瑞星实时监控不正常 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛瑞星实时监控不正常

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

瑞星实时监控不正常

月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:	发表于： 2006-02-28 15:19 \| 只看楼主短消息资料字号：小中大 1楼瑞星实时监控不正常刚开机还是绿色的，然后突然就变黄色文件监控，引导区监控，内存监控，注册表监控均被关闭了，无法手动启动下面3个是一个硬盘保护软件的 OSAgent.exe HDSRV.exe Configure.exe 下面两个是IC卡系统的 PM.exe ICClinent.exe 这个是hijackthis日志 HijackThis_zww汉化版扫描日志 V1.99.1 保存于 14:46:05, 日期 2006-2-28 操作系统： Windows XP SP2 (WinNT 5.01.2600) 浏览器： Internet Explorer v6.00 SP2 (6.00.2900.2180) 当前运行的进程： C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\hdsrv.exe C:\Program Files\Intel\Intel Platform Administrator Client\Service\OSAgent.exe C:\WINDOWS\system32\PM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\Program Files\Rising\Rav\Ravmond.exe C:\Program Files\Rising\Rav\RavStub.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ICCLIENT.exe C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\configure.exe C:\Program Files\Rising\Rav\RavTask.exe C:\WINDOWS\system32\internat.exe C:\Program Files\Rising\Rav\Ravmon.exe C:\WINDOWS\system32\conime.exe C:\Documents and Settings\ytxuser\桌面\HijackThis\HijackThis1991zww.exe O4 - 启动项HKLM\\Run: [ICClient] C:\WINDOWS\system32\ICCLIENT.exe O4 - 启动项HKLM\\Run: [HDGuardConf] C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\configure.exe O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - HKCU\..\Run: [bgswitch] C:\WINDOWS\system32\bgswitch.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{CF40CD33-B103-4940-9566-18C398D7D996}: NameServer = 192.168.0.249,202.96.128.68 O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - NT 服务: Hard Disk Guard Service (HDGuardSrv) - Unknown owner - C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\hdsrv.exe O23 - NT 服务: Intel(R) Platform Administrator Client - OS Client Service (OS Client Service) - Intel - C:\Program Files\Intel\Intel Platform Administrator Client\Service\OSAgent.exe O23 - NT 服务: PM_SERVICE - Unknown owner - C:\WINDOWS\system32\PM.EXE O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe 2006-02-28 22:33:09
月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:	分享到：

月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:	发表于： 2006-02-28 15:24 \| 只看楼主短消息资料字号：小中大 2楼最后是SysInfoCollect日志 System Information Collect Tool - Designed By Smallfrogs 20060228-14:41 Windows XP Service Pack 2 Internet Explorer: 6.0.2900.2180 *************************************************************** Runing Processes information *************************************************************** ===================================================== PROCESS NAME: System ----------------------------------------------------- Process ID = 0x00000004 Thread count= 53 Parent process ID = 0 Priority Class = 32 Modules: ------------------------------------ ===================================================== PROCESS NAME: smss.exe ----------------------------------------------------- Process ID = 0x0000026c Thread count= 3 Parent process ID = 4 Priority Class = 32 Modules: ------------------------------------ \SystemRoot\System32\smss.exe (0x48580000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) ===================================================== PROCESS NAME: csrss.exe ----------------------------------------------------- WARNING: OpenProcess failed with error 5 () Process ID = 0x000002a0 Thread count= 11 Parent process ID = 620 Modules: ------------------------------------ ===================================================== PROCESS NAME: winlogon.exe ----------------------------------------------------- Process ID = 0x000002b8 Thread count= 23 Parent process ID = 620 Priority Class = 128 Modules: ------------------------------------ \??\C:\WINDOWS\system32\winlogon.exe (0x01000000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\AUTHZ.dll (0x77FE0000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\CRYPT32.dll (0x765E0000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\MSASN1.dll (0x76DB0000) C:\WINDOWS\system32\NDdeApi.dll (0x758A0000) C:\WINDOWS\system32\PROFMAP.dll (0x75890000) C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000) C:\WINDOWS\system32\USERENV.dll (0x759D0000) C:\WINDOWS\system32\PSAPI.DLL (0x76BC0000) C:\WINDOWS\system32\REGAPI.dll (0x76B90000) C:\WINDOWS\system32\Secur32.dll (0x77FC0000) C:\WINDOWS\system32\SETUPAPI.dll (0x76060000) C:\WINDOWS\system32\VERSION.dll (0x77BD0000) C:\WINDOWS\system32\WINSTA.dll (0x762D0000) C:\WINDOWS\system32\WINTRUST.dll (0x76C00000) C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000) C:\WINDOWS\system32\WS2_32.dll (0x71A20000) C:\WINDOWS\system32\WS2HELP.dll (0x71A10000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\system32\MSGINA.dll (0x758D0000) C:\WINDOWS\system32\SHELL32.dll (0x773A0000) C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000) C:\WINDOWS\system32\COMCTL32.dll (0x5D170000) C:\WINDOWS\system32\ODBC32.dll (0x73540000) C:\WINDOWS\system32\comdlg32.dll (0x76320000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000) C:\WINDOWS\system32\odbcint.dll (0x20000000) C:\WINDOWS\system32\SHSVCS.dll (0x76E10000) C:\WINDOWS\system32\sfc.dll (0x76B80000) C:\WINDOWS\system32\sfc_os.dll (0x76C30000) C:\WINDOWS\system32\ole32.dll (0x76990000) C:\WINDOWS\system32\Apphelp.dll (0x76D70000) C:\WINDOWS\system32\msctfime.ime (0x73640000) C:\WINDOWS\system32\WINSCARD.DLL (0x72360000) C:\WINDOWS\system32\WTSAPI32.dll (0x76F20000) C:\WINDOWS\system32\sxs.dll (0x75E00000) C:\WINDOWS\system32\WINMM.dll (0x76B10000) C:\WINDOWS\system32\cscdll.dll (0x76570000) C:\WINDOWS\system32\rsaenh.dll (0x0FFD0000) C:\WINDOWS\system32\WlNotify.dll (0x758B0000) C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000) C:\WINDOWS\system32\MPR.dll (0x71A90000) C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000) C:\WINDOWS\system32\msv1_0.dll (0x77C40000) C:\WINDOWS\system32\iphlpapi.dll (0x76D30000) C:\WINDOWS\system32\SAMLIB.dll (0x71B70000) C:\WINDOWS\system32\xpsp2res.dll (0x015D0000) C:\WINDOWS\system32\NTMARTA.DLL (0x76CB0000) C:\WINDOWS\system32\WLDAP32.dll (0x76F30000) C:\WINDOWS\system32\wdmaud.drv (0x72C90000) C:\WINDOWS\system32\msacm32.drv (0x72C80000) C:\WINDOWS\system32\MSACM32.dll (0x77BB0000) C:\WINDOWS\system32\midimap.dll (0x77BA0000) C:\WINDOWS\system32\COMRes.dll (0x77020000) C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000) C:\WINDOWS\system32\cryptnet.dll (0x757D0000) C:\WINDOWS\system32\WINHTTP.dll (0x4A410000) C:\WINDOWS\system32\SensApi.dll (0x72240000) C:\WINDOWS\system32\sclgntfy.dll (0x5CFF0000) C:\WINDOWS\System32\drprov.dll (0x75ED0000) C:\WINDOWS\System32\ntlanman.dll (0x71B90000) C:\WINDOWS\System32\NETUI0.dll (0x71C50000) C:\WINDOWS\System32\NETUI1.dll (0x71C10000) C:\WINDOWS\System32\NETRAP.dll (0x71C00000) C:\WINDOWS\System32\davclnt.dll (0x75EE0000) C:\WINDOWS\system32\MPRUI.dll (0x71A70000) C:\WINDOWS\system32\NETUI2.dll (0x71B20000) C:\WINDOWS\system32\netmsg.dll (0x71AB0000) C:\WINDOWS\system32\RASAPI32.dll (0x76EB0000) C:\WINDOWS\system32\rasman.dll (0x76E60000) C:\WINDOWS\system32\TAPI32.dll (0x76E80000) C:\WINDOWS\system32\rtutils.dll (0x76E50000) C:\WINDOWS\system32\Cabinet.dll (0x750B0000) C:\WINDOWS\system32\cscui.dll (0x76590000) ===================================================== PROCESS NAME: services.exe ----------------------------------------------------- Process ID = 0x000002e4 Thread count= 15 Parent process ID = 696 Priority Class = 32 Modules: ------------------------------------ C:\WINDOWS\system32\services.exe (0x01000000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\USERENV.dll (0x759D0000) C:\WINDOWS\system32\SCESRV.dll (0x75840000) C:\WINDOWS\system32\AUTHZ.dll (0x77FE0000) C:\WINDOWS\system32\umpnpmgr.dll (0x75820000) C:\WINDOWS\system32\WINSTA.dll (0x762D0000) C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000) C:\WINDOWS\system32\NCObjAPI.DLL (0x5F9A0000) C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000) C:\WINDOWS\system32\ShimEng.dll (0x5CC30000) C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000) C:\WINDOWS\system32\WINMM.dll (0x76B10000) C:\WINDOWS\system32\ole32.dll (0x76990000) C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) C:\WINDOWS\system32\MSACM32.dll (0x77BB0000) C:\WINDOWS\system32\VERSION.dll (0x77BD0000) C:\WINDOWS\system32\SHELL32.dll (0x773A0000) C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000) C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000) C:\WINDOWS\system32\comctl32.dll (0x5D170000) C:\WINDOWS\system32\secur32.dll (0x77FC0000) C:\WINDOWS\system32\Apphelp.dll (0x76D70000) C:\WINDOWS\system32\eventlog.dll (0x76CE0000) C:\WINDOWS\system32\WS2_32.dll (0x71A20000) C:\WINDOWS\system32\WS2HELP.dll (0x71A10000) C:\WINDOWS\system32\PSAPI.DLL (0x76BC0000) C:\WINDOWS\system32\wtsapi32.dll (0x76F20000)
月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:

月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:	发表于： 2006-02-28 15:25 \| 只看楼主短消息资料字号：小中大 3楼 ===================================================== PROCESS NAME: lsass.exe ----------------------------------------------------- Process ID = 0x000002f0 Thread count= 13 Parent process ID = 696 Priority Class = 32 Modules: ------------------------------------ C:\WINDOWS\system32\lsass.exe (0x01000000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\LSASRV.dll (0x74480000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\Secur32.dll (0x77FC0000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\SAMSRV.dll (0x743A0000) C:\WINDOWS\system32\cryptdll.dll (0x76760000) C:\WINDOWS\system32\DNSAPI.dll (0x76EF0000) C:\WINDOWS\system32\WS2_32.dll (0x71A20000) C:\WINDOWS\system32\WS2HELP.dll (0x71A10000) C:\WINDOWS\system32\MSASN1.dll (0x76DB0000) C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000) C:\WINDOWS\system32\SAMLIB.dll (0x71B70000) C:\WINDOWS\system32\MPR.dll (0x71A90000) C:\WINDOWS\system32\NTDSAPI.dll (0x76770000) C:\WINDOWS\system32\WLDAP32.dll (0x76F30000) C:\WINDOWS\system32\ShimEng.dll (0x5CC30000) C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000) C:\WINDOWS\system32\WINMM.dll (0x76B10000) C:\WINDOWS\system32\ole32.dll (0x76990000) C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) C:\WINDOWS\system32\MSACM32.dll (0x77BB0000) C:\WINDOWS\system32\VERSION.dll (0x77BD0000) C:\WINDOWS\system32\SHELL32.dll (0x773A0000) C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000) C:\WINDOWS\system32\USERENV.dll (0x759D0000) C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000) C:\WINDOWS\system32\comctl32.dll (0x5D170000) C:\WINDOWS\system32\msprivs.dll (0x20000000) C:\WINDOWS\system32\kerberos.dll (0x71C70000) C:\WINDOWS\system32\msv1_0.dll (0x77C40000) C:\WINDOWS\system32\iphlpapi.dll (0x76D30000) C:\WINDOWS\system32\netlogon.dll (0x74410000) C:\WINDOWS\system32\w32time.dll (0x76790000) C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000) C:\WINDOWS\system32\schannel.dll (0x767C0000) C:\WINDOWS\system32\CRYPT32.dll (0x765E0000) C:\WINDOWS\system32\wdigest.dll (0x742E0000) C:\WINDOWS\system32\rsaenh.dll (0x0FFD0000) C:\WINDOWS\system32\scecli.dll (0x74370000) C:\WINDOWS\system32\SETUPAPI.dll (0x76060000) ===================================================== PROCESS NAME: svchost.exe ----------------------------------------------------- Process ID = 0x00000390 Thread count= 5 Parent process ID = 740 Priority Class = 32 Modules: ------------------------------------ C:\WINDOWS\system32\svchost.exe (0x01000000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\ShimEng.dll (0x5CC30000) C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\WINMM.dll (0x76B10000) C:\WINDOWS\system32\ole32.dll (0x76990000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) C:\WINDOWS\system32\MSACM32.dll (0x77BB0000) C:\WINDOWS\system32\VERSION.dll (0x77BD0000) C:\WINDOWS\system32\SHELL32.dll (0x773A0000) C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000) C:\WINDOWS\system32\USERENV.dll (0x759D0000) C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000) C:\WINDOWS\system32\comctl32.dll (0x5D170000) C:\WINDOWS\system32\NTMARTA.DLL (0x76CB0000) C:\WINDOWS\system32\WLDAP32.dll (0x76F30000) C:\WINDOWS\system32\SAMLIB.dll (0x71B70000) c:\windows\system32\rpcss.dll (0x76230000) c:\windows\system32\WS2_32.dll (0x71A20000) c:\windows\system32\WS2HELP.dll (0x71A10000) c:\windows\system32\Secur32.dll (0x77FC0000) C:\WINDOWS\system32\xpsp2res.dll (0x20000000) C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000) C:\WINDOWS\system32\COMRes.dll (0x77020000) C:\WINDOWS\system32\Apphelp.dll (0x76D70000) ===================================================== PROCESS NAME: svchost.exe ----------------------------------------------------- WARNING: OpenProcess failed with error 5 () Process ID = 0x000003e0 Thread count= 10 Parent process ID = 740 Modules: ------------------------------------ ===================================================== PROCESS NAME: svchost.exe ----------------------------------------------------- Process ID = 0x0000044c Thread count= 24 Parent process ID = 740 Priority Class = 32 Modules: ------------------------------------ C:\WINDOWS\System32\svchost.exe (0x01000000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\System32\ShimEng.dll (0x5CC30000) C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\System32\WINMM.dll (0x76B10000) C:\WINDOWS\system32\ole32.dll (0x76990000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) C:\WINDOWS\System32\MSACM32.dll (0x77BB0000) C:\WINDOWS\system32\VERSION.dll (0x77BD0000) C:\WINDOWS\system32\SHELL32.dll (0x773A0000) C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000) C:\WINDOWS\system32\USERENV.dll (0x759D0000) C:\WINDOWS\System32\UxTheme.dll (0x5ADC0000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\System32\LPK.DLL (0x62C20000) C:\WINDOWS\System32\USP10.dll (0x73FA0000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000) C:\WINDOWS\system32\comctl32.dll (0x5D170000) C:\WINDOWS\System32\NTMARTA.DLL (0x76CB0000) C:\WINDOWS\system32\WLDAP32.dll (0x76F30000) C:\WINDOWS\System32\SAMLIB.dll (0x71B70000) C:\WINDOWS\System32\xpsp2res.dll (0x20000000) c:\windows\system32\shsvcs.dll (0x76E10000) C:\WINDOWS\System32\WINSTA.dll (0x762D0000) C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000) c:\windows\system32\audiosrv.dll (0x70DE0000) c:\windows\system32\SETUPAPI.dll (0x76060000) C:\WINDOWS\system32\WINTRUST.dll (0x76C00000) C:\WINDOWS\system32\CRYPT32.dll (0x765E0000) C:\WINDOWS\system32\MSASN1.dll (0x76DB0000) C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000) C:\WINDOWS\System32\secur32.dll (0x77FC0000) C:\WINDOWS\system32\msv1_0.dll (0x77C40000) C:\WINDOWS\System32\WS2_32.dll (0x71A20000) C:\WINDOWS\System32\WS2HELP.dll (0x71A10000) C:\WINDOWS\System32\iphlpapi.dll (0x76D30000) c:\windows\system32\wkssvc.dll (0x76850000) c:\windows\system32\NTDSAPI.dll (0x76770000) c:\windows\system32\DNSAPI.dll (0x76EF0000) C:\WINDOWS\System32\rsaenh.dll (0x0FFD0000) c:\windows\system32\es.dll (0x768A0000) c:\windows\system32\COMRes.dll (0x77020000) C:\WINDOWS\System32\wtsapi32.dll (0x76F20000) C:\WINDOWS\System32\CLBCATQ.DLL (0x76FA0000) c:\windows\system32\srvsvc.dll (0x74FF0000) C:\WINDOWS\System32\HNETCFG.DLL (0x60FD0000) c:\windows\system32\netman.dll (0x77CD0000) c:\windows\system32\netshell.dll (0x74770000) c:\windows\system32\rtutils.dll (0x76E50000) c:\windows\system32\credui.dll (0x76BD0000) c:\windows\system32\ATL.DLL (0x76AF0000) c:\windows\system32\MPRAPI.dll (0x76D10000) c:\windows\system32\ACTIVEDS.dll (0x77C90000) c:\windows\system32\adsldpc.dll (0x76DE0000) c:\windows\system32\RASAPI32.dll (0x76EB0000) c:\windows\system32\rasman.dll (0x76E60000) c:\windows\system32\TAPI32.dll (0x76E80000) c:\windows\system32\WZCSvc.DLL (0x77290000) c:\windows\system32\WMI.dll (0x76D00000) c:\windows\system32\DHCPCSVC.DLL (0x76D50000) c:\windows\system32\ESENT.dll (0x5DF20000) C:\WINDOWS\system32\WININET.dll (0x76680000) c:\windows\system32\WZCSAPI.DLL (0x72FA0000) c:\windows\system32\wbem\wmisvc.dll (0x67180000) C:\WINDOWS\system32\VSSAPI.DLL (0x75340000) c:\windows\system32\srsvc.dll (0x75100000) c:\windows\system32\POWRPROF.dll (0x74A30000) c:\windows\system32\sens.dll (0x72260000) C:\WINDOWS\System32\SXS.DLL (0x75E00000) C:\WINDOWS\system32\comsvcs.dll (0x75690000) C:\WINDOWS\system32\MTXCLU.DLL (0x75050000) C:\WINDOWS\system32\WSOCK32.dll (0x71A40000) C:\WINDOWS\system32\colbact.DLL (0x75090000) C:\WINDOWS\System32\CLUSAPI.DLL (0x762A0000) C:\WINDOWS\System32\RESUTILS.DLL (0x75010000) C:\WINDOWS\system32\wbem\wbemcomn.dll (0x751F0000) C:\WINDOWS\System32\Wbem\wbemcore.dll (0x75D00000) C:\WINDOWS\System32\MSVCP60.dll (0x75FF0000) C:\WINDOWS\System32\Wbem\esscli.dll (0x75270000) C:\WINDOWS\System32\Wbem\FastProx.dll (0x755F0000) C:\WINDOWS\system32\wbem\wbemsvc.dll (0x74E30000) C:\WINDOWS\system32\wbem\wmiutils.dll (0x74F80000) C:\WINDOWS\system32\wbem\repdrvfs.dll (0x75160000) C:\WINDOWS\system32\wbem\wmiprvsd.dll (0x594C0000) C:\WINDOWS\system32\NCObjAPI.DLL (0x5F9A0000) C:\WINDOWS\system32\wbem\wbemess.dll (0x752F0000) C:\WINDOWS\System32\msi.dll (0x7C9C0000) C:\WINDOWS\System32\RASDLG.dll (0x754B0000) C:\WINDOWS\System32\mswsock.dll (0x719C0000) C:\WINDOWS\system32\wbem\ncprov.dll (0x5F970000) c:\windows\system32\cryptsvc.dll (0x75EB0000) c:\windows\system32\certcli.dll (0x752B0000) C:\WINDOWS\system32\CRYPTUI.dll (0x75430000) C:\WINDOWS\system32\netcfgx.dll (0x75550000)
月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:

月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:	发表于： 2006-02-28 15:26 \| 只看楼主短消息资料字号：小中大 4楼 ===================================================== PROCESS NAME: HDSRV.exe ----------------------------------------------------- Process ID = 0x00000684 Thread count= 3 Parent process ID = 740 Priority Class = 32 Modules: ------------------------------------ C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\hdsrv.exe (0x00400000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\COMCTL32.dll (0x5D170000) C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) C:\WINDOWS\system32\ole32.dll (0x76990000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000) ===================================================== PROCESS NAME: OSAgent.exe ----------------------------------------------------- Process ID = 0x00000708 Thread count= 7 Parent process ID = 740 Priority Class = 32 Modules: ------------------------------------ C:\Program Files\Intel\Intel Platform Administrator Client\Service\OSAgent.exe (0x00400000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\Program Files\Intel\Intel Platform Administrator Client\Service\GetEfiVar.dll (0x10000000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\COMCTL32.dll (0x5D170000) C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000) C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) C:\WINDOWS\system32\ole32.dll (0x76990000) C:\WINDOWS\system32\SHELL32.dll (0x773A0000) C:\WINDOWS\system32\VERSION.dll (0x77BD0000) C:\WINDOWS\system32\WINMM.dll (0x76B10000) C:\WINDOWS\system32\WSOCK32.dll (0x71A40000) C:\WINDOWS\system32\WS2_32.dll (0x71A20000) C:\WINDOWS\system32\WS2HELP.dll (0x71A10000) C:\WINDOWS\system32\iphlpapi.dll (0x76D30000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000) C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000) C:\WINDOWS\system32\Secur32.dll (0x77FC0000) C:\WINDOWS\system32\DNSAPI.dll (0x76EF0000) C:\WINDOWS\system32\rasadhlp.dll (0x76F90000) C:\WINDOWS\system32\WINTRUST.dll (0x76C00000) C:\WINDOWS\system32\CRYPT32.dll (0x765E0000) C:\WINDOWS\system32\MSASN1.dll (0x76DB0000) C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000) C:\WINDOWS\system32\wdmaud.drv (0x72C90000) C:\WINDOWS\system32\msacm32.drv (0x72C80000) C:\WINDOWS\system32\MSACM32.dll (0x77BB0000) C:\WINDOWS\system32\midimap.dll (0x77BA0000) C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000) C:\WINDOWS\system32\COMRes.dll (0x77020000) C:\Program Files\Intel\Intel Platform Administrator Client\ASF\ASFCfgsv.dll (0x00EC0000) C:\WINDOWS\system32\SETUPAPI.dll (0x76060000) C:\WINDOWS\system32\msctfime.ime (0x73640000) C:\WINDOWS\system32\mswsock.dll (0x719C0000) C:\WINDOWS\system32\hnetcfg.dll (0x60FD0000) C:\WINDOWS\System32\wshtcpip.dll (0x71A00000) C:\WINDOWS\System32\winrnr.dll (0x76F80000) C:\WINDOWS\system32\WLDAP32.dll (0x76F30000) C:\WINDOWS\system32\MPRAPI.dll (0x76D10000) C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000) C:\WINDOWS\system32\rtutils.dll (0x76E50000) C:\WINDOWS\system32\SAMLIB.dll (0x71B70000) C:\WINDOWS\system32\wbem\wbemprox.dll (0x74E50000) C:\WINDOWS\system32\wbem\wbemcomn.dll (0x751F0000) C:\WINDOWS\system32\xpsp2res.dll (0x20000000) C:\WINDOWS\system32\wbem\wbemsvc.dll (0x74E30000) C:\WINDOWS\system32\wbem\fastprox.dll (0x755F0000) C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000) C:\WINDOWS\system32\NTDSAPI.dll (0x76770000) C:\Program Files\Intel\Intel Platform Administrator Client\Service\OSAgentPlugin.dll (0x01570000) C:\WINDOWS\system32\WININET.dll (0x76680000) ===================================================== PROCESS NAME: PM.exe ----------------------------------------------------- Process ID = 0x00000788 Thread count= 2 Parent process ID = 740 Priority Class = 32 Modules: ------------------------------------ C:\WINDOWS\system32\PM.EXE (0x00400000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\comdlg32.dll (0x76320000) C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\COMCTL32.dll (0x5D170000) C:\WINDOWS\system32\SHELL32.dll (0x773A0000) C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000) C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000) ===================================================== PROCESS NAME: svchost.exe ----------------------------------------------------- Process ID = 0x000007b4 Thread count= 8 Parent process ID = 740 Priority Class = 32 Modules: ------------------------------------ C:\WINDOWS\system32\svchost.exe (0x01000000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\ShimEng.dll (0x5CC30000) C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\WINMM.dll (0x76B10000) C:\WINDOWS\system32\ole32.dll (0x76990000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) C:\WINDOWS\system32\MSACM32.dll (0x77BB0000) C:\WINDOWS\system32\VERSION.dll (0x77BD0000) C:\WINDOWS\system32\SHELL32.dll (0x773A0000) C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000) C:\WINDOWS\system32\USERENV.dll (0x759D0000) C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000) C:\WINDOWS\system32\comctl32.dll (0x5D170000) c:\windows\system32\wiaservc.dll (0x749C0000) c:\windows\system32\CFGMGR32.dll (0x74A40000) c:\windows\system32\setupapi.DLL (0x76060000) c:\windows\system32\mscms.dll (0x73AA0000) c:\windows\system32\WINSPOOL.DRV (0x72F70000) c:\windows\system32\WINSTA.dll (0x762D0000) C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000) C:\WINDOWS\system32\xpsp2res.dll (0x20000000) C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000) C:\WINDOWS\system32\COMRes.dll (0x77020000) C:\WINDOWS\system32\WINTRUST.dll (0x76C00000) C:\WINDOWS\system32\CRYPT32.dll (0x765E0000) C:\WINDOWS\system32\MSASN1.dll (0x76DB0000) C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000) C:\WINDOWS\system32\wiavusd.dll (0x5A4F0000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll (0x4AE90000) C:\WINDOWS\system32\SHFOLDER.dll (0x76750000) C:\WINDOWS\system32\sti.dll (0x73B10000) ===================================================== PROCESS NAME: CCenter.exe ----------------------------------------------------- Process ID = 0x000004a8 Thread count= 3 Parent process ID = 740 Priority Class = 32 Modules: ------------------------------------ C:\Program Files\Rising\Rav\CCenter.exe (0x00400000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)
月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:

月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:	发表于： 2006-02-28 15:27 \| 只看楼主短消息资料字号：小中大 5楼 ===================================================== PROCESS NAME: RavMonD.exe ----------------------------------------------------- Process ID = 0x00000230 Thread count= 17 Parent process ID = 740 Priority Class = 32 Modules: ------------------------------------ C:\Program Files\Rising\Rav\Ravmond.exe (0x00400000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\Program Files\Rising\Rav\BWList.dll (0x10000000) C:\WINDOWS\system32\MFC42.DLL (0x73D30000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\SHELL32.dll (0x773A0000) C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000) C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000) C:\WINDOWS\system32\WSOCK32.dll (0x71A40000) C:\WINDOWS\system32\WS2_32.dll (0x71A20000) C:\WINDOWS\system32\WS2HELP.dll (0x71A10000) C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) C:\WINDOWS\system32\ole32.dll (0x76990000) C:\WINDOWS\system32\VERSION.dll (0x77BD0000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\system32\MFC42LOC.DLL (0x61BE0000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000) C:\WINDOWS\system32\comctl32.dll (0x5D170000) C:\Program Files\Rising\Rav\RsCommX.dll (0x00720000) C:\Program Files\Rising\Rav\RSAPPMGR.DLL (0x00B50000) C:\Program Files\Rising\Rav\CfgDll.dll (0x08B70000) C:\Program Files\Rising\Rav\RSCOMMON.DLL (0x23700000) C:\Program Files\Rising\Rav\RsLog.dll (0x08F00000) C:\Program Files\Rising\Rav\Scanner.dll (0x08F10000) C:\Program Files\Rising\Rav\libload.dll (0x13100000) C:\Program Files\Rising\Rav\VirusLib.dll (0x09070000) C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000) C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000) C:\WINDOWS\system32\COMRes.dll (0x77020000) C:\WINDOWS\system32\xpsp2res.dll (0x20000000) C:\Program Files\Rising\Rav\HookWeb.dll (0x08F60000) C:\Program Files\Rising\Rav\expscan.dll (0x096F0000) C:\Program Files\Rising\Rav\mPorts.dll (0x09710000) C:\WINDOWS\system32\iphlpapi.dll (0x76D30000) C:\Program Files\Rising\Rav\PSAPI.DLL (0x731B0000) C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000) C:\Program Files\Rising\Rav\MailMon.dll (0x09A20000) C:\Program Files\Rising\Rav\SpamEng.dll (0x09A50000) C:\Program Files\Rising\Rav\engine.dll (0x13A80000) C:\WINDOWS\system32\mswsock.dll (0x719C0000) C:\WINDOWS\system32\hnetcfg.dll (0x60FD0000) C:\WINDOWS\System32\wshtcpip.dll (0x71A00000) C:\WINDOWS\system32\Apphelp.dll (0x76D70000) C:\WINDOWS\system32\perfproc.dll (0x5E8E0000) C:\Program Files\Rising\Rav\UnExe.dll (0x0A840000) C:\Program Files\Rising\Rav\ScanEx.dll (0x091D0000) C:\Program Files\Rising\Rav\PostTrt.dll (0x09210000) C:\Program Files\Rising\Rav\NvFile.dll (0x09250000) C:\Program Files\Rising\Rav\ScanMac.dll (0x13AF0000) C:\Program Files\Rising\Rav\ScanSct.dll (0x0AD30000) ===================================================== PROCESS NAME: RavStub.exe ----------------------------------------------------- Process ID = 0x000006e4 Thread count= 4 Parent process ID = 560 Priority Class = 32 Modules: ------------------------------------ C:\Program Files\Rising\Rav\RavStub.exe (0x00400000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\USERENV.dll (0x759D0000) C:\WINDOWS\system32\COMCTL32.dll (0x5D170000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\Program Files\Rising\Rav\RsCommX.dll (0x10000000) C:\Program Files\Rising\Rav\RSCOMMON.DLL (0x23700000) C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000) C:\WINDOWS\system32\perfproc.dll (0x5E8E0000) ===================================================== PROCESS NAME: explorer.exe ----------------------------------------------------- Process ID = 0x0000055c Thread count= 12 Parent process ID = 1896 Priority Class = 32 Modules: ------------------------------------ C:\WINDOWS\Explorer.EXE (0x01000000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000) C:\WINDOWS\system32\SHELL32.dll (0x773A0000) C:\WINDOWS\system32\ole32.dll (0x76990000) C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) C:\WINDOWS\system32\BROWSEUI.dll (0x75EF0000) C:\WINDOWS\system32\SHDOCVW.dll (0x76370000) C:\WINDOWS\system32\CRYPT32.dll (0x765E0000) C:\WINDOWS\system32\MSASN1.dll (0x76DB0000) C:\WINDOWS\system32\CRYPTUI.dll (0x75430000) C:\WINDOWS\system32\WINTRUST.dll (0x76C00000) C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000) C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000) C:\WINDOWS\system32\WININET.dll (0x76680000) C:\WINDOWS\system32\WLDAP32.dll (0x76F30000) C:\WINDOWS\system32\VERSION.dll (0x77BD0000) C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000) C:\WINDOWS\system32\ShimEng.dll (0x5CC30000) C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000) C:\WINDOWS\system32\WINMM.dll (0x76B10000) C:\WINDOWS\system32\MSACM32.dll (0x77BB0000) C:\WINDOWS\system32\USERENV.dll (0x759D0000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000) C:\WINDOWS\system32\comctl32.dll (0x5D170000) C:\WINDOWS\system32\msctfime.ime (0x73640000) C:\WINDOWS\system32\appHelp.dll (0x76D70000) C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000) C:\WINDOWS\system32\COMRes.dll (0x77020000) C:\WINDOWS\System32\cscui.dll (0x76590000) C:\WINDOWS\System32\CSCDLL.dll (0x76570000) C:\WINDOWS\system32\themeui.dll (0x5B680000) C:\WINDOWS\system32\Secur32.dll (0x77FC0000) C:\WINDOWS\system32\MSIMG32.dll (0x762F0000) C:\WINDOWS\system32\xpsp2res.dll (0x20000000) C:\WINDOWS\system32\urlmon.dll (0x75C60000) C:\WINDOWS\system32\LINKINFO.dll (0x76950000) C:\WINDOWS\system32\ntshrui.dll (0x76960000) C:\WINDOWS\system32\ATL.DLL (0x76AF0000) C:\WINDOWS\system32\rsaenh.dll (0x0FFD0000) C:\WINDOWS\system32\msi.dll (0x7C9C0000) C:\WINDOWS\system32\INDICDLL.dll (0x6DD30000) C:\WINDOWS\system32\WINSTA.dll (0x762D0000) C:\WINDOWS\system32\webcheck.dll (0x74A90000) C:\WINDOWS\system32\WSOCK32.dll (0x71A40000) C:\WINDOWS\system32\WS2_32.dll (0x71A20000) C:\WINDOWS\system32\WS2HELP.dll (0x71A10000) C:\WINDOWS\system32\stobject.dll (0x74A60000) C:\WINDOWS\system32\BatMeter.dll (0x74A50000) C:\WINDOWS\system32\POWRPROF.dll (0x74A30000) C:\WINDOWS\system32\SETUPAPI.dll (0x76060000) C:\WINDOWS\system32\WTSAPI32.dll (0x76F20000) C:\WINDOWS\system32\wdmaud.drv (0x72C90000) C:\WINDOWS\system32\msacm32.drv (0x72C80000) C:\WINDOWS\system32\midimap.dll (0x77BA0000) C:\WINDOWS\system32\NETSHELL.dll (0x74770000) C:\WINDOWS\system32\rtutils.dll (0x76E50000) C:\WINDOWS\system32\credui.dll (0x76BD0000) C:\WINDOWS\system32\iphlpapi.dll (0x76D30000) C:\WINDOWS\system32\MPR.dll (0x71A90000) C:\WINDOWS\System32\drprov.dll (0x75ED0000) C:\WINDOWS\System32\ntlanman.dll (0x71B90000) C:\WINDOWS\System32\NETUI0.dll (0x71C50000) C:\WINDOWS\System32\NETUI1.dll (0x71C10000) C:\WINDOWS\System32\NETRAP.dll (0x71C00000) C:\WINDOWS\System32\SAMLIB.dll (0x71B70000) C:\WINDOWS\System32\davclnt.dll (0x75EE0000) C:\WINDOWS\system32\browselc.dll (0x01470000) C:\WINDOWS\system32\RavExt.dll (0x10000000) C:\WINDOWS\system32\nvcpl.dll (0x01DA0000) C:\WINDOWS\system32\comdlg32.dll (0x76320000) C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000) C:\WINDOWS\system32\OLEACC.dll (0x74BE0000) C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000) C:\WINDOWS\system32\NVRSZHC.DLL (0x016A0000) C:\WINDOWS\system32\nvshell.dll (0x01720000) C:\WINDOWS\system32\NTMARTA.DLL (0x76CB0000) C:\WINDOWS\system32\MLANG.dll (0x74CF0000) C:\WINDOWS\system32\MSGINA.dll (0x758D0000) C:\WINDOWS\system32\ODBC32.dll (0x73540000) C:\WINDOWS\system32\odbcint.dll (0x018F0000) C:\WINDOWS\system32\sti.dll (0x73B10000) C:\WINDOWS\system32\CFGMGR32.dll (0x74A40000) C:\WINDOWS\system32\SXS.DLL (0x75E00000) C:\WINDOWS\system32\msxml3.dll (0x5DD50000) C:\WINDOWS\system32\WINHTTP.dll (0x4A410000) C:\Program Files\Rising\Rav\RavScrCh.dll (0x02CE0000) C:\WINDOWS\system32\vbscript.dll (0x73270000) C:\WINDOWS\system32\MFC42.DLL (0x73D30000) C:\WINDOWS\system32\MFC42LOC.DLL (0x61BE0000) C:\WINDOWS\system32\jscript.dll (0x75BC0000) C:\WINDOWS\system32\WMVCore.DLL (0x086D0000) C:\WINDOWS\system32\WMASF.DLL (0x070D0000) C:\WINDOWS\system32\mstask.dll (0x746D0000) C:\WINDOWS\system32\NTDSAPI.dll (0x76770000) C:\WINDOWS\system32\DNSAPI.dll (0x76EF0000) C:\WINDOWS\system32\DSOUND.dll (0x73E70000) C:\WINDOWS\system32\PRINTUI.dll (0x74AE0000) C:\WINDOWS\system32\ACTIVEDS.dll (0x77C90000) C:\WINDOWS\system32\adsldpc.dll (0x76DE0000) C:\WINDOWS\system32\MSWMDM.dll (0x08DD0000) C:\WINDOWS\system32\WMDMLOG.dll (0x08E40000) C:\WINDOWS\system32\MsPMSP.dll (0x08D60000) C:\WINDOWS\system32\WMDMPS.dll (0x08E60000) C:\WINDOWS\system32\shdoclc.dll (0x03060000) C:\Program Files\WinRAR\rarext.dll (0x02610000) C:\WINDOWS\system32\actxprxy.dll (0x71CC0000)
月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:

月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:	发表于： 2006-02-28 15:28 \| 只看楼主短消息资料字号：小中大 6楼 ===================================================== PROCESS NAME: internat.exe ----------------------------------------------------- Process ID = 0x0000063c Thread count= 1 Parent process ID = 1372 Priority Class = 32 Modules: ------------------------------------ C:\WINDOWS\system32\internat.exe (0x01000000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\USER32.DLL (0x77D10000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\COMCTL32.DLL (0x5D170000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\SETUPAPI.DLL (0x76060000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\SHELL32.DLL (0x773A0000) C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000) C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000) C:\WINDOWS\system32\msctfime.ime (0x73640000) C:\WINDOWS\system32\ole32.dll (0x76990000) C:\WINDOWS\system32\INDICDLL.dll (0x6DD30000) C:\WINDOWS\system32\Cabinet.dll (0x750B0000) ===================================================== PROCESS NAME: RavMon.exe ----------------------------------------------------- Process ID = 0x00000080 Thread count= 7 Parent process ID = 1760 Priority Class = 32 Modules: ------------------------------------ C:\Program Files\Rising\Rav\Ravmon.exe (0x00400000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\Program Files\Rising\Rav\RsGuiLib.dll (0x26600000) C:\WINDOWS\system32\MFC42.DLL (0x73D30000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\COMCTL32.dll (0x5D170000) C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000) C:\Program Files\Rising\Rav\BWList.dll (0x10000000) C:\WINDOWS\system32\SHELL32.dll (0x773A0000) C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000) C:\WINDOWS\system32\WSOCK32.dll (0x71A40000) C:\WINDOWS\system32\WS2_32.dll (0x71A20000) C:\WINDOWS\system32\WS2HELP.dll (0x71A10000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\system32\MFC42LOC.DLL (0x61BE0000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000) C:\Program Files\Rising\Rav\RSAPPMGR.DLL (0x003E0000) C:\Program Files\Rising\Rav\CfgDll.dll (0x08A10000) C:\WINDOWS\system32\ole32.dll (0x76990000) C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) C:\Program Files\Rising\Rav\RSCOMMON.DLL (0x23700000) C:\Program Files\Rising\Rav\RsCommX.dll (0x08CA0000) C:\Program Files\Rising\Rav\PngDll.dll (0x23900000) C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000) C:\WINDOWS\system32\INDICDLL.dll (0x6DD30000) C:\WINDOWS\system32\msctfime.ime (0x73640000) C:\WINDOWS\system32\perfproc.dll (0x5E8E0000) ===================================================== PROCESS NAME: SysInfoCollect.EXE ----------------------------------------------------- Process ID = 0x00000330 Thread count= 1 Parent process ID = 1372 Priority Class = 32 Modules: ------------------------------------ C:\Documents and Settings\ytxuser\桌面\SysInfoCollect.EXE (0x00400000) C:\WINDOWS\system32\ntdll.dll (0x7C920000) C:\WINDOWS\system32\kernel32.dll (0x7C800000) C:\WINDOWS\system32\PSAPI.DLL (0x76BC0000) C:\WINDOWS\system32\MFC42.DLL (0x73D30000) C:\WINDOWS\system32\msvcrt.dll (0x77BE0000) C:\WINDOWS\system32\GDI32.dll (0x77EF0000) C:\WINDOWS\system32\USER32.dll (0x77D10000) C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) C:\WINDOWS\system32\RPCRT4.dll (0x77E50000) C:\WINDOWS\system32\SHELL32.dll (0x773A0000) C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000) C:\WINDOWS\system32\IMM32.DLL (0x76300000) C:\WINDOWS\system32\LPK.DLL (0x62C20000) C:\WINDOWS\system32\USP10.dll (0x73FA0000) C:\WINDOWS\system32\MFC42LOC.DLL (0x61BE0000) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (0x77180000) C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000) C:\WINDOWS\system32\INDICDLL.dll (0x6DD30000) C:\WINDOWS\system32\msctfime.ime (0x73640000) C:\WINDOWS\system32\ole32.dll (0x76990000)
月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:

月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:	发表于： 2006-02-28 15:30 \| 只看楼主短消息资料字号：小中大 7楼 *************************************************************** Local Win32 Service information *************************************************************** Alerter [Alerter ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService Application Layer Gateway Service [ALG ] <Stopped>, Binpath = C:\WINDOWS\System32\alg.exe Application Management [AppMgmt ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Windows Audio [AudioSrv ] <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs Background Intelligent Transfer Service [BITS ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Computer Browser [Browser ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Indexing Service [CiSvc ] <Stopped>, Binpath = C:\WINDOWS\system32\cisvc.exe ClipBook [ClipSrv ] <Stopped>, Binpath = C:\WINDOWS\system32\clipsrv.exe COM+ System Application [COMSysApp ] <Stopped>, Binpath = C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} Cryptographic Services [CryptSvc ] <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs DCOM Server Process Launcher [DcomLaunch ] <Running>, Binpath = C:\WINDOWS\system32\svchost -k DcomLaunch DHCP Client [Dhcp ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Logical Disk Manager Administrative Service [dmadmin ] <Stopped>, Binpath = C:\WINDOWS\System32\dmadmin.exe /com Logical Disk Manager [dmserver ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs DNS Client [Dnscache ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k NetworkService Error Reporting Service [ERSvc ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs Event Log [Eventlog ] <Running>, Binpath = C:\WINDOWS\system32\services.exe COM+ Event System [EventSystem ] <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Fast User Switching Compatibility [FastUserSwitchingCompatibility ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs Hard Disk Guard Service [HDGuardSrv ] <Running>, Binpath = C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\hdsrv.exe Help and Support [helpsvc ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs Human Interface Device Access [HidServ ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs HTTP SSL [HTTPFilter ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k HTTPFilter IMAPI CD-Burning COM Service [ImapiService ] <Stopped>, Binpath = C:\WINDOWS\system32\imapi.exe Server [lanmanserver ] <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Workstation [lanmanworkstation ] <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs TCP/IP NetBIOS Helper [LmHosts ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService Messenger [Messenger ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs NetMeeting Remote Desktop Sharing [mnmsrvc ] <Stopped>, Binpath = C:\WINDOWS\system32\mnmsrvc.exe Distributed Transaction Coordinator [MSDTC ] <Stopped>, Binpath = C:\WINDOWS\system32\msdtc.exe Windows Installer [MSIServer ] <Stopped>, Binpath = C:\WINDOWS\system32\msiexec.exe /V Network DDE [NetDDE ] <Stopped>, Binpath = C:\WINDOWS\system32\netdde.exe Network DDE DSDM [NetDDEdsdm ] <Stopped>, Binpath = C:\WINDOWS\system32\netdde.exe Net Logon [Netlogon ] <Stopped>, Binpath = C:\WINDOWS\system32\lsass.exe Network Connections [Netman ] <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs Network Location Awareness (NLA) [Nla ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs NT LM Security Support Provider [NtLmSsp ] <Stopped>, Binpath = C:\WINDOWS\system32\lsass.exe Removable Storage [NtmsSvc ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs NVIDIA Display Driver Service [NVSvc ] <Stopped>, Binpath = C:\WINDOWS\system32\nvsvc32.exe Intel(R) Platform Administrator Client - OS Client Service [OS Client Service ] <Running>, Binpath = C:\Program Files\Intel\Intel Platform Administrator Client\Service\OSAgent.exe
月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:

月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:	发表于： 2006-02-28 15:31 \| 只看楼主短消息资料字号：小中大 8楼 Plug and Play [PlugPlay ] <Running>, Binpath = C:\WINDOWS\system32\services.exe PM_SERVICE [PM_SERVICE ] <Running>, Binpath = C:\WINDOWS\system32\PM.EXE IPSEC Services [PolicyAgent ] <Stopped>, Binpath = C:\WINDOWS\system32\lsass.exe Protected Storage [ProtectedStorage ] <Stopped>, Binpath = C:\WINDOWS\system32\lsass.exe Remote Access Auto Connection Manager [RasAuto ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Remote Access Connection Manager [RasMan ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Remote Desktop Help Session Manager [RDSessMgr ] <Stopped>, Binpath = C:\WINDOWS\system32\sessmgr.exe Routing and Remote Access [RemoteAccess ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Remote Registry [RemoteRegistry ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService Remote Procedure Call (RPC) Locator [RpcLocator ] <Stopped>, Binpath = C:\WINDOWS\system32\locator.exe Remote Procedure Call (RPC) [RpcSs ] <Running>, Binpath = C:\WINDOWS\system32\svchost -k rpcss QoS RSVP [RSVP ] <Stopped>, Binpath = C:\WINDOWS\system32\rsvp.exe Security Accounts Manager [SamSs ] <Stopped>, Binpath = C:\WINDOWS\system32\lsass.exe Smart Card [SCardSvr ] <Stopped>, Binpath = C:\WINDOWS\System32\SCardSvr.exe Task Scheduler [Schedule ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs Secondary Logon [seclogon ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs System Event Notification [SENS ] <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Windows Firewall/Internet Connection Sharing (ICS) [SharedAccess ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Shell Hardware Detection [ShellHWDetection ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs Print Spooler [Spooler ] <Stopped>, Binpath = C:\WINDOWS\system32\spoolsv.exe System Restore Service [srservice ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs SSDP Discovery Service [SSDPSRV ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService Windows Image Acquisition (WIA) [stisvc ] <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k imgsvc MS Software Shadow Copy Provider [SwPrv ] <Stopped>, Binpath = C:\WINDOWS\system32\dllhost.exe /Processid:{93AD75BD-028D-430D-8AF4-7C24CDF92D07} Performance Logs and Alerts [SysmonLog ] <Stopped>, Binpath = C:\WINDOWS\system32\smlogsvc.exe Telephony [TapiSrv ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs Terminal Services [TermService ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost -k DComLaunch Themes [Themes ] <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs Telnet [TlntSvr ] <Stopped>, Binpath = C:\WINDOWS\system32\tlntsvr.exe Distributed Link Tracking Client [TrkWks ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Windows User Mode Driver Framework [UMWdf ] <Stopped>, Binpath = C:\WINDOWS\system32\wdfmgr.exe Universal Plug and Play Device Host [upnphost ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService Uninterruptible Power Supply [UPS ] <Stopped>, Binpath = C:\WINDOWS\System32\ups.exe User Privilege Service [usprserv ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs Volume Shadow Copy [VSS ] <Stopped>, Binpath = C:\WINDOWS\System32\vssvc.exe Windows Time [W32Time ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs WebClient [WebClient ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService Windows Management Instrumentation [winmgmt ] <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Portable Media Serial Number Service [WmdmPmSN ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs Windows Management Instrumentation Driver Extensions [Wmi ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs WMI Performance Adapter [WmiApSrv ] <Stopped>, Binpath = C:\WINDOWS\system32\wbem\wmiapsrv.exe Security Center [wscsvc ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs Automatic Updates [wuauserv ] <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs Wireless Zero Configuration [WZCSVC ] <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:

月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:	发表于： 2006-02-28 15:32 \| 只看楼主短消息资料字号：小中大 9楼 *************************************************************** IE BHOs ************************************************************* 没有安装任何BHO ************************************************************* Boot items in Registry ************************************************************* ------------------------------------------------------------ 0：HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ------------------------------------------------------------ bgswitch……C:\WINDOWS\system32\bgswitch.exe ------------------------------------------------------------ 1：HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce ------------------------------------------------------------ ------------------------------------------------------------ 2：HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnceEx ------------------------------------------------------------ ------------------------------------------------------------ 3：HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices ------------------------------------------------------------ ------------------------------------------------------------ 4：HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce ------------------------------------------------------------ ------------------------------------------------------------ 5：HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows 键值名称:load ------------------------------------------------------------ load…… ------------------------------------------------------------ 6：HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows 键值名称:run ------------------------------------------------------------ ------------------------------------------------------------ 7：HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System 键值名称:Shell ------------------------------------------------------------ ------------------------------------------------------------ 8：HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run ------------------------------------------------------------ ------------------------------------------------------------ 9：HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run ------------------------------------------------------------ D勡s瞳很……H? HDGuardConf……C:\Program Files\Intel\Intel Platform Administrator Client\HDGuard\configure.exe RavTask……"C:\Program Files\Rising\Rav\RavTask.exe" -system ------------------------------------------------------------ 10：HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce ------------------------------------------------------------ ------------------------------------------------------------ 11：HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx ------------------------------------------------------------ ------------------------------------------------------------ 12：HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunService ------------------------------------------------------------ ------------------------------------------------------------ 13：HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServiceOnce ------------------------------------------------------------ ------------------------------------------------------------ 14：HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run ------------------------------------------------------------ ------------------------------------------------------------ 15：HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 键值名称:Shell ------------------------------------------------------------ Shell……Explorer.exe ------------------------------------------------------------ 16：HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 键值名称:Userinit ------------------------------------------------------------ Userinit……C:\WINDOWS\system32\userinit.exe, ------------------------------------------------------------ 17：HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows 键值名称:AppInit_DLLs ------------------------------------------------------------ AppInit_DLLs…… ************************************************************* File association information *************************************************************** ------------------------------------------------------------ 0：HKEY_CLASSES_ROOT\.exe ------------------------------------------------------------ <DEFAULT> = exefile, 正常！ ------------------------------------------------------------ 1：HKEY_CLASSES_ROOT\exefile\shell\open\command ------------------------------------------------------------ <DEFAULT> = "%1" %, 正常！ ------------------------------------------------------------ 2：HKEY_CLASSES_ROOT\exefile\shell\runas\command ------------------------------------------------------------ <DEFAULT> = "%1" %, 正常！ ------------------------------------------------------------ 3：HKEY_CLASSES_ROOT\.txt ------------------------------------------------------------ <DEFAULT> = txtfile, 正常！ ------------------------------------------------------------ 4：HKEY_CLASSES_ROOT\txtfile\shell\open\command ------------------------------------------------------------ <DEFAULT> = Notepad.exe %1, 不正常！正常值：%SystemRoot%\system32\NOTEPAD.EXE %1。请使用RegFix修复关联！软件可以到 http://www.KZTechs.com 下载。 ------------------------------------------------------------ 5：HKEY_CLASSES_ROOT\.reg ------------------------------------------------------------ <DEFAULT> = regfile, 正常！ ------------------------------------------------------------ 6：HKEY_CLASSES_ROOT\regfile\shell\open\command ------------------------------------------------------------ <DEFAULT> = regedit.exe "%1", 正常！ ------------------------------------------------------------ 7：HKEY_CLASSES_ROOT\.bat ------------------------------------------------------------ <DEFAULT> = batfile, 正常！ ------------------------------------------------------------ 8：HKEY_CLASSES_ROOT\batfile\shell\open\command ------------------------------------------------------------ <DEFAULT> = "%1" %, 正常！ ------------------------------------------------------------ 9：HKEY_CLASSES_ROOT\.com ------------------------------------------------------------ <DEFAULT> = comfile, 正常！ ------------------------------------------------------------ 10：HKEY_CLASSES_ROOT\comfile\shell\open\command ------------------------------------------------------------ <DEFAULT> = "%1" %, 正常！ ------------------------------------------------------------ 11：HKEY_CLASSES_ROOT\.scr ------------------------------------------------------------ <DEFAULT> = scrfile, 正常！ ------------------------------------------------------------ 12：HKEY_CLASSES_ROOT\scrfile\shell\open\command ------------------------------------------------------------ <DEFAULT> = "%1" /S, 正常！ ------------------------------------------------------------ 13：HKEY_CLASSES_ROOT\.pif ------------------------------------------------------------ <DEFAULT> = piffile, 正常！ ------------------------------------------------------------ 14：HKEY_CLASSES_ROOT\piffile\shell\open\command ------------------------------------------------------------ <DEFAULT> = "%1" %*, 正常！
月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:

月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:	发表于： 2006-02-28 15:34 \| 只看楼主短消息资料字号：小中大 10楼没了
月光笨笨初生襁褓狮帖子:16 注册: 2006-02-04 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT