[CODE]

2010-06-07,22:18:53

System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)

Windows Server 2003 Enterprise Edition Service Pack 2 (Build 3790) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    Windows 安全更新检查
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Component Publisher]
    <IMEKRMIG6.1><C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>  [(Verified)Microsoft Windows Component Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Component Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Component Publisher]
    <MtxHotPlugService><C:\WINDOWS\system32\MtxHotPlugService.exe v>  [File is missing]
    <PWRISOVM.EXE><C:\Program Files\PowerISO\PWRISOVM.EXE>  [PowerISO Computing, Inc.]
    <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><%SystemRoot%\system32\logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wminotify]
    <WinlogonNotify: wminotify><wminotify.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <Internet Explorer 版本更新><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\INF\unregmp2.exe /HideWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}]
    <%IEHARDENADMIN_BASE_DESC%><%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenAdmin>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}]
    <%IEHARDENUSER_DESC%><%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenUser>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.EXE]
    <IFEO[sethc.EXE]><C:\WINDOWS\explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\System32\logon.scr>  [(Verified)Microsoft Windows Component Publisher]

==================================
启动文件夹
[服务管理器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\服务管理器.lnk --> C:\PROGRA~1\MICROS~1\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N>

==================================
服务
[NET Shell / ai0svc][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\Documents and Settings\Local User\ntuser.dll><N/A>
[Symantec Event Manager / ccEvtMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation>
[DSM SA Event Manager / dcevt32][Running/Auto Start]
  <"C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr32.exe"><Dell Inc.>
[DSM SA Data Manager / dcstor32][Running/Auto Start]
  <"C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr32.exe"><Dell Inc.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[mr2kserv / mr2kserv][Running/Auto Start]
  <"C:\Program Files\Dell\SysMgt\sm\mr2kserv.exe"><LSI  Logic Corporation>
[Microsoft Search / MSSEARCH][Running/Auto Start]
  <"C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe"><Microsoft Corporation>
[MSSQLSERVER / MSSQLSERVER][Running/Auto Start]
  <C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[DSM SA Shared Services / omsad][Running/Auto Start]
  <"C:\Program Files\Dell\SysMgt\oma\bin\dsm_om_shrsvc32.exe"><Dell Inc.>
[DSM SA Connection Service / Server Administrator][Running/Auto Start]
  <"C:\Program Files\Dell\SysMgt\iws\bin\win32\dsm_om_connsvc32.exe"><>
[Symantec Management Client / SmcService][Running/Auto Start]
  <"C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe"><Symantec Corporation>
[Symantec Network Access Control / SNAC][Stopped/Manual Start]
  <"C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE"><Symantec Corporation>
[SQLSERVERAGENT / SQLSERVERAGENT][Running/Auto Start]
  <C:\Program Files\Microsoft SQL Server\MSSQL\binn\sqlagent.exe -i MSSQLSERVER><Microsoft Corporation>
[Symantec Endpoint Protection / Symantec AntiVirus][Running/Auto Start]
  <"C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe"><Symantec Corporation>

==================================
驱动程序
[Broadcom NetXtreme II VBD / b06bdrv][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\bxvbdx.sys><Broadcom Corporation>
[System Management Driver / dcdbas][Running/Manual Start]
  <system32\DRIVERS\dcdbas32.sys><Dell Inc.>
[Symantec Eraser Control driver / eeCtrl][Running/System Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation>
[EraserUtilRebootDrv / EraserUtilRebootDrv][Running/Manual Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys><Symantec Corporation>
[G200eW / G200eW][Running/Manual Start]
  <system32\DRIVERS\G200eWm.sys><Matrox Graphics Inc.>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
  <system32\DRIVERS\ipinip.sys><N/A>
[Broadcom NetXtreme II BXND / l2nd][Running/Manual Start]
  <system32\DRIVERS\bxnd52x.sys><Broadcom Corporation>
[NAVENG / NAVENG][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100601.023\NAVENG.SYS><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100601.023\NAVEX15.SYS><Symantec Corporation>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <system32\DRIVERS\npf.sys><CACE Technologies>
[percsas / percsas][Running/Boot Start]
  <\SystemRoot\system32\drivers\percsas.sys><LSI Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SPBBCDrv / SPBBCDrv][Running/System Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
[SRTSP / SRTSP][Running/System Start]
  <System32\Drivers\SRTSP.SYS><Symantec Corporation>
[SRTSPL / SRTSPL][Stopped/Manual Start]
  <System32\Drivers\SRTSPL.SYS><Symantec Corporation>
[SRTSPX / SRTSPX][Running/System Start]
  <System32\Drivers\SRTSPX.SYS><Symantec Corporation>
[SymEvent / SymEvent][Running/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS><Symantec Corporation>
[SysPlant for NT / SysPlant][Running/Boot Start]
  <\SystemRoot\SYSTEM32\Drivers\SysPlant.sys><Symantec Corporation>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[Teefer2 Miniport / Teefer2][Running/Manual Start]
  <system32\DRIVERS\teefer2.sys><Symantec Corporation>
[WPS / WPS][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys><Symantec Corporation>
[WpsHelper / WpsHelper][Running/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\WpsHelper.sys><Symantec Corporation>

==================================
浏览器加载项
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <, >
[]
  {548BF84E-9665-47F9-B635-7380F8943E90} <, >
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\userdata\Components\InMedia\MediaAddin.dll, N/A>
[]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <, >
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[]
  {9701758C-4373-482E-B13C-776C048EC890} <, >
[]
  {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <, >
[HallToolkit Class]
  {A24E6133-404F-4431-A296-2DE576FC5AEE} <C:\Program Files\Common Files\Thunder Network\XLGame\HallTool.1.0.0.5.(528).dll, (Signed) 深圳市迅雷网络技术有限公司>
[APlayer Control]
  {A9322148-C691-4B9D-91FC-B9C461DBE9DD} <C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll, (Signed) ShenZhen Thunder Networking Technologies, LTD>
[]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx, (Signed) Adobe Systems, Inc.>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>

==================================
正在运行的进程
[PID: 364 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 412 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 436 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\wminotify.dll]  [Microsoft Corporation, 5.1.2600.2180]
[PID: 484 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.2.3790.4455 (srv03_sp2_gdr.090203-1205)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 496 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 652 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 732 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 804 / SYSTEM][C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\Trident.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\SyLog.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\SyLink.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\DataMan.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3BF8FA05\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\tse.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\PSSensor.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\SSSensor.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\SpNet.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\NacManager.plg]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\IdsTrafficPipe.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\wpsman.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\tfman.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\SgHI.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\Netport.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Common Files\Symantec Shared\ccL608.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\SmcRes.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\AVMan.plg]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\devman.plg]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\GUProxy.plg]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\LuMan.plg]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\sfman.plg]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\AvManRes.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\AvPluginImpl.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_CBB27474\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\GUProxyRes.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\LUManRes.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\SfManRes.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\DevManRes.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\SgHIRes.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Common Files\Symantec Shared\ccL60U.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\WGXMAN.DLL]  [Symantec Corporation, 11.0.2000.151]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\SpNetRes.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\TseRes.dll]  [Symantec Corporation, 11.0.2000.1231]
[PID: 820 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 848 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 884 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\SymRasMan.dll]  [Symantec Corporation, 11.0.2000.151]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\RasSymEap.dll]  [Symantec Corporation, 11.0.2000.151]
    [c:\documents and settings\local user\ntuser.dll]  [N/A, ]
[PID: 984 / SYSTEM][C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe]  [Symantec Corporation, 106.3.6.9]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Common Files\Symantec Shared\ccL60U.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ccSvc.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETPLG.DLL]  [Symantec Corporation, 106.3.6.9]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SAVSUB~1\SUBENG.DLL]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\SUBRES.loc]  [Symantec Corporation, 11.0.2000.1253]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEVTPLG.DLL]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SAVSUB~1\SubConn.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL]  [Symantec Corporation, 3.3.6.8]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\SRTSP32.DLL]  [Symantec Corporation, 10.2.4.3]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\SAVSubmitter.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL]  [Symantec Corporation, 106.3.6.9]
    [C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.5057.0]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\SAVSubmitterRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll]  [Symantec Corporation, 3.3.16.0]
    [C:\Program Files\Common Files\Symantec Shared\dec_abi.dll]  [Symantec Corporation, 1.1.1.39]
    [C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll]  [Symantec Corporation, 3.3.6.8]
[PID: 1380 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 1420 / NETWORK SERVICE][C:\WINDOWS\system32\msdtc.exe]  [(Verified) Microsoft Corporation, 2001.12.4720.4340 (srv03_sp2_gdr.080723-1210)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 1552 / SYSTEM][C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr32.exe]  [Dell Inc., 5.9.2 (BLD_6482)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Dell\SysMgt\shared\bin\dcsupt32.dll]  [Dell Inc., 5.9.2 (BLD_6482)]
    [C:\Program Files\Dell\SysMgt\oma\bin\omaep32.dll]  [, 3.4.0]
    [C:\Program Files\Dell\SysMgt\oma\bin\omacs32.dll]  [Dell Inc., 1.11.0]
    [C:\Program Files\Dell\SysMgt\oma\bin\dsupt32.dll]  [Dell Inc., 1.11.0]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Dell\SysMgt\dataeng\bin\dcsgen32.dll]  [Dell Inc., 5.9.2 (BLD_6482)]
    [C:\Program Files\Dell\SysMgt\dataeng\bin\dcsmil32.dll]  [Dell Inc., 5.9.2 (BLD_6482)]
    [C:\Program Files\Dell\SysMgt\omsa\bin\dcisep32.dll]  [Dell Inc., 5.9.2 (BLD_6453)]
    [C:\Program Files\Dell\SysMgt\sm\dsm_sm_dcsipe32.dll]  [Dell Inc., 3.2.0.242]
    [C:\Program Files\Dell\SysMgt\sm\dsm_sm_evtmsg32.dll]  [Dell Inc., 3.2.0.242]
    [C:\Program Files\Dell\SysMgt\oma\bin\xmlsup32.dll]  [Dell Inc., 3.2.0]
    [C:\Program Files\Dell\SysMgt\sm\dsm_sm_queue32.dll]  [Dell Inc., 3.2.0.242]
    [C:\Program Files\Dell\SysMgt\omsa\bin\dcship32.dll]  [Dell Inc., 5.9.2 (BLD_6453)]
[PID: 1576 / SYSTEM][C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr32.exe]  [Dell Inc., 5.9.2 (BLD_6482)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Dell\SysMgt\shared\bin\dcsupt32.dll]  [Dell Inc., 5.9.2 (BLD_6482)]
    [C:\Program Files\Dell\SysMgt\omsa\bin\dcadpt32.dll]  [Dell Inc., 5.9.2 (BLD_6453)]
    [C:\Program Files\Dell\SysMgt\shared\bin\bmapi.dll]  [Broadcom Corporation, 7, 17, 11, 0]
    [C:\Program Files\Dell\SysMgt\omsa\bin\dccoop32.dll]  [Dell Inc., 5.9.2 (BLD_6453)]
    [C:\Program Files\Dell\SysMgt\omsa\bin\dciemp32.dll]  [Dell Inc., 5.9.2 (BLD_6453)]
    [C:\WINDOWS\system32\dchipm32.dll]  [Dell Inc., 5.9.2 (BLD_6452)]
    [C:\Program Files\Dell\SysMgt\omsa\bin\dcienv32.dll]  [Dell Inc., 5.9.2 (BLD_6453)]
    [C:\WINDOWS\system32\dchbas32.dll]  [Dell Inc., 5.9.2 (BLD_6452)]
    [C:\Program Files\Dell\SysMgt\omsa\bin\dclra32.dll]  [Dell Inc., 5.9.2 (BLD_6453)]
    [C:\Program Files\Dell\SysMgt\omsa\bin\dcosp32.dll]  [Dell Inc., 5.9.2 (BLD_6453)]
    [C:\Program Files\Dell\SysMgt\omsa\bin\dcsecp32.dll]  [Dell Inc., 5.9.2 (BLD_6453)]
    [C:\Program Files\Dell\SysMgt\omsa\bin\dcwfm32.dll]  [Dell Inc., 5.9.2 (BLD_6453)]
    [C:\Program Files\Dell\SysMgt\omsa\bin\dcifru32.dll]  [Dell Inc., 5.9.2 (BLD_6453)]
    [C:\Program Files\Dell\SysMgt\sm\dsm_sm_ral32.dll]  [Dell Inc., 3.2.0.242]
    [C:\Program Files\Dell\SysMgt\sm\dsm_sm_queue32.dll]  [Dell Inc., 3.2.0.242]
    [C:\Program Files\Dell\SysMgt\sm\DSM_SM_VAL.dll]  [Dell Inc., 3.2.0.242]
    [C:\Program Files\Dell\SysMgt\sm\dellvl\dsm_sm_lsivil.dll]  [Dell Inc., 3.2.0.242]
    [C:\Program Files\Dell\SysMgt\sm\Megalib.dll]  [LSI Logic Corporation, 5, 37, 0, 0]
    [C:\Program Files\Dell\SysMgt\sm\dellvl\dsm_sm_afavil.dll]  [Dell Inc., 3.2.0.242]
    [C:\Program Files\Dell\SysMgt\sm\afaapi.dll]  [Adaptec, Inc., 4.1.0.7433]
    [C:\Program Files\Dell\SysMgt\sm\afaappse.dll]  [Adaptec, Inc., 4.1.0.7431]
    [C:\Program Files\Dell\SysMgt\sm\dellvl\dsm_sm_enclvil.dll]  [Dell Inc., 3.2.0.242]
    [C:\Program Files\Dell\SysMgt\sm\dellvl\dsm_sm_nrsvil.dll]  [Dell Inc., 3.2.0.242]
    [C:\Program Files\Dell\SysMgt\sm\DSM_SM_HEL.dll]  [Dell Inc., 3.2.0.242]
    [C:\Program Files\Dell\SysMgt\sm\dellvl\dsm_sm_sasvil.dll]  [Dell Inc., 3.2.0.242]
    [C:\Program Files\Dell\SysMgt\sm\storelib.dll]  [LSI Corporation, 3, 33, 0, 0]
    [C:\Program Files\Dell\SysMgt\sm\storelibir.dll]  [LSI Corporation, 4, 31, 0, 0]
    [C:\Program Files\Dell\SysMgt\sm\storelibir-2.dll]  [LSI Corporation, 1, 16, 0, 0]
    [C:\Program Files\Dell\SysMgt\sm\dellvl\dsm_sm_sasenclvil.dll]  [Dell Inc., 3.2.0.242]
    [C:\Program Files\Dell\SysMgt\dataeng\bin\dcsmil32.dll]  [Dell Inc., 5.9.2 (BLD_6482)]
[PID: 1604 / SYSTEM][C:\WINDOWS\System32\dns.exe]  [(Verified) Microsoft Corporation, 5.2.3790.4460 (srv03_sp2_gdr.090216-1205)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 1672 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 1780 / SYSTEM][C:\WINDOWS\system32\inetsrv\inetinfo.exe]  [(Verified) Microsoft Corporation, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 1844 / SYSTEM][C:\Program Files\Dell\SysMgt\sm\mr2kserv.exe]  [LSI  Logic Corporation, 1, 0, 1, 0]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 2052 / SYSTEM][C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.2055.00 Hotfix 2280]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\PROGRA~1\MICROS~1\MSSQL\binn\opends60.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlsort.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\PROGRA~1\MICROS~1\MSSQL\binn\ums.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\PROGRA~1\MICROS~1\MSSQL\binn\Resources\2052\sqlevn70.RLL]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\binn\SSNETLIB.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\PROGRA~1\MICROS~1\MSSQL\binn\SSmsLPCn.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\PROGRA~1\MICROS~1\MSSQL\binn\SSnmPN70.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\binn\SQLFTQRY.DLL]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\PROGRA~1\MICROS~1\MSSQL\binn\xpsqlbot.dll]  [Microsoft Corporation, 2000.080.2039.00]
[PID: 2076 / SYSTEM][C:\Program Files\Dell\SysMgt\oma\bin\dsm_om_shrsvc32.exe]  [Dell Inc., 3.8.0]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Dell\SysMgt\oma\bin\omacs32.dll]  [Dell Inc., 1.11.0]
    [C:\Program Files\Dell\SysMgt\oma\bin\dsupt32.dll]  [Dell Inc., 1.11.0]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Dell\SysMgt\oma\bin\omsas32.dll]  [Dell Inc., 3.8.0]
    [C:\Program Files\Dell\SysMgt\oma\bin\dnet32.dll]  [Dell Inc., 1.11.0]
    [C:\Program Files\Dell\SysMgt\oma\bin\dweb32.dll]  [Dell Inc., 1.11.0]
    [C:\Program Files\Dell\SysMgt\oma\bin\devent32.dll]  [Dell Inc., 3.8.0]
    [C:\Program Files\Dell\SysMgt\oma\bin\omintf32.dll]  [Dell Inc., 3.8.0]
[PID: 2200 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 2252 / SYSTEM][C:\Program Files\Dell\SysMgt\iws\bin\win32\dsm_om_connsvc32.exe]  [, 3.8.0]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Dell\SysMgt\jre\bin\client\jvm.dll]  [Sun Microsystems, Inc., 14.0.0.16]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Dell\SysMgt\jre\bin\verify.dll]  [Sun Microsystems, Inc., 6.0.140.8]
    [C:\Program Files\Dell\SysMgt\jre\bin\java.dll]  [Sun Microsystems, Inc., 6.0.140.8]
    [C:\Program Files\Dell\SysMgt\jre\bin\hpi.dll]  [Sun Microsystems, Inc., 6.0.140.8]
    [C:\Program Files\Dell\SysMgt\jre\bin\zip.dll]  [Sun Microsystems, Inc., 6.0.140.8]
    [C:\Program Files\Dell\SysMgt\oma\bin\omajdb32.dll]  [Dell Inc., 3.8.0]
    [C:\Program Files\Dell\SysMgt\oma\bin\omacs32.dll]  [Dell Inc., 1.11.0]
    [C:\Program Files\Dell\SysMgt\oma\bin\omadb32.dll]  [Dell Inc., 3.8.0]
    [C:\Program Files\Dell\SysMgt\oma\bin\csda32.dll]  [Dell Inc., 3.8.0]
    [C:\Program Files\Dell\SysMgt\oma\bin\dsupt32.dll]  [Dell Inc., 1.11.0]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Dell\SysMgt\oma\bin\hipda32.dll]  [Dell Inc., 3.8.0]
    [C:\Program Files\Dell\SysMgt\omsa\bin\dcship32.dll]  [Dell Inc., 5.9.2 (BLD_6453)]
    [C:\Program Files\Dell\SysMgt\shared\bin\dcsupt32.dll]  [Dell Inc., 5.9.2 (BLD_6482)]
    [C:\Program Files\Dell\SysMgt\dataeng\bin\dcsgen32.dll]  [Dell Inc., 5.9.2 (BLD_6482)]
    [C:\Program Files\Dell\SysMgt\dataeng\bin\dcsmil32.dll]  [Dell Inc., 5.9.2 (BLD_6482)]
    [C:\Program Files\Dell\SysMgt\dataeng\bin\dcecfl32.dll]  [Dell Inc., 5.9.2 (BLD_6482)]
    [C:\Program Files\Dell\SysMgt\jre\bin\sunmscapi.dll]  [Sun Microsystems, Inc., 6.0.140.8]
    [C:\Program Files\Dell\SysMgt\jre\bin\net.dll]  [Sun Microsystems, Inc., 6.0.140.8]
[PID: 2272 / SYSTEM][C:\WINDOWS\system32\tcpsvcs.exe]  [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 2324 / SYSTEM][C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe]  [Symantec Corporation, 11.0.2000.1253]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\system32\CBA.DLL]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\WINDOWS\system32\MsgSys.dll]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\WINDOWS\system32\NTS.dll]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\WINDOWS\system32\PDS.DLL]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\I2ldvp3.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Common Files\Symantec Shared\ccL608.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\ActaRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\PScanRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\NAVNTUTL.DLL]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\ScsComms_VC8.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Common Files\Symantec Shared\Global Exceptions\GEDataStore.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Common Files\Symantec Shared\ccL60U.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\dec_abi.dll]  [Symantec Corporation, 1.1.1.39]
    [C:\Program Files\Common Files\Symantec Shared\ccScanw.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL]  [Symantec Corporation, 61.3.0.17]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100601.023\ccEraser.dll]  [Symantec Corporation, 110.1.0.78]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100601.023\ecmsvr32.dll]  [Symantec Corporation, 101.1.0.75]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100601.023\NAVEX32a.DLL]  [Symantec Corporation, 20101.1.0.89]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100601.023\NAVENG32.DLL]  [Symantec Corporation, 20101.1.0.89]
    [C:\Program Files\Common Files\Symantec Shared\SRTSP\SRTSP32.DLL]  [Symantec Corporation, 10.2.4.3]
    [C:\Program Files\Common Files\Symantec Shared\MSL\msl.dll]  [Symantec Corporation, 5.1.0001.0000]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ccSvc.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\SymProtectStorage.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll]  [Symantec Corporation, 3.3.6.8]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\RTVScanPS.dll]  [Symantec Corporation, 11.0.2000.1253]
[PID: 2460 / LOCAL SERVICE][C:\WINDOWS\system32\tlntsvr.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 2556 / SYSTEM][C:\WINDOWS\System32\wins.exe]  [(Verified) Microsoft Corporation, 5.2.3790.4520 (srv03_sp2_gdr.090528-1435)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 2596 / SYSTEM][C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe]  [Microsoft Corporation, 9.107.8320.9]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Common Files\System\MSSearch\Bin\mssws.dll]  [Microsoft Corporation, 9.107.8320.9]
    [C:\PROGRA~1\COMMON~1\System\MSSearch\Bin\mssrch.dll]  [Microsoft Corporation, 9.107.8320.9]
    [C:\Program Files\Common Files\System\MSSearch\Bin\tquery.dll]  [Microsoft Corporation, 9.107.8320.9]
    [C:\PROGRA~1\COMMON~1\System\MSSearch\Bin\propdefs.dll]  [Microsoft Corporation, 9.107.8320.9]
    [C:\PROGRA~1\COMMON~1\System\MSSearch\Bin\srchidx.dll]  [Microsoft Corporation, 9.107.8320.9]
[PID: 2660 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL\binn\sqlagent.exe]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Microsoft SQL Server\MSSQL\binn\SQLRESLD.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Microsoft SQL Server\MSSQL\binn\SQLSVC.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\binn\W95SCM.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\binn\SEMMAP.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\binn\Resources\2052\SQLSVC.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\binn\Resources\2052\SEMMAP.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\binn\Resources\2052\sqlagent.RLL]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\binn\SQLAGENT.DLL]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\SQLCMDSS.DLL]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\Resources\2052\SQLCMDSS.RLL]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\SQLREPSS.DLL]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\Resources\2052\SQLREPSS.RLL]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\SQLATXSS.DLL]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\binn\ATXCORE.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\binn\Resources\2052\ATXCORE.RLL]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\Resources\2052\SQLATXSS.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\BINN\AXSCPHST.DLL]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\BINN\Resources\2052\AXSCPHST.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\WINDOWS\system32\DBmsLPCn.dll]  [Microsoft Corporation, 2000.080.2039.00]
[PID: 3268 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [(Verified) Microsoft Corporation, 5.2.3790.4455 (srv03_sp2_gdr.090203-1205)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 3476 / NETWORK SERVICE][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [(Verified) Microsoft Corporation, 5.2.3790.4455 (srv03_sp2_gdr.090203-1205)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 4032 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 612 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 1356 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 3108 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 3184 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\wminotify.dll]  [Microsoft Corporation, 5.1.2600.2180]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [, ]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0306]
[PID: 3468 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 3736 / Administrator][C:\WINDOWS\system32\rdpclip.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 2260 / Administrator][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\WinRAR\rarext.dll]  [, ]
    [C:\Program Files\PowerISO\PWRISOSH.DLL]  [PowerISO Computing, Inc., 4, 2, 0, 0]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\vpshell2.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Common Files\Symantec Shared\ccL608.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\VpShellRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\SnacNp.dll]  [Symantec Corporation, 11.0.2000.151]
[PID: 2168 / Administrator][C:\WINDOWS\system32\conime.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 2492 / Administrator][C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\DataMan.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\SyLog.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\SpNet.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\NacManager.plg]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3BF8FA05\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_CBB27474\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Common Files\Symantec Shared\ccL608.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\SmcGuiRes.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\SpNetRes.dll]  [Symantec Corporation, 11.0.2000.1231]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\RTVScanPS.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\devman.plg]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Common Files\Symantec Shared\ccL60U.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.5057.0]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ccSvc.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ccAlert.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\Cliproxy.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\ActaRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\PScanRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\NAVNTUTL.DLL]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\ProtectionUtil.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3BF8FA05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Common Files\Symantec Shared\ccL60U8.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\ProtectionUtilRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\ProtectionProviderPS.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\SavMainUI.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\SavMainUIRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll]  [Symantec Corporation, 3.3.6.8]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\ScsComms_VC8.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\HPPProtectionProviderUI.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\HPPProtectionproviderUIRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\WINDOWS\system32\nts.dll]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\WINDOWS\system32\cba.dll]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\WINDOWS\system32\MsgSys.dll]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\WINDOWS\system32\PDS.DLL]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\Program Files\Common Files\Symantec Shared\SRTSP\SRTSP32.DLL]  [Symantec Corporation, 10.2.4.3]
[PID: 2432 / Administrator][C:\WINDOWS\system32\MtxHotPlugService.exe]  [N/A, ]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 2448 / Administrator][C:\Program Files\PowerISO\PWRISOVM.EXE]  [PowerISO Computing, Inc., 4, 2, 0, 0]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 980 / Administrator][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 106.3.6.9]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Common Files\Symantec Shared\ccL60U.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 106.3.6.9]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 106.3.6.9]
    [C:\PROGRA~1\SYMANTEC\SYMANT~1\SAVSES~1.DLL]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll]  [Symantec Corporation, 6.1.7.18]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.5057.0]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\COH\sH0007.dll]  [Symantec Corporation, 6,1,7,18]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll]  [Symantec Corporation, 106.3.6.9]
[PID: 2652 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 1716 / Administrator][C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\W95SCM.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLSVC.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLRESLD.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\SQLSVC.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\sqlmangr.RLL]  [Microsoft Corporation, 2000.080.0194.00]
[PID: 1976 / Administrator][C:\WINDOWS\system32\mmc.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 2360 / Administrator][C:\Program Files\Symantec\Symantec Endpoint Protection\SymCorpUI.exe]  [Symantec Corporation, 11.0.2000.1253]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3BF8FA05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Common Files\Symantec Shared\ccL60U8.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\SymCorpUIRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\ActaRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\ProtectionProviderPS.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\ProtectionUtil.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_CBB27474\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Common Files\Symantec Shared\ccL60U.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\ProtectionUtilRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\SavMainUI.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\SavMainUIRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll]  [Symantec Corporation, 3.3.6.8]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Common Files\Symantec Shared\ccSvc.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\ScsComms_VC8.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\HPPProtectionProviderUI.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\HPPProtectionproviderUIRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\Cliproxy.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Common Files\Symantec Shared\ccL608.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\PScanRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\NAVNTUTL.DLL]  [Symantec Corporation, 11.0.2000.1253]
    [C:\WINDOWS\system32\nts.dll]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\WINDOWS\system32\cba.dll]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\WINDOWS\system32\MsgSys.dll]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\WINDOWS\system32\PDS.DLL]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\Program Files\Common Files\Symantec Shared\SRTSP\SRTSP32.DLL]  [Symantec Corporation, 10.2.4.3]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 106.3.6.9]
[PID: 4168 / Administrator][C:\Program Files\Symantec\Symantec Endpoint Protection\SavUI.exe]  [Symantec Corporation, 11.0.2000.1253]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\scandlgs.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3BF8FA05\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Common Files\Symantec Shared\ccL608.dll]  [Symantec Corporation, 106.3.6.9]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\ScanDlgsRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Common Files\Symantec Shared\SRTSP\SRTSP32.DLL]  [Symantec Corporation, 10.2.4.3]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\LDVPCtls.ocx]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\LDVPCtlsRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\Cliproxy.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\ActaRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\res\2052\PScanRes.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\NAVNTUTL.DLL]  [Symantec Corporation, 11.0.2000.1253]
    [C:\Program Files\Symantec\Symantec Endpoint Protection\ScsComms_VC8.dll]  [Symantec Corporation, 11.0.2000.1253]
    [C:\WINDOWS\system32\nts.dll]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\WINDOWS\system32\cba.dll]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\WINDOWS\system32\MsgSys.dll]  [LANDesk Software Ltd., 6.12.0.148 E]
    [C:\WINDOWS\system32\PDS.DLL]  [LANDesk Software Ltd., 6.12.0.148 E]
[PID: 4376 / LOCAL SERVICE][C:\WINDOWS\System32\logon.scr]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 5628 / Administrator][F:\sreng\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.2.1321]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
[PID: 5636 / Administrator][F:\sreng\SREc8ca814e.EXE]  [Smallfrogs Studio, 2.8.2.1321]
    [C:\WINDOWS\SYSTEM32\SYSFER.DLL]  [Symantec Corporation, 11.0.2000.1231]
    [F:\sreng\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost

==================================
进程特权扫描
N/A

==================================
计划任务
N/A

==================================
Windows 安全更新检查
N/A

==================================
API HOOK
入口点错误：NtCreateFile (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：NtCreateKey (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：NtCreateThread (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：NtDeleteFile (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：NtOpenKey (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：NtRenameKey (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：NtSetInformationFile (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：NtSetValueKey (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：NtTerminateProcess (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：ZwCreateFile (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：ZwCreateKey (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：ZwCreateThread (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：ZwDeleteFile (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：ZwOpenFile (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：ZwRenameKey (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：ZwSetInformationFile (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：ZwSetValueKey (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)
入口点错误：ZwTerminateProcess (危险等级: 一般,  被下面模块所HOOK: C:\WINDOWS\SYSTEM32\SYSFER.DLL)

==================================
隐藏进程
N/A

==================================


[/CODE]