高手们，帮分析下这个报告，在线等

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

报告呢？
看不见
报告放附件里
点击我回的贴的右下角的“引用”，然后就应该知道怎么以附件发了

[quote] 原帖由 wwzj218 于 2008-9-14 11:08:00 发表
高手们，帮分析下这个报告，在线等

报告在哪里？

晕。。符件上传不上来。。我把内容写在这里给大家看看，谢谢了

也行
要完整
一字不漏！！！

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Component Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Component Publisher]
    <网吧存储服务器><D:\网吧存储器\NBRamSer.exe>  []
    <3PMmUpdate><rundll32 "C:\WINDOWS\Update.dll",Main>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><%SystemRoot%\system32\logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
    <sysocmgr><>  [N/A]
    <ThunderAdvise><>  [N/A]
    <wqcurpud.dll><>  [N/A]
    <twainyy.dll><>  [N/A]
    <lkmltman.dll><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\INF\unregmp2.exe /HideWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}]
    <%IEHARDENADMIN_BASE_DESC%><%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenAdmin>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}]
    <%IEHARDENUSER_DESC%><%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenUser>  [(Verified)Microsoft Windows Component Publisher]

==================================
启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[NVIDIA Compatible Windows Miniport Driver / cdralw][Stopped/]
  <2 - 系统找不到指定的文件。
><N/A>
[Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
  <system32\DRIVERS\ipinip.sys><N/A>
[NDIS5.1 Miniport Driver for D-Link PCI Express Ethernet Controller / m4cxw2k3][Running/Manual Start]
  <system32\DRIVERS\m4cxw2k3.sys><D-Link Corporation>
[otshr / otshr][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\otshr.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\NetBarThunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\NetBarThunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[启动网吧版迅雷服务端]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\NetBarThunder\NetBarThunder.exe, Thunder Networking Technologies,LTD>
[雨林木风]
  {6096E38F-5AC1-1200-8EC4-75DFA92FB32F} <http://bbs.ylmf.com, N/A>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\NetBarThunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[]
  {6096E38F-5AC1-1200-8EC4-75DFA92FB32F} <, >
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\NetBarThunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, (Signed) Adobe Systems, Inc.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\NetBarThunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\NetBarThunder\Program\GetAllUrl.htm, N/A>
==================================
正在运行的进程
[PID: 304][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 352][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\CSRSRV.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\basesrv.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\winsrv.dll]  [Microsoft Corporation, 5.2.3790.4043 (srv03_sp2_qfe.070318-2357)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_qfe.070228-0030)]
    [C:\WINDOWS\system32\KERNEL32.dll]  [Microsoft Corporation, 5.2.3790.4062 (srv03_sp2_qfe.070417-0203)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_qfe.070228-0030)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.2.3790.4036 (srv03_sp2_qfe.070305-2330)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.2.3790.4115 (srv03_sp2_qfe.070709-2335)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\sxs.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 376][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.2.3790.4062 (srv03_sp2_qfe.070417-0203)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.2.3790.4036 (srv03_sp2_qfe.070305-2330)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.2.3790.4115 (srv03_sp2_qfe.070709-2335)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_qfe.070228-0030)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_qfe.070228-0030)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\NDdeApi.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\PROFMAP.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\REGAPI.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\MSGINA.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\SHSVCS.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\sfc.dll]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\imagehlp.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\apphelp.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WINSCARD.DLL]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WTSAPI32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\shell32.dll]  [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_qfe.071106-1258)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\wldap32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\cscdll.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\dimsntfy.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WlNotify.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\MPR.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.2.3790.4098]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\cscui.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\midimap.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\CLBCatQ.DLL]  [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 424][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.2.3790.4062 (srv03_sp2_qfe.070417-0203)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.2.3790.4036 (srv03_sp2_qfe.070305-2330)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.2.3790.4115 (srv03_sp2_qfe.070709-2335)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_qfe.070228-0030)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_qfe.070228-0030)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\SCESRV.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\AUTHZ.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\umpnpmgr.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\NCObjAPI.DLL]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\msvcp60.dll]  [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\eventlog.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\wtsapi32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 436][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.2.3790.4062 (srv03_sp2_qfe.070417-0203)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.2.3790.4036 (srv03_sp2_qfe.070305-2330)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.2.3790.4115 (srv03_sp2_qfe.070709-2335)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\LSASRV.dll]  [Microsoft Corporation, 5.2.3790.4186 (srv03_sp2_qfe.071108-1306)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_qfe.070228-0030)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_qfe.070228-0030)]
    [C:\WINDOWS\system32\SAMSRV.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\cryptdll.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\MPR.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\NTDSAPI.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]