
平台论坛博客文库

› 论坛 › 备份版区 › SQL server › 大量的对外连接

大量的对外连接 [复制链接]

zjgghuanglin

白手起家

论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2009-11-15 11:27 |只看该作者 |倒序浏览

新装系统2003，SQL SERVER 2005，一个网站，还装了一些FTP，DAEMON tools,其他都没有什么，怎么会有这么大的外联量，找不到问题所在
netstat -an 下载 (92.58 KB)
14 分钟前

收藏分享评分

zjgghuanglin

白手起家

论坛徽章:: 0

2楼 [报告]

发表于 2009-11-15 11:28 |只看该作者

本帖最后由 zjgghuanglin 于 2009-11-15 11:34 编辑

sreng 扫描

2009-11-15,11:16:21
System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)
Windows Server 2003 Enterprise Edition Service Pack 1 (Build 3790) - 管理权限用户 - 完整功能
以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
API HOOK
隐藏进程
启动项目
注册表
[HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
[(Verified)Microsoft Windows Publisher]
<\"C:\\Program Files\\Gene6 FTP Server3.9\\G6FTPTray.exe\"> [Gene6]
[HKEY_CURRENT_USER\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows]
<> [N/A]
[HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
<\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 2052> [DAEMON\'S HOME]
<\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\"> []
[HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon]
[(Verified)Microsoft Windows Publisher]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows]
<> [N/A]
[HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon]
<%SystemRoot%\\system32\\logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad]
<%SystemRoot%\\system32\\SHELL32.dll> [(Verified)Microsoft Windows Publisher]
<%SystemRoot%\\system32\\SHELL32.dll> [(Verified)Microsoft Windows Publisher]
<%SystemRoot%\\system32\\webcheck.dll> [(Verified)Microsoft Windows Publisher]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\crypt32chain]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\cryptnet]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\cscdll]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\dimsntfy]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\PCANotify]
[(Verified)Symantec Corporation]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\ScCertProp]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\Schedule]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\sclgntfy]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\SensLogn]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\termsrv]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\wlballoon]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\\system32\\browseui.dll> [(Verified)Microsoft Windows Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\\system32\\browseui.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<%SystemRoot%\\system32\\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\\system32\\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<\"%ProgramFiles%\\Outlook Express\\setup50.exe\" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><\"%ProgramFiles%\\Outlook Express\\setup50.exe\" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{89820200-ECBD-11cf-8B85-00AA005B4340}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<%SystemRoot%\\system32\\ie4uinit.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
[(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}]
<%IEHARDENADMIN_BASE_DESC%><%SystemRoot%\\system32\\rundll32.exe iesetup.dll,IEHardenAdmin> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}]
<%IEHARDENUSER_DESC%><%SystemRoot%\\system32\\rundll32.exe iesetup.dll,IEHardenUser> [(Verified)Microsoft Windows Publisher]
==================================

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

zjgghuanglin

白手起家

论坛徽章:: 0

3楼 [报告]

发表于 2009-11-15 11:35 |只看该作者

真垃圾，无法上传
启动文件夹

N/A

==================================

服务

[360updata / 360updata][Running/Auto Start]



[Symantec pcAnywhere 主机服务 / awhost32][Running/Auto Start]

  <\"C:\\Program Files\\pcAnywhere\\awhost32.exe\">

[Elite4 Net Service / Elite4 Net Service][Running/Auto Start]

  <北京深思洛克数据保护中心>

[Gene6 FTP Server / G6FTPServer][Stopped/Auto Start]

  <\"C:\\Program Files\\Gene6 FTP Server3.9\\G6FTPServer.exe\">

[IBM Active PCI Alert Service / IBMHPS][Running/Auto Start]



[LiveUpdate / LiveUpdate][Stopped/Manual Start]

  <\"C:\\PROGRA~1\\Symantec\\LIVEUP~1\\LUCOMS~1.EXE\">

[Windows NT Service / NTService][Stopped/Auto Start]



[MSSQL Services / SQLntserv][Others/Auto Start]



[System Data Safe Module Viewer / stew][Stopped/Auto Start]



==================================

驱动程序

[Adaptec SAS/SATA-II RAID Storport\'s Miniport Driver / arcsas][Running/Boot Start]

  <\\SystemRoot\\system32\\DRIVERS\\arcsas.sys>

[ati2mtag / ati2mtag][Running/Manual Start]



[awecho / awecho][Running/System Start]



[awlegacy / awlegacy][Running/System Start]

  <\\SystemRoot\\System32\\Drivers\\awlegacy.sys>

[AW_HOST / AW_HOST][Running/System Start]



[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]



[d347bus / d347bus][Running/Boot Start]

  <\\SystemRoot\\system32\\DRIVERS\\d347bus.sys><>

[d347prt / d347prt][Running/Boot Start]

  <\\SystemRoot\\System32\\Drivers\\d347prt.sys><>

[IBMHPA / IBMHPA][Running/Manual Start]



[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]



[Direct Parallel Link Driver / Ptilink][Running/Manual Start]



[Secdrv / Secdrv][Stopped/Manual Start]



[Senselock EliteIV v2.x Service / sense4v2][Running/Manual Start]



==================================

浏览器加载项

[番茄花园]

  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F}

[]

  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <, >

[Shockwave Flash Object]

  {D27CDB6E-AE6D-11CF-96B8-444553540000}

[XML HTTP]

  {F6D90F16-9C73-11D3-B32E-00C04F990BB4}

==================================

正在运行的进程

[PID: 556 / SYSTEM][\\SystemRoot\\System32\\smss.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 636 / SYSTEM][\\??\\C:\\WINDOWS\\system32\\csrss.exe]  [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]

[PID: 756 / SYSTEM][\\??\\C:\\WINDOWS\\system32\\winlogon.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\PCANotify.dll]  [Symantec Corporation, 12.1.0.442]

[PID: 832 / SYSTEM][C:\\WINDOWS\\system32\\services.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 844 / SYSTEM][C:\\WINDOWS\\system32\\lsass.exe]  [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]

[PID: 1020 / SYSTEM][C:\\WINDOWS\\system32\\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 1096 / NETWORK SERVICE][C:\\WINDOWS\\system32\\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 1136 / SYSTEM][C:\\WINDOWS\\System32\\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\System32\\UxTheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 1208 / NETWORK SERVICE][C:\\WINDOWS\\system32\\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 1260 / LOCAL SERVICE][C:\\WINDOWS\\system32\\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 1672 / SYSTEM][C:\\WINDOWS\\system32\\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\awmon.dll]  [Symantec Corporation, 12.0.0.11]

[C:\\WINDOWS\\system32\\spool\\PRTPROCS\\W32X86\\filterpipelineprintproc.dll]  [Microsoft Corporation, 6.1.2600.5635 (xpsp_sp3_qfe.080704-1744)]

[PID: 1700 / NETWORK SERVICE][C:\\WINDOWS\\system32\\msdtc.exe]  [(Verified) Microsoft Corporation, 2001.12.4720.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 536 / SYSTEM][C:\\WINDOWS\\system32\\inetsrv\\inetinfo.exe]  [(Verified) Microsoft Corporation, 6.0.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 1540 / LOCAL SERVICE][C:\\WINDOWS\\system32\\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 1720 / SYSTEM][C:\\WINDOWS\\Fonts\\services.exe]  [Microsoft Corporation, 20.2.1]

[PID: 2448 / Administrator][C:\\WINDOWS\\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\UxTheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\Program Files\\Unlocker\\UnlockerHook.dll]  [N/A, ]

[C:\\Program Files\\Unlocker\\UnlockerCOM.dll]  [N/A, ]

[C:\\Program Files\\WinRAR\\rarext.dll]  [, ]

[PID: 5684 / Administrator][C:\\Program Files\\D-Tools\\daemon.exe]  [DAEMON\'S HOME, 3.47.0.0]

[C:\\WINDOWS\\daemon.dll]  [, 3.47.0.0]

[C:\\Program Files\\D-Tools\\PFCTOC.DLL]  [Padus(R), Inc., 1, 0, 0, 12]

[C:\\Program Files\\D-Tools\\Plugins\\Images\\bw5mount.dll]  [, 1.0.2.0]

[C:\\Program Files\\D-Tools\\Plugins\\Images\\ccdmount.dll]  [GENERIC, 1.02.0.0]

[C:\\Program Files\\D-Tools\\Plugins\\Images\\mdsmount.dll]  [GENERIC, 1.01.0.0]

[C:\\Program Files\\D-Tools\\Plugins\\Images\\nrgmount.dll]  [GENERIC, 1.02.0.0]

[C:\\Program Files\\D-Tools\\Plugins\\Images\\pdimount.dll]  [GENERIC, 1.01.0.0]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\Program Files\\Unlocker\\UnlockerHook.dll]  [N/A, ]

[PID: 5696 / Administrator][C:\\Program Files\\Unlocker\\UnlockerAssistant.exe]  [N/A, ]

[C:\\Program Files\\Unlocker\\UnlockerHook.dll]  [N/A, ]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 5700 / Administrator][C:\\WINDOWS\\system32\\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\Program Files\\Unlocker\\UnlockerHook.dll]  [N/A, ]

[PID: 5704 / Administrator][C:\\Program Files\\Gene6 FTP Server3.9\\G6FTPTray.exe]  [Gene6, 2.0.0.0]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\Program Files\\Unlocker\\UnlockerHook.dll]  [N/A, ]

[PID: 5896 / SYSTEM][C:\\WINDOWS\\System32\\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 6564 / Administrator][C:\\WINDOWS\\system32\\conime.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\Program Files\\Unlocker\\UnlockerHook.dll]  [N/A, ]

[PID: 8024 / SYSTEM][C:\\WINDOWS\\system32\\wbem\\wmiprvse.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 8308 / SYSTEM][\\??\\C:\\WINDOWS\\system32\\csrss.exe]  [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]

[PID: 17028 / SYSTEM][\\??\\C:\\WINDOWS\\system32\\winlogon.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\PCANotify.dll]  [Symantec Corporation, 12.1.0.442]

[C:\\WINDOWS\\system32\\tssoft32.acm]  [DSP GROUP, INC., 1.01]

[C:\\WINDOWS\\system32\\tsd32.dll]  [, ]

[C:\\WINDOWS\\system32\\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]

[C:\\WINDOWS\\system32\\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]

[PID: 13492 / Administrator][C:\\WINDOWS\\system32\\rdpclip.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 8168 / Administrator][C:\\WINDOWS\\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\UxTheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\tssoft32.acm]  [DSP GROUP, INC., 1.01]

[C:\\WINDOWS\\system32\\tsd32.dll]  [, ]

[C:\\WINDOWS\\system32\\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]

[C:\\WINDOWS\\system32\\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]

[C:\\Program Files\\WinRAR\\rarext.dll]  [, ]

[C:\\Program Files\\Unlocker\\UnlockerCOM.dll]  [N/A, ]

[PID: 16616 / Administrator][C:\\WINDOWS\\system32\\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 7696 / Administrator][C:\\Program Files\\Gene6 FTP Server3.9\\G6FTPTray.exe]  [Gene6, 2.0.0.0]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 12812 / SYSTEM][C:\\WINDOWS\\system32\\cmd.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 18624 / SYSTEM][C:\\WINDOWS\\system32\\cmd.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 13268 / SYSTEM][C:\\Program Files\\Microsoft SQL Server\\90\\Shared\\sqlbrowser.exe]  [Microsoft Corporation, 2005.090.2047.00]

[PID: 15004 / SYSTEM][C:\\Program Files\\Microsoft SQL Server\\MSSQL.1\\MSSQL\\Binn\\msftesql.exe]  [Microsoft Corporation, 12.0.6214.0]

[PID: 14432 / NETWORK SERVICE][C:\\Program Files\\Microsoft SQL Server\\90\\DTS\\Binn\\MsDtsSrvr.exe]  [Microsoft Corporation, 9.00.2047.00]

[C:\\WINDOWS\\assembly\\NativeImages_v2.0.50727_32\\mscorlib\\9adb89fa22fd5b4ce433b5aca7fb1b07\\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\assembly\\NativeImages_v2.0.50727_32\\System\\aa7926460a336408c8041330ad90929d\\System.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

[C:\\WINDOWS\\assembly\\NativeImages_v2.0.50727_32\\MsDtsSrvr\\19a4f588c208ca0946746068a0cf32da\\MsDtsSrvr.ni.exe]  [Microsoft Corporation, 9.00.2047.00]

[C:\\WINDOWS\\assembly\\NativeImages_v2.0.50727_32\\System.ServiceProce#\\a9e71dda6389403be4db7b567592e3b8\\System.ServiceProcess.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

[C:\\WINDOWS\\assembly\\NativeImages_v2.0.50727_32\\Microsoft.SqlServer#\\ff427d4e1bca890cf20cf5d149e15a1a\\Microsoft.SqlServer.MgdSqlDumper.ni.dll]  [Microsoft Corporation, 2005.090.1399.00]

[C:\\WINDOWS\\WinSxS\\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_B80FA8CA\\msvcm80.dll]  [Microsoft Corporation, 8.00.50727.3053]

[C:\\WINDOWS\\assembly\\NativeImages_v2.0.50727_32\\System.Configuration\\cb4cb21d14767292e079366a5d3d76cd\\System.Configuration.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

[C:\\WINDOWS\\assembly\\NativeImages_v2.0.50727_32\\System.Xml\\0d7c1d80f0960d0473ed13f107ce7d81\\System.Xml.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

[C:\\WINDOWS\\assembly\\GAC_MSIL\\mscorlib.resources\\2.0.0.0_zh-CHS_b77a5c561934e089\\mscorlib.resources.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

[C:\\WINDOWS\\assembly\\GAC_MSIL\\System.resources\\2.0.0.0_zh-CHS_b77a5c561934e089\\System.resources.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

[C:\\WINDOWS\\assembly\\NativeImages_v2.0.50727_32\\Microsoft.SqlServer#\\01e6d99d8ea8442a98a5e2207f3e1fcd\\Microsoft.SqlServer.DtsServer.Interop.ni.dll]  [ , 9.0.242.0]

[C:\\WINDOWS\\assembly\\GAC_MSIL\\System.ServiceProcess.resources\\2.0.0.0_zh-CHS_b03f5f7f11d50a3a\\System.ServiceProcess.resources.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

[PID: 13368 / SYSTEM][C:\\Program Files\\Microsoft SQL Server\\90\\Shared\\sqlwriter.exe]  [Microsoft Corporation, 2005.090.2047.00]

[PID: 15412 / SYSTEM][C:\\WINDOWS\\system32\\trumnt.exe]  [N/A, ]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 15300 / SYSTEM][C:\\SenseLock\\EliteIV_V3.0\\Tools\\e4nsrv.exe]  [北京深思洛克数据保护中心, 3, 0, 0, 5]

[PID: 5752 / SYSTEM][C:\\WINDOWS\\System32\\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 9344 / SYSTEM][C:\\WINDOWS\\System32\\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 14588 / NETWORK SERVICE][c:\\windows\\system32\\inetsrv\\w3wp.exe]  [(Verified) Microsoft Corporation, 6.0.3790.1830 (srv03_sp1_rtm.050324-1447)]

[c:\\windows\\assembly\\nativeimages1_v1.1.4322\\mscorlib\\1.0.5000.0__b77a5c561934e089_28fd7a46\\mscorlib.dll]  [N/A, ]

[c:\\windows\\assembly\\gac\\cscompmgd\\7.0.5000.0__b03f5f7f11d50a3a\\cscompmgd.dll]  [ , 7.10.3052.4]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\qm20kjag.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\d9d1c7e8\\0030fd31_4da1c901\\webbuilder5.dll]  [ , 1.0.3356.26862]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\5602da8e\\8006c7a5_5133c701\\microsoft.data.odbc.dll]  [Microsoft Corporation, 1.0.4030.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\510c573c\\009d5fa6_5133c701\\smtp.net.dll]  [Quiksoft Corporation, 1.0.0.5]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\fa07be7f\\8006c7a5_5133c701\\epointcommon.dll]  [ , 1.0.1860.21373]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\4f3e3d9e\\8006c7a5_5133c701\\companybizlogic.dll]  [江苏国泰新技术有限公司, 1.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\76be9a6f\\8006c7a5_5133c701\\epoint.htmleditor.dll]  [Epoint.Com, 2.0.2005.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\bf8f0123\\009d5fa6_5133c701\\netofficebizlogic.dll]  [ , 1.0.2354.27993]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\4e44dcf9\\009d5fa6_5133c701\\suzhougovbizlogic.dll]  [ , 1.0.2445.30543]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\18c5b32f\\009d5fa6_5133c701\\components.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\28cc5df6\\8006c7a5_5133c701\\epoint.uurplib.dll]  [ , 1.0.2314.30625]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\294e96b9\\009d5fa6_5133c701\\liqwebcontrol.dll]  [ , 1.0.1201.29065]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\a2420db1\\8006c7a5_5133c701\\blog.dll]  [江苏国泰新技术有限公司, 1.0.2331.15956]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\42d39ab2\\00702ea5_5133c701\\ajax.dll]  [schwarz-interactive.de, Michael Schwarz, 5.6.3.4]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\6a08b698\\8006c7a5_5133c701\\bizlogic.dll]  [ , 1.0.2217.24028]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\0b957e0b\\8006c7a5_5133c701\\aspnetpager.dll]  [Webdiyer, 4.3.3.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\36062802\\8006c7a5_5133c701\\interop.word.dll]  [ , 8.3.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\39754f3b\\009d5fa6_5133c701\\dotnetcharting.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\8dec42da\\00ff7dcb_f372c701\\epoint.webbuilderlib.dll]  [ , 1.0.2645.24889]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\e68cba70\\8006c7a5_5133c701\\epoint.common.dll]  [ , 1.0.1896.19675]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\55fddefd\\8006c7a5_5133c701\\dundaswebchart.dll]  [Dundas Software Ltd., 5.0.0.1692]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\assembly\\dl2\\dceeef2b\\8006c7a5_5133c701\\epoint.toolkit.dll]  [江苏国泰新技术有限公司, 1.0.1977.20650]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\aw02zxir.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\u60ojs9s.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\cxz5r0je.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\slojelqn.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\e0yjznuo.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\0rhahhln.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\7ymmiogz.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\y6sy_pmt.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\qnomvozl.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\q6d8fu6i.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\dldywwo6.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\g3ljhjgd.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\6ug_gxve.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\8yrrr5ip.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\mupjkds0.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\stf2hjx4.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\95uyht3a.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\rrqprcxx.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\przmdv5_.dll]  [ , 0.0.0.0]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\skec3k1t.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\4qypgc5t.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\gu2wpctn.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\prkeehrs.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\uofcl18k.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\5wi8qr9h.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\mba4fsen.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\hbper_y-.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\cjohqz8s.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\7t9gtlqg.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\ynubtrgp.dll]  [ , 0.0.0.0]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\d4xxpavy.dll]  [N/A, ]

[c:\\windows\\microsoft.net\\framework\\v1.1.4322\\temporary asp.net files\\zjggwc\\93fcae4a\\99a68a01\\n0cxizl7.dll]  [N/A, ]

[PID: 13284 / SYSTEM][C:\\WINDOWS\\system32\\IBMHPASV.EXE]  [IBM Corporation, 5.2.1.0]

[PID: 5508 / SYSTEM][C:\\Program Files\\Microsoft SQL Server\\MSSQL.1\\MSSQL\\Binn\\sqlservr.exe]  [Microsoft Corporation, 2005.090.2047.00]

[C:\\WINDOWS\\WinSxS\\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6E805841\\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.42]

[PID: 19924 / SYSTEM][C:\\Program Files\\Microsoft SQL Server\\MSSQL.1\\MSSQL\\Binn\\SQLAGENT90.EXE]  [Microsoft Corporation, 2005.090.2047.00]

[C:\\WINDOWS\\WinSxS\\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_B80FA8CA\\msvcm80.dll]  [Microsoft Corporation, 8.00.50727.3053]

[C:\\WINDOWS\\assembly\\NativeImages_v2.0.50727_32\\mscorlib\\9adb89fa22fd5b4ce433b5aca7fb1b07\\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 8888 / Administrator][C:\\WINDOWS\\system32\\conime.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 16396 / SYSTEM][C:\\Program Files\\pcAnywhere\\awhost32.exe]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\Util.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\PCALocalResLoader.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\InstData.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\awcfgmgr.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\S32PCAG.DLL]  [Symantec Corporation, 15.0.0.14]

[C:\\Program Files\\pcAnywhere\\AWSES32.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\awofrwrk.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\awio.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\PowerMgr.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\PCACMNDG.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\awgui32.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\WINDOWS\\WinSxS\\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_DEC6DDD2\\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.42]

[C:\\Program Files\\pcAnywhere\\AWDS32.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\awcm32.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\crypto.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\awtime32.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\pcaime.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\awRes-all.dll]  [Symantec Corporation, 12.5.0.260]

[C:\\WINDOWS\\WinSxS\\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415F6D0\\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.42]

[C:\\Program Files\\pcAnywhere\\awses32resources.dll]  [Symantec Corporation, 12.5.0.260]

[C:\\Program Files\\pcAnywhere\\awres-host.dll]  [Symantec Corporation, 12.5.0.260]

[C:\\Program Files\\pcAnywhere\\AwioResources.dll]  [Symantec Corporation, 12.5.0.260]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[C:\\Program Files\\pcAnywhere\\AWHXPRB.DLL]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\awhprobedll.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\TrayIcon.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\AWDSP32.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\awcp.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\IMPLODE.DLL]  [PKWare, 1, 0, 0, 1]

[C:\\Program Files\\pcAnywhere\\AWHK32.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\ijl20.dll]  [Intel Corporation, 2,0,13,45]

[C:\\Program Files\\pcAnywhere\\AWHPILOT.DLL]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\awhutil.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\crypshim.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\SymCrypt.dll]  [Symantec Corporation, 1.0.0.8]

[C:\\Program Files\\pcAnywhere\\awlog32.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\snmputil.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\libsnmp.dll]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\AWCONN32.DLL]  [Symantec Corporation, 12.5.0.265]

[C:\\Program Files\\pcAnywhere\\AW32TCP.DLL]  [Symantec Corporation, 12.5.0.265]

[PID: 15444 / Administrator][C:\\WINDOWS\\system32\\cmd.exe]  [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]

[PID: 12664 / SYSTEM][C:\\WINDOWS\\system32\\csmss.exe]  [N/A, ]

[PID: 14288 / SYSTEM][C:\\WINDOWS\\system32\\csmss.exe]  [N/A, ]

[PID: 11676 / SYSTEM][C:\\WINDOWS\\system32\\csmss.exe]  [N/A, ]

[PID: 6772 / Administrator][\\\\tsclient\\E\\soft\\sreng2\\SREngLdr.EXE]  [N/A, ]

[PID: 7108 / Administrator][\\\\tsclient\\E\\soft\\sreng2\\SREf1cfd390.EXE]  [N/A, ]

[C:\\WINDOWS\\system32\\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]

[\\\\tsclient\\E\\soft\\sreng2\\Upload\\3rdUpd.DLL]  [N/A, ]

==================================

文件关联

.TXT  OK. [%SystemRoot%\\system32\\NOTEPAD.EXE %1]

.EXE  OK. [\"%1\" %*]

.COM  OK. [\"%1\" %*]

.PIF  OK. [\"%1\" %*]

.REG  OK. [regedit.exe \"%1\"]

.BAT  OK. [\"%1\" %*]

.SCR  OK. [\"%1\" /S]

.CHM  OK. [\"C:\\WINDOWS\\hh.exe\" %1]

.HLP  OK. [%SystemRoot%\\System32\\winhlp32.exe %1]

.INI  OK. [%SystemRoot%\\System32\\NOTEPAD.EXE %1]

.INF  OK. [%SystemRoot%\\System32\\NOTEPAD.EXE %1]

.VBS  OK. [%SystemRoot%\\System32\\WScript.exe \"%1\" %*]

.JS OK. [%SystemRoot%\\System32\\WScript.exe \"%1\" %*]

.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================

Winsock 提供者

N/A

==================================

Autorun.inf

N/A

==================================

mark_tj_cu

丰衣足食

论坛徽章:: 0

4楼 [报告]

发表于 2009-11-19 14:47 |只看该作者

有没有查查木马蠕虫？

返回列表

大量的对外连接 [复制链接]

浏览过的版块