瑞星卡卡安全论坛
龙王神力 - 2008-3-12 1:14:00
现象:
1。不能用鼠标拖动文件;
2。不能在注册表中打开表项;
3。在“计算机管理”中的“事件察看器”、“服务”、“本地用户和组”中的对象都不能显示其“属性”;“磁盘管理”一打开,mmc.exe就出错关闭;
4。symantec antivirus客户端软件安装后不能启动“symantec antivirus”服务;附件是瑞星卡卡电脑诊断日志,字数太多了只能分帖贴出来 v1.30 (2008-3-7 18:17:40) 北京瑞星科技股份有限公司
注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
ccEvtMgr
[AM] 1. c:\program files\common files\symantec shared\ccevtmgr.exe
Symantec Corporation
Symantec Event Manager Service
.text,.rdata,.data,.rsrc,
ccSetMgr
[AM] 2. c:\program files\common files\symantec shared\ccsetmgr.exe
Symantec Corporation
Symantec Settings Manager Service
.text,.rdata,.data,.rsrc,
DefWatch
[A ] 3. c:\program files\symantec antivirus\defwatch.exe
Symantec Corporation
Virus Definition Daemon
.text,.rdata,.data,.rsrc,
EPolCCService
[AM] 4. c:\program files\linkwork\epolcc\epolcc.exe
Linkwork
EPolCC
.text,.rdata,.data,.rsrc,
LiveUpdate
[A ] 5. c:\program files\symantec\liveupdate\lucomserver_3_1.exe
Symantec Corporation
LiveUpdate Engine COM Module
.text,.rdata,.data,.data1,.rsrc,
ose
[A ] 6. c:\program files\common files\microsoft shared\source engine\ose.exe
Microsoft Corporation
Office Source Engine
.text,.data,.rsrc,
SavRoam
[AM] 7. c:\program files\symantec antivirus\savroam.exe
symantec
SAVRoam
.text,.rdata,.data,.rsrc,
SNDSrvc
[A ] 8. c:\program files\common files\symantec shared\sndsrvc.exe
Symantec Corporation
Network Driver Service
.text,.rdata,.data,.rsrc,
SPBBCSvc
[A ] 9. c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe
Symantec Corporation
SPBBC Service
.text,.rdata,.data,.data1,.rsrc,
Symantec AntiVirus
[AM] 10. c:\program files\symantec antivirus\rtvscan.exe
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.data1,.rsrc,
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
ALCXWDM
[A ] 11. c:\windows\system32\drivers\alcxwdm.sys
Realtek Semiconductor Corp.
Realtek AC'97 Audio Driver (WDM)
.text,CODE,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc,
Apaidi
[A ] 12. c:\windows\system32\drivers\apaidi.sys
eeCtrl
[A ] 13. c:\program files\common files\symantec shared\eengine\eectrl.sys
Symantec Corporation
Symantec Eraser Control Driver
.npdata,PAGEtext,PAGEdata,PAGErdat,INIT,.rsrc,.reloc,
EraserUtilRebootDrv
[A ] 14. c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys
Symantec Corporation
Symantec Eraser Utility Driver
.npdata,PAGEtext,PAGEdata,PAGErdat,INIT,.rsrc,.reloc,
ialm
[A ] 15. c:\windows\system32\drivers\igxpmp32.sys
Intel Corporation
Intel Graphics Miniport Driver
.text,.rdata,.data,PAGE,.edata,INIT,.rsrc,.reloc,
kung
[A ] 16. c:\windows\system32\drivers\kung.sys
Travelsky Technology Limited
ETerm3 PS Driver(仅限中国大陆)
.text,.rdata,.data,INIT,.rsrc,.reloc,
NAVENG
[A ] 17. c:\progra~1\common~1\symant~1\virusd~1\20080306.003\naveng.sys
Symantec Corporation
AV Engine
.text,.data,.CRT,PAGE,PAGED,INIT,.rsrc,.reloc,
NAVEX15
[A ] 18. c:\progra~1\common~1\symant~1\virusd~1\20080306.003\navex15.sys
Symantec Corporation
AV Engine
.text,.data,.CRT,PAGE,PAGED,INIT,.rsrc,.reloc,
npkcrypt
[A ] 19. d:\office11\npkcrypt.sys
INCA Internet Co., Ltd.
nProtect KeyCrypt Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsAntiSpyware
[A ] 20. c:\windows\system32\drivers\rsboot.sys
Beijing Rising Technology Co., Ltd.
Anti-RootKit Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RTL8023xp
[A ] 21. c:\windows\system32\drivers\rtnicxp.sys
Realtek Semiconductor Corporation
Realtek 10/100/1000 NDIS 5.1 Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SAVRT
[A ] 22. c:\program files\symantec antivirus\savrt.sys
Symantec Corporation
AutoProtect
.text,.rdata,.data,PAGE,PAGED,INIT,.rsrc,.reloc,
SAVRTPEL
[A ] 23. c:\program files\symantec antivirus\savrtpel.sys
Symantec Corporation
SAVRTPEL
.text,.rdata,.data,PAGE,PAGED,INIT,.rsrc,.reloc,
SPBBCDrv
[A ] 24. c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys
Symantec Corporation
SPBBC Driver
.text,.rdata,.data,.data1,INIT,.rsrc,.reloc,
SymEvent
[A ] 25. c:\program files\symantec\symevent.sys
Symantec Corporation
Symantec Event Library
.text,.rdata,.data,.edata,INIT,.rsrc,.reloc,
SYMREDRV
[A ] 26. c:\windows\system32\drivers\symredrv.sys
Symantec Corporation
Redirector Filter Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
SYMTDI
[A ] 27. c:\windows\system32\drivers\symtdi.sys
Symantec Corporation
Network Dispatch Driver
.text,.rdata,.data,PAGE,.edata,PAGELKD,INIT,.rsrc,.reloc,
xFileMgr
[A ] 28. c:\windows\system32\drivers\xfilemgr.sys
MS User
xFileMgr
.text,.rdata,.data,INIT,.rsrc,.reloc,
附件:
782096200831213019.txt
龙王神力 - 2008-3-12 1:16:00
+ 系统登陆自运行
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
EPOL
[AM] 29. c:\windows\system32\epolwlnf.dll
Linkwork
EPolWLNF
.text,.rdata,.data,.rsrc,.reloc,
NavLogon
[AM] 30. c:\windows\system32\navlogon.dll
Symantec Corporation
Symantec AntiVirus Logon Notification
.text,.rdata,.data,.rsrc,.reloc,
+ 资源管理器加载模块
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
text/xml
[A ] 31. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
Microsoft Corporation
Microsoft Office XML MIME Filter
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
mso-offdap
[A ] 32. c:\program files\common files\microsoft shared\web components\10\owc10.dll
Microsoft Corporation
Microsoft Office XP Web Components
.text,.data,.rtext,.bootdat,msoconst,Shared,.rsrc,.reloc,
mso-offdap11
[A ] 33. c:\program files\common files\microsoft shared\web components\11\owc11.dll
Microsoft Corporation
Microsoft Office Web Components 2003
.text,.data,.rtext,Shared,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 34. c:\windows\system32\hticons.dll
Hilgraeve, Inc.
HyperTerminal Applet Library
.text,.data,.rsrc,.reloc,
Web Folders
[A ] 35. c:\program files\common files\microsoft shared\web folders\msonsext.dll
Microsoft Corporation
Microsoft Web Folders
.text,.data,.rsrc,.reloc,
Microsoft Office Outlook Desktop Icon Handler
[A ] 36. d:\office11\mlshext.dll
Microsoft Corporation
Microsoft Shell Extension Library
.text,.data,.rsrc,.reloc,
Microsoft Office Outlook Custom Icon Handler
[A ] 37. d:\office11\olkfstub.dll
Microsoft Corporation
Outlook Shell Hook for Start/Find
.text,.data,.rsrc,.reloc,
Microsoft Office HTML Icon Handler
[AM] 38. d:\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
WinRAR shell extension
[AM] 39. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
LDVP Shell Extensions
[AM] 40. c:\program files\common files\symantec shared\ssc\vpshell2.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}
[A ] 41. c:\windows\system32\shlhook.dll
Beijing Rising Technology Co., Ltd.
shlhook Module
.text,.rdata,.data,.rsrc,.reloc,
+ 用户登陆自运行项目
+ HKCU\Software\Microsoft\Windows\CurrentVersion\Run
MSMSGS
[A ] 42. c:\program files\messenger\msmsgs.exe
Microsoft Corporation
Windows Messenger
.text,.data,.rsrc,
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
EPolCCControl
[AM] 43. c:\program files\linkwork\epolcc\epolcccontrol.exe
Linkwork
EPolCCControl
.text,.rdata,.data,.rsrc,
ccApp
[AM] 44. c:\program files\common files\symantec shared\ccapp.exe
Symantec Corporation
Symantec User Session
.text,.rdata,.data,.rsrc,
vptray
[A ] 45. c:\program files\symantec antivirus\vptray.exe
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,
runeip
[AM] 46. c:\program files\rising\antispyware\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
KKDelay
[A ] 47. c:\program files\rising\antispyware\runonce.exe
Beijing Rising Technology Co., Ltd.
RunOnce Application
.text,.rdata,.data,.rsrc,
+ 开机执行
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 48. c:\windows\system32\kknative.exe
Beijing Rising Technology Co., Ltd.
NativeAp
.text,.data,.rsrc,.reloc,
+ 映像劫持
+ HKCR\.html
htmlfile\Edit\Command
[A ] 49. d:\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
htmlfile\Print\Command
[A ] 49. d:\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
+ HKCR\.htm
htmlfile\Edit\Command
[A ] 49. d:\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
htmlfile\Print\Command
[A ] 49. d:\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
+ 打印机监控
+ HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
Microsoft Document Imaging Writer Monitor
[AM] 50. c:\windows\system32\mdimon.dll
Microsoft Corporation
Microsoft? Document Imaging
.text,.data,.rsrc,.reloc,
+ 正在运行的进程
+ 0000014c(332) smss.exe
+ 0000017c(380) csrss.exe
+ 00000194(404) winlogon.exe
10000000[00018000]
[AM] 29. c:\windows\system32\epolwlnf.dll
Linkwork
EPolWLNF
.text,.rdata,.data,.rsrc,.reloc,
65E30000[0000D000]
龙王神力 - 2008-3-12 1:17:00
65E30000[0000D000]
[AM] 30. c:\windows\system32\navlogon.dll
Symantec Corporation
Symantec AntiVirus Logon Notification
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 51. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
+ 000001c0(448) services.exe
+ 000001cc(460) lsass.exe
+ 000001d0(464) Explorer.EXE
72C80000[00008000]
[ M] 51. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
01160000[0002C000]
[AM] 39. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
65870000[0000D000]
[AM] 40. c:\program files\common files\symantec shared\ssc\vpshell2.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 52. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
325C0000[00012000]
[AM] 38. d:\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
10000000[0001B000]
[ M] 53. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 0000026c(620) svchost.exe
+ 000002b0(688) svchost.exe
+ 000002e8(744) svchost.exe
+ 00000334(820) svchost.exe
+ 00000340(832) svchost.exe
+ 00000364(868) ccSetMgr.exe
00400000[00029000]
[AM] 2. c:\program files\common files\symantec shared\ccsetmgr.exe
Symantec Corporation
Symantec Settings Manager Service
.text,.rdata,.data,.rsrc,
7C3A0000[0007B000]
[ M] 54. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 52. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
6AF90000[0005E000]
[ M] 55. c:\program files\common files\symantec shared\ccl40.dll
Symantec Corporation
Symantec Library
.text,.rdata,.data,.rsrc,.reloc,
6B350000[00017000]
[ M] 56. c:\program files\common files\symantec shared\ccvrtrst.dll
Symantec Corporation
Symantec Trust Validation Engine
.text,.rdata,.data,.rsrc,.reloc,
6B330000[00014000]
[ M] 57. c:\program files\common files\symantec shared\ccsetevt.dll
Symantec Corporation
Symantec Settings Manager Event Factory
.text,.rdata,.data,.rsrc,.reloc,
+ 000003b0(944) ccApp.exe
00400000[0000F000]
[AM] 44. c:\program files\common files\symantec shared\ccapp.exe
Symantec Corporation
Symantec User Session
.text,.rdata,.data,.rsrc,
7C3A0000[0007B000]
[ M] 54. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 52. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
6AF90000[0005E000]
[ M] 55. c:\program files\common files\symantec shared\ccl40.dll
Symantec Corporation
Symantec Library
.text,.rdata,.data,.rsrc,.reloc,
6B350000[00017000]
[ M] 56. c:\program files\common files\symantec shared\ccvrtrst.dll
Symantec Corporation
Symantec Trust Validation Engine
.text,.rdata,.data,.rsrc,.reloc,
6B310000[00015000]
[ M] 58. c:\program files\common files\symantec shared\ccset.dll
Symantec Corporation
Symantec Settings Manager Engine
.text,.rdata,.data,.rsrc,.reloc,
6AA40000[00035000]
[ M] 59. c:\program files\common files\symantec shared\ccalert.dll
Symantec Corporation
Symantec Alert and Notification
.text,.rdata,.data,.rsrc,.reloc,
6AD80000[0003E000]
[ M] 60. c:\program files\common files\symantec shared\ccemlpxy.dll
Symantec Corporation
Symantec Email Proxy
.text,.rdata,.data,.rsrc,.reloc,
6F6F0000[0002A000]
[ M] 61. c:\windows\system32\symredir.dll
Symantec Corporation
Redirector Interface DLL
.text,.rdata,.data,.rsrc,.reloc,
6B330000[00014000]
[ M] 57. c:\program files\common files\symantec shared\ccsetevt.dll
Symantec Corporation
Symantec Settings Manager Event Factory
.text,.rdata,.data,.rsrc,.reloc,
6B200000[0000F000]
[ M] 62. c:\program files\common files\symantec shared\ccprosub.dll
Symantec Corporation
Symantec Proxy Factory
.text,.rdata,.data,.rsrc,.reloc,
65CF0000[00009000]
[ M] 63. c:\program files\symantec antivirus\savemail.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
+ 00000440(1088) spoolsv.exe
00AE0000[00008000]
[AM] 50. c:\windows\system32\mdimon.dll
Microsoft Corporation
Microsoft? Document Imaging
.text,.data,.rsrc,.reloc,
00AF0000[00008000]
[ M] 64. c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
Microsoft Corporation
Microsoft? Document Imaging
.text,.data,.rsrc,.reloc,
+ 000004e0(1248) EPolCC.Exe
00400000[000E3000]
[AM] 4. c:\program files\linkwork\epolcc\epolcc.exe
Linkwork
EPolCC
.text,.
龙王神力 - 2008-3-12 1:19:00
+ 000004e0(1248) EPolCC.Exe
00400000[000E3000]
[AM] 4. c:\program files\linkwork\epolcc\epolcc.exe
Linkwork
EPolCC
.text,.rdata,.data,.rsrc,
10000000[0001E000]
[ M] 65. c:\program files\linkwork\epolcc\commonfunc.dll
Linkwork
CommonFuncDLL for EPol
.text,.rdata,.data,.rsrc,.reloc,
00370000[0000F000]
[ M] 66. c:\program files\linkwork\epolcc\disksn32.dll
Linkwork
disksn32 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00B20000[00019000]
[ M] 67. c:\program files\linkwork\epolcc\ext_account.dll
Linkwork
ext_account
.text,.rdata,.data,.rsrc,.reloc,
00B50000[00015000]
[ M] 68. c:\program files\linkwork\epolcc\ext_hotfix.dll
Linkwork
ext_hotfix
.text,.rdata,.data,.rsrc,.reloc,
00E90000[00016000]
[ M] 69. c:\program files\linkwork\epolcc\ext_route.dll
LINKWORK
ext_route
.text,.rdata,.data,.rsrc,.reloc,
+ 00000524(1316) SavRoam.exe
00400000[0001E000]
[AM] 7. c:\program files\symantec antivirus\savroam.exe
symantec
SAVRoam
.text,.rdata,.data,.rsrc,
7C340000[00056000]
[ M] 52. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 54. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
658A0000[00073000]
[ M] 70. c:\program files\common files\symantec shared\ssc\transman.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
501E0000[00007000]
[ M] 71. c:\windows\system32\cba.dll
LANDesk Software Ltd.
CBA Interface Library
.text,.rdata,.data,.rsrc,.reloc,
50240000[0000A000]
[ M] 72. c:\windows\system32\msgsys.dll
LANDesk Software Ltd.
CBA -- Message System Library
.text,.rdata,.data,.rsrc,.reloc,
50250000[00014000]
[ M] 73. c:\windows\system32\nts.dll
LANDesk Software Ltd.
NTS
.text,.rdata,.data,.rsrc,.reloc,
50270000[00014000]
[ M] 74. c:\windows\system32\pds.dll
LANDesk Software Ltd.
PDS API
.text,.rdata,.data,.rsrc,.reloc,
65990000[000FF000]
[ M] 75. c:\program files\common files\symantec shared\ssc\scscomms.dll
Symantec Corporation
Symantec Client Security Management Communications
.text,.rdata,.data,_DATA1,.data1,.rsrc,.reloc,
+ 00000598(1432) Rtvscan.exe
00400000[001D8000]
[AM] 10. c:\program files\symantec antivirus\rtvscan.exe
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.data1,.rsrc,
7C3A0000[0007B000]
[ M] 54. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 52. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
501E0000[00007000]
[ M] 71. c:\windows\system32\cba.dll
LANDesk Software Ltd.
CBA Interface Library
.text,.rdata,.data,.rsrc,.reloc,
50240000[0000A000]
[ M] 72. c:\windows\system32\msgsys.dll
LANDesk Software Ltd.
CBA -- Message System Library
.text,.rdata,.data,.rsrc,.reloc,
50250000[00014000]
[ M] 73. c:\windows\system32\nts.dll
LANDesk Software Ltd.
NTS
.text,.rdata,.data,.rsrc,.reloc,
50270000[00014000]
[ M] 74. c:\windows\system32\pds.dll
LANDesk Software Ltd.
PDS API
.text,.rdata,.data,.rsrc,.reloc,
65E20000[0000F000]
[ M] 76. c:\program files\symantec antivirus\navlu.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
7C140000[00103000]
[ M] 77. c:\windows\system32\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
65E90000[00024000]
[ M] 78. c:\program files\symantec antivirus\i2ldvp3.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
6AF90000[0005E000]
[ M] 55. c:\program files\common files\symantec shared\ccl40.dll
Symantec Corporation
Symantec Library
.text,.rdata,.data,.rsrc,.reloc,
65E10000[00010000]
[ M] 79. c:\program files\symantec antivirus\navntutl.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
65990000[000FF000]
[ M] 75. c:\program files\common files\symantec shared\ssc\scscomms.dll
Symantec Corporation
Symantec Client Security Management Communications
.text,.rdata,.data,_DATA1,.data1,.rsrc,.reloc,
6B350000[00017000]
[ M] 56. c:\program files\common files\symantec shared\ccvrtrst.dll
Symantec Corporation
Symantec Trust Validation Engine
.text,.rdata,.data,.rsrc,.reloc,
6AD40000[0000F000]
[ M] 80. c:\program files\common files\symantec shared\ccdec.dll
Symantec Corporation
Symantec Decomposer Engine
.text,.rdata,.data,.rsrc,.reloc,
69890000[0000E000]
[ M] 81. c:\program files\common files\symantec shared\decomposers\decsdk.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
龙王神力 - 2008-3-12 1:19:00
69AE0000[00015000]
[ M] 82. c:\program files\common files\symantec shared\decomposers\dec2.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69A10000[0000D000]
[ M] 83. c:\program files\common files\symantec shared\decomposers\dec2id.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
698A0000[0003A000]
[ M] 84. c:\program files\common files\symantec shared\decomposers\dec2zip.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69950000[00016000]
[ M] 85. c:\program files\common files\symantec shared\decomposers\dec2ss.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69A20000[00018000]
[ M] 86. c:\program files\common files\symantec shared\decomposers\dec2gzip.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69A80000[00013000]
[ M] 87. c:\program files\common files\symantec shared\decomposers\dec2cab.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
699F0000[00016000]
[ M] 88. c:\program files\common files\symantec shared\decomposers\dec2lha.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69AB0000[0000F000]
[ M] 89. c:\program files\common files\symantec shared\decomposers\dec2arj.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
698E0000[00016000]
[ M] 90. c:\program files\common files\symantec shared\decomposers\dec2tnef.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
699E0000[0000E000]
[ M] 91. c:\program files\common files\symantec shared\decomposers\dec2lz.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69AC0000[0001C000]
[ M] 92. c:\program files\common files\symantec shared\decomposers\dec2amg.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69990000[00025000]
[ M] 93. c:\program files\common files\symantec shared\decomposers\dec2rar.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69940000[0000F000]
[ M] 94. c:\program files\common files\symantec shared\decomposers\dec2tar.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69970000[00014000]
[ M] 95. c:\program files\common files\symantec shared\decomposers\dec2rtf.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69900000[0003B000]
[ M] 96. c:\program files\common files\symantec shared\decomposers\dec2text.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
6B2B0000[00035000]
[ M] 97. c:\program files\common files\symantec shared\ccscan.dll
Symantec Corporation
Symantec Scan Engine
.text,.rdata,.data,.rsrc,.reloc,
69000000[0001D000]
[ M] 98. c:\program files\common files\symantec shared\ecmldr32.dll
Symantec Corporation
Symantec Engine Common Object Model Loader
.text,.rdata,.data,.rsrc,.reloc,
6D300000[00278000]
[ M] 99. c:\program files\common files\symant~1\virusd~1\20080306.003\cceraser.dll
Symantec Corporation
Symantec Eraser Engine
.text,.rdata,.data,.data1,.rsrc,.reloc,
01F80000[00099000]
[ M] 100. c:\program files\symantec antivirus\defutdcd.dll
Symantec Corporation
Symantec Definition Utilities
.text,.rdata,.data,.data1,.rsrc,.reloc,
69040000[00045000]
[ M] 101. c:\program files\common files\symant~1\virusd~1\20080306.003\ecmsvr32.dll
Symantec Corporation
Symantec Engine Common Object Model Server
.text,.rdata,.data,.rsrc,.reloc,
69100000[000E5000]
[ M] 102. c:\program files\common files\symant~1\virusd~1\20080306.003\navex32a.dll
Symantec Corporation
AV Engine
.text,.rdata,.data,.rsrc,.reloc,
692C0000[0001F000]
[ M] 103. c:\program files\common files\symant~1\virusd~1\20080306.003\naveng32.dll
Symantec Corporation
AV Engine
.text,.rdata,.data,.rsrc,.reloc,
6FA60000[00038000]
[ M] 104. c:\program files\symantec antivirus\savrt32.dll
Symantec Corporation
AutoProtect DLL
.text,.rdata,.data,.rsrc,.reloc,
65E40000[00048000]
[ M] 105. c:\program files\symantec antivirus\imail.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
65880000[00014000]
[ M] 106. c:\program files\symantec antivirus\vpmsece4.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
65920000[00045000]
[ M] 107. c:\program files\symantec antivirus\symprotectstorage.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
6A800000[00099000]
[ M] 108. c:\program files\common files\symantec shared\defutdcd.dll
Symantec Corporation
Symantec Definition Utilities
.text,.rdata,.data,.data1,.rsrc,.reloc,
龙王神力 - 2008-3-12 1:20:00
+ 000005cc(1484) EPolCCControl.Exe
00400000[00062000]
[AM] 43. c:\program files\linkwork\epolcc\epolcccontrol.exe
Linkwork
EPolCCControl
.text,.rdata,.data,.rsrc,
10000000[0001E000]
[ M] 65. c:\program files\linkwork\epolcc\commonfunc.dll
Linkwork
CommonFuncDLL for EPol
.text,.rdata,.data,.rsrc,.reloc,
73D30000[000FE000]
[ M] 109. c:\program files\linkwork\epolcc\mfc42.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.rdata,.data,.rsrc,.reloc,
75FF0000[00065000]
[ M] 110. c:\program files\linkwork\epolcc\msvcp60.dll
Microsoft Corporation
Microsoft (R) C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
00DE0000[0001B000]
[ M] 53. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000674(1652) ctfmon.exe
10000000[0001B000]
[ M] 53. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000006c0(1728) wuauclt.exe
+ 00000730(1840) alg.exe
+ 00000968(2408) drwtsn32.exe
+ 000009bc(2492) msiexec.exe
+ 00000ae4(2788) ccEvtMgr.exe
00400000[00031000]
[AM] 1. c:\program files\common files\symantec shared\ccevtmgr.exe
Symantec Corporation
Symantec Event Manager Service
.text,.rdata,.data,.rsrc,
7C3A0000[0007B000]
[ M] 54. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 52. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
6AF90000[0005E000]
[ M] 55. c:\program files\common files\symantec shared\ccl40.dll
Symantec Corporation
Symantec Library
.text,.rdata,.data,.rsrc,.reloc,
6B350000[00017000]
[ M] 56. c:\program files\common files\symantec shared\ccvrtrst.dll
Symantec Corporation
Symantec Trust Validation Engine
.text,.rdata,.data,.rsrc,.reloc,
6B310000[00015000]
[ M] 58. c:\program files\common files\symantec shared\ccset.dll
Symantec Corporation
Symantec Settings Manager Engine
.text,.rdata,.data,.rsrc,.reloc,
+ 00000ce0(3296) runiep.exe
00400000[0001F000]
[AM] 46. c:\program files\rising\antispyware\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
7C140000[00103000]
[ M] 111. c:\program files\rising\antispyware\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 112. c:\program files\rising\antispyware\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
00B40000[0001B000]
[ M] 53. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000ce4(3300) SRE.EXE
00400000[0040D000]
[ M] 113. g:\病毒检测工具\进程分析处理工具\sreng2.5.16.9\sre.exe
Smallfrogs Studio
System Repair Engineer
.text,.rsrc,
10000000[00015000]
[ M] 114. g:\病毒检测工具\进程分析处理工具\sreng2.5.16.9\upload\3rdupd.dll
Smallfrogs Studio
System Repair Engineer 3rd Upload Module Demo
.text,.rdata,.data,.rsrc,.reloc,
02600000[0001B000]
[ M] 53. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000e60(3680) Ras.exe
00400000[0019F000]
[ M] 115. c:\program files\rising\antispyware\ras.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,
7C140000[00103000]
[ M] 111. c:\program files\rising\antispyware\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 112. c:\program files\rising\antispyware\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 116. c:\program files\rising\antispyware\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
10000000[00013000]
[ M] 117. c:\program files\rising\antispyware\topsoft.dll
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware TopSoft
.text,.rdata,.data,.rsrc,.reloc,
00370000[0001E000]
[ M] 118. c:\program files\rising\antispyware\ncomm.dll
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
00E10000[0014B000]
[ M] 119. c:\program files\rising\antispyware\rasgui.dll
Beijing Rising Technology Co., Ltd.
RasGUI
.text,.rdata,.data,.rsrc,.reloc,
23800000[00022000]
[ M] 120. c:\program files\rising\antispyware\rsxml.dll
Beijing Rising Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
02A80000[00018000]
[ M] 121. c:\program files\rising\antispyware\ktrojan.dll
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
02AA0000[0002F000]
[ M] 122. c:\program f
龙王神力 - 2008-3-12 1:21:00
02AA0000[0002F000]
[ M] 122. c:\program files\rising\antispyware\engine.dll
Beijing Rising Technology Co., Ltd.
kaka engine
.text,.rdata,.data,.rsrc,.reloc,
02AE0000[0003B000]
[ M] 123. c:\program files\rising\antispyware\rsdialog.dll
Beijing Rising Technology Co., Ltd.
Rsdiaglo DLL
.text,.rdata,.data,.rsrc,.reloc,
02B30000[00020000]
[ M] 124. c:\program files\rising\antispyware\scanunv.dll
Beijing Rising Technology Co., Ltd.
.text,.rdata,.data,.rsrc,.reloc,
02B60000[0001F000]
[ M] 125. c:\program files\rising\antispyware\secscan.dll
Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited
SecScan Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02C40000[00015000]
[ M] 126. c:\program files\rising\antispyware\secex.dll
Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited
SecScanE Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
03220000[00012000]
[ M] 127. c:\program files\rising\antispyware\zip.dll
rising
zip
UPX0,UPX1,.rsrc,
036F0000[0001B000]
[ M] 53. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 51. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
龙王神力 - 2008-3-12 1:22:00
+ 000001c0(448) services.exe
+ 000001cc(460) lsass.exe
+ 000001d0(464) Explorer.EXE
72C80000[00008000]
[ M] 51. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
01160000[0002C000]
[AM] 39. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
65870000[0000D000]
[AM] 40. c:\program files\common files\symantec shared\ssc\vpshell2.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 52. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
325C0000[00012000]
[AM] 38. d:\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
10000000[0001B000]
[ M] 53. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 0000026c(620) svchost.exe
+ 000002b0(688) svchost.exe
+ 000002e8(744) svchost.exe
+ 00000334(820) svchost.exe
+ 00000340(832) svchost.exe
+ 00000364(868) ccSetMgr.exe
00400000[00029000]
[AM] 2. c:\program files\common files\symantec shared\ccsetmgr.exe
Symantec Corporation
Symantec Settings Manager Service
.text,.rdata,.data,.rsrc,
7C3A0000[0007B000]
[ M] 54. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 52. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
6AF90000[0005E000]
[ M] 55. c:\program files\common files\symantec shared\ccl40.dll
Symantec Corporation
Symantec Library
.text,.rdata,.data,.rsrc,.reloc,
6B350000[00017000]
[ M] 56. c:\program files\common files\symantec shared\ccvrtrst.dll
Symantec Corporation
Symantec Trust Validation Engine
.text,.rdata,.data,.rsrc,.reloc,
6B330000[00014000]
[ M] 57. c:\program files\common files\symantec shared\ccsetevt.dll
Symantec Corporation
Symantec Settings Manager Event Factory
.text,.rdata,.data,.rsrc,.reloc,
+ 000003b0(944) ccApp.exe
00400000[0000F000]
[AM] 44. c:\program files\common files\symantec shared\ccapp.exe
Symantec Corporation
Symantec User Session
.text,.rdata,.data,.rsrc,
7C3A0000[0007B000]
[ M] 54. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 52. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
6AF90000[0005E000]
[ M] 55. c:\program files\common files\symantec shared\ccl40.dll
Symantec Corporation
Symantec Library
.text,.rdata,.data,.rsrc,.reloc,
6B350000[00017000]
[ M] 56. c:\program files\common files\symantec shared\ccvrtrst.dll
Symantec Corporation
Symantec Trust Validation Engine
.text,.rdata,.data,.rsrc,.reloc,
6B310000[00015000]
[ M] 58. c:\program files\common files\symantec shared\ccset.dll
Symantec Corporation
Symantec Settings Manager Engine
.text,.rdata,.data,.rsrc,.reloc,
6AA40000[00035000]
[ M] 59. c:\program files\common files\symantec shared\ccalert.dll
Symantec Corporation
Symantec Alert and Notification
.text,.rdata,.data,.rsrc,.reloc,
6AD80000[0003E000]
[ M] 60. c:\program files\common files\symantec shared\ccemlpxy.dll
Symantec Corporation
Symantec Email Proxy
.text,.rdata,.data,.rsrc,.reloc,
6F6F0000[0002A000]
[ M] 61. c:\windows\system32\symredir.dll
Symantec Corporation
Redirector Interface DLL
.text,.rdata,.data,.rsrc,.reloc,
6B330000[00014000]
[ M] 57. c:\program files\common files\symantec shared\ccsetevt.dll
Symantec Corporation
Symantec Settings Manager Event Factory
.text,.rdata,.data,.rsrc,.reloc,
6B200000[0000F000]
[ M] 62. c:\program files\common files\symantec shared\ccprosub.dll
Symantec Corporation
Symantec Proxy Factory
.text,.rdata,.data,.rsrc,.reloc,
65CF0000[00009000]
[ M] 63. c:\program files\symantec antivirus\savemail.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
+ 00000440(1088) spoolsv.exe
00AE0000[00008000]
[AM] 50. c:\windows\system32\mdimon.dll
Microsoft Corporation
Microsoft? Document Imaging
.text,.data,.rsrc,.reloc,
00AF0000[00008000]
[ M] 64. c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
Microsoft Corporation
Microsoft? Document Imaging
.text,.data,.rsrc,.reloc,
+ 000004e0(1248) EPolCC.Exe
00400000[000E3000]
[AM] 4. c:\program files\linkwork\epolcc\epolcc.exe
Linkwork
EPolCC
.text,.rdata,.data,.rsrc,
10000000[0001E000]
[ M] 65. c:\program files\linkwork\epolcc\commonfunc.dll
Linkwork
CommonFuncDLL for EPol
.text,.rdata,.data,.rsrc,.reloc,
00370000[0000F000]
[ M] 66. c:\program files\linkwork\epolcc\disksn32.dll
Linkwork
disksn32 Dynamic Link Library
.text,.
龙王神力 - 2008-3-12 1:23:00
00B20000[00019000]
[ M] 67. c:\program files\linkwork\epolcc\ext_account.dll
Linkwork
ext_account
.text,.rdata,.data,.rsrc,.reloc,
00B50000[00015000]
[ M] 68. c:\program files\linkwork\epolcc\ext_hotfix.dll
Linkwork
ext_hotfix
.text,.rdata,.data,.rsrc,.reloc,
00E90000[00016000]
[ M] 69. c:\program files\linkwork\epolcc\ext_route.dll
LINKWORK
ext_route
.text,.rdata,.data,.rsrc,.reloc,
+ 00000524(1316) SavRoam.exe
00400000[0001E000]
[AM] 7. c:\program files\symantec antivirus\savroam.exe
symantec
SAVRoam
.text,.rdata,.data,.rsrc,
7C340000[00056000]
[ M] 52. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 54. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
658A0000[00073000]
[ M] 70. c:\program files\common files\symantec shared\ssc\transman.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
501E0000[00007000]
[ M] 71. c:\windows\system32\cba.dll
LANDesk Software Ltd.
CBA Interface Library
.text,.rdata,.data,.rsrc,.reloc,
50240000[0000A000]
[ M] 72. c:\windows\system32\msgsys.dll
LANDesk Software Ltd.
CBA -- Message System Library
.text,.rdata,.data,.rsrc,.reloc,
50250000[00014000]
[ M] 73. c:\windows\system32\nts.dll
LANDesk Software Ltd.
NTS
.text,.rdata,.data,.rsrc,.reloc,
50270000[00014000]
[ M] 74. c:\windows\system32\pds.dll
LANDesk Software Ltd.
PDS API
.text,.rdata,.data,.rsrc,.reloc,
65990000[000FF000]
[ M] 75. c:\program files\common files\symantec shared\ssc\scscomms.dll
Symantec Corporation
Symantec Client Security Management Communications
.text,.rdata,.data,_DATA1,.data1,.rsrc,.reloc,
+ 00000598(1432) Rtvscan.exe
00400000[001D8000]
[AM] 10. c:\program files\symantec antivirus\rtvscan.exe
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.data1,.rsrc,
7C3A0000[0007B000]
[ M] 54. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 52. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
501E0000[00007000]
[ M] 71. c:\windows\system32\cba.dll
LANDesk Software Ltd.
CBA Interface Library
.text,.rdata,.data,.rsrc,.reloc,
50240000[0000A000]
[ M] 72. c:\windows\system32\msgsys.dll
LANDesk Software Ltd.
CBA -- Message System Library
.text,.rdata,.data,.rsrc,.reloc,
50250000[00014000]
[ M] 73. c:\windows\system32\nts.dll
LANDesk Software Ltd.
NTS
.text,.rdata,.data,.rsrc,.reloc,
50270000[00014000]
[ M] 74. c:\windows\system32\pds.dll
LANDesk Software Ltd.
PDS API
.text,.rdata,.data,.rsrc,.reloc,
65E20000[0000F000]
[ M] 76. c:\program files\symantec antivirus\navlu.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
7C140000[00103000]
[ M] 77. c:\windows\system32\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
65E90000[00024000]
[ M] 78. c:\program files\symantec antivirus\i2ldvp3.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
6AF90000[0005E000]
[ M] 55. c:\program files\common files\symantec shared\ccl40.dll
Symantec Corporation
Symantec Library
.text,.rdata,.data,.rsrc,.reloc,
65E10000[00010000]
[ M] 79. c:\program files\symantec antivirus\navntutl.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
65990000[000FF000]
[ M] 75. c:\program files\common files\symantec shared\ssc\scscomms.dll
Symantec Corporation
Symantec Client Security Management Communications
.text,.rdata,.data,_DATA1,.data1,.rsrc,.reloc,
6B350000[00017000]
[ M] 56. c:\program files\common files\symantec shared\ccvrtrst.dll
Symantec Corporation
Symantec Trust Validation Engine
.text,.rdata,.data,.rsrc,.reloc,
6AD40000[0000F000]
[ M] 80. c:\program files\common files\symantec shared\ccdec.dll
Symantec Corporation
Symantec Decomposer Engine
.text,.rdata,.data,.rsrc,.reloc,
69890000[0000E000]
[ M] 81. c:\program files\common files\symantec shared\decomposers\decsdk.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69AE0000[00015000]
[ M] 82. c:\program files\common files\symantec shared\decomposers\dec2.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69A10000[0000D000]
[ M] 83. c:\program files\common files\symantec shared\decomposers\dec2id.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
698A0000[0003A000]
[ M] 84. c:\program files\common files\symantec shared\decomposers\dec2zip.dll
Symantec Corporation
File Decomposer Component
.text,.rd
龙王神力 - 2008-3-12 1:24:00
698A0000[0003A000]
[ M] 84. c:\program files\common files\symantec shared\decomposers\dec2zip.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69950000[00016000]
[ M] 85. c:\program files\common files\symantec shared\decomposers\dec2ss.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69A20000[00018000]
[ M] 86. c:\program files\common files\symantec shared\decomposers\dec2gzip.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69A80000[00013000]
[ M] 87. c:\program files\common files\symantec shared\decomposers\dec2cab.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
699F0000[00016000]
[ M] 88. c:\program files\common files\symantec shared\decomposers\dec2lha.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69AB0000[0000F000]
[ M] 89. c:\program files\common files\symantec shared\decomposers\dec2arj.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
698E0000[00016000]
[ M] 90. c:\program files\common files\symantec shared\decomposers\dec2tnef.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
699E0000[0000E000]
[ M] 91. c:\program files\common files\symantec shared\decomposers\dec2lz.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69AC0000[0001C000]
[ M] 92. c:\program files\common files\symantec shared\decomposers\dec2amg.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69990000[00025000]
[ M] 93. c:\program files\common files\symantec shared\decomposers\dec2rar.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69940000[0000F000]
[ M] 94. c:\program files\common files\symantec shared\decomposers\dec2tar.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69970000[00014000]
[ M] 95. c:\program files\common files\symantec shared\decomposers\dec2rtf.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
69900000[0003B000]
[ M] 96. c:\program files\common files\symantec shared\decomposers\dec2text.dll
Symantec Corporation
File Decomposer Component
.text,.rdata,.data,.rsrc,.reloc,
6B2B0000[00035000]
[ M] 97. c:\program files\common files\symantec shared\ccscan.dll
Symantec Corporation
Symantec Scan Engine
.text,.rdata,.data,.rsrc,.reloc,
69000000[0001D000]
[ M] 98. c:\program files\common files\symantec shared\ecmldr32.dll
Symantec Corporation
Symantec Engine Common Object Model Loader
.text,.rdata,.data,.rsrc,.reloc,
6D300000[00278000]
[ M] 99. c:\program files\common files\symant~1\virusd~1\20080306.003\cceraser.dll
Symantec Corporation
Symantec Eraser Engine
.text,.rdata,.data,.data1,.rsrc,.reloc,
01F80000[00099000]
[ M] 100. c:\program files\symantec antivirus\defutdcd.dll
Symantec Corporation
Symantec Definition Utilities
.text,.rdata,.data,.data1,.rsrc,.reloc,
69040000[00045000]
[ M] 101. c:\program files\common files\symant~1\virusd~1\20080306.003\ecmsvr32.dll
Symantec Corporation
Symantec Engine Common Object Model Server
.text,.rdata,.data,.rsrc,.reloc,
69100000[000E5000]
[ M] 102. c:\program files\common files\symant~1\virusd~1\20080306.003\navex32a.dll
Symantec Corporation
AV Engine
.text,.rdata,.data,.rsrc,.reloc,
692C0000[0001F000]
[ M] 103. c:\program files\common files\symant~1\virusd~1\20080306.003\naveng32.dll
Symantec Corporation
AV Engine
.text,.rdata,.data,.rsrc,.reloc,
6FA60000[00038000]
[ M] 104. c:\program files\symantec antivirus\savrt32.dll
Symantec Corporation
AutoProtect DLL
.text,.rdata,.data,.rsrc,.reloc,
65E40000[00048000]
[ M] 105. c:\program files\symantec antivirus\imail.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
65880000[00014000]
[ M] 106. c:\program files\symantec antivirus\vpmsece4.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
65920000[00045000]
[ M] 107. c:\program files\symantec antivirus\symprotectstorage.dll
Symantec Corporation
Symantec AntiVirus
.text,.rdata,.data,.rsrc,.reloc,
6A800000[00099000]
[ M] 108. c:\program files\common files\symantec shared\defutdcd.dll
Symantec Corporation
Symantec Definition Utilities
.text,.rdata,.data,.data1,.rsrc,.reloc,
+ 000005cc(1484) EPolCCControl.Exe
00400000[00062000]
[AM] 43. c:\program files\linkwork\epolcc\epolcccontrol.exe
Linkwork
EPolCCControl
.text,.rdata,.data,.rsrc,
10000000[0001E000]
[ M] 65. c:\program files\linkwork\epolcc\commonfunc.dll
Linkwork
CommonFuncDLL for EPol
.text,.rdata,.data,.rsrc,.reloc,
73D30000[000FE000]
[ M] 109. c:\program files\linkwork\epolcc\mfc42.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.rdata,.data,.rsrc,.rel
龙王神力 - 2008-3-12 1:25:00
73D30000[000FE000]
[ M] 109. c:\program files\linkwork\epolcc\mfc42.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.rdata,.data,.rsrc,.reloc,
75FF0000[00065000]
[ M] 110. c:\program files\linkwork\epolcc\msvcp60.dll
Microsoft Corporation
Microsoft (R) C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
00DE0000[0001B000]
[ M] 53. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000674(1652) ctfmon.exe
10000000[0001B000]
[ M] 53. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000006c0(1728) wuauclt.exe
+ 00000730(1840) alg.exe
+ 00000968(2408) drwtsn32.exe
+ 000009bc(2492) msiexec.exe
+ 00000ae4(2788) ccEvtMgr.exe
00400000[00031000]
[AM] 1. c:\program files\common files\symantec shared\ccevtmgr.exe
Symantec Corporation
Symantec Event Manager Service
.text,.rdata,.data,.rsrc,
7C3A0000[0007B000]
[ M] 54. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 52. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
6AF90000[0005E000]
[ M] 55. c:\program files\common files\symantec shared\ccl40.dll
Symantec Corporation
Symantec Library
.text,.rdata,.data,.rsrc,.reloc,
6B350000[00017000]
[ M] 56. c:\program files\common files\symantec shared\ccvrtrst.dll
Symantec Corporation
Symantec Trust Validation Engine
.text,.rdata,.data,.rsrc,.reloc,
6B310000[00015000]
[ M] 58. c:\program files\common files\symantec shared\ccset.dll
Symantec Corporation
Symantec Settings Manager Engine
.text,.rdata,.data,.rsrc,.reloc,
+ 00000ce0(3296) runiep.exe
00400000[0001F000]
[AM] 46. c:\program files\rising\antispyware\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
7C140000[00103000]
[ M] 111. c:\program files\rising\antispyware\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 112. c:\program files\rising\antispyware\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
00B40000[0001B000]
[ M] 53. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000ce4(3300) SRE.EXE
00400000[0040D000]
[ M] 113. g:\病毒检测工具\进程分析处理工具\sreng2.5.16.9\sre.exe
Smallfrogs Studio
System Repair Engineer
.text,.rsrc,
10000000[00015000]
[ M] 114. g:\病毒检测工具\进程分析处理工具\sreng2.5.16.9\upload\3rdupd.dll
Smallfrogs Studio
System Repair Engineer 3rd Upload Module Demo
.text,.rdata,.data,.rsrc,.reloc,
02600000[0001B000]
[ M] 53. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000e60(3680) Ras.exe
00400000[0019F000]
[ M] 115. c:\program files\rising\antispyware\ras.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,
7C140000[00103000]
[ M] 111. c:\program files\rising\antispyware\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 112. c:\program files\rising\antispyware\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 116. c:\program files\rising\antispyware\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
10000000[00013000]
[ M] 117. c:\program files\rising\antispyware\topsoft.dll
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware TopSoft
.text,.rdata,.data,.rsrc,.reloc,
00370000[0001E000]
[ M] 118. c:\program files\rising\antispyware\ncomm.dll
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
00E10000[0014B000]
[ M] 119. c:\program files\rising\antispyware\rasgui.dll
Beijing Rising Technology Co., Ltd.
RasGUI
.text,.rdata,.data,.rsrc,.reloc,
23800000[00022000]
[ M] 120. c:\program files\rising\antispyware\rsxml.dll
Beijing Rising Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
02A80000[00018000]
[ M] 121. c:\program files\rising\antispyware\ktrojan.dll
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
02AA0000[0002F000]
[ M] 122. c:\program files\rising\antispyware\engine.dll
Beijing Rising Technology Co., Ltd.
kaka engine
.text,.rdata,.data,.rsrc,.reloc,
02AE0000[0003B000]
[ M] 123. c:\program files\rising\antispyware\rsdialog.dll
Beijing Rising Technology Co., Ltd.
Rsdiaglo DLL
.text,.rdata,.data,.rsrc,.reloc,
龙王神力 - 2008-3-12 1:26:00
02B30000[00020000]
[ M] 124. c:\program files\rising\antispyware\scanunv.dll
Beijing Rising Technology Co., Ltd.
.text,.rdata,.data,.rsrc,.reloc,
02B60000[0001F000]
[ M] 125. c:\program files\rising\antispyware\secscan.dll
Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited
SecScan Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02C40000[00015000]
[ M] 126. c:\program files\rising\antispyware\secex.dll
Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited
SecScanE Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
03220000[00012000]
[ M] 127. c:\program files\rising\antispyware\zip.dll
rising
zip
UPX0,UPX1,.rsrc,
036F0000[0001B000]
[ M] 53. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 51. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
龙王神力 - 2008-3-12 1:27:00
真是晕啊,瑞星卡卡收集的日志也太大了吧,贴得我累死了
GeminiS - 2008-3-12 5:26:00
我只想知道为什么我只上卡卡连QQ都没开过还是中毒不浅```````
T T
龙王神力 - 2008-3-12 10:46:00
| 引用: |
【GeminiS的贴子】
我只想知道为什么我只上卡卡连QQ都没开过还是中毒不浅```````
T T
……………… |
估计是你的系统漏洞太多了吧:
建议:
给操作系统打补丁,
给你的软件打补丁
(可以参考这个网页上的说明:
http://www.360.cn/custom/softleak.html第三方软件漏洞)
给登录用户帐号添加复杂密码(数字、字母、符号混合,至少6位)
龙王神力 - 2008-3-12 10:51:00
上周五是两台有这问题,今天已经发展到4台了
现象:
1。不能用鼠标拖动文件;
2。不能在注册表中打开表项;
3。在“计算机管理”中的“事件察看器”、“服务”、“本地用户和组”中的对象都不能显示其“属性”;“磁盘管理”一打开,mmc.exe就出错关闭;
4。symantec antivirus客户端软件安装后不能启动“symantec antivirus”服务;
楼顶帖中的附件是瑞星卡卡电脑诊断日志,字数太多了只能分帖贴出来
天月来了 - 2008-3-12 11:30:00
扫SRENG日志发论坛来
http://www.kztechs.com/sreng/download.html下载System Repair Engineer
1 解压缩sreng2.zip(建议解压到系统Windows文件夹里)
2 运行SREng.exe ((将SREng.exe改名为123.com运行))
3 智能扫描=》扫描=》保存报告
4 把报告保存后,直接将日志内容彻底复制到一个空记事本里,然后再保存,就可以以附件的形式发论坛来了。
一定以附件形式发这论坛来。
点击我这贴右下角的“引用”然后就应该知道怎么发了。
龙王神力 - 2008-3-12 12:44:00
1
© 2000 - 2026 Rising Corp. Ltd.