Logfile of HijackThis v1.99.1
Scan saved at 14:59:57, on 2006-07-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Antiy Labs\Alive\AliveCenter_.exe
C:\Program Files\Antiy Labs\AGuard\AGuard_.exe
C:\PROGRA~1\SKYNET\FIREWALL\PFW.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Tencent\TM\TMDlls\TM.exe
C:\Program Files\Tencent\TM\TMDlls\TIMPlatform.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Kingsoft\Powerword 2003\XDICT.EXE
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\WINDOWS\system32\wuauclt.exe
\BEIJING\sys\public\clntrust.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\pengke\桌面\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: VS_IEHlprObj Class - {829CAB51-A4EA-4a15-87B6-4B7D0747939C} - C:\Program Files\Network Associates\VirusScan\bho.dll
O4 - HKLM\..\Run: [IMEKRMIG6.1> ; C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [SoundMAXPnP> C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NWTRAY> NWTRAY.EXE
O4 - HKLM\..\Run: [ShStatEXE> "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI> "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service> "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [Antiy Auto Update> C:\Program Files\Antiy Labs\Alive\AliveCenter.exe
O4 - HKLM\..\Run: [AGB5Monitor> C:\Program Files\Antiy Labs\AGuard\AGuard.exe /AutoRun
O4 - HKLM\..\Run: [SKYNET Personal FireWall> C:\PROGRA~1\SKYNET\FIREWALL\PFW.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched> ; C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [IMSCMig> C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [TkBellExe> "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Super Rabbit SRRestore> C:\PROGRA~1\SUPERR~1\MAGICSET\SRRest.exe /autosave
O4 - HKLM\..\Run: [SynTPLpr> C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [ctfmon.exe> C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr> ; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: 发送到 Bluetooth(&B) - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: JUJUMAO - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - (file missing)
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: 词霸 - {9A687CA6-D585-4947-9ED9-BE96071F5CD9} - C:\Program Files\Kingsoft\Powerword 2003\XDictExB.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) -
O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - C:\Program Files\Kingsoft\Powerword 2003\XDictExB.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: KDDelegateService - KINGDEE - C:\Program Files\Kingdee\K3ERP\KDDelegateService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
高手帮忙看看那里出了问题 多谢啦
路径不明?
\BEIJING\sys\public\clntrust.exe
建议扫描SRENG日志
抱歉啊老大,我头一次使用这个软件,还不知道怎么使用,你说的扫描sreng日志怎么扫描啊?
\BEIJING\sys\public\clntrust.exe
这个路径是我们公司的一个服务器的路径,这个应用程序是一个代理服务器软件
呵呵,老大我在置顶贴中找到了,扫描完我贴上来
2006-07-19,20:22:11
System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (
Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run>
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows>
<load><> [>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run>
<ShStatEXE><"C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE> [Network Associates, Inc.>
<McAfeeUpdaterUI><"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey> [Network Associates, Inc.>
<Network Associates Error Reporting Service><"C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"> [Network Associates, Inc.>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon>
<shell><Explorer.exe> [Microsoft Corporation>
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows>
<AppInit_DLLs><> [>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon>
<UIHost><logonui.exe> [Microsoft Corporation>
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent>
<WinlogonNotify: AtiExtEvent><Ati2evxx.dll> [ATI Technologies Inc.>
==================================
启动文件夹
服务
[Ati HotKey Poller / Ati HotKey Poller>
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Client Update Service for Novell / cusrvc>
<C:\WINDOWS\system32\cusrvc.exe><Novell, Inc.>
[Intel(R) PROSet/Wireless Event Log / EvtEng>
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[ThinkPad PM Service / IBMPMSVC>
<C:\WINDOWS\system32\ibmpmsvc.exe><N/A>
[KDDelegateService / KDDelegateService>
<C:\Program Files\Kingdee\K3ERP\KDDelegateService.exe><KINGDEE>
[McAfee Framework Service / McAfeeFramework>
<C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart><Network Associates, Inc.>
[Network Associates McShield / McShield>
<"C:\Program Files\Network Associates\VirusScan\Mcshield.exe"><Network Associates, Inc.>
[Network Associates Task Manager / McTaskManager>
<"C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"><Network Associates, Inc.>
[Intel(R) PROSet/Wireless Registry Service / RegSrvc>
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Intel(R) PROSet/Wireless Service / S24EventMonitor>
<C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
==================================
浏览器加载项
[AcroIEHlprObj Class>
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[SSVHelper Class>
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[VS_IEHlprObj Class>
{829CAB51-A4EA-4a15-87B6-4B7D0747939C} <C:\Program Files\Network Associates\VirusScan\bho.dll, Network Associates, Inc.>
[Java Plug-in>
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[JUJUMAO>
{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <, N/A>
[信息检索(&R)>
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[金山词霸>
{9A687CA6-D585-4947-9ED9-BE96071F5CD9} <C:\Program Files\Kingsoft\Powerword 2003\XDictExB.dll, 金山软件股份有限公司>
[Messenger>
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Edit Class>
{0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[Java Plug-in>
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in>
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06>
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll, Sun Microsystems, Inc.>
[AcroIEHlprObj Class>
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[Edit Class>
{0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[CEnroll Class>
{127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, Microsoft Corporation>
[Windows Media Player>
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Windows Media Player>
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[SSVHelper Class>
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[VS_IEHlprObj Class>
{829CAB51-A4EA-4A15-87B6-4B7D0747939C} <C:\Program Files\Network Associates\VirusScan\bho.dll, Network Associates, Inc.>
[SearchAssistantOC>
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RealPlayer G2 Control>
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object>
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash85.ocx, Macromedia, Inc.>
[发送到 Bluetooth(&B)>
<C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm, N/A>
[导出到 Microsoft Office Excel(&X)>
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
==================================
正在运行的进程
[PID: 772>[\SystemRoot\System32\smss.exe> <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 820>[\??\C:\WINDOWS\system32\csrss.exe> <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 848>[\??\C:\WINDOWS\system32\winlogon.exe> <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\Ati2evxx.dll> <ATI Technologies Inc.><6.14.10.4124>
[PID: 892>[C:\WINDOWS\system32\services.exe> <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 904>[C:\WINDOWS\system32\lsass.exe> <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\nwv1_0.dll> <Novell, Inc.><v4.71 (000217)>
[PID: 1060>[C:\WINDOWS\system32\ibmpmsvc.exe> <N/A><N/A>
[PID: 1088>[C:\WINDOWS\system32\Ati2evxx.exe> <ATI Technologies Inc.><6.14.10.4124>
[C:\WINDOWS\system32\Ati2edxx.dll> <ATI Technologies, Inc.><6, 14, 10, 2499>
[PID: 1112>[C:\WINDOWS\system32\svchost.exe> <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1196>[C:\WINDOWS\system32\svchost.exe> <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\netware\NWWS2NDS.DLL> <Novell, Inc.><v4.90>
[C:\WINDOWS\system32\NETWIN32.DLL> <Novell, Inc.><5.5.10>
[C:\WINDOWS\system32\CLNWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\LOCWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\NCPWIN32.dll> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\netware\NWWS2SLP.DLL> <Novell, Inc.><v4.90>
[C:\WINDOWS\system32\NWSRVLOC.dll> <Novell, Inc.><v4.90.1.1>
[PID: 1240>[C:\WINDOWS\System32\svchost.exe> <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1324>[C:\Program Files\Intel\Wireless\Bin\EvtEng.exe> <Intel Corporation><10, 1, 0, 1>
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll> <Intel Corporation><10, 1, 0, 2>
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL> <Intel Corporation><10, 1, 0, 5>
[PID: 1396>[C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe> <Intel Corporation ><10, 1, 0, 33>
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL> <Intel Corporation><10, 1, 0, 5>
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll> <Intel Corporation><10, 1, 0, 2>
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll> <N/A><N/A>
[C:\Program Files\Intel\Wireless\Bin\IntStngs.dll> <><10, 1, 0, 2>
[C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL> <N/A><N/A>
[PID: 1524>[C:\WINDOWS\system32\svchost.exe> <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1560>[C:\WINDOWS\system32\svchost.exe> <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1880>[C:\WINDOWS\system32\spoolsv.exe> <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll> <Windows (R) 2000 DDK provider><5.00.2195.1620>
[C:\WINDOWS\system32\netware\NWWS2NDS.DLL> <Novell, Inc.><v4.90>
[C:\WINDOWS\system32\NETWIN32.DLL> <Novell, Inc.><5.5.10>
[C:\WINDOWS\system32\CLNWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\LOCWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\NCPWIN32.dll> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\netware\NWWS2SLP.DLL> <Novell, Inc.><v4.90>
[C:\WINDOWS\system32\NWSRVLOC.dll> <Novell, Inc.><v4.90.1.1>
[C:\WINDOWS\system32\nwspool.dll> <Novell, Inc.><4.90>
[C:\WINDOWS\system32\CALWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\CLXWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\NLS\ENGLISH\NWSPOOLR.DLL> <Novell, Inc.><4.70>
[PID: 156>[C:\Program Files\Network Associates\Common Framework\FrameworkService.exe> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\nailog.dll> <Network Associates, Inc.><3.5.0.422>
[C:\Program Files\Network Associates\Common Framework\naXML.dll> <Network Associates, Inc.><3.5.0.422>
[C:\Program Files\Network Associates\Common Framework\naCmnLib.dll> <Network Associates, Inc.><3.5.0.422>
[C:\Program Files\Network Associates\Common Framework\applib.dll> <N/A><N/A>
[C:\Program Files\Network Associates\Common Framework\0409\AgentRes.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\Logging.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\InternetManager.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\naInet.dll> <Network Associates, Inc.><3.5.0.422>
[C:\Program Files\Network Associates\Common Framework\UserSpace.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\Management.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\naPolicyManager.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\ScriptSubSys.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\UpdateSubSys.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\Scheduler.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\TCSubSys.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\cmalib.dll> <N/A><N/A>
[PID: 256>[C:\Program Files\Network Associates\VirusScan\Mcshield.exe> <Network Associates, Inc.><8.0.0.225>
[C:\Program Files\Network Associates\VirusScan\Res09\McShield.DLL> <Network Associates, Inc.><8.0.0.225>
[C:\Program Files\Network Associates\VirusScan\FTL.Dll> <Network Associates, Inc.><8.0.0.131>
[C:\Program Files\Network Associates\VirusScan\naiann.dll> <Network Associates, Inc.><8.0.0.225>
[C:\Program Files\Network Associates\VirusScan\mytilus.dll> <Network Associates, Inc.><8.0.0.227>
[C:\Program Files\Network Associates\VirusScan\NaEventU.DLL> <Network Associates, Inc.><8.0.0.338>
[C:\Program Files\Network Associates\VirusScan\Res09\naEvtRes.dll> <Network Associates, Inc.><8.0.0.338>
[C:\Program Files\Network Associates\VirusScan\VSIDSvr.dll> <Network Associates, Inc.><8.0.0.225>
[C:\Program Files\Common Files\Network Associates\Engine\MCSCAN32.DLL> <McAfee, Inc.><4.4.00>
[C:\Program Files\Network Associates\VirusScan\EntSrv.Dll> <Network Associates, Inc><8.0.0.167>
[PID: 296>[C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe> <Network Associates, Inc.><3.5.0.364>
[C:\PROGRA~1\NETWOR~1\COMMON~1\nailog.dll> <Network Associates, Inc.><3.5.0.422>
[C:\PROGRA~1\NETWOR~1\COMMON~1\naCmnLib.dll> <Network Associates, Inc.><3.5.0.422>
[C:\PROGRA~1\NETWOR~1\COMMON~1\naXML.dll> <Network Associates, Inc.><3.5.0.422>
[C:\PROGRA~1\NETWOR~1\COMMON~1\0409\AgentRes.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\VirusScan\VsPlugin.dll> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\SHUTIL.dll> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\naiwmain.dll> <Network Associates, Inc.><8.0.0.836>
[PID: 312>[C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\SHUTIL.dll> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\naiwmain.dll> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\naicondl.dll> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\RES09\VsTskMgr.dll> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\MIDUtil.Dll> <Network Associates, Inc.><8.0.0.136>
[PID: 400>[C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe> <Intel Corporation><10, 1, 0, 1>
[PID: 1440>[C:\WINDOWS\system32\locator.exe> <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1292>[C:\WINDOWS\System32\alg.exe> <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 3528>[C:\WINDOWS\system32\Ati2evxx.exe> <ATI Technologies Inc.><6.14.10.4124>
[C:\WINDOWS\system32\Ati2edxx.dll> <ATI Technologies, Inc.><6, 14, 10, 2499>
[PID: 3632>[C:\WINDOWS\Explorer.EXE> <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\Program Files\WinRAR\rarext.dll> <N/A><N/A>
[C:\Program Files\Network Associates\VirusScan\shext.dll> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\RES09\ShExtRes.dll> <Network Associates, Inc.><8.0.0.836>
[C:\WINDOWS\system32\novnpnt.dll> <Novell, Inc.><4.90.1.1>
[C:\WINDOWS\system32\CALWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\CLNWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\LOCWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\NCPWIN32.dll> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\NETWIN32.DLL> <Novell, Inc.><5.5.10>
[C:\WINDOWS\system32\CLXWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\MAPBASE.dll> <Novell, Inc.><4.90>
[C:\WINDOWS\system32\NWSHLXNT.dll> <N/A><N/A>
[C:\WINDOWS\system32\NLS\ENGLISH\MAPBASER.DLL> <Novell, Inc.><v4.90>
[C:\WINDOWS\system32\NLS\ENGLISH\NWSHLXNR.DLL> <N/A><N/A>
[C:\WINDOWS\system32\NLS\ENGLISH\NOVNPNTR.DLL> <Novell, Inc.><4.90>
[C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx> <><1, 0, 0, 1>
[C:\Program Files\Network Associates\VirusScan\bho.dll> <Network Associates, Inc.><8.0.0.836>
[PID: 120>[C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\SHUTIL.dll> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\naiwmain.dll> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\RES09\shstat.dll> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\RES09\Product.dll> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\RES09\McShield.dll> <Network Associates, Inc.><8.0.0.225>
[C:\Program Files\Network Associates\VirusScan\RES09\Shutilrc.dll> <Network Associates, Inc.><8.0.0.836>
[C:\Program Files\Network Associates\VirusScan\Graphics.dll> <Network Associates, Inc.><8.0.0.836>
[PID: 3928>[C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\nailog.dll> <Network Associates, Inc.><3.5.0.422>
[C:\Program Files\Network Associates\Common Framework\naCmnLib.dll> <Network Associates, Inc.><3.5.0.422>
[C:\Program Files\Network Associates\Common Framework\naXML.dll> <Network Associates, Inc.><3.5.0.422>
[C:\Program Files\Network Associates\Common Framework\0409\UpdRes.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\0409\AgentRes.dll> <Network Associates, Inc.><3.5.0.364>
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll> <Network Associates, Inc.><3.5.0.364>
[PID: 3968>[C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe> <Network Associates, Inc.><2.0.275.0>
[PID: 4044>[C:\Program Files\Antiy Labs\Alive\AliveCenter_.exe> <Antiy Labs><2, 1, 0, 0>
[PID: 4084>[C:\Program Files\Antiy Labs\AGuard\AGuard_.exe> <Antiy Labs><2, 3, 2, 0>
[C:\Program Files\Common Files\Antiy Labs\Base\AVLeachSDK.dll> <Antiy Labs><2, 0, 2, 0>
[C:\Program Files\Common Files\Antiy Labs\Base\Module\APack.dll> <Antiy Labs><1, 0, 1, 1>
[C:\Program Files\Common Files\Antiy Labs\Base\Module\ATrojan.dll> <Antiy Labs><1, 0, 10, 0>
[C:\Program Files\Common Files\Antiy Labs\Base\Module\KillTrojan.dll> <Antiy Labs><1, 0, 0, 2>
[C:\Program Files\Common Files\Antiy Labs\Base\Module\MiscFix.dll> <Antiy Labs><1, 0, 1, 0>
[C:\Program Files\Common Files\Antiy Labs\Base\Module\ScanReg.dll> <><1, 0, 0, 1>
[C:\WINDOWS\system32\netware\NWWS2NDS.DLL> <Novell, Inc.><v4.90>
[C:\WINDOWS\system32\NETWIN32.DLL> <Novell, Inc.><5.5.10>
[C:\WINDOWS\system32\CLNWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\LOCWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\NCPWIN32.dll> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\netware\NWWS2SLP.DLL> <Novell, Inc.><v4.90>
[C:\WINDOWS\system32\NWSRVLOC.dll> <Novell, Inc.><v4.90.1.1>
[PID: 680>[C:\PROGRA~1\SKYNET\FIREWALL\PFW.exe> <广州众达天网技术有限公司><2.7.7.1004>
[C:\PROGRA~1\SKYNET\FIREWALL\SKYMISC.DLL> <N/A><N/A>
[C:\PROGRA~1\SKYNET\FIREWALL\COMPRESSWRAP.DLL> <N/A><N/A>
[C:\WINDOWS\system32\netware\NWWS2NDS.DLL> <Novell, Inc.><v4.90>
[C:\WINDOWS\system32\NETWIN32.DLL> <Novell, Inc.><5.5.10>
[C:\WINDOWS\system32\CLNWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\LOCWIN32.DLL> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\NCPWIN32.dll> <Novell, Inc.><6.0.0>
[C:\WINDOWS\system32\netware\NWWS2SLP.DLL> <Novell, Inc.><v4.90>
[C:\WINDOWS\system32\NWSRVLOC.dll> <Novell, Inc.><v4.90.1.1>
[PID: 428>[C:\WINDOWS\system32\ctfmon.exe> <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 796>[C:\WINDOWS\system32\wuauclt.exe> <Microsoft Corporation><5.8.0.2469 built by: lab01_n(wmbla)>
[PID: 1788>[C:\Documents and Settings\pengke\桌面\SREng2\SREng.exe> <Smallfrogs Studio><2.0.21.505>
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1>
.EXE OK. ["%1" %*>
.COM OK. ["%1" %*>
.PIF OK. ["%1" %*>
.REG OK. [regedit.exe "%1">
.BAT OK. ["%1" %*>
.SCR OK. ["%1" /S>
.CHM OK. ["C:\WINDOWS\hh.exe" %1>
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1>
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1>
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1>
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*>
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*>
.LNK OK. [{00021401-0000-0000-C000-000000000046}>
谢谢老大啦 |
|
设为首页
加入收藏
联系我们
打印本文 
返回顶部 
加入收藏 
关闭窗口
