYSTEM] D:\UFseeyon\OA\Service\StartOASvr.exe [Seeyon, 2.8.2.0] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\user32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\oleaut32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\version.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\comctl32.dll [Microsoft Corporation, 5.82 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wsock32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\HID.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 3696 / SYSTEM] D:\UFseeyon\OA\mysql\bin\mysqld-nt.exe [N/A] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 3672 / SYSTEM] D:\UFseeyon\OA\Service\Tomcat_Run.exe [Seeyon, 2.8.2.0] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\user32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\oleaut32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\version.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\comctl32.dll [Microsoft Corporation, 5.82 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] D:\UFseeyon\OA\jdk\jre\bin\client\jvm.dll [Sun Microsystems, Inc., 5.0.130.5] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] D:\UFseeyon\OA\jdk\jre\bin\hpi.dll [Sun Microsystems, Inc., 5.0.130.5] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] D:\UFseeyon\OA\jdk\jre\bin\verify.dll [Sun Microsystems, Inc., 5.0.130.5] D:\UFseeyon\OA\jdk\jre\bin\java.dll [Sun Microsystems, Inc., 5.0.130.5] D:\UFseeyon\OA\jdk\jre\bin\zip.dll [Sun Microsystems, Inc., 5.0.130.5] D:\UFseeyon\OA\jdk\jre\bin\net.dll [Sun Microsystems, Inc., 5.0.130.5] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] D:\UFseeyon\OA\Service\crimsistNd32.dll [N/A] D:\UFseeyon\OA\Service\crimsistNab.dll [N/A] C:\WINDOWS\system32\IPHLPAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\HID.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 944 / SYSTEM] C:\WINDOWS\system32\svchost.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\qmgr.dll [Microsoft Corporation, 6.5.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] c:\windows\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] c:\windows\system32\SHFOLDER.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WTSAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] c:\windows\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.WinHTTP_6595b64144ccf1df_5.1.3790.4427_x-ww_FDB042FC\WINHTTP.dll [Microsoft Corporation, 5.2.3790.4427 (srv03_sp2_qfe.081215-1322)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VSSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation, 3.05.2284] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\es.dll [Microsoft Corporation, 2001.12.4720.4282 (srv03_sp2_gdr.080429-1914)] C:\WINDOWS\system32\qmgrprxy.dll [Microsoft Corporation, 6.6.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MPRAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ACTIVEDS.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\adsldpc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\credui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 5836 / SYSTEM] C:\Program Files\Rising\Ris\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] C:\Program Files\Rising\Ris\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\Ris\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.41] C:\Program Files\Rising\Ris\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] C:\Program Files\Rising\Ris\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 45] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\Program Files\Rising\Ris\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29] C:\Program Files\Rising\Ris\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] C:\Program Files\Rising\Ris\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12] C:\Program Files\Rising\Ris\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.14] C:\Program Files\Rising\Ris\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\Ris\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.2] C:\Program Files\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\Ris\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\Program Files\Rising\Ris\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\Program Files\Rising\Ris\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.5] C:\Program Files\Rising\Ris\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\WINDOWS\system32\Wtsapi32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\Program Files\Rising\Ris\RfwArp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.5] C:\WINDOWS\system32\Iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\Program Files\Rising\Ris\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] C:\Program Files\Rising\Ris\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\Ris\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\Ris\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\Ris\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 65] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\Program Files\Rising\Ris\rsindent.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11] C:\Program Files\Rising\Ris\taskplug.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] C:\Program Files\Rising\Ris\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7] C:\Program Files\Rising\Ris\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\Program Files\Rising\Ris\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\Program Files\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\Program Files\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\Program Files\Rising\Ris\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 3] C:\Program Files\Rising\Ris\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\Ris\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\Ris\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 1] C:\Program Files\Rising\Ris\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 32] C:\WINDOWS\system32\sfc.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\bawhite.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\Ris\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] C:\Program Files\Rising\Ris\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.21] C:\Program Files\Rising\Ris\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] C:\Program Files\Rising\Ris\NComm2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\Ris\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] C:\Program Files\Rising\Ris\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\COMCTL32.dll [Microsoft Corporation, 5.82 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] C:\Program Files\Rising\Ris\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] C:\Program Files\Rising\Ris\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\Program Files\Rising\Ris\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\Program Files\Rising\Ris\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\WINDOWS\system32\MPRAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ACTIVEDS.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\adsldpc.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\credui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation, 3.05.2284] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wsock32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\RASAPI32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\sensapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\Program Files\Rising\Ris\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\Program Files\Rising\Ris\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\Program Files\Rising\Ris\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\Program Files\Rising\Ris\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 62] C:\Program Files\Rising\Ris\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\Program Files\Rising\Ris\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] C:\Program Files\Rising\Ris\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\Program Files\Rising\Ris\scantj.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\Program Files\Rising\Ris\methodex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\Ris\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] C:\Program Files\Rising\Ris\heurex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 15] C:\Program Files\Rising\Ris\pecompd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] C:\Program Files\Rising\Ris\ScanRavT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] C:\Program Files\Rising\Ris\ScanBT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.18] C:\Program Files\Rising\Ris\ScanStub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\Program Files\Rising\Ris\posttrt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [PID: 368 / Administrator] C:\Program Files\arswp3\ArSwp3.exe [(Verified)Windows 清理助手, 3.0.13.0107] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\COMCTL32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\oledlg.dll [Microsoft Corporation, 1.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\WTSAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\tsappcmp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\UXTHEME.DLL [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msimg32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\shdocvw.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\asycfilt.dll [Microsoft Corporation, 5.2.3790.3959] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\mlang.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wsock32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\RASAPI32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\sensapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mshtml.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\msls31.dll [Microsoft Corporation, 3.10.349.0] C:\WINDOWS\system32\msimtf.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ImgUtil.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\pngfilt.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mshtmled.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LINKINFO.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntshrui.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mstask.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTDSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ws03res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\actxprxy.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\webcheck.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\cryptnet.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\Cabinet.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\browseui.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 1372 / NETWORK SERVICE] C:\WINDOWS\system32\wbem\wmiprvse.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\wbem\wbemcomn.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wbem\FastProx.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcp60.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NTDSAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\NCObjAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\faultrep.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wbem\wbemsvc.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\wbem\wmiutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.2.3790.4587 (srv03_sp2_gdr.090910-1205)] C:\WINDOWS\system32\cryptdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 5716 / Administrator] C:\Program Files\Rising\Ris\RsAgent.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\COMCTL32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\tsappcmp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\Program Files\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\WINDOWS\system32\Wtsapi32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\Program Files\Rising\Ris\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\msagent\agentmpx.dll [Microsoft Corporation, 5.2.3790.1242] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 3284 / Administrator] C:\WINDOWS\msagent\AgentSvr.exe [Microsoft Corporation, 5.2.3790.1242] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\msagent\agentdp2.dll [Microsoft Corporation, 5.2.3790.1242] C:\WINDOWS\system32\netapi32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\winmm.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msacm32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 1016 / Administrator] C:\Program Files\internet explorer\iexplore.exe [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHDOCVW.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\Comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\BROWSEUI.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\browselc.dll [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\COMCTL32.dll [Microsoft Corporation, 5.82 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\System32\cscui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\CSCDLL.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\UrlFilter.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation, 3.05.2284] C:\Program Files\Rising\AntiSpyware\UrlRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mlang.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wsock32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RASAPI32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\sensapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mshtml.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\msls31.dll [Microsoft Corporation, 3.10.349.0] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msimtf.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mshtmled.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ImgUtil.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\pngfilt.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\inetcplc.dll [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)] C:\Program Files\Rising\Ris\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\jscript.dll [Microsoft Corporation, 5.6.0.8837] C:\WINDOWS\system32\vbscript.dll [Microsoft Corporation, 5.6.0.8835] C:\WINDOWS\system32\dxtrans.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\ddrawex.dll [Microsoft Corporation, 5.3.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DDRAW.dll [Microsoft Corporation, 5.3.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DCIMAN32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\dxtmsft.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\msxml3.dll [Microsoft Corporation, 8.100.1048.0] C:\WINDOWS\system32\JPWB.IME [常诚研制, 4.00.950] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSRATING.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msratelc.dll [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\actxprxy.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\iepeers.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\PSTOREC.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [PID: 2740 / Administrator] C:\Program Files\Internet Explorer\IEXPLORE.EXE [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation, 5.2.3790.4480 (srv03_sp2_gdr.090321-1244)] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation, 5.2.3790.4396 (srv03_sp2_gdr.081022-1212)] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation, 5.2.3790.4502 (srv03_sp2_gdr.090424-1503)] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.2.3790.4530 (srv03_sp2_gdr.090615-1611)] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHDOCVW.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation, 5.2.3790.4202] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.2.3790.4584 (srv03_sp2_gdr.090904-1300)] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.2.3790.4392 (srv03_sp2_gdr.081016-1620)] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\Comctl32.dll [Microsoft Corporation, 6.0 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation, 6.00.3790.4516 (srv03_sp2_gdr.090518-1415)] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\BROWSEUI.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\browselc.dll [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\COMCTL32.dll [Microsoft Corporation, 5.82 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\System32\cscui.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\CSCDLL.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\UrlFilter.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation, 3.05.2284] C:\Program Files\Rising\AntiSpyware\UrlRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mlang.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\wsock32.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\RASAPI32.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\sensapi.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mshtml.dll [Microsoft Corporation, 6.00.3790.4611 (srv03_sp2_gdr.091029-1314)] C:\WINDOWS\system32\msls31.dll [Microsoft Corporation, 3.10.349.0] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\msimtf.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\Program Files\Rising\Ris\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\jscript.dll [Microsoft Corporation, 5.6.0.8837] C:\WINDOWS\system32\vbscript.dll [Microsoft Corporation, 5.6.0.8835] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\drprov.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\ntlanman.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\NETUI0.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\System32\NETUI1.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\System32\SAMLIB.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\System32\davclnt.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\security.dll [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] C:\WINDOWS\system32\digest.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\pstorec.dll [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\mshtmled.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] C:\WINDOWS\system32\actxprxy.dll [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)] ================================================================ 文件关联 [.txt] <%SystemRoot%\system32\NOTEPAD.EXE %1> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [.log] <%SystemRoot%\system32\NOTEPAD.EXE %1> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [.ini] <%SystemRoot%\system32\NOTEPAD.EXE %1> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [.inf] <%SystemRoot%\system32\NOTEPAD.EXE %1> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [.hlp] <%SystemRoot%\System32\winhlp32.exe %1> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [.vbs] <%SystemRoot%\System32\WScript.exe "%1" %*> [Microsoft Corporation, 5.6.0.8832] [ .js] <%SystemRoot%\System32\WScript.exe "%1" %*> [Microsoft Corporation, 5.6.0.8832] [.chm] <"C:\WINDOWS\hh.exe" %1> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [.reg] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [.chm] <"C:\WINDOWS\hh.exe" %1> [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] ================================================================ Autorun.Inf ================================================================ Winsock提供者 [MSAFD Tcpip [TCP/IP]] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] [MSAFD Tcpip [UDP/IP]] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] [MSAFD Tcpip [RAW/IP]] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] [RSVP UDP Service Provider] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] [RSVP TCP Service Provider] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{D4796A39-4AD4-4DFE-A0BB-4FACFE7793C5}] SEQPACKET 0] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{D4796A39-4AD4-4DFE-A0BB-4FACFE7793C5}] DATAGRAM 0] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{2481F293-A38C-42EA-BC56-0D072646E0FD}] SEQPACKET 1] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{2481F293-A38C-42EA-BC56-0D072646E0FD}] DATAGRAM 1] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{31FD8743-A3EF-48E6-814A-1ACEF60992B4}] SEQPACKET 2] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{31FD8743-A3EF-48E6-814A-1ACEF60992B4}] DATAGRAM 2] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.2.3790.4318 (srv03_sp2_gdr.080620-1216)] ================================================================ 隐藏进程 [PID: 2700] C:\WINDOWS\system32\conime.exe [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] ================================================================ 可疑文件 ================================================================ HOSTS 127.0.0.1 localhost [/CODE]