[C:\WINNT\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
[PID: 1072][C:\WINNT\SOUNDMAN.EXE]  <Avance Logic, Inc.><5.0>
[PID: 1084][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3208>
[PID: 1052][C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\SHUTIL.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\naiwmain.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\RES04\shstat.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\RES04\Product.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\RES04\McShield.dll]  <Network Associates, Inc.><8.0.0.251>
    [C:\Program Files\Network Associates\VirusScan\RES04\Shutilrc.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\Graphics.dll]  <Network Associates, Inc.><8.0.0.912>
[PID: 1104][C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\nailog.dll]  <Network Associates, Inc.><3.5.0.474>
    [C:\Program Files\Network Associates\Common Framework\naCmnLib.dll]  <Network Associates, Inc.><3.5.0.474>
    [C:\Program Files\Network Associates\Common Framework\naXML.dll]  <Network Associates, Inc.><3.5.0.474>
    [C:\Program Files\Network Associates\Common Framework\0804\UpdRes.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\0804\AgentRes.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll]  <Network Associates, Inc.><3.5.0.412>
[PID: 1144][C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe]  <Network Associates, Inc.><2.0.275.0>
[PID: 1172][C:\WINNT\system32\internat.exe]  <Microsoft Corporation><5.00.2920.0000>
[PID: 356][C:\WINNT\system32\NOTEPAD.EXE]  <Microsoft Corporation><5.00.2140.1>
[PID: 1368][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
    [C:\Program Files\Tencent\QQ\QQIEHelper.dll]  <深圳市腾讯计算机系统有限公司><1, 1, 0, 5>
    [C:\Program Files\Network Associates\VirusScan\scriptproxy.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\mytilus.dll]  <Network Associates, Inc.><8.0.0.251>
    [C:\Program Files\Network Associates\VirusScan\Res04\McShield.dll]  <Network Associates, Inc.><8.0.0.251>
    [C:\Program Files\Common Files\Network Associates\Engine\mcscan32.dll]  <McAfee, Inc.><4.4.00>
    [C:\WINNT\system32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
[PID: 1016][F:\照片\sreng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

ding

日志看不出问题，有异常描述一下。

还是一样，一上XBA。COM。CN就中毒，我想能不能用我的Mcafee的字定义规则，禁止MSIME。EXE生成或启动，有效吗？