12   2  /  2  页   跳转

[已解决] 我快崩溃了,ntsd.exe!!!

收藏
哇啊嗒
头像
初生襁褓狮
  • 帖子:63
  • 注册: 2009-03-24
  • 来自:
发表于: 2009-03-29 09:49 | 只看楼主 短消息 资料
字号: 11楼

回复:我快崩溃了,ntsd.exe!!!

启动文件夹
[服务管理器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\服务管理器.lnk --> C:\PROGRA~1\MICROS~3\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N>

==================================
服务
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[m42248.exe / m42248.exe][Stopped/Manual Start]
  <\\10.4.8.119\Admin$\m11576.exe><(File is missing)>
[m61386.exe / m61386.exe][Stopped/Manual Start]
  <\\10.4.8.119\Admin$\m68413.exe><(File is missing)>
[m64365.exe / m64365.exe][Stopped/Manual Start]
  <\\10.4.8.119\Admin$\m80681.exe><(File is missing)>
[m85226.exe / m85226.exe][Stopped/Manual Start]
  <\\10.4.8.119\Admin$\m04584.exe><(File is missing)>
[Microsoft Search / MSSEARCH][Running/Auto Start]
  <"C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe"><Microsoft Corporation>
[MSSQL$RAVN / MSSQL$RAVN][Running/Auto Start]
  <C:\Program Files\MSDE\MSSQL$RAVN\Binn\sqlservr.exe -sRAVN><Microsoft Corporation>
[MSSQLSERVER / MSSQLSERVER][Running/Auto Start]
  <C:\PROGRA~1\MICROS~3\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[RavAgent / RavAgent][Running/Auto Start]
  <"e:\Program Files\Rising\Rav\RavAgent.exe"><Beijing Rising Information Technology Co., Ltd.>
[Rav Net Alert / RavAlert][Running/Auto Start]
  <"e:\Program Files\Rising\Rav\RavAlert.exe"><Beijing Rising Information Technology Co., Ltd.>
[RavService / RavService][Running/Auto Start]
  <"e:\Program Files\Rising\Rav\RavService.exe"><Beijing Rising Information Technology Co., Ltd.>
[RavUpdate / RavUpdate][Running/Auto Start]
  <"e:\Program Files\Rising\Rav\RavUpdate.exe"><Beijing Rising Information Technology Co., Ltd.>
[RNReport / RNReport][Running/Auto Start]
  <"e:\Program Files\Rising\Rav\RNReport.exe"><Beijing Rising Information Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
  <"e:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"E:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Information Technology Co., Ltd.>
[SQLAgent$RAVN / SQLAgent$RAVN][Stopped/Manual Start]
  <C:\Program Files\MSDE\MSSQL$RAVN\Binn\sqlagent.EXE -i RAVN><Microsoft Corporation>
[SQLSERVERAGENT / SQLSERVERAGENT][Running/Auto Start]
  <C:\PROGRA~1\MICROS~3\MSSQL\binn\sqlagent.exe><Microsoft Corporation>
[VNC Server / winvnc][Stopped/Auto Start]
  <><(File is missing)>
[WMDM PMSP Service / WMDM PMSP Service][Running/Auto Start]
  <C:\WINNT\system32\mspmspsv.exe><Microsoft Corporation>

==================================
驱动程序
[360AntiArp / 360AntiArp][Stopped/System Start]
  <\??\C:\WINNT\system32\drivers\360AntiArp.sys><N/A>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Information Technology Co., Ltd.>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Information Technology Co., Ltd.>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[ialm / ialm][Running/Manual Start]
  <System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek RTL8139-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Sound Blaster AudioPCI 64V Driver (WDM) / sbpci][Running/Manual Start]
  <system32\drivers\sbpci.sys><Creative Technology Ltd.>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Running/Manual Start]
  <system32\drivers\ialmsbw.sys><Intel Corporation>
[Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Running/Manual Start]
  <system32\drivers\ialmkchw.sys><Intel Corporation>

==================================
浏览器加载项
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, >
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, (Signed) Microsoft Corporation>
[TrendLine Control]
  {4F03A197-65DA-487C-864A-9DDE6EACA166} <C:\WINNT\DOWNLO~1\TRENDL~1.OCX, >
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINNT\system32\wuweb.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9e.ocx, (Signed) Adobe Systems, Inc.>
[]
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, >
[]
  {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <, >
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINNT\system32\msnetobj.dll, Microsoft Corporation>
[]
  {EF1EA76E-5428-4e40-85A1-D4DD2893183A} <, >
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, (Signed) Thunder>

==================================
正在运行的进程
[PID: 168][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.00.2195.6601]
[PID: 192][\??\C:\WINNT\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.00.2195.6601]
[PID: 212][\??\C:\WINNT\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.00.2195.6997]
[PID: 240][C:\WINNT\system32\services.exe]  [(Verified) Microsoft Corporation, 5.00.2195.7035]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
[PID: 252][C:\WINNT\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.00.2195.7011]
[PID: 444][C:\WINNT\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.00.2134.1]
[PID: 488][C:\WINNT\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.00.2195.7059]
[PID: 520][C:\WINNT\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.00.2134.1]
[PID: 544][C:\WINNT\System32\llssrv.exe]  [(Verified) Microsoft Corporation, 5.00.2195.7021]
[PID: 564][C:\Program Files\MSDE\MSSQL$RAVN\Binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\Program Files\MSDE\MSSQL$RAVN\Binn\OPENDS60.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\MSDE\MSSQL$RAVN\Binn\UMS.DLL]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\Program Files\MSDE\MSSQL$RAVN\Binn\SQLSORT.DLL]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\Program Files\MSDE\MSSQL$RAVN\Binn\Resources\1033\sqlevn70.RLL]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\Program Files\MSDE\MSSQL$RAVN\binn\SSNETLIB.dll]  [Microsoft Corporation, 2000.080.0766.00]
    [C:\Program Files\MSDE\MSSQL$RAVN\binn\SSNMPN70.dll]  [Microsoft Corporation, 2000.080.0534.00]
    [C:\Program Files\MSDE\MSSQL$RAVN\Binn\SSmsLPCn.dll]  [Microsoft Corporation, 2000.080.0760.00]
[PID: 692][C:\PROGRA~1\MICROS~3\MSSQL\binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\OPENDS60.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\UMS.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\SQLSORT.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\Resources\2052\sqlevn70.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\SSNETLIB.dll]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\SSNMPN70.dll]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\SSmsLPCn.dll]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\SQLFTQRY.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\xpsqlbot.dll]  [Microsoft Corporation, 2000.080.0194.00]
[PID: 324][e:\Program Files\Rising\Rav\RavAgent.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.28]
    [C:\WINNT\system32\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [e:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [e:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [e:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.1]
    [e:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.19]
    [e:\Program Files\Rising\Rav\Strategy.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6]
    [C:\WINNT\system32\DBmsLPCn.dll]  [Microsoft Corporation, 2000.080.0760.00]
[PID: 804][e:\Program Files\Rising\Rav\RavAlert.exe]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 56]
    [C:\WINNT\system32\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [e:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [e:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [e:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [e:\Program Files\Rising\Rav\PlugIn\RptMC.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11]
    [e:\Program Files\Rising\Rav\PlugIn\AltP936.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6]
    [e:\Program Files\Rising\Rav\PlugIn\MalAlrt.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7]
    [e:\Program Files\Rising\Rav\PlugIn\TrpPlgIn.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 9]
    [e:\Program Files\Rising\Rav\RsSnmp.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3]
    [e:\Program Files\Rising\Rav\PlugIn\MBPlgIn.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8]
    [e:\Program Files\Rising\Rav\PlugIn\NLPlgIn.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6]
    [e:\Program Files\Rising\Rav\PlugIn\SysLog.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11]
    [C:\WINNT\system32\DBmsLPCn.dll]  [Microsoft Corporation, 2000.080.0760.00]
[PID: 832][e:\Program Files\Rising\Rav\RavService.exe]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 77]
    [C:\WINNT\system32\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [e:\Program Files\Rising\Rav\DLCenter.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.11]
    [e:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [e:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
[PID: 876][e:\Program Files\Rising\Rav\RavUpdate.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.52]
    [C:\WINNT\system32\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [e:\Program Files\Rising\Rav\DLCenter.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.11]
    [e:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [e:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
[PID: 892][C:\WINNT\system32\regsvc.exe]  [(Verified) Microsoft Corporation, 5.00.2195.6701]
[PID: 912][e:\Program Files\Rising\Rav\RNReport.exe]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 65]
    [e:\Program Files\Rising\Rav\Chart.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.8]
    [C:\WINNT\system32\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [e:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [e:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\WINNT\system32\DBmsLPCn.dll]  [Microsoft Corporation, 2000.080.0760.00]
[PID: 1108][C:\WINNT\system32\MSTask.exe]  [(Verified) Microsoft Corporation, 4.71.2195.6972]
[PID: 1144][C:\WINNT\System32\WBEM\WinMgmt.exe]  [(Verified) Microsoft Corporation, 1.50.1085.0100]
[PID: 1180][C:\WINNT\system32\mspmspsv.exe]  [Microsoft Corporation, 7.10.00.3059]
[PID: 1192][C:\WINNT\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.00.2134.1]
[PID: 1212][C:\WINNT\system32\Dfssvc.exe]  [(Verified) Microsoft Corporation, 5.00.2195.6664]
[PID: 1232][C:\WINNT\System32\inetsrv\inetinfo.exe]  [(Verified) Microsoft Corporation, 5.00.0984]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\system32\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\webengine.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[PID: 1256][C:\WINNT\System32\msdtc.exe]  [(Verified) Microsoft Corporation, 1999.9.3421.3]
[PID: 1332][C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe]  [Microsoft Corporation, 9.107.5512.0]
    [C:\Program Files\Common Files\System\MSSearch\Bin\mssws.dll]  [Microsoft Corporation, 9.107.5512.0]
    [C:\PROGRA~1\COMMON~1\System\MSSearch\Bin\mssrch.dll]  [Microsoft Corporation, 9.107.5512.0]
    [C:\Program Files\Common Files\System\MSSearch\Bin\tquery.dll]  [Microsoft Corporation, 9.107.5512.0]
    [C:\PROGRA~1\COMMON~1\System\MSSearch\Bin\propdefs.dll]  [Microsoft Corporation, 9.107.5512.0]
    [C:\PROGRA~1\COMMON~1\System\MSSearch\Bin\srchidx.dll]  [Microsoft Corporation, 9.107.5512.0]
[PID: 1496][C:\WINNT\Explorer.EXE]  [(Verified) Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.18]
    [e:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
[PID: 1640][C:\WINNT\system32\igfxtray.exe]  [Intel Corporation, 3,0,0,1607]
    [C:\WINNT\system32\hccutils.DLL]  [Intel Corporation, 3,0,0,1607]
    [C:\WINNT\system32\igfxdev.dll]  [Intel Corporation, 3,0,0,1607]
    [C:\WINNT\system32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,1607]
    [C:\WINNT\system32\igfxres.dll]  [Intel Corporation, 3,0,0,1607]
    [C:\WINNT\system32\igfxress.dll]  [Intel Corporation, 3,0,0,1607]
[PID: 1648][C:\WINNT\system32\hkcmd.exe]  [Intel Corporation, 3,0,0,1607]
    [C:\WINNT\system32\hccutils.DLL]  [Intel Corporation, 3,0,0,1607]
    [C:\WINNT\system32\igfxdev.dll]  [Intel Corporation, 3,0,0,1607]
    [C:\WINNT\system32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,1607]
    [C:\WINNT\system32\igfxhk.dll]  [Intel Corporation, 3,0,0,1607]
    [C:\WINNT\system32\igfxres.dll]  [Intel Corporation, 3,0,0,1607]
[PID: 1656][E:\Program Files\Rising\Rav\RavTray.exe]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 37]
    [E:\Program Files\Rising\Rav\RavUILib.dll]  [, 18, 0, 0, 1]
    [C:\WINNT\system32\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [E:\Program Files\Rising\Rav\RavTray936.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 37]
    [E:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [E:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
[PID: 1668][C:\WINNT\system32\internat.exe]  [(Verified) Microsoft Corporation, 5.00.2920.0000]
[PID: 1700][C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\W95SCM.dll]  [Microsoft Corporation, 2000.080.0760.00]
gototop
 
哇啊嗒
头像
初生襁褓狮
  • 帖子:63
  • 注册: 2009-03-24
  • 来自:
发表于: 2009-03-29 09:50 | 只看楼主 短消息 资料
字号: 12楼

回复:我快崩溃了,ntsd.exe!!!

[C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLSVC.dll]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLRESLD.dll]  [Microsoft Corporation, 2000.080.0382.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\SQLSVC.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\sqlmangr.RLL]  [Microsoft Corporation, 2000.080.0194.00]
[PID: 1920][E:\kjWebApp\kjWinApp\kjWinApp.exe]  [, 1.0.3070.20924]
    [C:\WINNT\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\system32\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\mscorlib\7a64883897e07b498584827baeaf08fa\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System\9deac8041cfa64449e8948490832d7cc\System.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Drawing\2faa3519f9589d49b9a5fc64e21ece83\System.Drawing.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e21c479dffe21347b382068622711701\System.Windows.Forms.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [E:\kjWebApp\kjWinApp\AxInterop.MULTIUDPCTRLLib.dll]  [, 1.0.0.0]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\Gdiplus.dll]  [Microsoft Corporation, 5.1.3102.1355 (xpsp2.040109-1800)]
    [D:\dt1.13\dt1.13\MULTIU~1.OCX]  [USTB, 1, 0, 0, 1]
    [E:\kjWebApp\kjWinApp\Interop.MULTIUDPCTRLLib.dll]  [ , 1.0.0.0]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\Accessibility\22f1eb6c7aeb5e4ea7771959aeb12a35\Accessibility.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Xml\8ed5895ca170a94c89c1464112ec8873\System.Xml.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Web.Services\758d4db2521bc94d8e2149c762c2e4ab\System.Web.Services.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Configuration\544779633c9a4d4dbe1b3f8c4d12dbf9\System.Configuration.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll]  [Microsoft Corporation, 8.0.50727.42 (RTM.050727-4200)]
[PID: 2016][C:\WINNT\system32\conime.exe]  [(Verified) Microsoft Corporation, 5.00.2195.6655]
[PID: 2040][C:\PROGRA~1\MICROS~3\MSSQL\binn\sqlagent.exe]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\SQLRESLD.dll]  [Microsoft Corporation, 2000.080.0382.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\SQLSVC.dll]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\W95SCM.dll]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\SEMMAP.dll]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\Resources\2052\SQLSVC.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\Resources\2052\SEMMAP.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\Resources\2052\sqlagent.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~3\MSSQL\binn\SQLAGENT.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\SQLCMDSS.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\Resources\2052\SQLCMDSS.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\SQLREPSS.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\Resources\2052\SQLREPSS.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\SQLATXSS.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\Resources\2052\SQLATXSS.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\BINN\AXSCPHST.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\BINN\Resources\2052\AXSCPHST.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\WINNT\system32\DBmsLPCn.dll]  [Microsoft Corporation, 2000.080.0760.00]
[PID: 2116][C:\WINNT\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.00.2134.1]
[PID: 2160][D:\anhang\dc-dl\kj2000dc_dl.exe]  [, 1.0.0.0]
    [D:\dt1.13\dt1.13\MULTIU~1.OCX]  [USTB, 1, 0, 0, 1]
    [D:\dt1.13\dt1.13\midas.dll]  [CodeGear, 11.0.2627.5503]
[PID: 2244][C:\WINNT\system32\dllhost.exe]  [(Verified) Microsoft Corporation, 5.00.2195.6692]
[PID: 1460][C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\system32\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\webengine.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\mscorlib\7a64883897e07b498584827baeaf08fa\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System\9deac8041cfa64449e8948490832d7cc\System.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Web\9fb9d95fd8375f47aec9c3b435ef59bd\System.Web.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Configuration\544779633c9a4d4dbe1b3f8c4d12dbf9\System.Configuration.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Xml\8ed5895ca170a94c89c1464112ec8873\System.Xml.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll]  [Microsoft Corporation, 8.0.50727.42]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Data\cca50e096d77344b9d597275629ee242\System.Data.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Web.Services\758d4db2521bc94d8e2149c762c2e4ab\System.Web.Services.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\GAC_MSIL\CrystalDecisions.CrystalReports.Engine\10.2.3600.0__692fbea5521e1304\CrystalDecisions.CrystalReports.Engine.dll]  [Business Objects, 10.2.51014.0]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\698e4fc2998966438be721e8beeb0e26\System.Web.Extensions.ni.dll]  [Microsoft Corporation, 1.0.61231.0]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\GAC_MSIL\CrystalDecisions.Shared\10.2.3600.0__692fbea5521e1304\CrystalDecisions.Shared.dll]  [Business Objects, 10.2.51014.0]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\dad6ab3ca34ef340964e849925acacda\System.Web.Mobile.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\GAC_MSIL\CrystalDecisions.Web\10.2.3600.0__692fbea5521e1304\CrystalDecisions.Web.dll]  [Business Objects, 10.2.51014.0]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\b3e15db8aa292644964f9aa7a6ac24a0\System.EnterpriseServices.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Transactions\204ebd69c478034db904ee84bf292d91\System.Transactions.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\b3e15db8aa292644964f9aa7a6ac24a0\System.EnterpriseServices.Wrapper.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6478d10df805454fa48e00a6a72c13e0\System.Web.RegularExpressions.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Drawing\2faa3519f9589d49b9a5fc64e21ece83\System.Drawing.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll]  [Microsoft Corporation, 8.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.CommLayer\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.CommLayer.dll]  [Business Objects, 10.2.9700.0]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e21c479dffe21347b382068622711701\System.Windows.Forms.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\sacommlayer.dll]  [Business Objects, 10.2.0.1093]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\ATL80.DLL]  [Microsoft Corporation, 8.00.41130.00]
    [C:\WINNT\system32\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\WINNT\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.ClientDoc\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.ClientDoc.dll]  [Business Objects, 10.2.9700.0]
    [C:\WINNT\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.DataSetConversion\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.DataSetConversion.dll]  [Business Objects, 10.2.51014.0]
    [C:\WINNT\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.DataDefModel\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.DataDefModel.dll]  [Business Objects, 10.2.9700.0]
    [C:\WINNT\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.Controllers\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.Controllers.dll]  [Business Objects, 10.2.9700.0]
    [C:\WINNT\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.CubeDefModel\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.CubeDefModel.dll]  [Business Objects, 10.2.9700.0]
    [C:\WINNT\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.ReportDefModel\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.ReportDefModel.dll]  [Business Objects, 10.2.9700.0]
    [C:\WINNT\assembly\GAC_MSIL\CrystalDecisions.KeyCode\10.2.3600.0__692fbea5521e1304\CrystalDecisions.KeyCode.dll]  [Business Objects, 10.2.51014.0]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\keycode.dll]  [Business Objects, 10.2.0.927]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\clientdoc.dll]  [Business Objects, 10.2.0.1093]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\cachemanager.dll]  [Business Objects, 10.2.0.1093]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\rptcontrollers.dll]  [Business Objects, 10.2.0.1093]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\datadefmodel.dll]  [Business Objects, 10.2.0.1093]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\cxlibw7-2-1.dll]  [Business Objects, 10.2.0.949]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\commonobjmodel.dll]  [Business Objects, 10.2.0.1093]
    [C:\WINNT\assembly\GAC_MSIL\CrystalDecisions.ReportSource\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportSource.dll]  [Business Objects, 10.2.51014.0]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\crpe32.dll]  [Business Objects, 10.2.0.1093]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\crqe.dll]  [Business Objects, 10.2.0.930]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\dtsagent.dll]  [Business Objects, 10.2.0.1093]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\saxmlserialize.dll]  [Business Objects, 10.2.0.1093]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\objectfactory.dll]  [Business Objects, 10.2.0.1093]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\requestmodel.dll]  [Business Objects, 10.2.0.1093]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\localcon.dll]  [Business Objects, 10.2.0.1093]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\libOCASecurityLitew-1-3.dll]  [Business Objects, 10.2.0.949]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\secSSO.dll]  [Business Objects, 10.2.0.949]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\etc-1-0-12-1.dll]  [Business Objects, 1, 0, 12, 17]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\rptdefmodel.dll]  [Business Objects, 10.2.0.1093]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\crdb_adoplus.dll]  [Business Objects, 10.2.0.930]
    [C:\WINNT\system32\msvcm80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\ufmanager.dll]  [Business Objects, 10.2.0.1093]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\usp10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\cubedefmodel.dll]  [Business Objects, 10.2.0.1093]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\62a68749ae9307409b5a09d280866a7f\CustomMarshalers.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\Common Files\Business Objects\2.7\Bin\crdb_adoplus_res_en.dll]  [Business Objects, 10.2.0.930]
    [C:\WINNT\assembly\GAC\CrystalDecisions.Enterprise.InfoStore\10.2.3600.0__692fbea5521e1304\CrystalDecisions.Enterprise.InfoStore.dll]  [Crystal Decisions, 9.7.0.588]
    [C:\WINNT\assembly\GAC\CrystalDecisions.Enterprise.Framework\10.2.3600.0__692fbea5521e1304\CrystalDecisions.Enterprise.Framework.dll]  [Crystal Decisions, 9.7.0.588]
    [C:\WINNT\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.XmlSerialize\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.XmlSerialize.dll]  [Business Objects, 10.2.9700.0]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\Gdiplus.dll]  [Microsoft Corporation, 5.1.3102.1355 (xpsp2.040109-1800)]
    [C:\WINNT\assembly\NativeImages_v2.0.50727_32\System.Design\59fa27e17d99d247b77a34e3fca4f46b\System.Design.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\281ab395\c76d13e1\assembly\dl3\82a24e9b\0068fb1e_8290c801\App_Code.DLL]  [, 0.0.0.0]
    [C:\WINNT\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\281ab395\c76d13e1\assembly\dl3\03323c2f\0068fb1e_8290c801\App_global.asax.DLL]  [, 0.0.0.0]
[PID: 22948][F:\ntsd.exe\已释放的sreng2.71版\SRE2.71.EXE]  [Smallfrogs Studio, 2.7.1.1261]
    [F:\ntsd.exe\已释放的sreng2.71版\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 564, C:\PROGRAM FILES\MSDE\MSSQL$RAVN\BINN\SQLSERVR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 692, C:\PROGRA~1\MICROS~3\MSSQL\BINN\SQLSERVR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1180, C:\WINNT\SYSTEM32\MSPMSPSV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1332, C:\PROGRAM FILES\COMMON FILES\SYSTEM\MSSEARCH\BIN\MSSEARCH.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1700, C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLMANGR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1920, E:\KJWEBAPP\KJWINAPP\KJWINAPP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2040, C:\PROGRA~1\MICROS~3\MSSQL\BINN\SQLAGENT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2160, D:\ANHANG\DC-DL\KJ2000DC_DL.EXE]

==================================
计划任务
N/A

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
哇啊嗒
头像
初生襁褓狮
  • 帖子:63
  • 注册: 2009-03-24
  • 来自:
发表于: 2009-03-29 09:52 | 只看楼主 短消息 资料
字号: 13楼

回复:我快崩溃了,ntsd.exe!!!

好长,我看看单发一个附件
gototop
 
哇啊嗒
头像
初生襁褓狮
  • 帖子:63
  • 注册: 2009-03-24
  • 来自:
发表于: 2009-03-29 10:33 | 只看楼主 短消息 资料
字号: 14楼

回复 7F CPU_ring0 的帖子

我用SRENG工具扫了一下,启动项目--注册表确实有许多IFEO项
该怎么处理,直接删除没什么吧,这个机子上传用,不敢轻易动它!
gototop
 
zoxmes
头像
叱咤花甲狮
  • 帖子:3904
  • 注册: 2008-10-27
  • 来自:天空
论坛8周年活动礼物
发表于: 2009-03-29 12:17 | 短消息 资料
字号: 15楼

回复 14F 哇啊嗒 的帖子

把完整的日志以附件发上来,这样根本没有办法分析的
繁花落尽朝朝散,年少不知轻狂.岁月岂饶人? 心未归,人已醉,何时知我悔.碧海天,夜清心.少年梦里独摘花.
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT