廣告廣告
  加入我的最愛 設為首頁 風格修改
首頁 首尾
 手機版   訂閱   地圖  簡體 
您是第 15653 個閱讀者
 
<<   1   2  下頁 >>(共 2 頁)
發表文章 發表投票 回覆文章
  可列印版   加為IE收藏   收藏主題   上一主題 | 下一主題   
tear 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
社區建設獎 特殊貢獻獎
知名人士
級別: 知名人士 該用戶目前不上站
推文 x1 鮮花 x748
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片
推文 x0
[問題討論] 請問Trojan.Spy.Delf.UC是高風險的木馬嗎?(已解決)

小弟有用Spybot Doctor掃出Trojan.Spy.Delf.UC
                                                   
它並沒有感染任何檔案 單獨只是登錄檔裡的一串機碼
                                                   
但是用AVG就沒有發現它的蹤跡
                                                   
且運用熊貓衛士的線上查殺病毒木馬也沒發現
                                                   
但Spybot Doctor告知它是高危險的
                                                   
小弟有用Google查詢這隻木馬的敘述
                                                   
也無獲得相關資訊(資訊很少)
                                                   
請問各位高手大大們~這是單純的誤判麼?
(用Spybot Doctor可刪除之~但過一陣子之後又會出現 表情
                                     
感謝各位大大的寶貴意見~
                                                   
如有風險且需要清除的話小弟會掃詳細的log檔~ 表情


[ 此文章被tear在2007-04-17 13:00重新編輯 ]





獻花 x0 回到頂端 [樓 主] From:臺灣 | Posted:2007-04-15 00:03 |
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

1..請提供防毒軟體所顯示的中毒名稱及詳細路徑..

2..請用多家線上掃毒交叉掃描看看...

3...若問題仍未解決請參考置頂文章跑SREng報表貼上來判讀... 表情


獻花 x1 回到頂端 [1 樓] From:臺灣中華電信HINET | Posted:2007-04-15 23:15 |
tear 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
社區建設獎 特殊貢獻獎
知名人士
級別: 知名人士 該用戶目前不上站
推文 x1 鮮花 x748
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片



這是掃描後的結果

木馬指向機碼
HKEY_LOCAL_MACHINE\SOFTWARE\Tencent
HKEY_LOCAL_MACHINE\SOFTWARE\Tencent\PLATFORM_TYPE_LIST
HKEY_LOCAL_MACHINE\SOFTWARE\Tencent\PLATFORM_TYPE_LIST\1

看得小弟一片霧沙沙 表情



獻花 x0 回到頂端 [2 樓] From:臺灣 | Posted:2007-04-16 02:15 |
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

這是大陸騰訊公司那邊的東西...通常是有用QQ之類的...
可以清除喔... 重點是有清除了嬤????
或者是清除完會再生呢?
如有再生情形請改跑SREng報表貼上來唷! 表情


[ 此文章被彗星風采在2007-04-16 22:00重新編輯 ]


獻花 x1 回到頂端 [3 樓] From:臺灣中華電信HINET | Posted:2007-04-16 21:32 |
tear 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
社區建設獎 特殊貢獻獎
知名人士
級別: 知名人士 該用戶目前不上站
推文 x1 鮮花 x748
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

您好 表情 小弟有用Spybot Doctor清除了

而Spybot Doctor在清除可疑機碼時會將它丟入隔離所

讓使用者自行決定是否要完全移除它

倘若小弟到隔離所移除它後~

過一段時間再掃就會出現它的蹤跡 表情

但如果沒將它由隔離所移除~似乎將不再會出現 表情

小弟有掃SREng LOG檔上來了~煩請您及各位高手大大幫忙檢視

不勝感激 表情

p.s.小弟並沒有使用過QQ即時通唷

--------------------------------------------------------------------------------------

複製程式

2007-04-16,22:34:42

System Repair Engineer 2.4.12.806
Smallfrogs ([url]http://www.KZTechs.com[/url])

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\windows\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <Active Desktop Calendar><C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe>  [XemiComputers ltd.]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
    <vptray><C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe>  [(Verified)Symantec Corporation]
    <SoundMan><; SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvCplDaemon><; RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><; nwiz.exe /install>  [NVIDIA Corporation]
    <NvMediaCenter><; RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <CJIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync>  [(Verified)Microsoft Corporation]
    <PHIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync>  [(Verified)Microsoft Corporation]
    <CloneCDTray><"C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s>  [SlySoft, Inc.]
    <VirtualCloneDrive><"C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s>  [Elaborate Bytes AG]
    <MSNDreyePlugin><C:\Program Files\Inventec\Dreye\DreyeMT\msnplugin.exe /h>  []
    <ISUSPM Startup><C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup>  [InstallShield Software Corporation]
    <ISUSScheduler><"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start>  [InstallShield Software Corporation]
    <NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh]
    <RunShadowTip><C:\windows\system32\shadow\ShadowTip.exe>  [PowerShadow]
    <Kernel and Hardware Abstraction Layer><KHALMNPR.EXE>  [N/A]
    <LogitechCommunicationsManager><"C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe">  [(Verified)Logitech Inc]
    <LogitechQuickCamRibbon><"C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide>  [(Verified)Logitech Inc]
    <kX Mixer><C:\windows\system32\kxmixer.exe --startup>  [Eugene Gavrilov]
    <SunJavaUpdateSched><"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe">  [(Verified)"Sun Microsystems, Inc."]
    <使用者介面自訂><RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp>  [微軟公司]
    <Norton Ghost 10.0><"C:\Program Files\Norton Ghost\Agent\GhostTray.exe">  [(Verified)Symantec Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll>  [Anti-Malware Development a.s.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    <WinlogonNotify: NavLogon><C:\windows\system32\NavLogon.dll>  [(Verified)Symantec Corporation]

==================================
Startup Folders
[ComproRemote]
  <C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\ComproRemote.lnk --> C:\PROGRA~1\COMMON~1\VIDEOM~1\COMPRO~1.EXE [Compro Technology, Inc.]><N>
[ComproSchedulerDTV]
  <C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\ComproSchedulerDTV.lnk --> C:\PROGRA~1\COMMON~1\VIDEOM~1\COMPRO~2.EXE [Compro Technology, Inc.]><N>
[Microsoft Office OneNote 2003 快速啟動]
  <C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\Microsoft Office OneNote 2003 快速啟動.lnk --> C:\PROGRA~1\MICROS~2\OFFICE11\ONENOTEM.EXE [Microsoft Corporation]><H>

==================================
Services
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
  <C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe><Anti-Malware Development a.s.>
[Symantec Event Manager / ccEvtMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Network Proxy / ccProxy][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccProxy.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Symantec AntiVirus Definition Watcher / DefWatch][Running/Auto Start]
  <"C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[Windows Presentation Foundation Font Cache 3.0.0.0 / FontCache3.0.0.0][Stopped/Manual Start]
  <C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe><Microsoft Corporation>
[GEARSecurity / GEARSecurity][Running/Auto Start]
  <C:\windows\System32\GEARSec.exe><GEAR Software>
[Windows CardSpace / idsvc][Stopped/Manual Start]
  <"C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"><Microsoft Corporation>
[IS Service / ISSVC][Running/Auto Start]
  <"C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe"><Symantec Corporation>
[Process Monitor / LVPrcSrv][Running/Auto Start]
  <c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe><Logitech Inc.>
[LVSrvLauncher / LVSrvLauncher][Stopped/Auto Start]
  <C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe><Logitech Inc.>
[Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled]
  <"C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"><Microsoft Corporation>
[Norton Ghost / Norton Ghost][Running/Auto Start]
  <C:\Program Files\Norton Ghost\Agent\VProSvc.exe><Symantec Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\windows\system32\nvsvc32.exe><NVIDIA Corporation>
[PDEngine / PDEngine][Stopped/Manual Start]
  <"C:\Program Files\Raxco\PerfectDisk\PDEngine.exe"><Raxco Software, Inc.>
[PDScheduler / PDSched][Running/Auto Start]
  <"C:\Program Files\Raxco\PerfectDisk\PDSched.exe"><Raxco Software, Inc.>
[SavRoam / SavRoam][Stopped/Manual Start]
  <"C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe"><symantec>
[PC Tools Spyware Doctor / SDhelper][Running/Auto Start]
  <C:\Program Files\Spyware Doctor\sdhelp.exe><PC Tools Research Pty Ltd>
[Shadow System Service / ShadowSystemService][Running/Auto Start]
  <C:\windows\system32\shadow\ShadowService.exe><N/A>
[Symantec Network Drivers Service / SNDSrvc][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec SPBBCSvc / SPBBCSvc][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation>
[StarWind iSCSI Service / StarWindService][Running/Auto Start]
  <C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe><Rocket Division Software>
[Symantec AntiVirus / Symantec AntiVirus][Running/Auto Start]
  <"C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>
[Symantec Core LC / Symantec Core LC][Running/Manual Start]
  <C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe><Symantec Corporation>
[Symantec SecurePort / SymSecurePort][Running/Auto Start]
  <"C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe"><Symantec Corporation>
[Ulead Burning Helper / UleadBurningHelper][Stopped/Auto Start]
  <C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><N/A>

==================================
Drivers
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Stopped/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AnyDVD / AnyDVD][Running/Manual Start]
  <System32\Drivers\AnyDVD.sys><SlySoft, Inc.>
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
  <\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
  <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[Logitech QuickCam Pro 3000(CamDrl) / CamDrL][Running/Manual Start]
  <system32\DRIVERS\Camdrl.sys><Logitech Inc.>
[Creative SBLive! Gameport / ctljystk][Stopped/Manual Start]
  <system32\DRIVERS\ctljystk.sys><Creative Technology Ltd.>
[Intel(R) PRO Network Connection Driver / E100B][Running/Manual Start]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[Symantec Eraser Control driver / eeCtrl][Running/System Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation>
[ElbyCDFL / ElbyCDFL][Running/Manual Start]
  <System32\Drivers\ElbyCDFL.sys><SlySoft, Inc.>
[ElbyCDIO Driver / ElbyCDIO][Running/Auto Start]
  <System32\Drivers\ElbyCDIO.sys><Elaborate Bytes AG>
[ElbyDelay / ElbyDelay][Running/Manual Start]
  <System32\Drivers\ElbyDelay.sys><Elaborate Bytes AG>
[Creative SB Live! (WDM) / emu10k][Stopped/Manual Start]
  <system32\drivers\emu10k1m.sys><Creative Technology Ltd.>
[Creative Interface Manager Driver (WDM) / emu10k1][Stopped/Manual Start]
  <system32\drivers\ctlfacem.sys><Creative Technology Ltd.>
[File Security Kernel Anti-Spyware Driver / ikhfile][Running/System Start]
  <system32\drivers\ikhfile.sys><PCTools Research Pty Ltd.>
[Kernel Anti-Spyware Driver / ikhlayer][Running/System Start]
  <system32\drivers\ikhlayer.sys><PCTools Research Pty Ltd.>
[kX WDM Driver Service / kxwdmdrv][Running/Manual Start]
  <system32\drivers\kx.sys><Eugene Gavrilov>
[Logitech SetPoint Keyboard Driver / L8042Kbd][Stopped/Manual Start]
  <system32\DRIVERS\L8042Kbd.sys><Logitech Inc.>
[SetPoint PS/2 Mouse Filter Driver / L8042mou][Stopped/Manual Start]
  <system32\DRIVERS\L8042mou.Sys><Logitech Inc.>
[SetPoint HID Mouse Filter Driver / LHidKe][Stopped/Manual Start]
  <system32\DRIVERS\LHidKE.Sys><Logitech Inc.>
[SetPoint USB Receiver device driver / LHidUsbK][Stopped/Manual Start]
  <System32\Drivers\LHidUsbK.Sys><Logitech Inc.>
[SetPoint Mouse Filter Driver / LMouKE][Stopped/Manual Start]
  <system32\DRIVERS\LMouKE.Sys><Logitech Inc.>
[Logitech AEC Driver / LVcKap][Stopped/Manual Start]
  <system32\DRIVERS\LVcKap.sys><>
[Logitech Machine Vision Engine Loader / LVMVDrv][Running/Manual Start]
  <system32\DRIVERS\LVMVDrv.sys><Logitech Inc.>
[Logitech LVPr2Mon Driver / LVPr2Mon][Running/Manual Start]
  <system32\DRIVERS\LVPr2Mon.sys><>
[Logitech USB Monitor Filter / LVUSBSta][Running/Manual Start]
  <system32\drivers\LVUSBSta.sys><Logitech Inc.>
[MaVctrl / MaVctrl][Running/Auto Start]
  <system32\DRIVERS\MaVc2K.sys><Mobile Action Technology Inc.>
[NAVENG / NAVENG][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070415.003\naveng.sys><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070415.003\navex15.sys><Symantec Corporation>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Logitech QuickCam Pro 3000(PID_08B1) / PhilCam8116_XP][Stopped/Manual Start]
  <system32\DRIVERS\CamDrL20.sys><Logitech Inc.>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[SAVRT / SAVRT][Running/System Start]
  <\??\C:\Program Files\Symantec Client Security\Symantec AntiVirus\savrt.sys><Symantec Corporation>
[SAVRTPEL / SAVRTPEL][Running/System Start]
  <\??\C:\Program Files\Symantec Client Security\Symantec AntiVirus\Savrtpel.sys><Symantec Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[Creative SoundFont Manager Driver (WDM) / sfman][Stopped/Manual Start]
  <system32\drivers\sfmanm.sys><Creative Technology Ltd.>
[SPBBCDrv / SPBBCDrv][Stopped/Manual Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[SYMDNS / SYMDNS][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMDNS.SYS><Symantec Corporation>
[SymEvent / SymEvent][Running/Manual Start]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMFW / SYMFW][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMFW.SYS><Symantec Corporation>
[SYMIDS / SYMIDS][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMIDS.SYS><Symantec Corporation>
[SYMIDSCO / SYMIDSCO][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\SCFIDS~1\20070411.004\symidsco.sys><Symantec Corporation>
[symlcbrd / symlcbrd][Running/Auto Start]
  <\??\C:\windows\system32\drivers\symlcbrd.sys><Symantec Corporation>
[SYMNDIS / SYMNDIS][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMNDIS.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI][Running/System Start]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[ULCDRHlp / ULCDRHlp][Running/Manual Start]
  <System32\Drivers\ULCDRHlp.sys><Ulead Systems, Inc.>
[SHARP GSM GPRS USB Driver 2.0.0 / USBSHGX][Stopped/Manual Start]
  <system32\DRIVERS\usbgx_2.sys><SHARP Corporation.>
[VClone / VClone][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\VClone.sys><Elaborate Bytes AG>
[VMHybrid service / VMHybrid][Running/Manual Start]
  <system32\DRIVERS\VMHybrid.sys><Compro Technology, Inc.>
[世界標準電傳轉碼器 / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
Browser Add-ons
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[PCTools Site Guard]
  {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} <C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll, PC Tools>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[PCTools Browser Monitor]
  {B56A7D7D-6927-48C8-A975-17DF180C71AC} <C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll, PC Tools>
[Windows Live Toolbar Helper]
  {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[Java Plug-in 1.6.0_01]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[參考資料(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[Dr.eye WebPage Translation]
  {92B255FE-94E2-4BCA-958D-3926CE38913F} <C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIEBar.dll, >
[Windows Live Toolbar]
  {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\windows\system32\LegitCheckControl.DLL, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Java Plug-in 1.6.0_01]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[ActiveScan Installer Class]
  {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} <C:\WINDOWS\Downloaded Program Files\asinst.dll, Panda Software>
[a-squared Scanner]
  {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} <C:\WINDOWS\DOWNLO~1\asquared.ocx, Emsi Software GmbH>
[Java Plug-in 1.6.0_01]
  {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_01]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\windows\system32\LegitCheckControl.DLL, Microsoft Corporation>
[PCTools Site Guard]
  {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} <C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll, PC Tools>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Dr.eye WebPage Translation]
  {92B255FE-94E2-4BCA-958D-3926CE38913F} <C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIEBar.dll, >
[PCTools Browser Monitor]
  {B56A7D7D-6927-48C8-A975-17DF180C71AC} <C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll, PC Tools>
[Windows Live Toolbar]
  {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Windows Live Toolbar Helper]
  {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[OWSClientMiscApis Class]
  {BDEADE3F-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\OFFICE11\OWSCLT.DLL, Microsoft Corporation>
[OWSBrowserUI Class]
  {BDEADE43-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\OFFICE11\OWSCLT.DLL, Microsoft Corporation>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[Adobe PDF Reader]
  {CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll, Adobe Systems, Inc.>
[Windows Live Sign-in Control]
  {D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[&Windows Live Search]
  <res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm, N/A>
[Add to Windows &Live Favorites]
  <[url]http://favorites.live.com/quickadd.aspx[/url], N/A>
[使用影音傳送帶下載]
  <C:\Program Files\Xi\NetTransport 2\NTAddLink.html, N/A>
[使用影音傳送帶下載全部連結]
  <C:\Program Files\Xi\NetTransport 2\NTAddList.html, N/A>
[匯出至 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[在新的前景索引標籤中開啟]
  <res://C:\Program Files\Windows Live Toolbar\Components\zh-tw\msntabres.dll.mui/230?d1d935ca2b6446dfbdcb5e1a85b6943e, N/A>
[在新的背景索引標籤中開啟]
  <res://C:\Program Files\Windows Live Toolbar\Components\zh-tw\msntabres.dll.mui/229?d1d935ca2b6446dfbdcb5e1a85b6943e, N/A>

==================================
Running Processes
[PID: 716][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 772][\??\C:\windows\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
[PID: 1872][C:\windows\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Super Rabbit\magicset\srcd.dll]  [Super Rabbit Software, 1.02.0002]
    [C:\windows\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9782]
    [C:\windows\system32\vb6cht.dll]  [Microsoft Corporation, 6.00.8988]
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll]  [Anti-Malware Development a.s., 7, 5, 0, 47]
    [C:\windows\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.6693]
    [C:\windows\system32\NVRSZHT.DLL]  [NVIDIA Corporation, 6.14.10.6693]
    [C:\windows\system32\CpDTVMen.dll]  [Compro Tech., 1, 0, 0, 3]
    [C:\windows\system32\nvshell.dll]  [NVIDIA Corporation, 6.14.10.6693]
    [C:\windows\system32\CHEWING.IME]  [, 0, 3, 2, 2]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\windows\system32\icm32.dll]  [Microsoft Corporation, 5.1.2600.2709 (xpsp_sp2_gdr.050628-1518)]
    [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll]  [Anti-Malware Development a.s., 7, 5, 0, 49]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.9.2006121800]
    [C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll]  [Xi, 1.91.12]
    [C:\Program Files\Xi\NetTransport 2\MFC42.DLL]  [Microsoft Corporation, 6.00.9782.0]
[PID: 2828][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 103.5.1.9]
    [C:\windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 103.5.1.9]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 103.5.1.9]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NISPROD.DLL]  [Symantec Corporation, 8.6.0.80]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NISRES.DLL]  [Symantec Corporation, 8.6.0.80]
    [C:\windows\system32\SYMREDIR.DLL]  [Symantec Corporation, 5.5.1.6]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NISTRAY.DLL]  [Symantec Corporation, 8.6.0.80]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NISALERT.DLL]  [Symantec Corporation, 8.6.0.80]
    [C:\windows\system32\SymNeti.DLL]  [Symantec Corporation, 5.5.1.6]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Common Files\Symantec Shared\ccLogin.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Symantec Client Security\Symantec Client Firewall\ccEmlflt.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Symantec Client Security\Symantec Client Firewall\NISLCOM.dll]  [Symantec Corporation, 8.6.0.80]
    [C:\Program Files\Common Files\Symantec Shared\ccPxyEvt.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavEmail.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymFWAgt.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Symantec Client Security\Symantec Client Firewall\SFWAlert.dll]  [Symantec Corporation, 8.6.0.80]
    [C:\Program Files\Symantec Client Security\Symantec Client Firewall\ccFWSetg.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Symantec Client Security\Symantec Client Firewall\pRSettg.dll]  [N/A, ]
    [C:\Program Files\Symantec Client Security\Symantec Client Firewall\TLevel.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Symantec Client Security\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.5.0.44]
[PID: 2904][C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe]  [Symantec Corporation, 10.0.0.359]
    [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Symantec Client Security\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.5.0.44]
    [C:\Program Files\Symantec Client Security\Symantec AntiVirus\Cliscan.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\PROGRA~1\SYMANT~1\SYMANT~2\NAVNTUTL.DLL]  [Symantec Corporation, 10.0.0.359]
    [C:\Program Files\Symantec Client Security\Symantec AntiVirus\Cliproxy.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
    [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll]  [Anti-Malware Development a.s., 7, 5, 0, 47]
[PID: 3352][C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe]  [Elaborate Bytes AG, 5, 0, 1, 0]
    [C:\windows\system32\ElbyVCD.dll]  [Elaborate Bytes AG, 5, 1, 1, 0]
    [C:\windows\system32\ElbyCDIO.dll]  [Elaborate Bytes AG, 6, 0, 5, 1]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
[PID: 3368][C:\Program Files\Inventec\Dreye\DreyeMT\msnplugin.exe]  [, 1, 0, 0, 1]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
[PID: 3528][C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe]  [Logitech Inc., 1.4.7.2031]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll]  [Logitech Inc., 1.4.7.2031]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\LVMaEnum.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\LVComCX.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Logitech\QuickCam10\EFVal.dll]  [Logitech Inc., 10.5.1.2029]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\BRSkypePlugin.dll]  [Logitech Inc., 1.4.7.2031]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\AolPlugin.dll]  [Logitech Inc., 1.4.7.2031]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\YahooPlugin.dll]  [Logitech Inc., 1.4.7.2031]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\LCMServerPS.dll]  [N/A, ]
[PID: 3572][C:\Program Files\Logitech\QuickCam10\QuickCam10.exe]  [, ]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Logitech\QuickCam10\LAppRes.dll]  [, ]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\Logitech\QuickCam10\LogiMail.dll]  [Logitech Inc., 10.5.1.2029]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll]  [Logitech Inc., 1.4.7.2031]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\LVMaEnum.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\LVComCX.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Logitech\QuickCam10\EFVal.dll]  [Logitech Inc., 10.5.1.2029]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\LCMServerPS.dll]  [N/A, ]
    [C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManagerPS.dll]  [Logitech Inc., 10.5.1.2029]
[PID: 3628][C:\windows\system32\kxmixer.exe]  [Eugene Gavrilov, 5, 10, 00, 3537 - debug]
    [C:\windows\system32\MFC42D.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\windows\system32\MSVCRTD.dll]  [Microsoft Corporation, 6.00.8797.0]
    [C:\windows\system32\kxapi.dll]  [Eugene Gavrilov, 5.10.00.3537 - debug]
    [C:\windows\system32\kxgui.dll]  [Eugene Gavrilov, 5.10.00.3537 - debug]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\windows\system32\cmax20.dll]  [WinMain Software ([url]http://www.winmain.com[/url]), 2.1.0.15]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\windows\system32\kxfxlib.kxl]  [Eugene Gavrilov, 5.10.00.3537 - debug]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
[PID: 3648][C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe]  [Sun Microsystems, Inc., 6.0.10.6]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
[PID: 3692][C:\Program Files\Norton Ghost\Agent\GhostTray.exe]  [Symantec Corporation, 10.0.0.8400]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\Common Files\Symantec Shared\ccAlert.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Norton Ghost\Shared\VProAuto.dll]  [Symantec Corporation, 10.0.0.8400]
    [C:\Program Files\Norton Ghost\Agent\DrmLicense.DLL]  [Symantec Corporation, 10.0.0.8400]
    [C:\windows\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.6030.0]
    [C:\windows\system32\MFC71CHT.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
[PID: 3704][C:\windows\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
[PID: 3744][C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe]  [XemiComputers ltd., 4, 3, 1, 0]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
[PID: 3840][C:\Program Files\Common Files\VideoMate\ComproRemote.exe]  [Compro Technology, Inc., 2, 0, 3, 6]
    [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\windows\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.6030.0]
    [C:\windows\system32\MFC71CHT.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\windows\system32\msdmo.dll]  [, ]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
[PID: 3868][C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\LVMaEnum.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\LVComCX.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
[PID: 400][C:\Program Files\Common Files\VideoMate\ComproSchedulerDTV.exe]  [Compro Technology, Inc., 1, 0, 1, 9]
    [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\windows\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.6030.0]
    [C:\windows\system32\MFC71CHT.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
[PID: 2460][C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe]  [Logitech Inc., 10.5.1.2029]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll]  [Logitech Inc., 1.4.7.2031]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
    [C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManagerPS.dll]  [Logitech Inc., 10.5.1.2029]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\LVMaEnum.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\LogiShrd\LComMgr\LVComCX.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Logitech\QuickCam10\EFVal.dll]  [Logitech Inc., 10.5.1.2029]
[PID: 2880][C:\Program Files\KKman\KKMAN.exe]  [, 1, 0, 0, 1]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
    [C:\WINDOWS\Downloaded Program Files\asinst.dll]  [Panda Software, 58, 6, 0, 0]
    [C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll]  [Sun Microsystems, Inc., 6.0.10.6]
    [C:\WINDOWS\system32\msjava.dll]  [Microsoft Corporation, 5.00.3810]
    [C:\windows\system32\VMHELPER.DLL]  [Microsoft Corporation, 5.00.3810]
    [C:\windows\system32\JIT.DLL]  [Microsoft Corporation, 5.00.3810]
    [C:\windows\system32\javart.dll]  [Microsoft Corporation, 5.00.3810]
    [C:\windows\system32\msawt.dll]  [Microsoft Corporation, 5.00.3810]
    [C:\windows\system32\javacypt.dll]  [Microsoft Corporation, 5.00.3810]
    [C:\windows\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\windows\system32\CHEWING.IME]  [, 0, 3, 2, 2]
    [C:\windows\system32\ACTIVE~1\Psscan.dll]  [Panda Software International, 10, 4, 1, 8]
    [C:\windows\system32\ACTIVE~1\PSKUTIL.dll]  [Panda Software International, 1, 4, 1, 13]
    [C:\windows\system32\ACTIVE~1\PSKVFILE.dll]  [Panda Software International, 1, 4, 1, 3]
    [C:\windows\system32\ACTIVE~1\PSKALLOC.dll]  [Panda Software International, 1, 4, 1, 7]
    [C:\windows\system32\ACTIVE~1\pskvfs.dll]  [Panda Software International, 1, 4, 1, 12]
    [C:\windows\system32\ACTIVE~1\PSKCMP.dll]  [Panda Software International, 1, 4, 1, 40]
    [C:\windows\system32\ACTIVE~1\PSKPACK.DLL]  [Panda Software International, 1, 4, 1, 3]
    [C:\windows\system32\ACTIVE~1\pskvm.dll]  [Panda Software International, 1, 4, 1, 8]
    [C:\windows\system32\ACTIVE~1\PSKHTML.dll]  [Panda Software International, 1, 4, 1, 4]
    [C:\windows\system32\ACTIVE~1\pskscs.dll]  [Panda Software International, 1, 4, 1, 6]
    [C:\windows\system32\ACTIVE~1\pskfss.dll]  [Panda Software International, 1, 4, 1, 10]
    [C:\windows\system32\ACTIVE~1\Rawvfile.dll]  [Panda Software International, 2, 0, 0, 28]
    [C:\windows\system32\ACTIVE~1\pskahk.dll]  [Panda Software International, 1, 4, 2, 114]
    [C:\windows\system32\ACTIVE~1\PreScan.dll]  [Panda Software International, 1, 0, 0, 13]
    [C:\windows\system32\ACTIVE~1\NanoWrapper.dll]  [Panda Software International, 1, 0, 0, 12]
    [C:\windows\system32\ACTIVE~1\PlgGlaukaComm.dll]  [Panda Software International, 1, 0, 1, 900]
    [C:\windows\system32\ACTIVE~1\NanoKernel.dll]  [Panda Software International, 1, 0, 1, 4]
    [C:\windows\system32\ACTIVE~1\XmlParser.dll]  [Panda Software International, 1, 0, 0, 1]
    [C:\windows\system32\ACTIVE~1\PavPEn.dll]  [Panda Software International, 1, 0, 0, 11]
    [C:\windows\system32\ACTIVE~1\plgSIGLoader.dll]  [Panda Software International, 1, 0, 0, 1]
    [C:\windows\system32\ACTIVE~1\Hash.dll]  [Panda Software International, 1, 0, 0, 0]
    [C:\windows\system32\ACTIVE~1\plgexeid.dll]  [Panda Software International, 1, 0, 0, 2]
    [C:\windows\system32\ACTIVE~1\DiskSign.dll]  [Panda Software International, 1, 150, 1, 3]
    [C:\windows\system32\ACTIVE~1\MemorySign.dll]  [Panda Software International, 1, 150, 1, 5]
    [C:\windows\system32\ACTIVE~1\PAvExCom.dll]  [Panda Software International, 3, 3, 4, 0]
    [C:\windows\system32\ACTIVE~1\TCPVfile.dll]  [Panda Software International, 3, 0, 1, 0]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\Program Files\Common Files\Microsoft Shared\INK\PENCHT.DLL]  [Microsoft Corporation, 1.0.1038.0]
[PID: 1316][C:\windows\system32\IME\Chewing\ChewingServer.exe]  [N/A, ]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
[PID: 3916][C:\Program Files\MSN Messenger\msnmsgr.exe]  [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\MSIMG32.dll]  [Patchou, 4, 20, 0, 262]
    [C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll]  [Patchou, 4, 20, 0, 262]
    [C:\Program Files\Messenger Plus! Live\Detoured.dll]  [N/A, ]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\MSN Messenger\msgsres.dll]  [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\Messenger Plus! Live\MsgPlusLiveRes.dll]  [Patchou, 4, 20, 0, 262]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
    [C:\windows\system32\msdmo.dll]  [, ]
    [C:\Program Files\Messenger Plus! Live\MPScripts.dll]  [N/A, ]
    [C:\Program Files\Messenger Plus! Live\libsndfile.dll]  [N/A, ]
    [C:\Program Files\Messenger Plus! Live\lame_enc.dll]  [N/A, ]
    [C:\windows\system32\CHEWING.IME]  [, 0, 3, 2, 2]
[PID: 4888][C:\Documents and Settings\Administrator\My Documents\My Pictures\常用程式\休閒魔獸\Auto.exe]  [suxxuser.narod.ru, 1.0.0.0]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
[PID: 1280][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JWENEC.exe]  [N/A, ]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
[PID: 1032][C:\Program Files\BitComet\BitComet.exe]  [[url]www.BitComet.com[/url], 0.62.]
    [C:\Program Files\BitComet\dbghelp.dll]  [Microsoft Corporation, 6.3.0011.3 (DbgBuild.040120-1256)]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
[PID: 2024][C:\Program Files\foobar2000\foobar2000.exe]  [N/A, ]
    [C:\Program Files\foobar2000\utf8api.dll]  [N/A, ]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\foobar2000\components\foo_abx.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_ac3.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_albumlist.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_ape.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_apl.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_burninate.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_cdda.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_centercut.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_clienc.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_codepage_action.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_console.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_convolve.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_cue_ex.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_Delete.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_dirvol.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_diskwriter.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_dsp_continuator.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_dsp_extra.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_dsp_pause.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_dsp_soundtouch.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_dsp_wider.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_dts.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_dumb.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_faac.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_flac.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_freedb.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_gep.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_history.dll]  [ , 0, 8, 0, 1]
    [C:\Program Files\foobar2000\components\foo_id3v2.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_infobox.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_input_std.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_mad.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_massdelete.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_masstag.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_matroska.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_midi.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_monkey.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_ofr.dll]  [N/A, ]
    [C:\Program Files\foobar2000\OptimFROG.dll]  [Florin Ghido, [email]FlorinGhido@yahoo.com[/email], 1.100]
    [C:\Program Files\foobar2000\components\foo_output_std.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_out_dsound_ex.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_out_dsound_ex2.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_out_ks.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_playlistgen.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_pphsresample.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_quicktag.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_read_http.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_rgscan.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_scheduler.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_search_ex.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_shell.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_shn.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_shuffle.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_speex.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_syfm.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_toaster.dll]  [Shane Hird, 0, 1, 6, 0]
    [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\foobar2000\components\foo_tta.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_uie_albumart.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_uie_albumlist.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_uie_dbexplorer.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_uie_simple_spectrum.dll]  [ , 0, 1, 6, 1]
    [C:\Program Files\foobar2000\components\foo_uie_tabs.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_uie_trackinfo.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_uie_volume.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_ui_columns.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_ui_std.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_unpack.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_utils.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_vis_manager.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_vis_simple_spectrum.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_wavpack.dll]  [N/A, ]
    [C:\Program Files\foobar2000\components\foo_wma.dll]  [, 1.0.9]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]
    [C:\Program Files\SRENG\GNERS.SCR]  [Smallfrogs Studio, 2.4.12.806]
    [C:\Program Files\Spyware Doctor\tools\swpg.dat]  [PC Tools, 3.6.0.2080]
    [C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll]  [Logitech Inc., 10.5.1.2027]
    [C:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll]  [N/A, ]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1       localhost
127.0.0.1       bar.baidu.com                   #百度IE搜索
127.0.0.1       3721.com                        #3721
127.0.0.1       3721.net                        #3721
127.0.0.1       cnsmin.3721.com                 #3721
127.0.0.1       cnsmin.3721.net                 #3721
127.0.0.1       download.3721.com               #3721
127.0.0.1       download.3721.net               #3721
127.0.0.1       [url]www.3721.com[/url]                    #3721
127.0.0.1       [url]www.3721.net[/url]                    #3721
127.0.0.1       zwsw.3721.net                   #3721
127.0.0.1       ad4.sina.com.cn                 #sina
127.0.0.1       ad.cn.doubleclick.net           #sina

==================================
API HOOK
Entrypoint Error: FreeLibrary (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0x5F00002D)

==================================
Hidden Process
N/A

==================================





獻花 x0 回到頂端 [4 樓] From:臺灣 | Posted:2007-04-16 22:44 |
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

[Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled]
<"C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"><Microsoft Corporation>
[C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll] [N/A, ]
  [C:\Program Files\Messenger Plus! Live\MPScripts.dll] [N/A, ]
[C:\Program Files\Messenger Plus! Live\libsndfile.dll] [N/A, ]
[C:\Program Files\Messenger Plus! Live\lame_enc.dll] [N/A, ]
[PID: 1280][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JWENEC.exe] [N/A, ]

以上的檔案請樓主依路徑打包上傳至免空給我或上傳至VT分析看看是否為惡意...
至於登錄檔的部份樓煮可以下載 Icesword的Registry部分進行刪除...
不過在做任何行動之前建一樓主先備份唷...
另外請問樓主您是否有安裝foobar2000這種播放程式呢?


[ 此文章被彗星風采在2007-04-17 00:23重新編輯 ]


獻花 x1 回到頂端 [5 樓] From:臺灣中華電信HINET | Posted:2007-04-16 23:47 |
tear 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
社區建設獎 特殊貢獻獎
知名人士
級別: 知名人士 該用戶目前不上站
推文 x1 鮮花 x748
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

超感激您的協助 表情

小弟不會用免空耶 表情

但小弟有安裝foobar播放程式沒錯哩



獻花 x0 回到頂端 [6 樓] From:臺灣 | Posted:2007-04-17 00:23 |
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

先把檔案複製在一起然後壓縮
到這個網址http://www.send....com/
按瀏覽選擇要上傳的檔案..
勾選I have read and agree to the terms of service.
按下upload..
完成之後會跳出一個網頁
網頁中間有Download Link:後面所寫的網址給我就可以了....
對了..明天還要上班...可能要明天才能給您答覆了喔!
表情


獻花 x1 回到頂端 [7 樓] From:臺灣中華電信HINET | Posted:2007-04-17 00:30 |
tear 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
社區建設獎 特殊貢獻獎
知名人士
級別: 知名人士 該用戶目前不上站
推文 x1 鮮花 x748
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

下面是引用彗星風采於2007-04-17 00:30發表的 :
對了..明天還要上班...可能要明天才能給您答覆了喔!

麻煩您了 表情

http://www.sendspace...e/f2db1k

叨擾您許久阿~真是抱歉呢~感謝您的協助 表情

早點休息唷~晚安摟 表情



獻花 x0 回到頂端 [8 樓] From:臺灣 | Posted:2007-04-17 00:32 |
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

這6個檔案經上傳至VT的結果..全部都是沒有問題的檔案...
不過我很好奇的一點是JWENEC.exe這葛檔案竟然查不到它的任何資料???
請問樓主知道是什麼檔案嗎?
另外在樓主的SREng報表中並沒有發現其他有問題的存在唷!
至於樓主所說的下列部分...木馬指向機碼
HKEY_LOCAL_MACHINE\SOFTWARE\Tencent
HKEY_LOCAL_MACHINE\SOFTWARE\Tencent\PLATFORM_TYPE_LIST
HKEY_LOCAL_MACHINE\SOFTWARE\Tencent\PLATFORM_TYPE_LIST\1
應該只是殘留下來的機碼沒有刪除....
登錄檔的部份樓煮可以下載 Icesword的Registry部分進行刪除...
不過在做任何行動之前建一樓主先備份唷...
表情


獻花 x1 回到頂端 [9 樓] From:臺灣中華電信 | Posted:2007-04-17 12:17 |

<<   1   2  下頁 >>(共 2 頁)
首頁  發表文章 發表投票 回覆文章
Powered by PHPWind v1.3.6
Copyright © 2003-04 PHPWind
Processed in 0.084587 second(s),query:16 Gzip disabled
本站由 瀛睿律師事務所 擔任常年法律顧問 | 免責聲明 | 本網站已依台灣網站內容分級規定處理 | 連絡我們 | 訪客留言