Service TOME服务不提供';无法在Windows 7上启动(64位)
我在Windows7(64位)上安装了TomEE作为服务。 手动启动(通过start.bat)工作正常,但在尝试启动服务时,我得到: Windows无法在本地计算机上启动TOME。有关详细信息,请查看系统事件日志。如果这是非Microsoft服务,请与服务供应商联系,并参阅特定于服务的错误代码4 错误消息中提到的日志条目显示:Service TOME服务不提供';无法在Windows 7上启动(64位),service,windows-7-x64,apache-tomee,Service,Windows 7 X64,Apache Tomee,我在Windows7(64位)上安装了TomEE作为服务。 手动启动(通过start.bat)工作正常,但在尝试启动服务时,我得到: Windows无法在本地计算机上启动TOME。有关详细信息,请查看系统事件日志。如果这是非Microsoft服务,请与服务供应商联系,并参阅特定于服务的错误代码4 错误消息中提到的日志条目显示: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <S
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7024</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2015-06-29T04:15:32.139508900Z" />
<EventRecordID>96150</EventRecordID>
<Correlation />
<Execution ProcessID="896" ThreadID="7752" />
<Channel>System</Channel>
<Computer>...(I removed this string)...</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">TomEE</Data>
<Data Name="param2">%%4</Data>
</EventData>
</Event>
- ImagePath=E:\software\apache tomee webprofile\bin\tomee.amd64.exe//RS//tomee
- DependOnService=Tcpip Afd
- 包括
- ProcessName包含Tom
- 排除
- 结果就是成功
- 结果是文件结束
- 结果是没有更多的文件
<?xml version="1.0" encoding="UTF-8"?>
<procmon>
<processlist>
<!-- removed to shorten the file for the forum -->
<processlist>
<eventlist>
<!-- shortened file by removing <Time_of_Day> and same elements from every
<event>
<ProcessIndex>520</ProcessIndex>
<Process_Name>TomEE.amd64.exe</Process_Name>
<PID>8088</PID>
</event>
-->
<event>
<Operation>QueryInformationVolume</Operation>
<Path>C:</Path>
<Result>BUFFER OVERFLOW</Result>
<Detail>VolumeCreationTime: 02-Jun-14 11:15:49 PM, VolumeSerialNumber: 28EB-3828, SupportsObjects: True, VolumeLabel: WINȈ</Detail>
</event>
<event>
<Operation>QueryInformationVolume</Operation>
<Path>E:</Path>
<Result>BUFFER OVERFLOW</Result>
<Detail>VolumeCreationTime: 02-Jun-14 08:32:24 AM, VolumeSerialNumber: 4881-ADFA, SupportsObjects: True, VolumeLabel: DATȈ</Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\NTDLL.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\KERNEL32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\APISETSCHEMA.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\KERNELBASE.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\LOCALE.NLS</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\apache-tomee-webprofile\bin\TomEE.amd64.exe</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\ADVAPI32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\MSVCRT.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\SECHOST.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\RPCRT4.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\SHELL32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\SHLWAPI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\GDI32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\USER32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\LPK.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\USP10.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\IMM32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\MSCTF.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\GLOBALIZATION\SORTING\SORTDEFAULT.NLS</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\LOGFILES\APACHE\TOMEE.2015-06-30.LOG</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\SERVER\JVM.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\WSOCK32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\WS2_32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\NSI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\WINMM.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\VERSION.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\PSAPI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\Windows\system32\MSVCR100.dll</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\VERIFY.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\JAVA.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\TZRES.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\INSTRUMENT.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\apache-tomee-webprofile\LIB\OPENEJB-JAVAAGENT.JAR</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFile</Operation>
<Path>C:\Windows\TEMP\HSPERFDATA_LPV0RAD1346E2$\7468</Path>
<Result>NAME NOT FOUND</Result>
<Detail>Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a</Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\ZIP.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\LIB\META-INDEX</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\apache-tomee-webprofile\ENDORSED\ANNOTATION-API.JAR</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\apache-tomee-webprofile\ENDORSED\JAXB-API.JAR</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\LIB\RT.JAR</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\OLE32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\PROFAPI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\LIB\EXT\META-INDEX</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\LIB\TZMAPPINGS</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\LIB\TZDB.DAT</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\EN-US\KERNELBASE.DLL.MUI</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\NTDLL.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\KERNEL32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\APISETSCHEMA.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\KERNELBASE.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\apache-tomee-webprofile\bin\TomEE.amd64.exe</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\ADVAPI32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\MSVCRT.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\SECHOST.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\RPCRT4.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\SHELL32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\SHLWAPI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\GDI32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\USER32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\LPK.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\USP10.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\IMM32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\MSCTF.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\SERVER\JVM.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\WSOCK32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\WS2_32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\NSI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\WINMM.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\VERSION.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\PSAPI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\Windows\system32\MSVCR100.dll</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\VERIFY.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\JAVA.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\INSTRUMENT.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\ZIP.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\OLE32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\PROFAPI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\sechost.dll</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\IMM32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\IMM32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\IMM32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFile</Operation>
<Path>C:\PROGRAM FILES (X86)\SupTab\SEARCH~2.DLL</Path>
<Result>NAME NOT FOUND</Result>
<Detail>Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a</Detail>
</event>
<!-- removed further events to meet the forum's size limit -->
</eventlist>
</procmon>
查询信息量
C:
缓冲区溢出
卷创建时间:2014年6月2日11:15:49下午,卷序列号:28EB-3828,支持对象:True,卷标签:WINȈ
查询信息量
E:
缓冲区溢出
卷创建时间:2014年6月2日08:32:24上午,卷序列号:4881-ADFA,支持对象:True,卷标签:DATȈ
CreateFileMapping
C:\WINDOWS\SYSTEM32\NTDLL.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\APISETSCHEMA.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\KERNELBASE.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\LOCALE.NLS
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
E:\software\apache tomee webprofile\bin\tomee.amd64.exe
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\SECHOST.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\SHELL32.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\GDI32.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\USER32.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\LPK.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\USP10.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\IMM32.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\MSCTF.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\GLOBALIZATION\SORTING\SORTDEFAULT.NLS
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\LOGFILES\APACHE\TOMEE.2015-06-30.LOG
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
E:\software\java\JRE8-64\BIN\SERVER\JVM.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\WSOCK32.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
CreateFileMapping
C:\WINDOWS\SYSTEM32\WS2\u 32.DLL
仅用读卡器锁定文件
SyncType:SyncTypeCreateSection,页面保护:
铬
<?xml version="1.0" encoding="UTF-8"?>
<procmon>
<processlist>
<!-- removed to shorten the file for the forum -->
<processlist>
<eventlist>
<!-- shortened file by removing <Time_of_Day> and same elements from every
<event>
<ProcessIndex>520</ProcessIndex>
<Process_Name>TomEE.amd64.exe</Process_Name>
<PID>8088</PID>
</event>
-->
<event>
<Operation>QueryInformationVolume</Operation>
<Path>C:</Path>
<Result>BUFFER OVERFLOW</Result>
<Detail>VolumeCreationTime: 02-Jun-14 11:15:49 PM, VolumeSerialNumber: 28EB-3828, SupportsObjects: True, VolumeLabel: WINȈ</Detail>
</event>
<event>
<Operation>QueryInformationVolume</Operation>
<Path>E:</Path>
<Result>BUFFER OVERFLOW</Result>
<Detail>VolumeCreationTime: 02-Jun-14 08:32:24 AM, VolumeSerialNumber: 4881-ADFA, SupportsObjects: True, VolumeLabel: DATȈ</Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\NTDLL.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\KERNEL32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\APISETSCHEMA.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\KERNELBASE.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\LOCALE.NLS</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\apache-tomee-webprofile\bin\TomEE.amd64.exe</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\ADVAPI32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\MSVCRT.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\SECHOST.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\RPCRT4.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\SHELL32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\SHLWAPI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\GDI32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\USER32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\LPK.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\USP10.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\IMM32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\MSCTF.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\GLOBALIZATION\SORTING\SORTDEFAULT.NLS</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\LOGFILES\APACHE\TOMEE.2015-06-30.LOG</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\SERVER\JVM.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\WSOCK32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\WS2_32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\NSI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\WINMM.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\VERSION.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\PSAPI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\Windows\system32\MSVCR100.dll</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\VERIFY.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\JAVA.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\TZRES.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\INSTRUMENT.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\apache-tomee-webprofile\LIB\OPENEJB-JAVAAGENT.JAR</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFile</Operation>
<Path>C:\Windows\TEMP\HSPERFDATA_LPV0RAD1346E2$\7468</Path>
<Result>NAME NOT FOUND</Result>
<Detail>Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a</Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\ZIP.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\LIB\META-INDEX</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\apache-tomee-webprofile\ENDORSED\ANNOTATION-API.JAR</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\apache-tomee-webprofile\ENDORSED\JAXB-API.JAR</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\LIB\RT.JAR</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\OLE32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\PROFAPI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\LIB\EXT\META-INDEX</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\LIB\TZMAPPINGS</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\LIB\TZDB.DAT</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\EN-US\KERNELBASE.DLL.MUI</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\NTDLL.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\KERNEL32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\APISETSCHEMA.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\KERNELBASE.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\apache-tomee-webprofile\bin\TomEE.amd64.exe</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\ADVAPI32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\MSVCRT.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\SECHOST.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\RPCRT4.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\SHELL32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\SHLWAPI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\GDI32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\USER32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\LPK.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\USP10.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\IMM32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\MSCTF.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\SERVER\JVM.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\WSOCK32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\WS2_32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\NSI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\WINMM.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\VERSION.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\PSAPI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\Windows\system32\MSVCR100.dll</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\VERIFY.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\JAVA.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\INSTRUMENT.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>E:\software\java\JRE8-64\BIN\ZIP.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\OLE32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\PROFAPI.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\sechost.dll</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\IMM32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\IMM32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFileMapping</Operation>
<Path>C:\WINDOWS\SYSTEM32\IMM32.DLL</Path>
<Result>FILE LOCKED WITH ONLY READERS</Result>
<Detail>SyncType: SyncTypeCreateSection, PageProtection: </Detail>
</event>
<event>
<Operation>CreateFile</Operation>
<Path>C:\PROGRAM FILES (X86)\SupTab\SEARCH~2.DLL</Path>
<Result>NAME NOT FOUND</Result>
<Detail>Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a</Detail>
</event>
<!-- removed further events to meet the forum's size limit -->
</eventlist>
</procmon>