收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 软件区 解疑答难区 难题爱上我了.是高高手的请进.有关server服务不能用的问 ...
12下一页
返回列表 发新帖
查看: 5186|回复: 17
收起左侧

[已解决] 难题爱上我了.是高高手的请进.有关server服务不能用的问题!声明!这很难的!

 关闭 [复制链接]
qiqi00612
发表于 2007-9-1 23:31:18 | 显示全部楼层 |阅读模式
我不想把字了,最近的难题都找我来了.....
我在网上找到了与我有一样问题的人,可没有解决的!
请看,
CSDN - 专家门诊 - Windows专区 网络管理配置和工具使用问题
回复 | 推荐 | 收藏 | 专题 | 公告 | 管理 | 关闭窗口
主  题:server服务无法启动,试了无数方法!
作  者:loosebird ()
等  级:
信 誉 值:100
所属论坛:Windows专区 网络管理配置和工具使用
问题点数:20
回复次数:2
发表时间:2007-4-1 0:40:03

提示:“错误2,系统找不到指定的文件”试了无数办法都无法解决,求救!已试过以下方法:
1、替换srvsvc.dll
2、卸载本地连接的“文件和打印机共享服务”再安装回来
3、替换注册表windowsnt下svchost的键值
4、替换system32下的svchost.exe
5、替换services.exe
6、sfc /scannow
7、导入别的机器的lanmanserver注册表值
均无效,请问还有什么方法,不要重装!

回复人:mark3798(.net菜鸟) ( ) 信誉:992007-4-1 16:39:13得分:0
?

是不是在开机的时候跳出来的信息?这个问题对你的计算机有什么影响?

Top
回复人:loosebird() ( ) 信誉:1002007-4-2 9:56:36得分:0
?

没有server服务,就不能共享任何东西!

Top


最难的问题是,这次这里一共有三台机,三台机同时这样,server开不了,会报错误2 我不知道这是怎么搞的与那人兄说的一样了,都没办法去修复了...因为是同时的所以我想是不是有什么新洞出来了微软搞不定的啊!你们有见过这样的问题吗?
附上日志一份!还有就是会出现一个riched20.dll错误的.在开MSN时会出来,并MSN也不能开了....都装了正板的,307板的卡吧....
回复

举报

qiqi00612
 楼主| 发表于 2007-9-1 23:33:11 | 显示全部楼层
System Information Collect Tool - Designed By Smallfrogs


20070830-18:04
Windows XP Service Pack 2
Internet Explorer: 6.0.2900.2180


*****************************************************************
       Runing Processes information
*****************************************************************
=====================================================
PROCESS NAME:  System
-----------------------------------------------------
  Process ID  = 0x00000004
  Thread count= 63
  Parent process ID = 0
  Priority Class    = 32


Modules:
------------------------------------


=====================================================
PROCESS NAME:  SMSS.EXE
-----------------------------------------------------
  Process ID  = 0x000001fc
  Thread count= 3
  Parent process ID = 4
  Priority Class    = 32


Modules:
------------------------------------
\SystemRoot\System32\smss.exe (0x48580000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)



=====================================================
PROCESS NAME:  CSRSS.EXE
-----------------------------------------------------
     WARNING: OpenProcess failed with error 5 ()
  Process ID  = 0x00000248
  Thread count= 11
  Parent process ID = 508


Modules:
------------------------------------


=====================================================
PROCESS NAME:  WINLOGON.EXE
-----------------------------------------------------
  Process ID  = 0x00000264
  Thread count= 26
  Parent process ID = 508
  Priority Class    = 128


Modules:
------------------------------------
\??\C:\WINDOWS\system32\winlogon.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\AUTHZ.dll (0x77FE0000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\NDdeApi.dll (0x758A0000)

C:\WINDOWS\system32\PROFMAP.dll (0x75890000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\PSAPI.DLL (0x76BC0000)

C:\WINDOWS\system32\REGAPI.dll (0x76B90000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\MSGINA.dll (0x758D0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\COMCTL32.dll (0x5D170000)

C:\WINDOWS\system32\ODBC32.dll (0x73540000)

C:\WINDOWS\system32\comdlg32.dll (0x76320000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\odbcint.dll (0x20000000)

C:\WINDOWS\system32\SHSVCS.dll (0x76E10000)

C:\WINDOWS\system32\sfc.dll (0x76B80000)

C:\WINDOWS\system32\sfc_os.dll (0x76C30000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\Apphelp.dll (0x76D70000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\WINSCARD.DLL (0x72360000)

C:\WINDOWS\system32\WTSAPI32.dll (0x76F20000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\Ati2evxx.dll (0x10000000)

C:\WINDOWS\system32\rsaenh.dll (0x0FFD0000)

C:\WINDOWS\system32\cscdll.dll (0x76570000)

C:\WINDOWS\system32\klogon.dll (0x00FE0000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\asycfilt.dll (0x70E20000)

C:\WINDOWS\system32\WlNotify.dll (0x758B0000)

C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000)

C:\WINDOWS\system32\MPR.dll (0x71A90000)

C:\WINDOWS\system32\SAMLIB.dll (0x71B70000)

C:\WINDOWS\system32\msv1_0.dll (0x77C40000)

C:\WINDOWS\system32\iphlpapi.dll (0x76D30000)

C:\WINDOWS\system32\cscui.dll (0x76590000)

C:\WINDOWS\system32\xpsp2res.dll (0x01C60000)

C:\WINDOWS\system32\NTMARTA.DLL (0x76CB0000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\system32\sxs.dll (0x75E00000)

C:\WINDOWS\system32\wdmaud.drv (0x72C90000)

C:\WINDOWS\system32\msacm32.drv (0x72C80000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\midimap.dll (0x77BA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)



=====================================================
PROCESS NAME:  SERVICES.EXE
-----------------------------------------------------
  Process ID  = 0x00000290
  Thread count= 16
  Parent process ID = 612
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\services.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\SCESRV.dll (0x75840000)

C:\WINDOWS\system32\AUTHZ.dll (0x77FE0000)

C:\WINDOWS\system32\umpnpmgr.dll (0x7E1E0000)

C:\WINDOWS\system32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\NCObjAPI.DLL (0x5F9A0000)

C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\system32\secur32.dll (0x77FC0000)

C:\WINDOWS\system32\Apphelp.dll (0x76D70000)

C:\WINDOWS\system32\eventlog.dll (0x76CE0000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\PSAPI.DLL (0x76BC0000)

C:\WINDOWS\system32\wtsapi32.dll (0x76F20000)



=====================================================
PROCESS NAME:  LSASS.EXE
-----------------------------------------------------
  Process ID  = 0x0000029c
  Thread count= 20
  Parent process ID = 612
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\lsass.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\LSASRV.dll (0x74480000)

C:\WINDOWS\system32\MPR.dll (0x71A90000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\NTDSAPI.dll (0x76770000)

C:\WINDOWS\system32\DNSAPI.dll (0x76EF0000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\SAMLIB.dll (0x71B70000)

C:\WINDOWS\system32\SAMSRV.dll (0x743A0000)

C:\WINDOWS\system32\cryptdll.dll (0x76760000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\system32\msprivs.dll (0x20000000)

C:\WINDOWS\system32\kerberos.dll (0x71C70000)

C:\WINDOWS\system32\msv1_0.dll (0x77C40000)

C:\WINDOWS\system32\iphlpapi.dll (0x76D30000)

C:\WINDOWS\system32\netlogon.dll (0x74410000)

C:\WINDOWS\system32\w32time.dll (0x76790000)

C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000)

C:\WINDOWS\system32\schannel.dll (0x767C0000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\wdigest.dll (0x742E0000)

C:\WINDOWS\system32\rsaenh.dll (0x0FFD0000)

C:\WINDOWS\system32\scecli.dll (0x74370000)

C:\WINDOWS\system32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\system32\ipsecsvc.dll (0x74340000)

C:\WINDOWS\system32\AUTHZ.dll (0x77FE0000)

C:\WINDOWS\system32\oakley.DLL (0x73ED0000)

C:\WINDOWS\system32\WINIPSEC.DLL (0x742D0000)

C:\WINDOWS\system32\pstorsvc.dll (0x74300000)

C:\WINDOWS\system32\psbase.dll (0x74320000)

C:\WINDOWS\system32\mswsock.dll (0x719C0000)

C:\WINDOWS\system32\hnetcfg.dll (0x60FD0000)

C:\WINDOWS\System32\wshtcpip.dll (0x71A00000)

C:\WINDOWS\system32\dssenh.dll (0x68100000)



=====================================================
PROCESS NAME:  ATI2EVXX.EXE
-----------------------------------------------------
  Process ID  = 0x00000334
  Thread count= 4
  Parent process ID = 656
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\Ati2evxx.exe (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\Ati2edxx.dll (0x003E0000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)



=====================================================
PROCESS NAME:  SVCHOST.EXE
-----------------------------------------------------
  Process ID  = 0x00000340
  Thread count= 17
  Parent process ID = 656
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\svchost.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\system32\NTMARTA.DLL (0x76CB0000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\system32\SAMLIB.dll (0x71B70000)

c:\windows\system32\rpcss.dll (0x76230000)

c:\windows\system32\Secur32.dll (0x77FC0000)

c:\windows\system32\WS2_32.dll (0x71A20000)

c:\windows\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

c:\windows\system32\termsrv.dll (0x761C0000)

c:\windows\system32\ICAAPI.dll (0x74ED0000)

c:\windows\system32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

c:\windows\system32\AUTHZ.dll (0x77FE0000)

c:\windows\system32\mstlsapi.dll (0x75070000)

c:\windows\system32\ACTIVEDS.dll (0x77C90000)

c:\windows\system32\adsldpc.dll (0x76DE0000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

c:\windows\system32\ATL.DLL (0x76AF0000)

C:\WINDOWS\system32\REGAPI.dll (0x76B90000)

C:\WINDOWS\system32\rsaenh.dll (0x0FFD0000)

C:\WINDOWS\system32\Apphelp.dll (0x76D70000)

C:\WINDOWS\system32\msv1_0.dll (0x77C40000)

C:\WINDOWS\system32\iphlpapi.dll (0x76D30000)



=====================================================
PROCESS NAME:  SVCHOST.EXE
-----------------------------------------------------
     WARNING: OpenProcess failed with error 5 ()
  Process ID  = 0x0000037c
  Thread count= 9
  Parent process ID = 656


Modules:
------------------------------------


=====================================================
PROCESS NAME:  SVCHOST.EXE
-----------------------------------------------------
  Process ID  = 0x000003c0
  Thread count= 69
  Parent process ID = 656
  Priority Class    = 32
回复

举报

qiqi00612
 楼主| 发表于 2007-9-1 23:35:00 | 显示全部楼层
Modules:
------------------------------------
C:\WINDOWS\System32\svchost.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\System32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\System32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\System32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\System32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\System32\LPK.DLL (0x62C20000)

C:\WINDOWS\System32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\System32\NTMARTA.DLL (0x76CB0000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\System32\SAMLIB.dll (0x71B70000)

C:\WINDOWS\System32\xpsp2res.dll (0x20000000)

c:\windows\system32\shsvcs.dll (0x76E10000)

C:\WINDOWS\System32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

c:\windows\system32\dhcpcsvc.dll (0x76D50000)

c:\windows\system32\DNSAPI.dll (0x76EF0000)

c:\windows\system32\WS2_32.dll (0x71A20000)

c:\windows\system32\WS2HELP.dll (0x71A10000)

c:\windows\system32\iphlpapi.dll (0x76D30000)

c:\windows\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\System32\rsaenh.dll (0x0FFD0000)

C:\WINDOWS\system32\mswsock.dll (0x719C0000)

C:\WINDOWS\System32\hnetcfg.dll (0x60FD0000)

C:\WINDOWS\System32\wshtcpip.dll (0x71A00000)

c:\windows\system32\wzcsvc.dll (0x77290000)

c:\windows\system32\rtutils.dll (0x76E50000)

c:\windows\system32\WMI.dll (0x76D00000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

c:\windows\system32\WTSAPI32.dll (0x76F20000)

c:\windows\system32\ESENT.dll (0x5DF20000)

c:\windows\system32\ATL.DLL (0x76AF0000)

C:\WINDOWS\System32\rastls.dll (0x75DB0000)

C:\WINDOWS\system32\CRYPTUI.dll (0x75430000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\WININET.dll (0x76680000)

C:\WINDOWS\System32\MPRAPI.dll (0x76D10000)

C:\WINDOWS\System32\ACTIVEDS.dll (0x77C90000)

C:\WINDOWS\System32\adsldpc.dll (0x76DE0000)

C:\WINDOWS\System32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\System32\RASAPI32.dll (0x76EB0000)

C:\WINDOWS\System32\rasman.dll (0x76E60000)

C:\WINDOWS\System32\TAPI32.dll (0x76E80000)

C:\WINDOWS\System32\SCHANNEL.dll (0x767C0000)

C:\WINDOWS\System32\WinSCard.dll (0x72360000)

C:\WINDOWS\System32\raschap.dll (0x75D90000)

C:\WINDOWS\system32\msv1_0.dll (0x77C40000)

C:\WINDOWS\System32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\System32\COMRes.dll (0x77020000)

c:\windows\system32\schedsvc.dll (0x76B40000)

c:\windows\system32\NTDSAPI.dll (0x76770000)

C:\WINDOWS\System32\MSIDLE.DLL (0x74EB0000)

c:\windows\system32\audiosrv.dll (0x70DE0000)

c:\windows\system32\wkssvc.dll (0x76850000)

c:\windows\system32\cryptsvc.dll (0x75EB0000)

c:\windows\system32\certcli.dll (0x752B0000)

c:\windows\system32\netman.dll (0x77CD0000)

c:\windows\system32\netshell.dll (0x74770000)

c:\windows\system32\credui.dll (0x76BD0000)

c:\windows\system32\WZCSAPI.DLL (0x72FA0000)

c:\windows\system32\srvsvc.dll (0x74FF0000)

c:\windows\pchealth\helpctr\binaries\pchsvc.dll (0x74EA0000)

c:\windows\system32\es.dll (0x768A0000)

c:\windows\system32\ersvc.dll (0x74EE0000)

c:\windows\system32\dmserver.dll (0x74EF0000)

c:\windows\system32\seclogon.dll (0x73C90000)

c:\windows\system32\srsvc.dll (0x75100000)

c:\windows\system32\POWRPROF.dll (0x74A30000)

c:\windows\system32\wuauserv.dll (0x50000000)

c:\windows\system32\wbem\wmisvc.dll (0x67180000)

C:\WINDOWS\system32\VSSAPI.DLL (0x75340000)

C:\WINDOWS\system32\wuaueng.dll (0x50040000)

C:\WINDOWS\System32\WINSPOOL.DRV (0x72F70000)

C:\WINDOWS\System32\WINHTTP.dll (0x4A410000)

C:\WINDOWS\System32\Cabinet.dll (0x750B0000)

C:\WINDOWS\System32\mspatcha.dll (0x602D0000)

c:\windows\system32\w32time.dll (0x76790000)

c:\windows\system32\MSVCP60.dll (0x75FF0000)

c:\windows\system32\trkwks.dll (0x74FD0000)

c:\windows\system32\sens.dll (0x72260000)

c:\windows\system32\wscsvc.dll (0x4C1A0000)

c:\windows\system32\msi.dll (0x7C9C0000)

c:\windows\system32\ipnathlp.dll (0x66700000)

c:\windows\system32\AUTHZ.dll (0x77FE0000)

C:\WINDOWS\System32\sfc.dll (0x76B80000)

C:\WINDOWS\System32\sfc_os.dll (0x76C30000)

C:\WINDOWS\system32\wbem\wbemcomn.dll (0x751F0000)

C:\WINDOWS\System32\Wbem\wbemcore.dll (0x75D00000)

C:\WINDOWS\System32\Wbem\esscli.dll (0x75270000)

C:\WINDOWS\System32\Wbem\FastProx.dll (0x755F0000)

C:\WINDOWS\System32\SXS.DLL (0x75E00000)

C:\WINDOWS\system32\wbem\wbemsvc.dll (0x74E30000)

C:\WINDOWS\system32\comsvcs.dll (0x75690000)

C:\WINDOWS\system32\colbact.DLL (0x75090000)

C:\WINDOWS\system32\MTXCLU.DLL (0x75050000)

C:\WINDOWS\system32\WSOCK32.dll (0x71A40000)

C:\WINDOWS\System32\CLUSAPI.DLL (0x762A0000)

C:\WINDOWS\System32\RESUTILS.DLL (0x75010000)

C:\WINDOWS\system32\wbem\wmiutils.dll (0x74F80000)

C:\WINDOWS\system32\wbem\repdrvfs.dll (0x75160000)

C:\WINDOWS\system32\wbem\wmiprvsd.dll (0x594C0000)

C:\WINDOWS\system32\NCObjAPI.DLL (0x5F9A0000)

C:\WINDOWS\system32\upnp.dll (0x76540000)

C:\WINDOWS\system32\SSDPAPI.dll (0x74E60000)

C:\WINDOWS\system32\wbem\wbemess.dll (0x752F0000)

C:\WINDOWS\system32\netcfgx.dll (0x75550000)

C:\WINDOWS\System32\rasadhlp.dll (0x76F90000)

C:\WINDOWS\System32\rasmans.dll (0x7E510000)

C:\WINDOWS\System32\WINIPSEC.DLL (0x742D0000)

c:\windows\system32\tapisrv.dll (0x73350000)

c:\windows\system32\PSAPI.DLL (0x76BC0000)

C:\WINDOWS\System32\rastapi.dll (0x75130000)

C:\WINDOWS\System32\unimdm.tsp (0x57980000)

C:\WINDOWS\System32\uniplat.dll (0x71F90000)

C:\WINDOWS\System32\kmddsp.tsp (0x57A00000)

C:\WINDOWS\System32\ndptsp.tsp (0x579E0000)

C:\WINDOWS\System32\ipconf.tsp (0x57A10000)

C:\WINDOWS\System32\h323.tsp (0x57A30000)

C:\WINDOWS\System32\hidphone.tsp (0x57A20000)

C:\WINDOWS\System32\HID.DLL (0x68BE0000)

C:\WINDOWS\System32\rasppp.dll (0x721D0000)

C:\WINDOWS\System32\ntlsapi.dll (0x72420000)

C:\WINDOWS\system32\kerberos.dll (0x71C70000)

C:\WINDOWS\System32\cryptdll.dll (0x76760000)

C:\WINDOWS\system32\wbem\ncprov.dll (0x5F970000)

C:\WINDOWS\System32\RASDLG.dll (0x754B0000)

C:\WINDOWS\system32\Apphelp.dll (0x76D70000)

c:\windows\system32\appmgmts.dll (0x75190000)

C:\WINDOWS\System32\ipxwan.dll (0x71EF0000)

C:\WINDOWS\System32\adptif.dll (0x71FD0000)



=====================================================
PROCESS NAME:  SVCHOST.EXE
-----------------------------------------------------
     WARNING: OpenProcess failed with error 5 ()
  Process ID  = 0x000003f8
  Thread count= 6
  Parent process ID = 656


Modules:
------------------------------------


=====================================================
PROCESS NAME:  SVCHOST.EXE
-----------------------------------------------------
     WARNING: OpenProcess failed with error 5 ()
  Process ID  = 0x00000434
  Thread count= 14
  Parent process ID = 656


Modules:
------------------------------------


=====================================================
PROCESS NAME:  ATI2EVXX.EXE
-----------------------------------------------------
  Process ID  = 0x00000548
  Thread count= 4
  Parent process ID = 612
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\Ati2evxx.exe (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\Ati2edxx.dll (0x003E0000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\MSCTF.dll (0x74680000)



=====================================================
PROCESS NAME:  EXPLORER.EXE
-----------------------------------------------------
  Process ID  = 0x00000580
  Thread count= 15
  Parent process ID = 1384
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\Explorer.EXE (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\BROWSEUI.dll (0x75EF0000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\SHDOCVW.dll (0x7E550000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\CRYPTUI.dll (0x75430000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\WININET.dll (0x76680000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\appHelp.dll (0x76D70000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\System32\cscui.dll (0x76590000)

C:\WINDOWS\System32\CSCDLL.dll (0x76570000)

C:\WINDOWS\system32\themeui.dll (0x5B680000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\MSIMG32.dll (0x762F0000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

C:\WINDOWS\system32\actxprxy.dll (0x71CC0000)

C:\PROGRA~1\WINDOW~2\wmpband.dll (0x074A0000)

C:\WINDOWS\system32\MPR.dll (0x71A90000)

C:\WINDOWS\system32\msutb.dll (0x5FE40000)

C:\WINDOWS\system32\MSCTF.dll (0x74680000)

C:\WINDOWS\system32\SAMLIB.dll (0x71B70000)

C:\WINDOWS\system32\LINKINFO.dll (0x76950000)

C:\WINDOWS\system32\ntshrui.dll (0x76960000)

C:\WINDOWS\system32\ATL.DLL (0x76AF0000)

C:\WINDOWS\system32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\system32\urlmon.dll (0x75C60000)

C:\WINDOWS\system32\NETSHELL.dll (0x74770000)

C:\WINDOWS\system32\rtutils.dll (0x76E50000)

C:\WINDOWS\system32\credui.dll (0x76BD0000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\iphlpapi.dll (0x76D30000)

C:\WINDOWS\system32\rsaenh.dll (0x0FFD0000)

C:\WINDOWS\system32\msi.dll (0x7C9C0000)

C:\WINDOWS\system32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\webcheck.dll (0x74A90000)

C:\WINDOWS\system32\WSOCK32.dll (0x71A40000)

C:\WINDOWS\system32\stobject.dll (0x74A60000)

C:\WINDOWS\system32\BatMeter.dll (0x74A50000)

C:\WINDOWS\system32\POWRPROF.dll (0x74A30000)

C:\WINDOWS\system32\WTSAPI32.dll (0x76F20000)

C:\WINDOWS\system32\wdmaud.drv (0x72C90000)

C:\WINDOWS\system32\msacm32.drv (0x72C80000)

C:\WINDOWS\system32\midimap.dll (0x77BA0000)

C:\WINDOWS\system32\browselc.dll (0x00FC0000)

C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (0x014C0000)

C:\WINDOWS\system32\SXS.DLL (0x75E00000)

C:\WINDOWS\system32\DUSER.dll (0x6C520000)

C:\WINDOWS\system32\MLANG.dll (0x74CF0000)

C:\WINDOWS\system32\RASAPI32.dll (0x76EB0000)

C:\WINDOWS\system32\rasman.dll (0x76E60000)

C:\WINDOWS\system32\TAPI32.dll (0x76E80000)

C:\WINDOWS\system32\msv1_0.dll (0x77C40000)

C:\WINDOWS\System32\ntlanman.dll (0x71B90000)

C:\WINDOWS\System32\NETUI0.dll (0x71C50000)

C:\WINDOWS\System32\NETUI1.dll (0x71C10000)

C:\WINDOWS\System32\NETRAP.dll (0x71C00000)

C:\WINDOWS\System32\drprov.dll (0x75ED0000)

C:\WINDOWS\System32\davclnt.dll (0x75EE0000)

C:\WINDOWS\system32\MSGINA.dll (0x758D0000)

C:\WINDOWS\system32\ODBC32.dll (0x73540000)

C:\WINDOWS\system32\comdlg32.dll (0x76320000)

C:\WINDOWS\system32\odbcint.dll (0x02C70000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll (0x4AE90000)

C:\Program Files\WinRAR\rarext.dll (0x03950000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll (0x67800000)

C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000)

C:\WINDOWS\system32\syncui.dll (0x71D30000)

C:\WINDOWS\system32\shdoclc.dll (0x02720000)

C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000)

C:\WINDOWS\system32\WZCSAPI.DLL (0x72FA0000)

C:\WINDOWS\system32\sensapi.dll (0x72240000)

C:\WINDOWS\system32\RASDLG.dll (0x754B0000)

C:\WINDOWS\system32\MPRAPI.dll (0x76D10000)

C:\WINDOWS\system32\ACTIVEDS.dll (0x77C90000)

C:\WINDOWS\system32\adsldpc.dll (0x76DE0000)

C:\WINDOWS\system32\netman.dll (0x77CD0000)

C:\WINDOWS\system32\WZCSvc.DLL (0x77290000)

C:\WINDOWS\system32\WMI.dll (0x76D00000)

C:\WINDOWS\system32\DHCPCSVC.DLL (0x76D50000)

C:\WINDOWS\system32\DNSAPI.dll (0x76EF0000)

C:\WINDOWS\system32\ESENT.dll (0x5DF20000)

C:\WINDOWS\system32\twext.dll (0x42E00000)

C:\WINDOWS\system32\DSOUND.dll (0x73E70000)

C:\WINDOWS\system32\printui.dll (0x74AE0000)

C:\WINDOWS\system32\CFGMGR32.dll (0x74A40000)

C:\WINDOWS\system32\sti.dll (0x73B10000)

C:\WINDOWS\system32\hnetcfg.dll (0x60FD0000)

C:\WINDOWS\system32\wbem\wbemprox.dll (0x74E50000)

C:\WINDOWS\system32\wbem\wbemcomn.dll (0x751F0000)

C:\WINDOWS\system32\wbem\wbemsvc.dll (0x74E30000)

C:\WINDOWS\system32\wbem\fastprox.dll (0x755F0000)

C:\WINDOWS\system32\NTDSAPI.dll (0x76770000)

C:\WINDOWS\system32\netcfgx.dll (0x75550000)

C:\WINDOWS\system32\CLUSAPI.dll (0x762A0000)

C:\WINDOWS\system32\Cabinet.dll (0x750B0000)

C:\WINDOWS\system32\MSWSOCK.dll (0x719C0000)

C:\Program Files\Microsoft Office\OFFICE11\msohev.dll (0x325C0000)

C:\WINDOWS\system32\wiashext.dll (0x5A540000)
回复

举报

qiqi00612
 楼主| 发表于 2007-9-1 23:35:56 | 显示全部楼层
=====================================================
PROCESS NAME:  SPOOLSV.EXE
-----------------------------------------------------
  Process ID  = 0x0000059c
  Thread count= 14
  Parent process ID = 656
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\spoolsv.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\system32\SPOOLSS.DLL (0x74240000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\DNSAPI.dll (0x76EF0000)

C:\WINDOWS\system32\rasadhlp.dll (0x76F90000)

C:\WINDOWS\system32\localspl.dll (0x74C10000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\sfc_os.dll (0x76C30000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\winspool.drv (0x72F70000)

C:\WINDOWS\system32\netapi32.dll (0x5FDD0000)

C:\WINDOWS\system32\cnbjmon.dll (0x74200000)

C:\WINDOWS\system32\HPBMMON.DLL (0x10000000)

C:\WINDOWS\system32\hpdomon.dll (0x00AF0000)

C:\WINDOWS\system32\pjlmon.dll (0x741E0000)

C:\WINDOWS\system32\usbmon.dll (0x72380000)

C:\WINDOWS\system32\HPBHealr.dll (0x67200000)

C:\WINDOWS\system32\mdimon.dll (0x00FE0000)

C:\WINDOWS\system32\msi.dll (0x7C9C0000)

C:\WINDOWS\system32\tcpmon.dll (0x72390000)

C:\WINDOWS\System32\spool\PRTPROCS\W32X86\HPPRN05.DLL (0x01450000)

C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll (0x00FF0000)

C:\WINDOWS\System32\mswsock.dll (0x719C0000)

C:\WINDOWS\System32\winrnr.dll (0x76F80000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\system32\win32spl.dll (0x75AC0000)

C:\WINDOWS\system32\NETRAP.dll (0x71C00000)

C:\WINDOWS\system32\NTDSAPI.dll (0x76770000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\inetpp.dll (0x74260000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

C:\WINDOWS\system32\setupapi.dll (0x76060000)

C:\WINDOWS\system32\hpbmmjno.dll (0x01540000)

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRVUI.DLL (0x766E0000)

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL (0x76720000)



=====================================================
PROCESS NAME:  AVP.EXE
-----------------------------------------------------
  Process ID  = 0x00000680
  Thread count= 0
  Parent process ID = 1408
  Priority Class    = 32


Modules:
------------------------------------
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll (0x66600000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\FSSync.dll (0x63B00000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\AVPGS.PPL (0x61F00000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll (0x64D00000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl (0x64A00000)

C:\WINDOWS\system32\userenv.dll (0x759D0000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl (0x66900000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl (0x66200000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\winreg.ppl (0x69500000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avpgui.ppl (0x62000000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\basegui.dll (0x62600000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\OLEPRO32.DLL (0x5EFE0000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl (0x65B00000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl (0x63A00000)

C:\WINDOWS\system32\MSCTF.dll (0x74680000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\thpimpl.ppl (0x68000000)

C:\WINDOWS\system32\wtsapi32.dll (0x76F20000)

C:\WINDOWS\system32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\qb.ppl (0x66A00000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\inflate.ppl (0x64800000)

C:\WINDOWS\system32\winmm.dll (0x76B10000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\wdmaud.drv (0x72C90000)

C:\WINDOWS\system32\msacm32.drv (0x72C80000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\midimap.dll (0x77BA0000)

C:\WINDOWS\system32\msi.dll (0x7C9C0000)

C:\WINDOWS\system32\SXS.DLL (0x75E00000)



=====================================================
PROCESS NAME:  CTFMON.EXE
-----------------------------------------------------
  Process ID  = 0x00000690
  Thread count= 1
  Parent process ID = 1408
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\ctfmon.exe (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\MSCTF.dll (0x74680000)

C:\WINDOWS\system32\MSUTB.dll (0x5FE40000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)
回复

举报

qiqi00612
 楼主| 发表于 2007-9-1 23:37:00 | 显示全部楼层
=====================================================
PROCESS NAME:  AVP.EXE
-----------------------------------------------------
  Process ID  = 0x0000075c
  Thread count= 0
  Parent process ID = 656
  Priority Class    = 32


Modules:
------------------------------------
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll (0x66600000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\FSSync.dll (0x63B00000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\AVPGS.PPL (0x61F00000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll (0x64D00000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl (0x64A00000)

C:\WINDOWS\system32\userenv.dll (0x759D0000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl (0x66900000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl (0x66200000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\winreg.ppl (0x69500000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tm.ppl (0x68200000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl (0x65B00000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl (0x63A00000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\bl.ppl (0x62800000)

C:\WINDOWS\system32\iphlpapi.dll (0x76D30000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\wmihlpr.ppl (0x69600000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\ndetect.ppl (0x65900000)

C:\WINDOWS\system32\wininet.dll (0x76680000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\crpthlpr.ppl (0x63100000)

C:\WINDOWS\system32\wtsapi32.dll (0x76F20000)

C:\WINDOWS\system32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\schedule.ppl (0x67100000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\timer.ppl (0x68100000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\thpimpl.ppl (0x68000000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\lic60.ppl (0x64C00000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\report.ppl (0x66E00000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\hashmd5.ppl (0x63F00000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avs.ppl (0x62200000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avpmgr.ppl (0x62100000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\wdiskio.ppl (0x69300000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avlib.ppl (0x61B00000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avspm.ppl (0x62300000)

C:\WINDOWS\system32\psapi.dll (0x76BC0000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avp3info.ppl (0x61E00000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\og.ppl (0x66100000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\oas.ppl (0x65F00000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\procmon.ppl (0x00CF0000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\sc.ppl (0x67400000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\httpscan.ppl (0x64200000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klaveng.dll (0x10000000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\mc.ppl (0x64E00000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\dtreg.ppl (0x63600000)

C:\WINDOWS\system32\fltlib.dll (0x4AA90000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\prutil.ppl (0x69100000)

C:\WINDOWS\system32\rsaenh.dll (0x0FFD0000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avp1.ppl (0x61C00000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\l_llio.ppl (0x64B00000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\ichk2.ppl (0x64400000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\sfdb.ppl (0x67700000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\icheckersa.ppl (0x64500000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\smtpprotocoller.ppl (0x67900000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\httpanlz.ppl (0x64100000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pop3protocoller.ppl (0x66500000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\trafficmonitor2.ppl (0x68300000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\CKAHUM.dll (0x05360000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\CKAHComm.dll (0x00D00000)

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\ckahrule.dll (0x00D10000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\imapprotocoller.ppl (0x64700000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nntpprotocoller.ppl (0x65C00000)

C:\WINDOWS\system32\mswsock.dll (0x719C0000)

C:\WINDOWS\system32\hnetcfg.dll (0x60FD0000)

C:\WINDOWS\System32\wshtcpip.dll (0x71A00000)

c:\program files\kaspersky lab\kaspersky anti-virus 6.0\qb.ppl (0x66A00000)



=====================================================
PROCESS NAME:  SVCHOST.EXE
-----------------------------------------------------
  Process ID  = 0x000007d8
  Thread count= 6
  Parent process ID = 656
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\svchost.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

c:\windows\system32\wiaservc.dll (0x749C0000)

c:\windows\system32\CFGMGR32.dll (0x74A40000)

C:\WINDOWS\system32\setupapi.dll (0x76060000)

c:\windows\system32\mscms.dll (0x73AA0000)

c:\windows\system32\WINSPOOL.DRV (0x72F70000)

c:\windows\system32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\hpgwiamd.dll (0x10000000)

C:\WINDOWS\system32\actxprxy.dll (0x71CC0000)

C:\WINDOWS\system32\sti.dll (0x73B10000)



=====================================================
PROCESS NAME:  WDFMGR.EXE
-----------------------------------------------------
     WARNING: OpenProcess failed with error 5 ()
  Process ID  = 0x000000b4
  Thread count= 4
  Parent process ID = 656


Modules:
------------------------------------


=====================================================
PROCESS NAME:  CONIME.EXE
-----------------------------------------------------
  Process ID  = 0x00000b14
  Thread count= 1
  Parent process ID = 3400
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\conime.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\IMM32.dll (0x76300000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\system32\MSCTF.dll (0x74680000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)



=====================================================
PROCESS NAME:  DS.EXE
-----------------------------------------------------
  Process ID  = 0x000008c8
  Thread count= 1
  Parent process ID = 3000
  Priority Class    = 32


Modules:
------------------------------------
C:\Program Files\Super Rabbit\MagicSet\DS.EXE (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\MSVBVM60.DLL (0x73390000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\vb6chs.dll (0x66630000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\MSCTF.dll (0x74680000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)
回复

举报

qiqi00612
 楼主| 发表于 2007-9-1 23:37:50 | 显示全部楼层
=====================================================
PROCESS NAME:  mmc.exe
-----------------------------------------------------
  Process ID  = 0x00000dcc
  Thread count= 7
  Parent process ID = 1408
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\mmc.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\MFC42u.DLL (0x5F800000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\MSVCP60.dll (0x75FF0000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\OLEACC.dll (0x74BE0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\mmcbase.DLL (0x72780000)

C:\WINDOWS\system32\comdlg32.dll (0x76320000)

C:\WINDOWS\system32\COMCTL32.dll (0x5D170000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\MFC42LOC.DLL (0x61BE0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\MSCTF.dll (0x74680000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

C:\WINDOWS\system32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\System32\mmcndmgr.dll (0x7D0E0000)

C:\WINDOWS\system32\urlmon.dll (0x75C60000)

C:\WINDOWS\system32\msxml3.dll (0x5DD50000)

C:\WINDOWS\system32\mycomput.dll (0x725B0000)

C:\WINDOWS\system32\ATL.DLL (0x76AF0000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\ntmsmgr.dll (0x72520000)

C:\WINDOWS\system32\NTMSAPI.dll (0x725A0000)

C:\WINDOWS\system32\dfrgsnap.dll (0x6D750000)

C:\WINDOWS\system32\DfrgRes.dll (0x6D760000)

C:\WINDOWS\System32\dmdskmgr.dll (0x74720000)

C:\WINDOWS\System32\dmutil.dll (0x72970000)

C:\WINDOWS\system32\DMDskRes.dll (0x72990000)

C:\WINDOWS\system32\els.dll (0x739B0000)

C:\WINDOWS\system32\NTDSAPI.dll (0x76770000)

C:\WINDOWS\system32\DNSAPI.dll (0x76EF0000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\ACTIVEDS.dll (0x77C90000)

C:\WINDOWS\system32\adsldpc.dll (0x76DE0000)

C:\WINDOWS\system32\MPR.dll (0x71A90000)

C:\WINDOWS\system32\filemgmt.dll (0x728E0000)

C:\WINDOWS\system32\CFGMGR32.dll (0x74A40000)

C:\WINDOWS\system32\localsec.dll (0x728A0000)

C:\WINDOWS\system32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\adsnt.dll (0x74280000)

C:\WINDOWS\system32\RASSAPI.dll (0x724B0000)

C:\WINDOWS\system32\MPRAPI.dll (0x76D10000)

C:\WINDOWS\system32\rtutils.dll (0x76E50000)

C:\WINDOWS\system32\SAMLIB.dll (0x71B70000)

C:\WINDOWS\system32\SXS.DLL (0x75E00000)

C:\WINDOWS\system32\smlogcfg.dll (0x72450000)

C:\WINDOWS\system32\pdh.dll (0x724C0000)

C:\WINDOWS\system32\ODBC32.dll (0x73540000)

C:\WINDOWS\system32\odbcbcp.dll (0x4B4F0000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\odbcint.dll (0x00FE0000)

C:\WINDOWS\system32\devmgr.dll (0x72A00000)

C:\WINDOWS\system32\WMI.dll (0x76D00000)

C:\WINDOWS\system32\mlang.dll (0x74CF0000)

C:\WINDOWS\system32\dmocx.dll (0x6CD70000)

C:\WINDOWS\system32\wbem\wbemcntl.dll (0x5B8D0000)

C:\WINDOWS\system32\CIAdmin.dll (0x6F8A0000)

C:\WINDOWS\system32\query.dll (0x7D420000)

C:\WINDOWS\system32\shdocvw.dll (0x7E550000)

C:\WINDOWS\system32\CRYPTUI.dll (0x75430000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\WININET.dll (0x76680000)

C:\WINDOWS\system32\shdoclc.dll (0x02070000)

C:\WINDOWS\system32\mshtml.dll (0x7E210000)

C:\WINDOWS\system32\msls31.dll (0x74620000)

C:\WINDOWS\system32\PSAPI.DLL (0x76BC0000)

C:\WINDOWS\system32\msimtf.dll (0x74650000)

C:\WINDOWS\system32\jscript.dll (0x75BC0000)

C:\WINDOWS\system32\appHelp.dll (0x76D70000)

C:\WINDOWS\system32\mshtmled.dll (0x753B0000)

C:\WINDOWS\system32\wdmaud.drv (0x72C90000)

C:\WINDOWS\system32\msacm32.drv (0x72C80000)

C:\WINDOWS\system32\midimap.dll (0x77BA0000)

C:\WINDOWS\system32\snmpsnap.dll (0x5C540000)

C:\WINDOWS\system32\servdeps.dll (0x5CE40000)

C:\WINDOWS\system32\MMFUtil.DLL (0x61960000)

C:\WINDOWS\system32\wbem\wbemprox.dll (0x74E50000)

C:\WINDOWS\system32\wbem\wbemcomn.dll (0x751F0000)

C:\WINDOWS\system32\wbem\wbemsvc.dll (0x74E30000)

C:\WINDOWS\system32\wbem\fastprox.dll (0x755F0000)



=====================================================
PROCESS NAME:  SVCHOST.EXE
-----------------------------------------------------
  Process ID  = 0x00000ce0
  Thread count= 8
  Parent process ID = 656
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\System32\svchost.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\System32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\System32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\System32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\System32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\System32\LPK.DLL (0x62C20000)

C:\WINDOWS\System32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\System32\NTMARTA.DLL (0x76CB0000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\System32\SAMLIB.dll (0x71B70000)

C:\WINDOWS\System32\xpsp2res.dll (0x20000000)

c:\windows\system32\w3ssl.dll (0x5AAD0000)

C:\WINDOWS\System32\strmfilt.dll (0x6F620000)

C:\WINDOWS\System32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\System32\HTTPAPI.dll (0x67860000)

C:\WINDOWS\System32\WS2_32.dll (0x71A20000)

C:\WINDOWS\System32\WS2HELP.dll (0x71A10000)



=====================================================
PROCESS NAME:  msiexec.exe
-----------------------------------------------------
  Process ID  = 0x00000b64
  Thread count= 4
  Parent process ID = 656
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\msiexec.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\msi.dll (0x7C9C0000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\xpsp2res.dll (0x20000000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\secur32.dll (0x77FC0000)

C:\WINDOWS\system32\netapi32.dll (0x5FDD0000)

C:\WINDOWS\system32\sfc_os.dll (0x76C30000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\APPHELP.DLL (0x76D70000)

C:\WINDOWS\system32\SXS.DLL (0x75E00000)

C:\WINDOWS\system32\perfproc.dll (0x5E8E0000)

C:\WINDOWS\system32\SRCLIENT.DLL (0x5C120000)

C:\WINDOWS\System32\Wbem\framedyn.dll (0x695D0000)

C:\WINDOWS\system32\LINKINFO.dll (0x76950000)

C:\WINDOWS\system32\ntshrui.dll (0x76960000)

C:\WINDOWS\system32\ATL.DLL (0x76AF0000)

C:\WINDOWS\system32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\system32\WINSTA.DLL (0x762D0000)



=====================================================
PROCESS NAME:  locator.exe
-----------------------------------------------------
     WARNING: OpenProcess failed with error 5 ()
  Process ID  = 0x00000894
  Thread count= 3
  Parent process ID = 656


Modules:
------------------------------------


=====================================================
PROCESS NAME:  netdde.exe
-----------------------------------------------------
  Process ID  = 0x00000944
  Thread count= 10
  Parent process ID = 656
  Priority Class    = 32


Modules:
------------------------------------
C:\WINDOWS\system32\netdde.exe (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\NDdeApi.dll (0x758A0000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\ShimEng.dll (0x5CC30000)

C:\WINDOWS\AppPatch\AcGenral.DLL (0x58FB0000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\UxTheme.dll (0x5ADC0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\system32\NDDENB32.dll (0x5F930000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)
回复

举报

qiqi00612
 楼主| 发表于 2007-9-1 23:38:14 | 显示全部楼层
=====================================================
PROCESS NAME:  alg.exe
-----------------------------------------------------
     WARNING: OpenProcess failed with error 5 ()
  Process ID  = 0x00000c00
  Thread count= 5
  Parent process ID = 656


Modules:
------------------------------------


=====================================================
PROCESS NAME:  iexplore.exe
-----------------------------------------------------
  Process ID  = 0x00000ff4
  Thread count= 20
  Parent process ID = 1408
  Priority Class    = 32


Modules:
------------------------------------
C:\Program Files\Internet Explorer\IEXPLORE.EXE (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\SHDOCVW.dll (0x7E550000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\CRYPTUI.dll (0x75430000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\WININET.dll (0x76680000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\comctl32.dll (0x5D170000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\MSCTF.dll (0x74680000)

C:\WINDOWS\system32\BROWSEUI.dll (0x75EF0000)

C:\WINDOWS\system32\browselc.dll (0x20000000)

C:\WINDOWS\system32\appHelp.dll (0x76D70000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\system32\urlmon.dll (0x75C60000)

C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (0x10000000)

C:\WINDOWS\system32\mshtml.dll (0x7E210000)

C:\WINDOWS\system32\msls31.dll (0x74620000)

C:\WINDOWS\system32\PSAPI.DLL (0x76BC0000)

C:\WINDOWS\system32\SXS.DLL (0x75E00000)

C:\WINDOWS\system32\shdoclc.dll (0x01010000)

C:\WINDOWS\system32\xpsp2res.dll (0x01BC0000)

C:\WINDOWS\system32\mlang.dll (0x74CF0000)

C:\WINDOWS\system32\msi.dll (0x7C9C0000)

C:\WINDOWS\system32\msimtf.dll (0x74650000)

C:\Program Files\Microsoft Office\OFFICE11\msohev.dll (0x325C0000)

C:\WINDOWS\system32\MPR.dll (0x71A90000)

C:\WINDOWS\System32\ntlanman.dll (0x71B90000)

C:\WINDOWS\System32\NETUI0.dll (0x71C50000)

C:\WINDOWS\System32\NETUI1.dll (0x71C10000)

C:\WINDOWS\System32\NETRAP.dll (0x71C00000)

C:\WINDOWS\System32\SAMLIB.dll (0x71B70000)

C:\WINDOWS\System32\drprov.dll (0x75ED0000)

C:\WINDOWS\System32\davclnt.dll (0x75EE0000)

C:\WINDOWS\system32\MSGINA.dll (0x758D0000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\ODBC32.dll (0x73540000)

C:\WINDOWS\system32\comdlg32.dll (0x76320000)

C:\WINDOWS\system32\odbcint.dll (0x02820000)

C:\WINDOWS\system32\sti.dll (0x73B10000)

C:\WINDOWS\system32\CFGMGR32.dll (0x74A40000)

C:\WINDOWS\system32\WINMM.dll (0x76B10000)

C:\WINDOWS\system32\wdmaud.drv (0x72C90000)

C:\WINDOWS\system32\msacm32.drv (0x72C80000)

C:\WINDOWS\system32\MSACM32.dll (0x77BB0000)

C:\WINDOWS\system32\midimap.dll (0x77BA0000)

C:\WINDOWS\system32\wsock32.dll (0x71A40000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\mswsock.dll (0x719C0000)

C:\WINDOWS\system32\hnetcfg.dll (0x60FD0000)

C:\WINDOWS\System32\wshtcpip.dll (0x71A00000)

C:\WINDOWS\system32\RASAPI32.DLL (0x76EB0000)

C:\WINDOWS\system32\rasman.dll (0x76E60000)

C:\WINDOWS\system32\TAPI32.dll (0x76E80000)

C:\WINDOWS\system32\rtutils.dll (0x76E50000)

C:\WINDOWS\system32\msv1_0.dll (0x77C40000)

C:\WINDOWS\system32\iphlpapi.dll (0x76D30000)

C:\WINDOWS\system32\sensapi.dll (0x72240000)

C:\WINDOWS\system32\DNSAPI.dll (0x76EF0000)

C:\WINDOWS\system32\rasadhlp.dll (0x76F90000)

C:\WINDOWS\system32\jscript.dll (0x75BC0000)

C:\WINDOWS\system32\msxml3.dll (0x5DD50000)

C:\WINDOWS\system32\ImgUtil.dll (0x66B50000)

C:\WINDOWS\system32\pngfilt.dll (0x5E400000)

C:\WINDOWS\system32\JPWB.IME (0x73900000)

C:\WINDOWS\system32\actxprxy.dll (0x71CC0000)

C:\WINDOWS\system32\iepeers.dll (0x67140000)

C:\WINDOWS\system32\WINSPOOL.DRV (0x72F70000)

C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx (0x30000000)

C:\WINDOWS\system32\schannel.dll (0x767C0000)

C:\WINDOWS\system32\dxtrans.dll (0x6C140000)

C:\WINDOWS\system32\ATL.DLL (0x76AF0000)

C:\WINDOWS\system32\ddrawex.dll (0x6D7C0000)

C:\WINDOWS\system32\DDRAW.dll (0x736D0000)

C:\WINDOWS\system32\DCIMAN32.dll (0x73B30000)

C:\WINDOWS\system32\dxtmsft.dll (0x6C180000)

C:\WINDOWS\system32\dispex.dll (0x6CFD0000)



=====================================================
PROCESS NAME:  autoruns.exe
-----------------------------------------------------
  Process ID  = 0x00000470
  Thread count= 1
  Parent process ID = 1408
  Priority Class    = 32


Modules:
------------------------------------
L:\恶意软件清理\Autoruns861-YYZ\autoruns.exe (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll (0x77180000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\WS2_32.dll (0x71A20000)

C:\WINDOWS\system32\WS2HELP.dll (0x71A10000)

C:\WINDOWS\system32\comdlg32.dll (0x76320000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\ole32.dll (0x76990000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\Wintrust.dll (0x76C00000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\MSCTF.dll (0x74680000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\mstask.dll (0x746D0000)

C:\WINDOWS\system32\NTDSAPI.dll (0x76770000)

C:\WINDOWS\system32\DNSAPI.dll (0x76EF0000)

C:\WINDOWS\system32\WLDAP32.dll (0x76F30000)

C:\WINDOWS\system32\NETAPI32.dll (0x5FDD0000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\MPR.dll (0x71A90000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\system32\appHelp.dll (0x76D70000)

C:\WINDOWS\system32\shdocvw.dll (0x7E550000)

C:\WINDOWS\system32\CRYPTUI.dll (0x75430000)

C:\WINDOWS\system32\WININET.dll (0x76680000)



=====================================================
PROCESS NAME:  1IceSword.exe
-----------------------------------------------------
     WARNING: OpenProcess failed with error 998 ()
  Process ID  = 0x00000884
  Thread count= 2
  Parent process ID = 1408


Modules:
------------------------------------


=====================================================
PROCESS NAME:  WinRAR.exe
-----------------------------------------------------
  Process ID  = 0x00000d9c
  Thread count= 5
  Parent process ID = 1408
  Priority Class    = 32


Modules:
------------------------------------
C:\Program Files\WinRAR\WinRAR.exe (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\ADVAPI32.DLL (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.DLL (0x77180000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\COMDLG32.DLL (0x76320000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\OLE32.DLL (0x76990000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\MSCTF.dll (0x74680000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\appHelp.dll (0x76D70000)

C:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000)

C:\WINDOWS\system32\COMRes.dll (0x77020000)

C:\WINDOWS\system32\OLEAUT32.dll (0x770F0000)

C:\WINDOWS\system32\VERSION.dll (0x77BD0000)

C:\WINDOWS\System32\cscui.dll (0x76590000)

C:\WINDOWS\System32\CSCDLL.dll (0x76570000)

C:\WINDOWS\system32\SETUPAPI.dll (0x76060000)

C:\WINDOWS\system32\netapi32.dll (0x5FDD0000)

C:\WINDOWS\system32\MPR.dll (0x71A90000)

C:\WINDOWS\System32\ntlanman.dll (0x71B90000)

C:\WINDOWS\System32\NETUI0.dll (0x71C50000)

C:\WINDOWS\System32\NETUI1.dll (0x71C10000)

C:\WINDOWS\System32\NETRAP.dll (0x71C00000)

C:\WINDOWS\System32\SAMLIB.dll (0x71B70000)

C:\WINDOWS\System32\drprov.dll (0x75ED0000)

C:\WINDOWS\System32\davclnt.dll (0x75EE0000)

C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll (0x5A500000)

C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll (0x78130000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll (0x4AE90000)

C:\WINDOWS\system32\shgina.dll (0x73CE0000)

C:\WINDOWS\system32\MSGINA.dll (0x758D0000)

C:\WINDOWS\system32\USERENV.dll (0x759D0000)

C:\WINDOWS\system32\WINSTA.dll (0x762D0000)

C:\WINDOWS\system32\ODBC32.dll (0x73540000)

C:\WINDOWS\system32\odbcint.dll (0x20000000)

C:\WINDOWS\system32\Secur32.dll (0x77FC0000)

C:\WINDOWS\system32\Audiodev.dll (0x092D0000)

C:\WINDOWS\system32\WMVCore.DLL (0x086C0000)

C:\WINDOWS\system32\WMASF.DLL (0x070D0000)

C:\WINDOWS\system32\WINTRUST.dll (0x76C00000)

C:\WINDOWS\system32\CRYPT32.dll (0x765E0000)

C:\WINDOWS\system32\MSASN1.dll (0x76DB0000)

C:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000)

C:\WINDOWS\system32\wiashext.dll (0x01330000)

C:\WINDOWS\system32\WININET.dll (0x76680000)

C:\WINDOWS\system32\xpsp2res.dll (0x01470000)

C:\WINDOWS\system32\sti.dll (0x73B10000)

C:\WINDOWS\system32\CFGMGR32.dll (0x74A40000)

C:\WINDOWS\system32\urlmon.dll (0x75C60000)



=====================================================
PROCESS NAME:  SysInfoCollect.EXE
-----------------------------------------------------
  Process ID  = 0x00000fd4
  Thread count= 1
  Parent process ID = 3484
  Priority Class    = 32


Modules:
------------------------------------
C:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX00.797\系统信息收集\SysInfoCollect.EXE (0x00400000)

C:\WINDOWS\system32\ntdll.dll (0x7C920000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\PSAPI.DLL (0x76BC0000)

C:\WINDOWS\system32\MFC42.DLL (0x73D30000)

C:\WINDOWS\system32\msvcrt.dll (0x77BE0000)

C:\WINDOWS\system32\GDI32.dll (0x77EF0000)

C:\WINDOWS\system32\USER32.dll (0x77D10000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E50000)

C:\WINDOWS\system32\SHELL32.dll (0x7D590000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F40000)

C:\WINDOWS\system32\IMM32.DLL (0x76300000)

C:\WINDOWS\system32\LPK.DLL (0x62C20000)

C:\WINDOWS\system32\USP10.dll (0x73FA0000)

C:\WINDOWS\system32\MFC42LOC.DLL (0x61BE0000)

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (0x77180000)

C:\WINDOWS\system32\uxtheme.dll (0x5ADC0000)

C:\WINDOWS\system32\MSCTF.dll (0x74680000)

C:\WINDOWS\system32\msctfime.ime (0x73640000)

C:\WINDOWS\system32\ole32.dll (0x76990000)
回复

举报

qiqi00612
 楼主| 发表于 2007-9-1 23:38:46 | 显示全部楼层
*****************************************************************
       Local Win32 Service information
*****************************************************************
  Adobe LM Service                                   [Adobe LM Service                        ]  <Stopped>, Binpath = "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
  Alerter                                            [Alerter                                 ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService
  Application Layer Gateway Service                  [ALG                                     ]  <Running>, Binpath = C:\WINDOWS\System32\alg.exe
  Application Management                             [AppMgmt                                 ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Ati HotKey Poller                                  [Ati HotKey Poller                       ]  <Running>, Binpath = C:\WINDOWS\system32\Ati2evxx.exe
  ATI Smart                                          [ATI Smart                               ]  <Stopped>, Binpath = C:\WINDOWS\system32\ati2sgag.exe
  Windows Audio                                      [AudioSrv                                ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  卡巴斯基反病毒6.0                                  [AVP                                     ]  <Running>, Binpath = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r
  Background Intelligent Transfer Service            [BITS                                    ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Computer Browser                                   [Browser                                 ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Indexing Service                                   [CiSvc                                   ]  <Stopped>, Binpath = C:\WINDOWS\system32\cisvc.exe
  ClipBook                                           [ClipSrv                                 ]  <Stopped>, Binpath = C:\WINDOWS\system32\clipsrv.exe
  COM+ System Application                            [COMSysApp                               ]  <Stopped>, Binpath = C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
  Cryptographic Services                             [CryptSvc                                ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  DCOM Server Process Launcher                       [DcomLaunch                              ]  <Running>, Binpath = C:\WINDOWS\system32\svchost -k DcomLaunch
  DHCP Client                                        [Dhcp                                    ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Logical Disk Manager Administrative Service        [dmadmin                                 ]  <Stopped>, Binpath = C:\WINDOWS\System32\dmadmin.exe /com
  Logical Disk Manager                               [dmserver                                ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  DNS Client                                         [Dnscache                                ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k NetworkService
  Error Reporting Service                            [ERSvc                                   ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Event Log                                          [Eventlog                                ]  <Running>, Binpath = C:\WINDOWS\system32\services.exe
  COM+ Event System                                  [EventSystem                             ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Fast User Switching Compatibility                  [FastUserSwitchingCompatibility          ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Help and Support                                   [helpsvc                                 ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Human Interface Device Access                      [HidServ                                 ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  HTTP SSL                                           [HTTPFilter                              ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k HTTPFilter
  IMAPI CD-Burning COM Service                       [ImapiService                            ]  <Stopped>, Binpath = C:\WINDOWS\system32\imapi.exe
  Server                                             [LanmanServer                            ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Workstation                                        [LanmanWorkstation                       ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  TCP/IP NetBIOS Helper                              [LmHosts                                 ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService
  Messenger                                          [Messenger                               ]  <Stopped>, Binpath = \SystemRoot\C:\WINDOWS\system32\svchost.exe -k netsvcs
  NetMeeting Remote Desktop Sharing                  [mnmsrvc                                 ]  <Stopped>, Binpath = C:\WINDOWS\system32\mnmsrvc.exe
  Distributed Transaction Coordinator                [MSDTC                                   ]  <Stopped>, Binpath = C:\WINDOWS\system32\msdtc.exe
  Windows Installer                                  [MSIServer                               ]  <Running>, Binpath = C:\WINDOWS\system32\msiexec.exe /V
  Network DDE                                        [NetDDE                                  ]  <Running>, Binpath = C:\WINDOWS\system32\netdde.exe
  Network DDE DSDM                                   [NetDDEdsdm                              ]  <Running>, Binpath = C:\WINDOWS\system32\netdde.exe
  Net Logon                                          [Netlogon                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\lsass.exe
  Network Connections                                [Netman                                  ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Network Location Awareness (NLA)                   [Nla                                     ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  NT LM Security Support Provider                    [NtLmSsp                                 ]  <Stopped>, Binpath = C:\WINDOWS\system32\lsass.exe
  Removable Storage                                  [NtmsSvc                                 ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Office Source Engine                               [ose                                     ]  <Stopped>, Binpath = "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
  Plug and Play                                      [PlugPlay                                ]  <Running>, Binpath = C:\WINDOWS\system32\services.exe
  Pml Driver HPZ12                                   [Pml Driver HPZ12                        ]  <Stopped>, Binpath = C:\WINDOWS\system32\HPZipm12.exe
  IPSEC Services                                     [PolicyAgent                             ]  <Running>, Binpath = C:\WINDOWS\system32\lsass.exe
  Protected Storage                                  [ProtectedStorage                        ]  <Running>, Binpath = C:\WINDOWS\system32\lsass.exe
  Remote Access Auto Connection Manager              [RasAuto                                 ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Remote Access Connection Manager                   [RasMan                                  ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Remote Desktop Help Session Manager                [RDSessMgr                               ]  <Stopped>, Binpath = C:\WINDOWS\system32\sessmgr.exe
  Routing and Remote Access                          [RemoteAccess                            ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Remote Registry                                    [RemoteRegistry                          ]  <Others >, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService
  Remote Procedure Call (RPC) Locator                [RpcLocator                              ]  <Running>, Binpath = C:\WINDOWS\system32\locator.exe
  Remote Procedure Call (RPC)                        [RpcSs                                   ]  <Running>, Binpath = C:\WINDOWS\system32\svchost -k rpcss
  QoS RSVP                                           [RSVP                                    ]  <Stopped>, Binpath = C:\WINDOWS\system32\rsvp.exe
  Security Accounts Manager                          [SamSs                                   ]  <Running>, Binpath = C:\WINDOWS\system32\lsass.exe
  Smart Card                                         [SCardSvr                                ]  <Stopped>, Binpath = C:\WINDOWS\System32\SCardSvr.exe
  Task Scheduler                                     [Schedule                                ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Secondary Logon                                    [seclogon                                ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  System Event Notification                          [SENS                                    ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  SentinelProtectionServer                           [SentinelProtectionServer                ]  <Stopped>, Binpath = "C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe"
  Windows Firewall/Internet Connection Sharing (ICS) [SharedAccess                            ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Shell Hardware Detection                           [ShellHWDetection                        ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Print Spooler                                      [Spooler                                 ]  <Running>, Binpath = C:\WINDOWS\system32\spoolsv.exe
  System Restore Service                             [srservice                               ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  SSDP Discovery Service                             [SSDPSRV                                 ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService
  Windows Image Acquisition (WIA)                    [stisvc                                  ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k imgsvc
  MS Software Shadow Copy Provider                   [SwPrv                                   ]  <Stopped>, Binpath = C:\WINDOWS\system32\dllhost.exe /Processid:{C3F05568-6BDA-4D9F-AE0A-043B512C2A70}
  Performance Logs and Alerts                        [SysmonLog                               ]  <Stopped>, Binpath = C:\WINDOWS\system32\smlogsvc.exe
  Telephony                                          [TapiSrv                                 ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Terminal Services                                  [TermService                             ]  <Running>, Binpath = C:\WINDOWS\System32\svchost -k DComLaunch
  Themes                                             [Themes                                  ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Telnet                                             [TlntSvr                                 ]  <Stopped>, Binpath = C:\WINDOWS\system32\tlntsvr.exe
  Distributed Link Tracking Client                   [TrkWks                                  ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Windows User Mode Driver Framework                 [UMWdf                                   ]  <Running>, Binpath = C:\WINDOWS\system32\wdfmgr.exe
  Universal Plug and Play Device Host                [upnphost                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService
  Uninterruptible Power Supply                       [UPS                                     ]  <Stopped>, Binpath = C:\WINDOWS\System32\ups.exe
  Messenger 共享文件夹 USN 杂志阅读器服务            [usnjsvc                                 ]  <Stopped>, Binpath = "C:\Program Files\MSN Messenger\usnsvc.exe"
  Volume Shadow Copy                                 [VSS                                     ]  <Stopped>, Binpath = C:\WINDOWS\System32\vssvc.exe
  Windows Time                                       [W32Time                                 ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  WebClient                                          [WebClient                               ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k LocalService
  Windows Management Instrumentation                 [winmgmt                                 ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Portable Media Serial Number Service               [WmdmPmSN                                ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Windows Management Instrumentation Driver Extensions [Wmi                                     ]  <Stopped>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  WMI Performance Adapter                            [WmiApSrv                                ]  <Stopped>, Binpath = C:\WINDOWS\system32\wbem\wmiapsrv.exe
  Security Center                                    [wscsvc                                  ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
  Automatic Updates                                  [wuauserv                                ]  <Running>, Binpath = C:\WINDOWS\system32\svchost.exe -k netsvcs
  Wireless Zero Configuration                        [WZCSVC                                  ]  <Running>, Binpath = C:\WINDOWS\System32\svchost.exe -k netsvcs
回复

举报

qiqi00612
 楼主| 发表于 2007-9-1 23:39:18 | 显示全部楼层
*****************************************************************
       IE BHOs
*****************************************************************
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}   AcroIEHelper.AcroIEHlprObj.1             C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll


*****************************************************************
       Boot items in Registry
*****************************************************************
------------------------------------------------------------
0:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
------------------------------------------------------------
ctfmon.exe……C:\WINDOWS\system32\ctfmon.exe
msnmsgr……"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
------------------------------------------------------------
1:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
------------------------------------------------------------
------------------------------------------------------------
2:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
------------------------------------------------------------
------------------------------------------------------------
3:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices
------------------------------------------------------------
------------------------------------------------------------
4:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
------------------------------------------------------------
------------------------------------------------------------
5:HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows  键值名称:load
------------------------------------------------------------
load……
------------------------------------------------------------
6:HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows  键值名称:run
------------------------------------------------------------
run……
------------------------------------------------------------
7:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System  键值名称:Shell
------------------------------------------------------------
------------------------------------------------------------
8:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
------------------------------------------------------------
------------------------------------------------------------
9:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
------------------------------------------------------------
kav……"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
------------------------------------------------------------
10:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
------------------------------------------------------------
------------------------------------------------------------
11:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
------------------------------------------------------------
------------------------------------------------------------
12:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunService
------------------------------------------------------------
------------------------------------------------------------
13:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServiceOnce
------------------------------------------------------------
------------------------------------------------------------
14:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
------------------------------------------------------------
------------------------------------------------------------
15:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon  键值名称:Shell
------------------------------------------------------------
Shell……Explorer.exe
------------------------------------------------------------
16:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon  键值名称:Userinit
------------------------------------------------------------
Userinit……C:\WINDOWS\system32\userinit.exe,
------------------------------------------------------------
17:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows  键值名称:AppInit_DLLs
------------------------------------------------------------
AppInit_DLLs……


*****************************************************************
       File association information
*****************************************************************
------------------------------------------------------------
0:HKEY_CLASSES_ROOT\.exe
------------------------------------------------------------
<DEFAULT> = exefile, 正常!
------------------------------------------------------------
1:HKEY_CLASSES_ROOT\exefile\shell\open\command
------------------------------------------------------------
<DEFAULT> = "%1" %*, 正常!
------------------------------------------------------------
2:HKEY_CLASSES_ROOT\exefile\shell\runas\command
------------------------------------------------------------
<DEFAULT> = %1 %*, 不正常!正常值:"%1" %*。请使用RegFix修复关联!软件可以到 http://www.KZTechs.com 下载。
------------------------------------------------------------
3:HKEY_CLASSES_ROOT\.txt
------------------------------------------------------------
<DEFAULT> = txtfile, 正常!
------------------------------------------------------------
4:HKEY_CLASSES_ROOT\txtfile\shell\open\command
------------------------------------------------------------
<DEFAULT> = %SystemRoot%\system32\NOTEPAD.EXE %1, 正常!
------------------------------------------------------------
5:HKEY_CLASSES_ROOT\.reg
------------------------------------------------------------
<DEFAULT> = regfile, 正常!
------------------------------------------------------------
6:HKEY_CLASSES_ROOT\regfile\shell\open\command
------------------------------------------------------------
<DEFAULT> = regedit.exe "%1", 正常!
------------------------------------------------------------
7:HKEY_CLASSES_ROOT\.bat
------------------------------------------------------------
<DEFAULT> = batfile, 正常!
------------------------------------------------------------
8:HKEY_CLASSES_ROOT\batfile\shell\open\command
------------------------------------------------------------
<DEFAULT> = "%1" %*, 正常!
------------------------------------------------------------
9:HKEY_CLASSES_ROOT\.com
------------------------------------------------------------
<DEFAULT> = comfile, 正常!
------------------------------------------------------------
10:HKEY_CLASSES_ROOT\comfile\shell\open\command
------------------------------------------------------------
<DEFAULT> = "%1" %*, 正常!
------------------------------------------------------------
11:HKEY_CLASSES_ROOT\.scr
------------------------------------------------------------
<DEFAULT> = scrfile, 正常!
------------------------------------------------------------
12:HKEY_CLASSES_ROOT\scrfile\shell\open\command
------------------------------------------------------------
<DEFAULT> = "%1" /S, 正常!
------------------------------------------------------------
13:HKEY_CLASSES_ROOT\.pif
------------------------------------------------------------
<DEFAULT> = piffile, 正常!
------------------------------------------------------------
14:HKEY_CLASSES_ROOT\piffile\shell\open\command
------------------------------------------------------------
<DEFAULT> = "%1" %*, 正常!
回复

举报

qiqi00612
 楼主| 发表于 2007-9-1 23:41:19 | 显示全部楼层
发完了.....这日志够详细了吧!希望高手可能快点帮我解读.
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-22 14:43 , Processed in 0.135349 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表