廣告廣告
  加入我的最愛 設為首頁 風格修改
首頁 首尾
 手機版   訂閱   地圖  簡體 
您是第 8200 個閱讀者
 
發表文章 發表投票 回覆文章
  可列印版   加為IE收藏   收藏主題   上一主題 | 下一主題   
kang0110
數位造型
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x3
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片
推文 x0
[病毒蠕蟲] 求救-如何刪中毒檔(gevsx.dll )
小弟的電腦每次開機後

PC-CILLIN都會掃到1個檔案,即時防護如下:
已採取的中毒處理行動: 無法隔離檔案。確認不再需要該檔案之後,請手動將它刪除。
受感染檔案: C:\WINDOWS\system32\wbem\gevsx.dll
病毒或惡意程式名稱: TROJ_QQHELPER.VD

小弟嘗試用手動刪除卻出現現息gevsx:存取被拒絕
[kang0110] 鼻子一酸,開始叭嗒叭嗒掉眼淚了
動作


請問怎麼解決

請問各位前輩幫幫小弟!


獻花 x0 回到頂端 [樓 主] From:臺灣 | Posted:2007-03-22 01:40 |
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

應該是被注入到系統檔了..請參考置頂文章跑sreng報表貼上來判讀表情

ps:建議跑報表時關掉一些不必要的程式..這樣判讀比較不會那麼累表情


獻花 x0 回到頂端 [1 樓] From:臺灣中華電信 | Posted:2007-03-22 14:02 |
kang0110
數位造型
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x3
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

感謝"彗星風采 "大大指教,已使用SREng掃描存檔,不過內容實在不暸,可否再請判讀(毒)專家們幫小弟解析一番,最重要的是(gevsx.dll )應該用什麼掃毒程式或是方式才可刪除!? 表情


獻花 x0 回到頂端 [2 樓] From:臺灣 | Posted:2007-03-24 11:17 |
kang0110
數位造型
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x3
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

感謝"彗星風采 "大大指教,已使用SREng掃描存檔,不過內容實在不暸,可否再請判讀(毒)專家們幫小弟解析一番,最重要的是(gevsx.dll )應該用什麼掃毒程式或是方式才可刪除!? 表情


獻花 x0 回到頂端 [3 樓] From:臺灣 | Posted:2007-03-24 11:19 |
kang0110
數位造型
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x3
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

<版主抱歉先,小弟因附加檔案時格式不符,所以....非特意灌水,如可能請將2.3樓回覆刪除> 表情
感謝"彗星風采 "大大指教,已使用SREng掃描存檔,不過內容實在不暸,可否再請判讀(毒)專家們幫小弟解析一番,最重要的是(gevsx.dll )應該用什麼掃毒程式或是方式才可刪除!? 表情
2007-03-24,02:19:57

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZ....com)

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
  All Boot Items (Including Registry, Startup Folders, Services and so on)
  Browser Add-ons
  Runing Processes (Including process model information)
  File Associations
  Winsock Provider
  Autorun.Inf
  HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
  <Power2GoExpress><> [N/A]
  <Spyware Doctor><"C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE" /Q> [PC Tools Research Pty Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher]
  <QtPmBenQ><C:\PROGRA~1\BENQMA~1\QtPmBenQ.EXE> [Dritek System Inc.]
  <AGRSMMSG><AGRSMMSG.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
  <SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
  <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Microsoft Windows Publisher]
  <MSNDreyePlugin><C:\Program Files\Inventec\Dreye\DreyeMT\msnplugin.exe /h> []
  <CJIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync> [(Verified)Microsoft Corporation]
  <PHIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync> [(Verified)Microsoft Corporation]
  <pccguide.exe><"C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe"> [Trend Micro Incorporated.]
  <RemoteControl><"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"> [Cyberlink Corp.]
  <LanguageShortcut><"C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"> []
  <Adobe Photo Downloader><"C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"> [Adobe Systems Incorporated]
  <PinnacleDriverCheck><C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg> []
  <Picasa Media Detector><C:\Program Files\Picasa2\PicasaMediaDetector.exe> [Google Inc.]
  <NvCplDaemon><RUNDLL32.EXE NvQTwk,NvCplDaemon initialize> [N/A]
  <nwiz><nwiz.exe /install> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
  <MMTray><"C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"> [Musicmatch, Inc.]
  <mmtask><"C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"> [Musicmatch Inc.]
  <Acrobat Assistant 8.0><"C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"> [(Verified)"Adobe Systems, Incorporated"]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
  <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
  <{93994DE8-8239-4655-B1D1-5F4E91300429}><C:\PROGRA~1\DVDIDL~1\DVDShell.dll> [Fengtao Software Inc.]

==================================
Startup Folders
[22M WLAN Adapter]
<C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\22M WLAN Adapter.lnk --> C:\PROGRA~1\22MWLA~1\WLANMON.exe []><N>
[Adobe Acrobat Speed Launcher]
<C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\Adobe Acrobat Speed Launcher.lnk --> C:\WINDOWS\Installer\{AC76BA86-1028-0000-7760-000000000003}\_SC_Acrobat.exe [N/A]><N>
[Adobe Reader Synchronizer]
<C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\Adobe Reader Synchronizer.lnk --> C:\PROGRA~1\Adobe\ACROBA~2.0\Acrobat\ADOBEC~1.EXE []><N>

==================================
Services
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Running/Manual Start]
<"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Macrovision Europe Ltd.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[MSSQL$SONY_MEDIAMGR / MSSQL$SONY_MEDIAMGR][Stopped/Manual Start]
<><N/A>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
<C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Trend Micro Central Control Component / PcCtlCom][Running/Auto Start]
<C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe><Trend Micro Incorporated.>
[PDEngine / PDEngine][Stopped/Manual Start]
<"C:\Program Files\Raxco\PerfectDisk\PDEngine.exe"><Raxco Software, Inc.>
[PDScheduler / PDSched][Running/Auto Start]
<"C:\Program Files\Raxco\PerfectDisk\PDSched.exe"><Raxco Software, Inc.>
[Private Folder Service / prfldsvc][Running/Auto Start]
<C:\Program Files\Microsoft Private Folder\PrfldSvc.exe><N/A>
[Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start]
<"C:\Program Files\CyberLink\Shared files\RichVideo.exe"><>
[PC Tools Spyware Doctor / SDhelper][Running/Auto Start]
<C:\Program Files\Spyware Doctor\sdhelp.exe><PC Tools Research Pty Ltd>
[SQLAgent$SONY_MEDIAMGR / SQLAgent$SONY_MEDIAMGR][Stopped/Manual Start]
<><N/A>
[StarWind iSCSI Service / StarWindService][Running/Auto Start]
<C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe><Rocket Division Software>
[Trend Micro Real-time Service / Tmntsrv][Running/Auto Start]
<C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe><Trend Micro Incorporated.>
[Trend Micro Personal Firewall / TmPfw][Running/Auto Start]
<C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe><Trend Micro Inc.>
[Trend Micro Proxy Service / tmproxy][Running/Auto Start]
<C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe><Trend Micro Inc.>
[Viewpoint Manager Service / Viewpoint Manager Service][Running/Auto Start]
<"C:\Program Files\Viewpoint\Common\ViewpointService.exe"><Viewpoint Corporation>
[Registry Protector / WIDETS][Running/Auto Start]
<C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE C:\WINDOWS\SYSTEM32\WBEM\GEVSX.DLL,Export 1087><Microsoft Corporation>

==================================
Drivers
[D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB) / A3AB][Stopped/Manual Start]
<system32\DRIVERS\A3AB.sys><D-Link Corporation>
[acpidisk / acpidisk][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\acpidisk.sys><N/A>
[aeaudio / aeaudio][Running/Manual Start]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start]
<system32\DRIVERS\AGRSM.sys><Agere Systems>
[ALi Audio Accelerator WDM driver / aliadwdm][Stopped/Manual Start]
<system32\drivers\ac97ali.sys><Acer Laboratories Inc.>
[ALi AGP Bus Filter Driver / ALiAGP][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ALiAGP.sys><Acer Laboratories Inc.>
[AliIde / AliIde][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[ALi Infrared Device Driver / ALiIRDA][Running/Manual Start]
<system32\DRIVERS\alifir.sys><Acer Laboratories Inc.>
[ASAPIW2K / ASAPIW2K][Running/Manual Start]
<system32\drivers\ASAPIW2k.sys><VOB Computersysteme GmbH>
[Dritek HotKey Keyboard Filter Driver / DKbFltr][Running/Manual Start]
<System32\Drivers\DKbFltr.sys><Dritek System Inc.>
[Egate / Egate][Running/Manual Start]
<system32\drivers\egate.sys><SchlumbergerSema>
[Egatebus / Egatebus][Running/Manual Start]
<system32\drivers\egatebus.sys><SchlumbergerSema>
[Egatecard / Egatecard][Stopped/Manual Start]
<System32\Drivers\EGateRaw.sys><SchlumbergerSema>
[NETGEAR FA330/FA312/FA311 Fast Ethernet Adapter Driver / FA312][Running/Manual Start]
<system32\DRIVERS\FA312nd5.sys><NETGEAR Corp.>
[File Security Kernel Anti-Spyware Driver / ikhfile][Running/System Start]
<system32\drivers\ikhfile.sys><PCTools Research Pty Ltd.>
[Kernel Anti-Spyware Driver / ikhlayer][Running/System Start]
<system32\drivers\ikhlayer.sys><PCTools Research Pty Ltd.>
[Pinnacle Marvin Bus / MarvinBus][Running/Manual Start]
<system32\DRIVERS\MarvinBus.sys><Pinnacle Systems GmbH>
[msqmx / msqmx][Stopped/Boot Start]
<\SystemRoot\""><N/A>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PCLEPCI / PCLEPCI][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\pclepci.sys><Pinnacle Systems GmbH>
[VSO Software pcouffin / pcouffin][Running/Manual Start]
<System32\Drivers\pcouffin.sys><VSO Software>
[Padus ASPI Shell / pfc][Running/Manual Start]
<system32\drivers\pfc.sys><Padus, Inc.>
[Prvflder / Prvflder][Running/Auto Start]
<system32\DRIVERS\prvflder.sys><Windows (R) 2000 DDK provider>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[Prolific Serial port driver / Ser2pl][Stopped/Manual Start]
<system32\DRIVERS\ser2pl.sys><Prolific Technology Inc.>
[smwdm / smwdm][Running/Manual Start]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[22M WLAN Adapter / TIACXLN][Stopped/Manual Start]
<system32\DRIVERS\tiacxln.sys><>
[Tmfilter / Tmfilter][Running/Auto Start]
<system32\drivers\TmXPFlt.sys><Trend Micro Inc.>
[Tmpreflt / Tmpreflt][Running/Auto Start]
<system32\drivers\Tmpreflt.sys><Trend Micro Inc.>
[Trend Micro TDI Driver / tmtdi][Running/System Start]
<\SystemRoot\System32\Drivers\tmtdi.sys><Trend Micro Inc.>
[Common Firewall Driver / tm_cfw][Running/Auto Start]
<\SystemRoot\System32\Drivers\tm_cfw.sys><Trend Micro Inc.>
[Vsapint / Vsapint][Running/Auto Start]
<system32\drivers\VsapiNT.sys><Trend Micro Inc.>
[VIA USB Host Controller Lower Filter / vulfnths][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\vulfnth.sys><VIA Technologies, Inc.>
[VIA USB Roothub Lower Filter / vulfntrs][Running/Manual Start]
<\SystemRoot\System32\Drivers\vulfntr.sys><VIA Technologies, Inc.>
[vxyb / vxybm][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\vxybm.sys><N/A>
[CO_Mon / CO_Mon][Running/Manual Start]
<\??\C:\WINDOWS\system32\Drivers\CO_Mon.sys><N/A>

==================================
Browser Add-ons
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(?州)科技有限公司>
[PCTools Site Guard]
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} <C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll, PC Tools>
[SnapFlash Class]
{A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} <C:\Program Files\Common Files\justDo\Jd2002.dll, justDo Software>
[Adobe PDF Conversion Toolbar Helper]
{AE7CD045-E861-484f-8273-0445EE161910} <C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[PCTools Browser Monitor]
{B56A7D7D-6927-48C8-A975-17DF180C71AC} <C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll, PC Tools>
[NTIECatcher Class]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[PCTools Browser Monitor]
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} <C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll, PC Tools>
[Flash Catcher]
{90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} <, N/A>
[參考資料(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[D.S.Lite]
{F8475519-8412-4D40-A46E-692D9D04DF7F} <D:\DSLite\DSLite.exe, watermonster.org>
[ALiBaBar]
{0A1375E1-56C2-11D6-8E45-8933A0FB5235} <C:\PROGRA~1\ALiBaBar\ALiBaBar.dll, Alfred, C. S. Li>
[Dr.eye WebPage Translation]
{92B255FE-94E2-4BCA-958D-3926CE38913F} <C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIEBar.dll, >
[HostranBar]
{88F2B391-8D09-4c0e-9824-5ECD0F382f66} <C:\WINDOWS\Hostran\HostranBar.dll, >
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[MetaStreamCtl Class]
{03F998B2-0E00-11D3-A498-00104B6EB52E} <C:\Program Files\Viewpoint\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[CKAVWebScan Object]
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <C:\WINDOWS\system32\Kaspersky Lab\Kaspersky On-line Scanner\kavwebscan.dll, Kaspersky Lab>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <, N/A>
[ewidoOnlineScan Control]
{193C772A-87BE-4B19-A7BB-445B226FE9A1} <C:\WINDOWS\DOWNLO~1\EWIDOO~1.DLL, Anti-Malware Development a.s.>
[Symantec AntiVirus scanner]
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} <C:\WINDOWS\Downloaded Program Files\avsniff.dll, Symantec Corporation>
[Office Update Installation Engine]
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[Symantec RuFSI Utility Class]
{644E432F-49D3-41A1-8DD5-E099162EEEC5} <C:\WINDOWS\Downloaded Program Files\rufsi.dll, Symantec Corporation>
[SFC Class]
{8F0BA653-612C-4060-858A-6B561E32B217} <C:\WINDOWS\DOWNLO~1\ESECUR~1.DLL, eSECURE Technology, Inc.>
[C2S Class]
{A1B4B2EC-7F3F-4562-99ED-9F0CADE86D67} <C:\WINDOWS\DOWNLO~1\ESECUR~3.DLL, eSecure Corporation>
[PFX Class]
{ADEA1AED-5B42-4E66-8CD0-7E68F4452E81} <C:\WINDOWS\DOWNLO~1\ESECUR~2.DLL, eSECURE Technology, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\WINDOWS\system32\QTPlugin.ocx, Apple Computer, Inc.>
[MetaStreamCtl Class]
{03F998B2-0E00-11D3-A498-00104B6EB52E} <C:\Program Files\Viewpoint\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[ALiBaBar]
{0A1375E1-56C2-11D6-8E45-8933A0FB5235} <C:\PROGRA~1\ALiBaBar\ALiBaBar.dll, Alfred, C. S. Li>
[CEnroll Class]
{127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <, N/A>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(?州)科技有限公司>
[Office Update Installation Engine]
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[PCTools Site Guard]
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} <C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll, PC Tools>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[HostranBar]
{88F2B391-8D09-4C0E-9824-5ECD0F382F66} <C:\WINDOWS\Hostran\HostranBar.dll, >
[SFC Class]
{8F0BA653-612C-4060-858A-6B561E32B217} <C:\WINDOWS\DOWNLO~1\ESECUR~1.DLL, eSECURE Technology, Inc.>
[Catcher Class]
{90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} <C:\Program Files\Common Files\justDo\IECatcher.dll, justDo Software>
[Dr.eye WebPage Translation]
{92B255FE-94E2-4BCA-958D-3926CE38913F} <C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIEBar.dll, >
[C2S Class]
{A1B4B2EC-7F3F-4562-99ED-9F0CADE86D67} <C:\WINDOWS\DOWNLO~1\ESECUR~3.DLL, eSecure Corporation>
[SnapFlash Class]
{A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} <C:\Program Files\Common Files\justDo\Jd2002.dll, justDo Software>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[PFX Class]
{ADEA1AED-5B42-4E66-8CD0-7E68F4452E81} <C:\WINDOWS\DOWNLO~1\ESECUR~2.DLL, eSECURE Technology, Inc.>
[Adobe PDF Conversion Toolbar Helper]
{AE7CD045-E861-484F-8273-0445EE161910} <C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[PCTools Browser Monitor]
{B56A7D7D-6927-48C8-A975-17DF180C71AC} <C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll, PC Tools>
[NTIECatcher Class]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[Adobe PDF Reader]
{CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll, Adobe Systems, Inc.>
[AUDIO__MID Moniker Class]
{CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Foxy 下載]
<res://C:\Program Files\Foxy\Foxy.exe/download.htm, N/A>
[Foxy 搜尋]
<res://C:\Program Files\Foxy\Foxy.exe/search.htm, N/A>
[Save Flash with Flash Catcher]
<res://C:\Program Files\Common Files\justDo\IECatcher.DLL/FlashCatcher.htm, N/A>
[下載編碼內容(&D.S.Lite)]
<D:\DSLite\dl_text.html, N/A>
[下載編碼檔案內容(&D.S.Lite)]
<D:\DSLite\dl_url.html, N/A>
[使用影音傳送帶下載]
<C:\Program Files\Xi\NetTransport 2\NTAddLink.html, N/A>
[使用影音傳送帶下載全部連結]
<C:\Program Files\Xi\NetTransport 2\NTAddList.html, N/A>
[剪貼簿文字: 簡 > 繁]
<res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/ClipToTrad, N/A>
[剪貼簿文字: 繁 > 簡]
<res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/ClipToSim, N/A>
[加到廣告黑名單]
<C:\Program Files\Avant Browser\AddToADBlackList.htm, N/A>
[匯出至 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[在新的 Avant Browser 開啟]
<C:\Program Files\Avant Browser\OpenInNewBrowser.htm, N/A>
[搜尋]
<C:\Program Files\Avant Browser\Search.htm, N/A>
[網頁: [簡體] 顯示]
<res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/PageToSim, N/A>
[網頁: [繁體] 顯示]
<res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/PageToTrad, N/A>
[轉換為 Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[轉換連結目標到現有 PDF]
<res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[轉換連結目標為 Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[轉換選定的連結到現有 PDF]
<res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A>
[轉換選定的連結為 Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A>
[轉換選擇內容到現有 PDF]
<res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[轉換選擇內容為 Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[開啟此網頁中所有的連結...]
<C:\Program Files\Avant Browser\OpenAllLinks.htm, N/A>
[阻擋所有來自這個伺服器的圖片]
<C:\Program Files\Avant Browser\AddAllToADBlackList.htm, N/A>
[附加至現有 PDF]
<res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[高亮度標記]
<C:\Program Files\Avant Browser\Highlight.htm, N/A>

==================================
Running Processes
[PID: 600][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 660][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 1728][C:\WINDOWS\EXPLORER.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  [C:\PROGRA~1\DVDIDL~1\DVDShell.dll] [Fengtao Software Inc., 5, 5, 0, 6]
  [C:\WINDOWS\system32\jstkq.dll] [N/A, ]
  [C:\Program Files\Microsoft Private Folder\ShellExt.dll] [Microsoft Corporation, 1.0.1495.0]
  [C:\WINDOWS\system32\PFLib.dll] [Microsoft Corporation, 1.0.1495.0]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
  [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.0.0.0]
  [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHT] [Adobe Systems, Inc., 8.0.0.0]
  [C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.13.10.3160]
  [C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.cht] [Adobe Systems Inc., 8.0.5.2006102200\0]
  [C:\WINDOWS\system32\msdmo.dll] [, ]
  [C:\WINDOWS\system32\DVobSub.ax] [Gabest, 2, 0, 23, 0]
  [C:\WINDOWS\system32\vobsub.dll] [Gabest, 2, 0, 23, 0]
  [C:\PROGRA~1\DVDIDL~1\dvdsys.dll] [Fengtao Software Inc., 5, 9, 7, 62]
  [C:\Program Files\Trend Micro\Internet Security 2006\Tmdshell.dll] [Trend Micro Incorporated., 14.00.0.1429]
  [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
  [C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll] [Adobe Systems Inc., 8.0.5.2006102200\0]
  [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200]
  [C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll] [Xi, 1.91.12]
  [C:\Program Files\Xi\NetTransport 2\MFC42.DLL] [Microsoft Corporation, 6.00.9782.0]
  [C:\Documents and Settings\Administrator\Application Data\Foxy\LinkMaker.dll] [, 1, 1, 0, 0]
[PID: 184][C:\PROGRA~1\BENQMA~1\QtPmBenQ.EXE] [Dritek System Inc., 1,2,0,1]
  [C:\PROGRA~1\BENQMA~1\ComFnUtl.dll] [Dritek System Inc., 1.00]
  [C:\PROGRA~1\BENQMA~1\Wnd2File.dll] [Dritek System Inc., 3.00]
  [C:\PROGRA~1\BENQMA~1\SzUPFUtl.dll] [Dritek System Inc., 1.00]
  [C:\PROGRA~1\BENQMA~1\OSDUtl.dll] [Dritek System Inc., 1.00]
  [C:\PROGRA~1\BENQMA~1\RgnMaker.dll] [Dritek System Inc., 12.07.1999 ( VC60 )]
  [C:\PROGRA~1\BENQMA~1\CDRomUtl.dll] [Dritek System Inc., 1.00]
  [C:\PROGRA~1\BENQMA~1\MixerUtl.dll] [Dritek System Inc., 1.00]
  [C:\PROGRA~1\BENQMA~1\LgKCUtl.dll] [Dritek System Inc., 2, 0, 1, 1]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 232][C:\WINDOWS\AGRSMMSG.exe] [Agere Systems, 2.1.18 2.1.18 09/11/2002 17:23:56]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 240][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 252][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\WINDOWS\system32\SynTPAPI.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 260][C:\Program Files\Inventec\Dreye\DreyeMT\msnplugin.exe] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 296][C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe] [Trend Micro Incorporated., 14.00.0.1429]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Trend Micro\Internet Security 2006\tmdbg.dll] [N/A, ]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlPS.dll] [Trend Micro Incorporated., 14.00.0.1429]
  [C:\Program Files\Trend Micro\Internet Security 2006\TmProxy.dll] [Trend Micro Inc., 2.0.0.1078]
  [C:\PROGRA~1\TRENDM~1\INTERN~1\PccAltUi.dll] [Trend Micro Incorporated., 14.00.0.1429]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 316][C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe] [Cyberlink Corp., 5.00.0910]
  [C:\Program Files\CyberLink\PowerDVD\CLRCEngine3.dll] [CyberLink Corp., 4, 5, 0, 1711]
  [C:\Program Files\CyberLink\PowerDVD\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 464][C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe] [Adobe Systems Incorporated, 3.0.0.52115]
  [C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdboot.dll] [Adobe Systems Incorporated, 3.0.0.52115]
  [C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
  [C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 484][C:\Program Files\Picasa2\PicasaMediaDetector.exe] [Google Inc., 2.1.0]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 532][C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe] [Musicmatch, Inc., 9.00.5100]
  [C:\Program Files\Musicmatch\Musicmatch Jukebox\CoreDll.dll] [N/A, ]
  [C:\Program Files\Musicmatch\Musicmatch Jukebox\MMVCP70.dll] [Sample Corporation, 7.00.0000]
  [C:\Program Files\Musicmatch\Musicmatch Jukebox\MMVCR70.dll] [Sample Corporation, 7.00.0000]
  [C:\Program Files\Musicmatch\Musicmatch Jukebox\Enforce.dll] [Musicmatch, Inc., 9.00.5100]
  [C:\Program Files\Musicmatch\Musicmatch Jukebox\MMReg.dll] [Musicmatch, Inc., 9.00.5100]
  [C:\Program Files\Musicmatch\Musicmatch Jukebox\SkinnedCtrls.dll] [Musicmatch, Inc., 9.00.5100]
  [C:\Program Files\Musicmatch\Musicmatch Jukebox\MMC70U.DLL] [Microsoft Corporation, 7.00.9466.0]
  [C:\Program Files\Musicmatch\Musicmatch Jukebox\TrackUtils.dll] [N/A, ]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Musicmatch\Musicmatch Jukebox\FileAssoc.dll] [Musicmatch, Inc., 9.00.5100]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 540][C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe] [Musicmatch Inc., 9.0.0.1]
  [C:\Program Files\Musicmatch\Musicmatch Jukebox\MMVCP70.dll] [Sample Corporation, 7.00.0000]
  [C:\Program Files\Musicmatch\Musicmatch Jukebox\MMVCR70.dll] [Sample Corporation, 7.00.0000]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 628][C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe] [Adobe Systems Inc., 8.0.0.2006102200]
  [C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.cht] [Adobe Systems Inc., 8.0.0.0]
  [C:\Program Files\Adobe\Acrobat 8.0\Acrobat\FNP_Act_Installer.dll] [Macrovision Europe Ltd., 11.03.005]
  [C:\Program Files\Adobe\Acrobat 8.0\Acrobat\asneu.dll] [Adobe Systems Inc., 1, 6, 0, 8]
  [C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adobe_personalization.dll] [Adobe Systems Incorporated, 2,0,0,37]
  [C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adobe_epic.dll] [Adobe Systems Incorporated, 2,0,0,37]
  [C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adobe_pcd.dll] [Adobe Systems Incorporated, 1,0,0]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 816][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 1456][C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE] [PC Tools Research Pty Ltd, 4.0.0.2603]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\rtl70.bpl] [Borland Software Corporation, 7.0.4.453]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\vcl70.bpl] [Borland Software Corporation, 7.0.4.453]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\ishelp.dll] [PC Tools Research Pty Ltd, 3.6.1.2041]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\ikhtool.dll] [PCTools Research Pty Ltd., 3, 6, 1, 2006]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Spyware Doctor\chilkatxml.dll] [Chilkat Software, Inc., 4, 1, 0, 2]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\actstartup.dll] [PC Tools Research Pty Ltd, 3.6.1.2118]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\BAScanner.dll] [PC Tools, 3.6.0.2072]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\bhoscanner.dll] [PC Tools, 3.6.0.2047]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\browserscanner.dll] [PC Tools, 3.6.0.2056]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\diskscanner.dll] [PC Tools, 3.6.0.2091]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\exploitguard.dll] [PC Tools, 3.6.0.2004]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\genscanner.dll] [PC Tools Research Pty Ltd, 3.6.0.1005]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\hostsscanner.dll] [PC Tools, 3.6.0.2041]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\iemonitor.dll] [PC Tools, 3.6.0.2286]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\iesdpb.dll] [PC Tools, 3.6.0.2283]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\iesdsg.dll] [PC Tools, 3.6.0.2071]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\Immunizer.dll] [PC Tools Research Pty Ltd, 3.6.0.1060]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\itoollib.dll] [, 3.6.0.1049]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\keyloggerguard.dll] [PC Tools, 3.6.0.2041]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\lspscanner.dll] [, 3.6.0.2053]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\memory.dll] [PC Tools, 3.6.0.2007]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\networkguard.dll] [PCTools Research Pty Ltd, 3.6.0.2031]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\popupblocker.dll] [PC Tools, 3.6.0.2283]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\processguard.dll] [PC Tools, 3.6.0.2075]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\pscanner.dll] [PC Tools, 3.6.0.1047]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\PWindow.dll] [PC Tools Research Pty Ltd, 3.6.0.1020]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\regscanner.dll] [PC Tools Research Pty Ltd, 3.6.0.1030]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\scheduler.dll] [PC Tools, 3.6.0.2045]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\sdn.dll] [PC Tools, 3.6.0.1022]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\siteguard.dll] [PC Tools, 3.6.0.2071]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\StartupScanner.dll] [PC Tools Research Pty Ltd, 3.6.0.2010]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 1720][C:\Program Files\22M WLAN Adapter\WLANMON.exe] [, 3, 0, 0, 0]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
[PID: 3968][C:\PROGRAM FILES\AVANT BROWSER\AVANT.EXE] [, 11.0.0.0]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
  [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL] [Microsoft Corporation, 5.10.2927.0]
  [C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 1.1.4322.2032]
  [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll] [Microsoft Corporation, 1.1.4322.573]
  [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
  [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll] [Microsoft Corporation, 1.1.4322.2032]
  [C:\WINDOWS\system32\javacypt.dll] [Microsoft Corporation, 5.00.3810]
  [C:\WINDOWS\system32\msjava.dll] [Microsoft Corporation, 5.00.3810]
  [C:\WINDOWS\system32\VMHELPER.DLL] [Microsoft Corporation, 5.00.3810]
  [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
  [C:\WINDOWS\system32\Kaspersky Lab\Kaspersky On-line Scanner\kavwebscan.dll] [Kaspersky Lab, 5.0.78.0]
  [C:\WINDOWS\system32\Kaspersky Lab\Kaspersky On-line Scanner\kavss.dll] [Kaspersky Lab., 4, 0, 2, 28]
  [C:\Program Files\Microsoft Private Folder\ShellExt.dll] [Microsoft Corporation, 1.0.1495.0]
  [C:\WINDOWS\system32\PFLib.dll] [Microsoft Corporation, 1.0.1495.0]
  [C:\PROGRA~1\DVDIDL~1\dvdsys.dll] [Fengtao Software Inc., 5, 9, 7, 62]
[PID: 3616][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
[PID: 5896][C:\PROGRA~1\DVDIDL~1\DVDIdlePro.exe] [Fengtao Software Inc., 5, 9, 7, 62]
  [C:\PROGRA~1\DVDIDL~1\dvdsys.dll] [Fengtao Software Inc., 5, 9, 7, 62]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
[PID: 5484][D:\掃毒\SRENG2\SRENG.EXE] [Smallfrogs Studio, 2.4.12.806]
  [C:\Program Files\Spyware Doctor\tools\swpg.dat] [PC Tools, 3.6.0.2080]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\eg.dat] [, 3.6.0.1003]
  [C:\PROGRAM FILES\SPYWARE DOCTOR\Tools\klg.dat] [PC Tools, 3.6.0.2040]
  [C:\PROGRA~1\DVDIDL~1\dvdsys.dll] [Fengtao Software Inc., 5, 9, 7, 62]
  [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.0 15Nov02]
  [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll] [, 1, 0, 0, 1]
  [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1     localhost

==================================
API HOOK
Entrypoint Error: FreeLibrary (Dangerous Level: Generic, Hooked by Module: Dest Addr: 0x5F00002D)

==================================
Hidden Process
N/A

==================================


[/CODE]


獻花 x0 回到頂端 [4 樓] From:臺灣 | Posted:2007-03-24 13:09 |
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

看來樓主您所中的還不只一種.

問題如下...
Services
[Registry Protector / WIDETS][Running/Auto Start]
<C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE
C:\WINDOWS\SYSTEM32\WBEM\GEVSX.DLL,Export 1087><Microsoft Corporation>

Drivers
[acpidisk / acpidisk][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\acpidisk.sys><N/A>
[vxyb / vxybm][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\vxybm.sys><N/A>

Browser Add-ons
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(?州)科技有限公司>

Running Processes
[C:\WINDOWS\system32\jstkq.dll] [N/A, ]

首先樓主要下載的工具如下..
新版的SREng--http://www.kztechs.com/sreng/download
Icesword冰刃--http://www.ttian.net/website/2005/0829/391.html(因為中文的版本會出現亂碼.所以請下載Icesword 1.20英文版)
關閉系統還原.清除所有IE暫存檔.進入安全模式..
在執行刪除之前強烈建議樓主先備份.等刪除完確定問題解決再將備份資料刪除
啟動SREng主程式.切換至Boot Items分頁中的Services中的Win32 Services選項.找到
[Registry Protector / WIDETS][Running/Auto Start]
<C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE
C:\WINDOWS\SYSTEM32\WBEM\GEVSX.DLL,Export 1087><Microsoft Corporation>
勾選Delet services.再按Set.按下才是刪除.
接著再切換至Boot Items分頁中的Services中Drivers選項.找到
[acpidisk / acpidisk][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\acpidisk.sys><N/A>
[vxyb / vxybm][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\vxybm.sys><N/A>
操作方法與Services一樣
切換至System Repair分頁中的Browser Add-ons選項.找到
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(?州)科技有限公司>
點選Delete Selected.按下刪除
啟動ICEseord程式.切到File模式.依路徑找到C:\WINDOWS\system32\jstkq.dll.
點選右鍵 選擇Force Delete刪除.

最後提醒一點.如果樓主問題仍未解決.請再用新版的SREng報表再貼一次.
記得點選Smart Scan時左下角的Verify前面的空格一定要勾選.
..........記得....產生報表之前記得關閉一些不必要的程式.這樣在判斷報表上比較方便 表情


[ 此文章被彗星風采在2007-03-25 23:56重新編輯 ]


獻花 x0 回到頂端 [5 樓] From:臺灣中華電信HINET | Posted:2007-03-25 22:47 |
kang0110
數位造型
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x3
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

Oh! My God!中毒如此深啊!感謝"彗星風采"大大如此用心替小弟我判毒並提供解毒秘方,待小弟我依解毒程序進行後,康復結果後報!在此,仍先感謝"彗星風采"大大的相助,感謝!感謝!再感謝! 表情


獻花 x0 回到頂端 [6 樓] From:臺灣 | Posted:2007-03-26 00:43 |
kang0110
數位造型
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x3
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

不錯喔!目前PC-cillin不再出現即時防護訊息了,感覺好像康復囉!果真是智"彗星"喔! 表情


獻花 x0 回到頂端 [7 樓] From:臺灣 | Posted:2007-03-30 00:09 |
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

恭喜恭喜喔^^ 表情

順便提醒一點..如果樓主問題已解決的話..請將標題改為已解決..方便版大upside管理喔 表情


[ 此文章被彗星風采在2007-03-30 11:03重新編輯 ]


獻花 x0 回到頂端 [8 樓] From:臺灣中華電信 | Posted:2007-03-30 09:59 |

首頁  發表文章 發表投票 回覆文章
Powered by PHPWind v1.3.6
Copyright © 2003-04 PHPWind
Processed in 0.078461 second(s),query:16 Gzip disabled
本站由 瀛睿律師事務所 擔任常年法律顧問 | 免責聲明 | 本網站已依台灣網站內容分級規定處理 | 連絡我們 | 訪客留言