12   1  /  2  页   跳转

瑞星实时监控不正常

收藏
月光笨笨
头像
初生襁褓狮
  • 帖子:16
  • 注册: 2006-02-04
  • 来自:
发表于: 2006-02-28 15:19 | 只看楼主 短消息 资料
字号: 1楼

瑞星实时监控不正常

刚开机还是绿色的,然后突然就变黄色
文件监控,引导区监控,内存监控,注册表监控均被关闭了,无法手动启动
下面3个是一个硬盘保护软件的
OSAgent.exe
HDSRV.exe
Configure.exe
下面两个是IC卡系统的
PM.exe
ICClinent.exe

这个是hijackthis日志
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      14:46:05, 日期 2006-2-28
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\hdsrv.exe
C:\Program Files\Intel\Intel Platform Administrator Client\Service\OSAgent.exe
C:\WINDOWS\system32\PM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ICCLIENT.exe
C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\configure.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\WINDOWS\system32\internat.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\conime.exe
C:\Documents and Settings\ytxuser\桌面\HijackThis\HijackThis1991zww.exe

O4 - 启动项HKLM\\Run: [ICClient] C:\WINDOWS\system32\ICCLIENT.exe
O4 - 启动项HKLM\\Run: [HDGuardConf] C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\configure.exe
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [bgswitch] C:\WINDOWS\system32\bgswitch.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF40CD33-B103-4940-9566-18C398D7D996}: NameServer = 192.168.0.249,202.96.128.68
O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - NT 服务: Hard Disk Guard Service (HDGuardSrv) - Unknown owner - C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\hdsrv.exe
O23 - NT 服务: Intel(R) Platform Administrator Client - OS Client Service (OS Client Service) - Intel - C:\Program Files\Intel\Intel Platform Administrator Client\Service\OSAgent.exe
O23 - NT 服务: PM_SERVICE - Unknown owner - C:\WINDOWS\system32\PM.EXE
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe

最后编辑2006-02-28 22:33:09
分享到:
gototop
 
月光笨笨
头像
初生襁褓狮
  • 帖子:16
  • 注册: 2006-02-04
  • 来自:
发表于: 2006-02-28 15:24 | 只看楼主 短消息 资料
字号: 2楼

最后是SysInfoCollect日志
System Information Collect Tool - Designed By Smallfrogs


20060228-14:41
Windows XP Service Pack 2
Internet Explorer: 6.0.2900.2180


*****************************************************************
      Runing Processes information
*****************************************************************
=====================================================
PROCESS NAME:  System
-----------------------------------------------------
  Process ID  = 0x00000004
  Thread count= 53
  Parent process ID = 0
  Priority Class    = 32


Modules:
------------------------------------


=====================================================
PROCESS NAME:  smss.exe
-----------------------------------------------------
  Process ID  = 0x0000026c
  Thread count= 3
  Parent process ID = 4
  Priority Class    = 32


Modules:
------------------------------------
\SystemRoot\System32\smss.exe (0x48580000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)



=====================================================
PROCESS NAME:  csrss.exe
-----------------------------------------------------
    WARNING: OpenProcess failed with error 5 ()
  Process ID  = 0x000002a0
  Thread count= 11
  Parent process ID = 620


Modules:
------------------------------------


=====================================================
PROCESS NAME:  winlogon.exe
-----------------------------------------------------
  Process ID  = 0x000002b8
  Thread count= 23
  Parent process ID = 620
  Priority Class    = 128


Modules:
------------------------------------
\??\C:\WINDOWS\system32\winlogon.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\AUTHZ.dll (0x77FE0000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\NDdeApi.dll (0x758A0000)

C:\WINDOWS\system32\PROFMAP.dll (0x75890000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\PSAPI.DLL (0x76BC0000)

C:\WINDOWS\system32\REGAPI.dll (0x76B90000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\MSGINA.dll (0x758D0000)

C:\WINDOWS\system32\SHELL32.dll (0x773A0000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\COMCTL32.dll (0x5D170000)

C:\WINDOWS\system32\ODBC32.dll (0x73540000)

C:\WINDOWS\system32\comdlg32.dll (0x76320000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000)

C:\WINDOWS\system32\odbcint.dll (0x20000000)

C:\WINDOWS\system32\SHSVCS.dll (0x76E10000)

C:\WINDOWS\system32\sfc.dll (0x76B80000)

C:\WINDOWS\system32\sfc_os.dll (0x76C30000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\Apphelp.dll (0x76D70000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\WINSCARD.DLL (0x72360000)

C:\WINDOWS\system32\WTSAPI32.dll (0x76F20000)

C:\WINDOWS\system32\sxs.dll (0x75E00000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\cscdll.dll (0x76570000)

C:\WINDOWS\system32\rsaenh.dll (0x0FFD0000)

C:\WINDOWS\system32\WlNotify.dll (0x758B0000)

C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000)

C:\WINDOWS\system32\MPR.dll (0x71A90000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\msv1_0.dll (0x77C40000)

C:\WINDOWS\system32\iphlpapi.dll (0x76D30000)

C:\WINDOWS\system32\SAMLIB.dll (0x71B70000)

C:\WINDOWS\system32\xpsp2res.dll (0x015D0000)

C:\WINDOWS\system32\NTMARTA.DLL (0x76CB0000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\system32\wdmaud.drv (0x72C90000)

C:\WINDOWS\system32\msacm32.drv (0x72C80000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\midimap.dll (0x77BA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\cryptnet.dll (0x757D0000)

C:\WINDOWS\system32\WINHTTP.dll (0x4A410000)

C:\WINDOWS\system32\SensApi.dll (0x72240000)

C:\WINDOWS\system32\sclgntfy.dll (0x5CFF0000)

C:\WINDOWS\System32\drprov.dll (0x75ED0000)

C:\WINDOWS\System32\ntlanman.dll (0x71B90000)

C:\WINDOWS\System32\NETUI0.dll (0x71C50000)

C:\WINDOWS\System32\NETUI1.dll (0x71C10000)

C:\WINDOWS\System32\NETRAP.dll (0x71C00000)

C:\WINDOWS\System32\davclnt.dll (0x75EE0000)

C:\WINDOWS\system32\MPRUI.dll (0x71A70000)

C:\WINDOWS\system32\NETUI2.dll (0x71B20000)

C:\WINDOWS\system32\netmsg.dll (0x71AB0000)

C:\WINDOWS\system32\RASAPI32.dll (0x76EB0000)

C:\WINDOWS\system32\rasman.dll (0x76E60000)

C:\WINDOWS\system32\TAPI32.dll (0x76E80000)

C:\WINDOWS\system32\rtutils.dll (0x76E50000)

C:\WINDOWS\system32\Cabinet.dll (0x750B0000)

C:\WINDOWS\system32\cscui.dll (0x76590000)



=====================================================
PROCESS NAME:  services.exe
-----------------------------------------------------
  Process ID  = 0x000002e4
  Thread count= 15
  Parent process ID = 696
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\services.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\SCESRV.dll (0x75840000)

C:\WINDOWS\system32\AUTHZ.dll (0x77FE0000)

C:\WINDOWS\system32\umpnpmgr.dll (0x75820000)

C:\WINDOWS\system32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\NCObjAPI.DLL (0x5F9A0000)

C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x773A0000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\system32\secur32.dll (0x77FC0000)

C:\WINDOWS\system32\Apphelp.dll (0x76D70000)

C:\WINDOWS\system32\eventlog.dll (0x76CE0000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\PSAPI.DLL (0x76BC0000)

C:\WINDOWS\system32\wtsapi32.dll (0x76F20000)
gototop
 
月光笨笨
头像
初生襁褓狮
  • 帖子:16
  • 注册: 2006-02-04
  • 来自:
发表于: 2006-02-28 15:25 | 只看楼主 短消息 资料
字号: 3楼

=====================================================
PROCESS NAME:  lsass.exe
-----------------------------------------------------
  Process ID  = 0x000002f0
  Thread count= 13
  Parent process ID = 696
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\lsass.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\LSASRV.dll (0x74480000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\SAMSRV.dll (0x743A0000)

C:\WINDOWS\system32\cryptdll.dll (0x76760000)

C:\WINDOWS\system32\DNSAPI.dll (0x76EF0000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\SAMLIB.dll (0x71B70000)

C:\WINDOWS\system32\MPR.dll (0x71A90000)

C:\WINDOWS\system32\NTDSAPI.dll (0x76770000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x773A0000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\system32\msprivs.dll (0x20000000)

C:\WINDOWS\system32\kerberos.dll (0x71C70000)

C:\WINDOWS\system32\msv1_0.dll (0x77C40000)

C:\WINDOWS\system32\iphlpapi.dll (0x76D30000)

C:\WINDOWS\system32\netlogon.dll (0x74410000)

C:\WINDOWS\system32\w32time.dll (0x76790000)

C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000)

C:\WINDOWS\system32\schannel.dll (0x767C0000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\wdigest.dll (0x742E0000)

C:\WINDOWS\system32\rsaenh.dll (0x0FFD0000)

C:\WINDOWS\system32\scecli.dll (0x74370000)

C:\WINDOWS\system32\SETUPAPI.dll (0x76060000)



=====================================================
PROCESS NAME:  svchost.exe
-----------------------------------------------------
  Process ID  = 0x00000390
  Thread count= 5
  Parent process ID = 740
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\svchost.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x773A0000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\system32\NTMARTA.DLL (0x76CB0000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\system32\SAMLIB.dll (0x71B70000)

c:\windows\system32\rpcss.dll (0x76230000)

c:\windows\system32\WS2_32.dll (0x71A20000)

c:\windows\system32\WS2HELP.dll (0x71A10000)

c:\windows\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\Apphelp.dll (0x76D70000)



=====================================================
PROCESS NAME:  svchost.exe
-----------------------------------------------------
    WARNING: OpenProcess failed with error 5 ()
  Process ID  = 0x000003e0
  Thread count= 10
  Parent process ID = 740


Modules:
------------------------------------


=====================================================
PROCESS NAME:  svchost.exe
-----------------------------------------------------
  Process ID  = 0x0000044c
  Thread count= 24
  Parent process ID = 740
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\System32\svchost.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\System32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\System32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\System32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x773A0000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\System32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\System32\LPK.DLL (0x62C20000)

C:\WINDOWS\System32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\System32\NTMARTA.DLL (0x76CB0000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\System32\SAMLIB.dll (0x71B70000)

C:\WINDOWS\System32\xpsp2res.dll (0x20000000)

c:\windows\system32\shsvcs.dll (0x76E10000)

C:\WINDOWS\System32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

c:\windows\system32\audiosrv.dll (0x70DE0000)

c:\windows\system32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\System32\secur32.dll (0x77FC0000)

C:\WINDOWS\system32\msv1_0.dll (0x77C40000)

C:\WINDOWS\System32\WS2_32.dll (0x71A20000)

C:\WINDOWS\System32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\System32\iphlpapi.dll (0x76D30000)

c:\windows\system32\wkssvc.dll (0x76850000)

c:\windows\system32\NTDSAPI.dll (0x76770000)

c:\windows\system32\DNSAPI.dll (0x76EF0000)

C:\WINDOWS\System32\rsaenh.dll (0x0FFD0000)

c:\windows\system32\es.dll (0x768A0000)

c:\windows\system32\COMRes.dll (0x77020000)

C:\WINDOWS\System32\wtsapi32.dll (0x76F20000)

C:\WINDOWS\System32\CLBCATQ.DLL (0x76FA0000)

c:\windows\system32\srvsvc.dll (0x74FF0000)

C:\WINDOWS\System32\HNETCFG.DLL (0x60FD0000)

c:\windows\system32\netman.dll (0x77CD0000)

c:\windows\system32\netshell.dll (0x74770000)

c:\windows\system32\rtutils.dll (0x76E50000)

c:\windows\system32\credui.dll (0x76BD0000)

c:\windows\system32\ATL.DLL (0x76AF0000)

c:\windows\system32\MPRAPI.dll (0x76D10000)

c:\windows\system32\ACTIVEDS.dll (0x77C90000)

c:\windows\system32\adsldpc.dll (0x76DE0000)

c:\windows\system32\RASAPI32.dll (0x76EB0000)

c:\windows\system32\rasman.dll (0x76E60000)

c:\windows\system32\TAPI32.dll (0x76E80000)

c:\windows\system32\WZCSvc.DLL (0x77290000)

c:\windows\system32\WMI.dll (0x76D00000)

c:\windows\system32\DHCPCSVC.DLL (0x76D50000)

c:\windows\system32\ESENT.dll (0x5DF20000)

C:\WINDOWS\system32\WININET.dll (0x76680000)

c:\windows\system32\WZCSAPI.DLL (0x72FA0000)

c:\windows\system32\wbem\wmisvc.dll (0x67180000)

C:\WINDOWS\system32\VSSAPI.DLL (0x75340000)

c:\windows\system32\srsvc.dll (0x75100000)

c:\windows\system32\POWRPROF.dll (0x74A30000)

c:\windows\system32\sens.dll (0x72260000)

C:\WINDOWS\System32\SXS.DLL (0x75E00000)

C:\WINDOWS\system32\comsvcs.dll (0x75690000)

C:\WINDOWS\system32\MTXCLU.DLL (0x75050000)

C:\WINDOWS\system32\WSOCK32.dll (0x71A40000)

C:\WINDOWS\system32\colbact.DLL (0x75090000)

C:\WINDOWS\System32\CLUSAPI.DLL (0x762A0000)

C:\WINDOWS\System32\RESUTILS.DLL (0x75010000)

C:\WINDOWS\system32\wbem\wbemcomn.dll (0x751F0000)

C:\WINDOWS\System32\Wbem\wbemcore.dll (0x75D00000)

C:\WINDOWS\System32\MSVCP60.dll (0x75FF0000)

C:\WINDOWS\System32\Wbem\esscli.dll (0x75270000)

C:\WINDOWS\System32\Wbem\FastProx.dll (0x755F0000)

C:\WINDOWS\system32\wbem\wbemsvc.dll (0x74E30000)

C:\WINDOWS\system32\wbem\wmiutils.dll (0x74F80000)

C:\WINDOWS\system32\wbem\repdrvfs.dll (0x75160000)

C:\WINDOWS\system32\wbem\wmiprvsd.dll (0x594C0000)

C:\WINDOWS\system32\NCObjAPI.DLL (0x5F9A0000)

C:\WINDOWS\system32\wbem\wbemess.dll (0x752F0000)

C:\WINDOWS\System32\msi.dll (0x7C9C0000)

C:\WINDOWS\System32\RASDLG.dll (0x754B0000)

C:\WINDOWS\System32\mswsock.dll (0x719C0000)

C:\WINDOWS\system32\wbem\ncprov.dll (0x5F970000)

c:\windows\system32\cryptsvc.dll (0x75EB0000)

c:\windows\system32\certcli.dll (0x752B0000)

C:\WINDOWS\system32\CRYPTUI.dll (0x75430000)

C:\WINDOWS\system32\netcfgx.dll (0x75550000)
gototop
 
月光笨笨
头像
初生襁褓狮
  • 帖子:16
  • 注册: 2006-02-04
  • 来自:
发表于: 2006-02-28 15:26 | 只看楼主 短消息 资料
字号: 4楼

=====================================================
PROCESS NAME:  HDSRV.exe
-----------------------------------------------------
  Process ID  = 0x00000684
  Thread count= 3
  Parent process ID = 740
  Priority Class    = 32


Modules:
------------------------------------
C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\hdsrv.exe (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\COMCTL32.dll (0x5D170000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)



=====================================================
PROCESS NAME:  OSAgent.exe
-----------------------------------------------------
  Process ID  = 0x00000708
  Thread count= 7
  Parent process ID = 740
  Priority Class    = 32


Modules:
------------------------------------
C:\Program Files\Intel\Intel Platform Administrator Client\Service\OSAgent.exe (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\Program Files\Intel\Intel Platform Administrator Client\Service\GetEfiVar.dll (0x10000000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\COMCTL32.dll (0x5D170000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\SHELL32.dll (0x773A0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\WSOCK32.dll (0x71A40000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\iphlpapi.dll (0x76D30000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\DNSAPI.dll (0x76EF0000)

C:\WINDOWS\system32\rasadhlp.dll (0x76F90000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\wdmaud.drv (0x72C90000)

C:\WINDOWS\system32\msacm32.drv (0x72C80000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\midimap.dll (0x77BA0000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\Program Files\Intel\Intel Platform Administrator Client\ASF\ASFCfgsv.dll (0x00EC0000)

C:\WINDOWS\system32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\mswsock.dll (0x719C0000)

C:\WINDOWS\system32\hnetcfg.dll (0x60FD0000)

C:\WINDOWS\System32\wshtcpip.dll (0x71A00000)

C:\WINDOWS\System32\winrnr.dll (0x76F80000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\system32\MPRAPI.dll (0x76D10000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\rtutils.dll (0x76E50000)

C:\WINDOWS\system32\SAMLIB.dll (0x71B70000)

C:\WINDOWS\system32\wbem\wbemprox.dll (0x74E50000)

C:\WINDOWS\system32\wbem\wbemcomn.dll (0x751F0000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

C:\WINDOWS\system32\wbem\wbemsvc.dll (0x74E30000)

C:\WINDOWS\system32\wbem\fastprox.dll (0x755F0000)

C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000)

C:\WINDOWS\system32\NTDSAPI.dll (0x76770000)

C:\Program Files\Intel\Intel Platform Administrator Client\Service\OSAgentPlugin.dll (0x01570000)

C:\WINDOWS\system32\WININET.dll (0x76680000)



=====================================================
PROCESS NAME:  PM.exe
-----------------------------------------------------
  Process ID  = 0x00000788
  Thread count= 2
  Parent process ID = 740
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\PM.EXE (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\comdlg32.dll (0x76320000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\COMCTL32.dll (0x5D170000)

C:\WINDOWS\system32\SHELL32.dll (0x773A0000)

C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)



=====================================================
PROCESS NAME:  svchost.exe
-----------------------------------------------------
  Process ID  = 0x000007b4
  Thread count= 8
  Parent process ID = 740
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\svchost.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x773A0000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

c:\windows\system32\wiaservc.dll (0x749C0000)

c:\windows\system32\CFGMGR32.dll (0x74A40000)

c:\windows\system32\setupapi.DLL (0x76060000)

c:\windows\system32\mscms.dll (0x73AA0000)

c:\windows\system32\WINSPOOL.DRV (0x72F70000)

c:\windows\system32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\wiavusd.dll (0x5A4F0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll (0x4AE90000)

C:\WINDOWS\system32\SHFOLDER.dll (0x76750000)

C:\WINDOWS\system32\sti.dll (0x73B10000)



=====================================================
PROCESS NAME:  CCenter.exe
-----------------------------------------------------
  Process ID  = 0x000004a8
  Thread count= 3
  Parent process ID = 740
  Priority Class    = 32


Modules:
------------------------------------
C:\Program Files\Rising\Rav\CCenter.exe (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)
gototop
 
月光笨笨
头像
初生襁褓狮
  • 帖子:16
  • 注册: 2006-02-04
  • 来自:
发表于: 2006-02-28 15:27 | 只看楼主 短消息 资料
字号: 5楼

=====================================================
PROCESS NAME:  RavMonD.exe
-----------------------------------------------------
  Process ID  = 0x00000230
  Thread count= 17
  Parent process ID = 740
  Priority Class    = 32


Modules:
------------------------------------
C:\Program Files\Rising\Rav\Ravmond.exe (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\Program Files\Rising\Rav\BWList.dll (0x10000000)

C:\WINDOWS\system32\MFC42.DLL (0x73D30000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\SHELL32.dll (0x773A0000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000)

C:\WINDOWS\system32\WSOCK32.dll (0x71A40000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\MFC42LOC.DLL (0x61BE0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\Program Files\Rising\Rav\RsCommX.dll (0x00720000)

C:\Program Files\Rising\Rav\RSAPPMGR.DLL (0x00B50000)

C:\Program Files\Rising\Rav\CfgDll.dll (0x08B70000)

C:\Program Files\Rising\Rav\RSCOMMON.DLL (0x23700000)

C:\Program Files\Rising\Rav\RsLog.dll (0x08F00000)

C:\Program Files\Rising\Rav\Scanner.dll (0x08F10000)

C:\Program Files\Rising\Rav\libload.dll (0x13100000)

C:\Program Files\Rising\Rav\VirusLib.dll (0x09070000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

C:\Program Files\Rising\Rav\HookWeb.dll (0x08F60000)

C:\Program Files\Rising\Rav\expscan.dll (0x096F0000)

C:\Program Files\Rising\Rav\mPorts.dll (0x09710000)

C:\WINDOWS\system32\iphlpapi.dll (0x76D30000)

C:\Program Files\Rising\Rav\PSAPI.DLL (0x731B0000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\Program Files\Rising\Rav\MailMon.dll (0x09A20000)

C:\Program Files\Rising\Rav\SpamEng.dll (0x09A50000)

C:\Program Files\Rising\Rav\engine.dll (0x13A80000)

C:\WINDOWS\system32\mswsock.dll (0x719C0000)

C:\WINDOWS\system32\hnetcfg.dll (0x60FD0000)

C:\WINDOWS\System32\wshtcpip.dll (0x71A00000)

C:\WINDOWS\system32\Apphelp.dll (0x76D70000)

C:\WINDOWS\system32\perfproc.dll (0x5E8E0000)

C:\Program Files\Rising\Rav\UnExe.dll (0x0A840000)

C:\Program Files\Rising\Rav\ScanEx.dll (0x091D0000)

C:\Program Files\Rising\Rav\PostTrt.dll (0x09210000)

C:\Program Files\Rising\Rav\NvFile.dll (0x09250000)

C:\Program Files\Rising\Rav\ScanMac.dll (0x13AF0000)

C:\Program Files\Rising\Rav\ScanSct.dll (0x0AD30000)



=====================================================
PROCESS NAME:  RavStub.exe
-----------------------------------------------------
  Process ID  = 0x000006e4
  Thread count= 4
  Parent process ID = 560
  Priority Class    = 32


Modules:
------------------------------------
C:\Program Files\Rising\Rav\RavStub.exe (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\COMCTL32.dll (0x5D170000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\Program Files\Rising\Rav\RsCommX.dll (0x10000000)

C:\Program Files\Rising\Rav\RSCOMMON.DLL (0x23700000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\perfproc.dll (0x5E8E0000)



=====================================================
PROCESS NAME:  explorer.exe
-----------------------------------------------------
  Process ID  = 0x0000055c
  Thread count= 12
  Parent process ID = 1896
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\Explorer.EXE (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\SHELL32.dll (0x773A0000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\BROWSEUI.dll (0x75EF0000)

C:\WINDOWS\system32\SHDOCVW.dll (0x76370000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\CRYPTUI.dll (0x75430000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\WININET.dll (0x76680000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\appHelp.dll (0x76D70000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\System32\cscui.dll (0x76590000)

C:\WINDOWS\System32\CSCDLL.dll (0x76570000)

C:\WINDOWS\system32\themeui.dll (0x5B680000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\MSIMG32.dll (0x762F0000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

C:\WINDOWS\system32\urlmon.dll (0x75C60000)

C:\WINDOWS\system32\LINKINFO.dll (0x76950000)

C:\WINDOWS\system32\ntshrui.dll (0x76960000)

C:\WINDOWS\system32\ATL.DLL (0x76AF0000)

C:\WINDOWS\system32\rsaenh.dll (0x0FFD0000)

C:\WINDOWS\system32\msi.dll (0x7C9C0000)

C:\WINDOWS\system32\INDICDLL.dll (0x6DD30000)

C:\WINDOWS\system32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\webcheck.dll (0x74A90000)

C:\WINDOWS\system32\WSOCK32.dll (0x71A40000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\stobject.dll (0x74A60000)

C:\WINDOWS\system32\BatMeter.dll (0x74A50000)

C:\WINDOWS\system32\POWRPROF.dll (0x74A30000)

C:\WINDOWS\system32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\system32\WTSAPI32.dll (0x76F20000)

C:\WINDOWS\system32\wdmaud.drv (0x72C90000)

C:\WINDOWS\system32\msacm32.drv (0x72C80000)

C:\WINDOWS\system32\midimap.dll (0x77BA0000)

C:\WINDOWS\system32\NETSHELL.dll (0x74770000)

C:\WINDOWS\system32\rtutils.dll (0x76E50000)

C:\WINDOWS\system32\credui.dll (0x76BD0000)

C:\WINDOWS\system32\iphlpapi.dll (0x76D30000)

C:\WINDOWS\system32\MPR.dll (0x71A90000)

C:\WINDOWS\System32\drprov.dll (0x75ED0000)

C:\WINDOWS\System32\ntlanman.dll (0x71B90000)

C:\WINDOWS\System32\NETUI0.dll (0x71C50000)

C:\WINDOWS\System32\NETUI1.dll (0x71C10000)

C:\WINDOWS\System32\NETRAP.dll (0x71C00000)

C:\WINDOWS\System32\SAMLIB.dll (0x71B70000)

C:\WINDOWS\System32\davclnt.dll (0x75EE0000)

C:\WINDOWS\system32\browselc.dll (0x01470000)

C:\WINDOWS\system32\RavExt.dll (0x10000000)

C:\WINDOWS\system32\nvcpl.dll (0x01DA0000)

C:\WINDOWS\system32\comdlg32.dll (0x76320000)

C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000)

C:\WINDOWS\system32\OLEACC.dll (0x74BE0000)

C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000)

C:\WINDOWS\system32\NVRSZHC.DLL (0x016A0000)

C:\WINDOWS\system32\nvshell.dll (0x01720000)

C:\WINDOWS\system32\NTMARTA.DLL (0x76CB0000)

C:\WINDOWS\system32\MLANG.dll (0x74CF0000)

C:\WINDOWS\system32\MSGINA.dll (0x758D0000)

C:\WINDOWS\system32\ODBC32.dll (0x73540000)

C:\WINDOWS\system32\odbcint.dll (0x018F0000)

C:\WINDOWS\system32\sti.dll (0x73B10000)

C:\WINDOWS\system32\CFGMGR32.dll (0x74A40000)

C:\WINDOWS\system32\SXS.DLL (0x75E00000)

C:\WINDOWS\system32\msxml3.dll (0x5DD50000)

C:\WINDOWS\system32\WINHTTP.dll (0x4A410000)

C:\Program Files\Rising\Rav\RavScrCh.dll (0x02CE0000)

C:\WINDOWS\system32\vbscript.dll (0x73270000)

C:\WINDOWS\system32\MFC42.DLL (0x73D30000)

C:\WINDOWS\system32\MFC42LOC.DLL (0x61BE0000)

C:\WINDOWS\system32\jscript.dll (0x75BC0000)

C:\WINDOWS\system32\WMVCore.DLL (0x086D0000)

C:\WINDOWS\system32\WMASF.DLL (0x070D0000)

C:\WINDOWS\system32\mstask.dll (0x746D0000)

C:\WINDOWS\system32\NTDSAPI.dll (0x76770000)

C:\WINDOWS\system32\DNSAPI.dll (0x76EF0000)

C:\WINDOWS\system32\DSOUND.dll (0x73E70000)

C:\WINDOWS\system32\PRINTUI.dll (0x74AE0000)

C:\WINDOWS\system32\ACTIVEDS.dll (0x77C90000)

C:\WINDOWS\system32\adsldpc.dll (0x76DE0000)

C:\WINDOWS\system32\MSWMDM.dll (0x08DD0000)

C:\WINDOWS\system32\WMDMLOG.dll (0x08E40000)

C:\WINDOWS\system32\MsPMSP.dll (0x08D60000)

C:\WINDOWS\system32\WMDMPS.dll (0x08E60000)

C:\WINDOWS\system32\shdoclc.dll (0x03060000)

C:\Program Files\WinRAR\rarext.dll (0x02610000)

C:\WINDOWS\system32\actxprxy.dll (0x71CC0000)
gototop
 
月光笨笨
头像
初生襁褓狮
  • 帖子:16
  • 注册: 2006-02-04
  • 来自:
发表于: 2006-02-28 15:28 | 只看楼主 短消息 资料
字号: 6楼


=====================================================
PROCESS NAME:  internat.exe
-----------------------------------------------------
  Process ID  = 0x0000063c
  Thread count= 1
  Parent process ID = 1372
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\internat.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\USER32.DLL (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\COMCTL32.DLL (0x5D170000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\SETUPAPI.DLL (0x76060000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\SHELL32.DLL (0x773A0000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\INDICDLL.dll (0x6DD30000)

C:\WINDOWS\system32\Cabinet.dll (0x750B0000)



=====================================================
PROCESS NAME:  RavMon.exe
-----------------------------------------------------
  Process ID  = 0x00000080
  Thread count= 7
  Parent process ID = 1760
  Priority Class    = 32


Modules:
------------------------------------
C:\Program Files\Rising\Rav\Ravmon.exe (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\Program Files\Rising\Rav\RsGuiLib.dll (0x26600000)

C:\WINDOWS\system32\MFC42.DLL (0x73D30000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\COMCTL32.dll (0x5D170000)

C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000)

C:\Program Files\Rising\Rav\BWList.dll (0x10000000)

C:\WINDOWS\system32\SHELL32.dll (0x773A0000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\WSOCK32.dll (0x71A40000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\MFC42LOC.DLL (0x61BE0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000)

C:\Program Files\Rising\Rav\RSAPPMGR.DLL (0x003E0000)

C:\Program Files\Rising\Rav\CfgDll.dll (0x08A10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\Program Files\Rising\Rav\RSCOMMON.DLL (0x23700000)

C:\Program Files\Rising\Rav\RsCommX.dll (0x08CA0000)

C:\Program Files\Rising\Rav\PngDll.dll (0x23900000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\INDICDLL.dll (0x6DD30000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\perfproc.dll (0x5E8E0000)



=====================================================
PROCESS NAME:  SysInfoCollect.EXE
-----------------------------------------------------
  Process ID  = 0x00000330
  Thread count= 1
  Parent process ID = 1372
  Priority Class    = 32


Modules:
------------------------------------
C:\Documents and Settings\ytxuser\桌面\SysInfoCollect.EXE (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\PSAPI.DLL (0x76BC0000)

C:\WINDOWS\system32\MFC42.DLL (0x73D30000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\SHELL32.dll (0x773A0000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\MFC42LOC.DLL (0x61BE0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\INDICDLL.dll (0x6DD30000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\ole32.dll (0x76990000)
gototop
 
月光笨笨
头像
初生襁褓狮
  • 帖子:16
  • 注册: 2006-02-04
  • 来自:
发表于: 2006-02-28 15:30 | 只看楼主 短消息 资料
字号: 7楼

*****************************************************************
      Local Win32 Service information
*****************************************************************
  Alerter                                            [Alerter                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService
  Application Layer Gateway Service                  [ALG                                    ]  <Stopped>, Binpath = C:\WINDOWS\System32\alg.exe
  Application Management                            [AppMgmt                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Windows Audio                                      [AudioSrv                                ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Background Intelligent Transfer Service            [BITS                                    ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Computer Browser                                  [Browser                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Indexing Service                                  [CiSvc                                  ]  <Stopped>, Binpath = C:\WINDOWS\system32\cisvc.exe
  ClipBook                                          [ClipSrv                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\clipsrv.exe
  COM+ System Application                            [COMSysApp                              ]  <Stopped>, Binpath = C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
  Cryptographic Services                            [CryptSvc                                ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  DCOM Server Process Launcher                      [DcomLaunch                              ]  <Running>, Binpath = C:\WINDOWS\system32\svchost -k DcomLaunch
  DHCP Client                                        [Dhcp                                    ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Logical Disk Manager Administrative Service        [dmadmin                                ]  <Stopped>, Binpath = C:\WINDOWS\System32\dmadmin.exe /com
  Logical Disk Manager                              [dmserver                                ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  DNS Client                                        [Dnscache                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k NetworkService
  Error Reporting Service                            [ERSvc                                  ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Event Log                                          [Eventlog                                ]  <Running>, Binpath = C:\WINDOWS\system32\services.exe
  COM+ Event System                                  [EventSystem                            ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Fast User Switching Compatibility                  [FastUserSwitchingCompatibility          ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Hard Disk Guard Service                            [HDGuardSrv                              ]  <Running>, Binpath = C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\hdsrv.exe
  Help and Support                                  [helpsvc                                ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Human Interface Device Access                      [HidServ                                ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  HTTP SSL                                          [HTTPFilter                              ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k HTTPFilter
  IMAPI CD-Burning COM Service                      [ImapiService                            ]  <Stopped>, Binpath = C:\WINDOWS\system32\imapi.exe
  Server                                            [lanmanserver                            ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Workstation                                        [lanmanworkstation                      ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  TCP/IP NetBIOS Helper                              [LmHosts                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService
  Messenger                                          [Messenger                              ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  NetMeeting Remote Desktop Sharing                  [mnmsrvc                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\mnmsrvc.exe
  Distributed Transaction Coordinator                [MSDTC                                  ]  <Stopped>, Binpath = C:\WINDOWS\system32\msdtc.exe
  Windows Installer                                  [MSIServer                              ]  <Stopped>, Binpath = C:\WINDOWS\system32\msiexec.exe /V
  Network DDE                                        [NetDDE                                  ]  <Stopped>, Binpath = C:\WINDOWS\system32\netdde.exe
  Network DDE DSDM                                  [NetDDEdsdm                              ]  <Stopped>, Binpath = C:\WINDOWS\system32\netdde.exe
  Net Logon                                          [Netlogon                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\lsass.exe
  Network Connections                                [Netman                                  ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Network Location Awareness (NLA)                  [Nla                                    ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  NT LM Security Support Provider                    [NtLmSsp                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\lsass.exe
  Removable Storage                                  [NtmsSvc                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  NVIDIA Display Driver Service                      [NVSvc                                  ]  <Stopped>, Binpath = C:\WINDOWS\system32\nvsvc32.exe
  Intel(R) Platform Administrator Client - OS Client Service [OS Client Service                      ]  <Running>, Binpath = C:\Program Files\Intel\Intel Platform Administrator Client\Service\OSAgent.exe
gototop
 
月光笨笨
头像
初生襁褓狮
  • 帖子:16
  • 注册: 2006-02-04
  • 来自:
发表于: 2006-02-28 15:31 | 只看楼主 短消息 资料
字号: 8楼

Plug and Play                                      [PlugPlay                                ]  <Running>, Binpath = C:\WINDOWS\system32\services.exe
  PM_SERVICE                                        [PM_SERVICE                              ]  <Running>, Binpath = C:\WINDOWS\system32\PM.EXE
  IPSEC Services                                    [PolicyAgent                            ]  <Stopped>, Binpath = C:\WINDOWS\system32\lsass.exe
  Protected Storage                                  [ProtectedStorage                        ]  <Stopped>, Binpath = C:\WINDOWS\system32\lsass.exe
  Remote Access Auto Connection Manager              [RasAuto                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Remote Access Connection Manager                  [RasMan                                  ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Remote Desktop Help Session Manager                [RDSessMgr                              ]  <Stopped>, Binpath = C:\WINDOWS\system32\sessmgr.exe
  Routing and Remote Access                          [RemoteAccess                            ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Remote Registry                                    [RemoteRegistry                          ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService
  Remote Procedure Call (RPC) Locator                [RpcLocator                              ]  <Stopped>, Binpath = C:\WINDOWS\system32\locator.exe
  Remote Procedure Call (RPC)                        [RpcSs                                  ]  <Running>, Binpath = C:\WINDOWS\system32\svchost -k rpcss
  QoS RSVP                                          [RSVP                                    ]  <Stopped>, Binpath = C:\WINDOWS\system32\rsvp.exe
  Security Accounts Manager                          [SamSs                                  ]  <Stopped>, Binpath = C:\WINDOWS\system32\lsass.exe
  Smart Card                                        [SCardSvr                                ]  <Stopped>, Binpath = C:\WINDOWS\System32\SCardSvr.exe
  Task Scheduler                                    [Schedule                                ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Secondary Logon                                    [seclogon                                ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  System Event Notification                          [SENS                                    ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Windows Firewall/Internet Connection Sharing (ICS) [SharedAccess                            ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Shell Hardware Detection                          [ShellHWDetection                        ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Print Spooler                                      [Spooler                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\spoolsv.exe
  System Restore Service                            [srservice                              ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  SSDP Discovery Service                            [SSDPSRV                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService
  Windows Image Acquisition (WIA)                    [stisvc                                  ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k imgsvc
  MS Software Shadow Copy Provider                  [SwPrv                                  ]  <Stopped>, Binpath = C:\WINDOWS\system32\dllhost.exe /Processid:{93AD75BD-028D-430D-8AF4-7C24CDF92D07}
  Performance Logs and Alerts                        [SysmonLog                              ]  <Stopped>, Binpath = C:\WINDOWS\system32\smlogsvc.exe
  Telephony                                          [TapiSrv                                ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Terminal Services                                  [TermService                            ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost -k DComLaunch
  Themes                                            [Themes                                  ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Telnet                                            [TlntSvr                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\tlntsvr.exe
  Distributed Link Tracking Client                  [TrkWks                                  ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Windows User Mode Driver Framework                [UMWdf                                  ]  <Stopped>, Binpath = C:\WINDOWS\system32\wdfmgr.exe
  Universal Plug and Play Device Host                [upnphost                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService
  Uninterruptible Power Supply                      [UPS                                    ]  <Stopped>, Binpath = C:\WINDOWS\System32\ups.exe
  User Privilege Service                            [usprserv                                ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Volume Shadow Copy                                [VSS                                    ]  <Stopped>, Binpath = C:\WINDOWS\System32\vssvc.exe
  Windows Time                                      [W32Time                                ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  WebClient                                          [WebClient                              ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService
  Windows Management Instrumentation                [winmgmt                                ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Portable Media Serial Number Service              [WmdmPmSN                                ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Windows Management Instrumentation Driver Extensions [Wmi                                    ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  WMI Performance Adapter                            [WmiApSrv                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\wbem\wmiapsrv.exe
  Security Center                                    [wscsvc                                  ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Automatic Updates                                  [wuauserv                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Wireless Zero Configuration                        [WZCSVC                                  ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
gototop
 
月光笨笨
头像
初生襁褓狮
  • 帖子:16
  • 注册: 2006-02-04
  • 来自:
发表于: 2006-02-28 15:32 | 只看楼主 短消息 资料
字号: 9楼

*****************************************************************
      IE BHOs
*****************************************************************
没有安装任何BHO


*****************************************************************
      Boot items in Registry
*****************************************************************
------------------------------------------------------------
0:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
------------------------------------------------------------
bgswitch……C:\WINDOWS\system32\bgswitch.exe
------------------------------------------------------------
1:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
------------------------------------------------------------
------------------------------------------------------------
2:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
------------------------------------------------------------
------------------------------------------------------------
3:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices
------------------------------------------------------------
------------------------------------------------------------
4:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
------------------------------------------------------------
------------------------------------------------------------
5:HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows  键值名称:load
------------------------------------------------------------
load……
------------------------------------------------------------
6:HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows  键值名称:run
------------------------------------------------------------
------------------------------------------------------------
7:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System  键值名称:Shell
------------------------------------------------------------
------------------------------------------------------------
8:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
------------------------------------------------------------
------------------------------------------------------------
9:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
------------------------------------------------------------
D勡s瞳很……H?
HDGuardConf……C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\configure.exe
RavTask……"C:\Program Files\Rising\Rav\RavTask.exe" -system
------------------------------------------------------------
10:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
------------------------------------------------------------
------------------------------------------------------------
11:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
------------------------------------------------------------
------------------------------------------------------------
12:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunService
------------------------------------------------------------
------------------------------------------------------------
13:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServiceOnce
------------------------------------------------------------
------------------------------------------------------------
14:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
------------------------------------------------------------
------------------------------------------------------------
15:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon  键值名称:Shell
------------------------------------------------------------
Shell……Explorer.exe
------------------------------------------------------------
16:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon  键值名称:Userinit
------------------------------------------------------------
Userinit……C:\WINDOWS\system32\userinit.exe,
------------------------------------------------------------
17:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows  键值名称:AppInit_DLLs
------------------------------------------------------------
AppInit_DLLs……


*****************************************************************
      File association information
*****************************************************************
------------------------------------------------------------
0:HKEY_CLASSES_ROOT\.exe
------------------------------------------------------------
<DEFAULT> = exefile, 正常!
------------------------------------------------------------
1:HKEY_CLASSES_ROOT\exefile\shell\open\command
------------------------------------------------------------
<DEFAULT> = "%1" %*, 正常!
------------------------------------------------------------
2:HKEY_CLASSES_ROOT\exefile\shell\runas\command
------------------------------------------------------------
<DEFAULT> = "%1" %*, 正常!
------------------------------------------------------------
3:HKEY_CLASSES_ROOT\.txt
------------------------------------------------------------
<DEFAULT> = txtfile, 正常!
------------------------------------------------------------
4:HKEY_CLASSES_ROOT\txtfile\shell\open\command
------------------------------------------------------------
<DEFAULT> = Notepad.exe %1, 不正常!正常值:%SystemRoot%\system32\NOTEPAD.EXE %1。请使用RegFix修复关联!软件可以到 http://www.KZTechs.com 下载。
------------------------------------------------------------
5:HKEY_CLASSES_ROOT\.reg
------------------------------------------------------------
<DEFAULT> = regfile, 正常!
------------------------------------------------------------
6:HKEY_CLASSES_ROOT\regfile\shell\open\command
------------------------------------------------------------
<DEFAULT> = regedit.exe "%1", 正常!
------------------------------------------------------------
7:HKEY_CLASSES_ROOT\.bat
------------------------------------------------------------
<DEFAULT> = batfile, 正常!
------------------------------------------------------------
8:HKEY_CLASSES_ROOT\batfile\shell\open\command
------------------------------------------------------------
<DEFAULT> = "%1" %*, 正常!
------------------------------------------------------------
9:HKEY_CLASSES_ROOT\.com
------------------------------------------------------------
<DEFAULT> = comfile, 正常!
------------------------------------------------------------
10:HKEY_CLASSES_ROOT\comfile\shell\open\command
------------------------------------------------------------
<DEFAULT> = "%1" %*, 正常!
------------------------------------------------------------
11:HKEY_CLASSES_ROOT\.scr
------------------------------------------------------------
<DEFAULT> = scrfile, 正常!
------------------------------------------------------------
12:HKEY_CLASSES_ROOT\scrfile\shell\open\command
------------------------------------------------------------
<DEFAULT> = "%1" /S, 正常!
------------------------------------------------------------
13:HKEY_CLASSES_ROOT\.pif
------------------------------------------------------------
<DEFAULT> = piffile, 正常!
------------------------------------------------------------
14:HKEY_CLASSES_ROOT\piffile\shell\open\command
------------------------------------------------------------
<DEFAULT> = "%1" %*, 正常!
gototop
 
月光笨笨
头像
初生襁褓狮
  • 帖子:16
  • 注册: 2006-02-04
  • 来自:
发表于: 2006-02-28 15:34 | 只看楼主 短消息 资料
字号: 10楼

没了
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT