May 12, 2009
推薦這個部落格: 1
檢視方式: 列表 摘要
April 8, 2009
[code]
script code: 11259
efix 5.1 20090403.10 - 2009-04-07 17:32:12.54 - ntfs
Microsoft Windows XP Service Pack 3 - SHIN
執行位置: D:\Documents and Settings\SHIN\桌面\EF.exe
================================================================================
EF刪除的檔案列表:
e:\ravmon.exe
================================================================================
EF修改的登錄值列表:
沒有刪除任何登錄值.
================================================================================
EF刪除的檔案備份位置列表:
e:\RavMon.exe => D:\ef_backup\backup\e\RavMon.exe.vir
================================================================================
各磁碟根目錄含有隱藏屬性的檔案 :
--sha-w 211 2007-03-02 05:51:32 C:\BOOT.BKK
--sh--w 211 2007-03-02 05:51:32 C:\boot.ini
--sha-r 213,830 2004-07-12 00:00:00 C:\bootfont.bin
--sha-r 0 2007-03-02 05:55:46 C:\IO.SYS
--sha-r 0 2007-03-02 05:55:46 C:\MSDOS.SYS
--sha-r 47,564 2004-07-12 00:00:00 C:\NTDETECT.COM
--sha-r 257,728 2008-08-23 04:45:52 C:\ntldr
--sha-w 9,728 2009-01-16 10:53:09 E:\Thumbs.db
********** Created 2009-03 -- 2009-04 Files: **********
2009-04-07 17:32 . 2009-04-07 17:32 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\wpdnse
2009-04-07 09:10 . 2009-04-07 09:10 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\flashgot.cq0gwrjl.default
2009-04-06 00:01 . 2009-04-06 00:05 d-------- <DIR> D:\WINDOWS\system32\ntmsdata
2009-04-05 12:13 . 2009-04-05 12:15 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-138
2009-04-01 11:37 . 2009-04-01 16:13 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-137
2009-03-30 19:19 . 2009-03-30 19:26 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-136
2009-03-30 18:37 . 2009-03-30 18:37 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\0330183700000580hb6p82wz6x
2009-03-30 18:35 . 2009-03-30 18:35 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\03301835000005809smj4uj9l3
2009-03-30 18:34 . 2009-03-30 18:34 d-------- <DIR> D:\Program Files\microsoft
2009-03-30 18:34 . 2009-03-30 18:34 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\03301834000005805yrg1x3ejk
2009-03-20 11:11 . 2009-03-21 01:32 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-135
2009-03-19 11:44 . 2009-03-19 14:07 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-134
2009-03-14 07:51 . 2009-03-14 12:48 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-133
2009-03-10 18:03 . 2009-03-10 22:29 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-132
2009-03-09 23:12 . 2009-03-10 00:13 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-131
2009-03-09 09:12 . 2009-03-09 16:20 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-130
2009-03-05 20:18 . 2009-03-05 20:20 d-------- <DIR> D:\WINDOWS\nview
2009-03-05 20:17 . 2009-03-05 20:18 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\iss1.tmp
2009-03-05 20:14 . 2009-03-05 20:15 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\{ffcb75b9-3c06-4648-bb19-8fa9d1c2ade0}
2009-03-05 20:13 . 2009-03-05 20:13 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\pft4c9~tmp
2009-03-05 20:13 . 2009-03-05 20:15 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\iss4ca.tmp
2009-03-05 18:57 . 2009-03-05 18:57 d-------- <DIR> D:\Program Files\daemon tools lite
2009-03-05 18:34 . 2009-03-05 18:34 d-------- <DIR> D:\koei
2009-03-05 18:32 . 2009-03-05 18:33 d-------- <DIR> D:\三國志11
2009-03-04 11:02 . 2009-03-04 11:21 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-129
2009-04-07 17:29 . 2009-02-02 15:43 --a------ 30,720 D:\WINDOWS\nircmd.com
2009-04-07 17:14 . 2009-04-07 17:14 --a------ 344,064 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~dfa391.tmp
2009-04-07 17:14 . 2009-04-07 17:14 --a------ 344,064 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~df8426.tmp
2009-04-07 17:14 . 2009-04-07 17:14 --a----t- 16,384 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~dfa3a6.tmp
2009-04-07 17:14 . 2009-04-07 17:14 --a----t- 16,384 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~df8437.tmp
2009-04-07 09:00 . 2009-04-07 09:00 --a----t- 16,384 D:\WINDOWS\temp\perflib_perfdata_774.dat
2009-03-19 11:43 . 2009-03-19 11:43 --a------ 148,888 D:\WINDOWS\system32\javaws.exe
2009-03-19 11:43 . 2009-03-19 11:43 --a------ 144,792 D:\WINDOWS\system32\javaw.exe
2009-03-19 11:43 . 2009-03-19 11:43 --a------ 144,792 D:\WINDOWS\system32\java.exe
2009-03-05 19:26 . 2009-03-05 19:26 --a------ 664 D:\WINDOWS\system32\d3d9caps.dat
.
********** Modified 2009-02 -- 2009-04 files: **********
2009-04-07 09:14:43 ----atw 16,384 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~DF8437.tmp
2009-04-07 09:14:43 ----a-w 344,064 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~DF8426.tmp
2009-04-07 09:14:42 ----atw 16,384 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~DFA3A6.tmp
2009-04-07 09:14:42 ----a-w 344,064 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~DFA391.tmp
2009-04-07 01:00:11 --s-a-w 2,048 D:\WINDOWS\bootstat.dat
2009-04-06 07:54:33 d-----w 0 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~nsu.tmp
2009-04-02 17:00:13 ----a-w 1,070 D:\WINDOWS\system32\cid_store.dat
2009-03-30 11:26:49 ----a-w 81,112 D:\WINDOWS\system32\perfc009.dat
2009-03-30 11:26:49 ----a-w 452,596 D:\WINDOWS\system32\perfh009.dat
2009-03-30 11:26:49 ----a-w 423,802 D:\WINDOWS\system32\prfh0404.dat
2009-03-30 11:26:49 ----a-w 206,232 D:\WINDOWS\system32\prfc0404.dat
2009-03-30 11:22:32 ----a-w 4,566 D:\WINDOWS\imsins.BAK
2009-03-19 03:43:36 ----a-w 410,984 D:\WINDOWS\system32\deploytk.dll
2009-03-13 03:44:47 ----a-w 216,312 D:\WINDOWS\system32\FNTCACHE.DAT
2009-02-25 04:55:00 ----a-w 24,768,960 D:\WINDOWS\system32\MRT.exe
2009-02-09 14:03:36 ----a-w 1,846,400 D:\WINDOWS\system32\win32k.sys
2009-02-06 11:19:04 ----a-w 305,528 D:\WINDOWS\WLXPGSS.SCR
2009-02-06 10:52:40 ----a-w 49,504 D:\WINDOWS\system32\sirenacm.dll
.
================================================================================
執行中的程序:
[PID: 844] D:\Program Files\CyberLink\Shared files\RichVideo.exe [N/A]
[PID: 588] D:\WINDOWS\system32\oodag.exe [O&O Software GmbH]
[PID: 552] D:\WINDOWS\system32\nvsvc32.exe [NVIDIA Corporation]
[PID: 532] D:\Program Files\Eset\nod32krn.exe [Eset ]
[PID: 424] D:\WINDOWS\System32\alg.exe [Microsoft Corporation]
[PID: 3864] D:\WINDOWS\system32\conime.exe [Microsoft Corporation]
[PID: 3624] D:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe [Sony Ericsson Mobile Communications AB]
[PID: 3620] D:\Program Files\eMule\emule.exe [hxxp://www.emule-project.net]
[PID: 3528] D:\Program Files\iTunes\iTunes.exe [Apple Inc.]
[PID: 3348] D:\Program Files\Common Files\Teleca Shared\Generic.exe [Teleca AB]
[PID: 320] D:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [Microsoft Corporation]
[PID: 2724] D:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe [Yahoo! Inc.]
[PID: 2672] D:\Program Files\iPod\bin\iPodService.exe [Apple Inc.]
[PID: 2532] D:\Program Files\DAEMON Tools Lite\daemon.exe [DT Soft Ltd]
[PID: 2508] D:\Program Files\Free Desktop Clock\DesktopClock.exe [N/A]
[PID: 2448] D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [Nero AG]
[PID: 2416] D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [Microsoft Corporation]
[PID: 2368] D:\WINDOWS\system32\ctfmon.exe [Microsoft Corporation]
[PID: 2320] D:\Program Files\Java\jre6\bin\jusched.exe [Sun Microsystems, Inc.]
[PID: 2220] D:\Program Files\Audio Deck\EnMixCPL.exe [N/A]
[PID: 2188] D:\Program Files\iTunes\iTunesHelper.exe [Apple Inc.]
[PID: 2080] D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [N/A]
[PID: 2072] D:\Program Files\Eset\nod32kui.exe [Eset ]
[PID: 2044] D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [Cyberlink Corp.]
[PID: 2028] D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverrider.exe [N/A]
[PID: 1908] D:\Program Files\Java\jre6\bin\jqs.exe [Sun Microsystems, Inc.]
[PID: 1784] D:\Program Files\Bonjour\mDNSResponder.exe [Apple Inc.]
[PID: 1772] D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [Apple Inc.]
[PID: 1596] D:\WINDOWS\system32\spoolsv.exe [Microsoft Corporation]
[PID: 1388] D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [Microsoft Corporation]
[PID: 1264] D:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [Microsoft Corporation]
系統執行程序中沒有檔案資訊的動態連結檔:
lsass.exe PID: (784)
=> D:\WINDOWS\system32\UxTheme.dll
UACtehmtldq.dll b60000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
winlogon.exe PID: (728)
UACtehmtldq.dll 9a0000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
=> D:\WINDOWS\system32\UxTheme.dll
explorer.exe PID: (3952)
=> D:\WINDOWS\system32\UxTheme.dll
UACugbfihko.dll e40000 86016 \\?\globalroot\systemroot\system32\UACugbfihko.dll
UACtehmtldq.dll f70000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
=> D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll
=> D:\WindowBlinds\tray.dll
svchost.exe PID: (980)
=> D:\WINDOWS\system32\UxTheme.dll
UACugbfihko.dll a20000 86016 \\?\globalroot\systemroot\system32\UACugbfihko.dll
UACtehmtldq.dll af0000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
svchost.exe PID: (1064)
=> D:\WINDOWS\system32\UxTheme.dll
UACugbfihko.dll a20000 86016 \\?\globalroot\systemroot\system32\UACugbfihko.dll
UACtehmtldq.dll af0000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
svchost.exe PID: (1236)
=> D:\WINDOWS\system32\UxTheme.dll
UACugbfihko.dll a20000 86016 \\?\globalroot\systemroot\system32\UACugbfihko.dll
UACtehmtldq.dll af0000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
svchost.exe PID: (1312)
=> D:\WINDOWS\system32\UxTheme.dll
UACugbfihko.dll a20000 86016 \\?\globalroot\systemroot\system32\UACugbfihko.dll
UACtehmtldq.dll af0000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
svchost.exe PID: (1420)
=> D:\WINDOWS\system32\UxTheme.dll
UACugbfihko.dll a20000 86016 \\?\globalroot\systemroot\system32\UACugbfihko.dll
UACtehmtldq.dll af0000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
================================================================================
登錄值列表 *** 注意 : 部分正常值不會顯示 ***
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"Appinit_dlls"=wbsys.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [Microsoft Corporation]
"MsnMsgr"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Microsoft Corporation]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [Nero AG]
"Yahoo! Pager"="D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [Yahoo! Inc.]
"SkinClock"="D:\Program Files\Free Desktop Clock\DesktopClock.exe" [N/A]
"DAEMON Tools Lite"="D:\Program Files\DAEMON Tools Lite\daemon.exe" [DT Soft Ltd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="D:\WINDOWS\ime\IMJP8_1\imjpmig.exe" [Microsoft Corporation]
"PHIME2002ASync"="D:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe" [Microsoft Corporation]
"PHIME2002A"="D:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe" [Microsoft Corporation]
"NWEReboot"="" [File Not Found.]
"NeroFilterCheck"="D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [Nero AG]
"RemoteControl"="D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [Cyberlink Corp.]
"LanguageShortcut"="D:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [N/A]
"nod32kui"="D:\Program Files\Eset\nod32kui.exe" [Eset ]
"Sony Ericsson PC Suite"="D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [N/A]
"GIZMO2"="D:\Program Files\GIZMO2\GIZMO.exe" [ants Inc.]
"Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe" [Adobe Systems Incorporated]
"AppleSyncNotifier"="D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [Apple Inc.]
"QuickTime Task"="D:\Program Files\QuickTime\QTTask.exe" [Apple Inc.]
"iTunesHelper"="D:\Program Files\iTunes\iTunesHelper.exe" [Apple Inc.]
"NvCplDaemon"="D:\WINDOWS\system32\nvcpl.dll" [NVIDIA Corporation]
"nwiz"="D:\WINDOWS\system32\nwiz.exe" [N/A]
"NvMediaCenter"="D:\WINDOWS\system32\nvmctray.dll" [NVIDIA Corporation]
"SunJavaUpdateSched"="D:\Program Files\Java\jre6\bin\jusched.exe" [Sun Microsystems, Inc.]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" - 2006-10-18 21:47 133632 D:\WINDOWS\system32\WPDShServiceObj.dll
[HKEY_LOCAL_MACHINE\~\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
[HKEY_LOCAL_MACHINE\~\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
2006-05-16 15:19 81920 D:\PROGRA~1\FlashGet\Jccatch.dll
[HKEY_LOCAL_MACHINE\~\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}]
2007-11-23 18:08 1933256 D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
[HKEY_LOCAL_MACHINE\~\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\~\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
2009-03-19 11:43 35840 D:\Program Files\Java\jre6\bin\jp2ssv.dll
[HKEY_LOCAL_MACHINE\~\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
2009-03-19 11:43 73728 D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
D:\WindowBlinds\wbsrv.dll - 2007-05-03 14:13 176128 D:\WindowBlinds\WbSrv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"VIDC.XVID"="D:\WINDOWS\system32\xvidvfw.dll" [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
HonorAutoRunSetting=0x1
ASSOC: .html=FirefoxHTML
ASSOC: .txt=emeditor.txt
FTYPE: emeditor.txt=D:\Program Files\EmEditor\EMEDITOR.EXE %1
沒有數位簽章的系統檔案
2008-06-20 19:51 361600 D:\WINDOWS\system32\DRIVERS\TCPIP.SYS [Microsoft Corporation]
--> 2006-04-20 20:18 360576 D:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys [Sigcheck failed.]
--> 2007-10-31 00:53 360832 D:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys [Sigcheck failed.]
--> 2008-06-20 18:44 360960 D:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys [Sigcheck ok.]
--> 2008-06-20 19:51 361600 D:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys [Sigcheck ok.]
--> 2008-06-20 19:59 361600 D:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys [Sigcheck ok.]
--> 2008-06-20 18:45 360320 D:\WINDOWS\$NtServicePackUninstall$\tcpip.sys [Sigcheck ok.]
--> 2004-07-12 08:00 359040 D:\WINDOWS\$NtUninstallKB917953$\tcpip.sys [Sigcheck ok.]
--> 2006-04-20 19:51 359808 D:\WINDOWS\$NtUninstallKB941644$\tcpip.sys [Sigcheck failed.]
--> 2008-04-14 03:20 361344 D:\WINDOWS\$NtUninstallKB951748$\tcpip.sys [Sigcheck ok.]
--> 2007-10-31 01:20 360064 D:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys [Sigcheck failed.]
--> 2008-04-14 03:20 361344 D:\WINDOWS\ServicePackFiles\i386\tcpip.sys [Sigcheck ok.]
--> 2008-06-20 19:51 361600 D:\WINDOWS\system32\dllcache\tcpip.sys [Sigcheck ok.]
--> 2008-06-20 19:51 361600 D:\WINDOWS\system32\drivers\tcpip.sys [Sigcheck failed.]
================================================================================
服務 \ 驅動 列表:
顯示方式 : 啟動狀態 服務名稱;顯示名稱;檔案名稱
啟動狀態 : S0 = Boot Start S1 = System Start S2 = Auto Start S3 = Manual Start S4 = Disable S9 = Unknow
S2 AMON;AMON;D:\WINDOWS\system32\drivers\amon.sys [Eset ]
S3 drhard;DRHARD;D:\WINDOWS\system32\DRIVERS\DRHARD.SYS [Licensed for Gebhard Software]
S3 Envy24HFS;ICE Envy24 Family Audio Controller WDM;D:\WINDOWS\system32\drivers\Envy24HF.sys [VIA - IC Ensemble, Inc.]
S3 RivaTuner32;RivaTuner32;D:\Program Files\RivaTuner v2.0 Final Release\RivaTuner32.sys [N/A]
S3 s116bus;Sony Ericsson Device 116 driver (WDM);D:\WINDOWS\system32\DRIVERS\s116bus.sys [MCCI Corporation]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter;D:\WINDOWS\system32\DRIVERS\s116mdfl.sys [MCCI Corporation]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM);D:\WINDOWS\system32\DRIVERS\s116mgmt.sys [MCCI Corporation]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS);D:\WINDOWS\system32\DRIVERS\s116nd5.sys [MCCI Corporation]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface;D:\WINDOWS\system32\DRIVERS\s116obex.sys [MCCI Corporation]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM);D:\WINDOWS\system32\DRIVERS\s116unic.sys [MCCI Corporation]
S2 SQLWriter;SQL Server VSS Writer;D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [Microsoft Corporation]
S2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};D:\Program Files\CyberLink\PowerDVD\000.fcl [Cyberlink Corp.]
S3 napagent;Network Access Protection Agent;D:\WINDOWS\System32\qagentrt.dll [Microsoft Corporation]
================================================================================
被隱藏的驅動項目 ( 上面驅動項未顯示出來就可能有問題 ):
UACd.sys;D:\WINDOWS\system32\drivers\UACoyrodulr.sys
================================================================================
S0 sptd;sptd;D:\WINDOWS\system32\Drivers\sptd.sys [N/A]
S1 Tcpip;TCP/IP Protocol Driver;D:\WINDOWS\system32\DRIVERS\tcpip.sys [Microsoft Corporation <Sigcheck Failed>]
================================================================================
工作排程資料夾內的資料:
2009-04-02 D:\WINDOWS\TASKS\AppleSoftwareUpdate.job
- D:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34 566592]
IE 首頁設定:
Internet Explorer Version: 6.0.2900.5512
HKLM - Search Page = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sp/msgr8/*hxxp://tw.search.yahoo.com
HKCU - Start Page = hxxp://tw.yahoo.com/
HKCU - Search Page = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sp/msgr8/*hxxp://tw.search.yahoo.com
HKCU - Extra menu item: 下載編碼內容(&D.S.Lite) - D:\DSLite2.07.45\dl_text.html
HKCU - Extra menu item: 下載編碼內容(S&martGet) - D:\Documents and Settings\SHIN\桌面\未使用的桌面捷徑\SmartGet1.45.3\dl_text.html
HKCU - Extra menu item: 下載編碼檔案內容(&D.S.Lite) - D:\DSLite2.07.45\dl_url.html
HKCU - Extra menu item: 使用 FlashGet 下載 - D:\PROGRA~1\FlashGet\jc_link.htm
HKCU - Extra menu item: 使用S&martGet下載 - D:\Documents and Settings\SHIN\桌面\未使用的桌面捷徑\SmartGet1.45.3\dl_link.htm
HKCU - Extra menu item: 全部使用 FlashGet 下載 - D:\PROGRA~1\FlashGet\jc_all.htm
HKCU - Extra menu item: 全部使用Smart&Get下載 - D:\Documents and Settings\SHIN\桌面\未使用的桌面捷徑\SmartGet1.45.3\dl_all.htm
HKCU - Extra menu item: 匯出至 Microsoft Excel(&X) - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
HKCU - Extra menu item: ・?ウ。ィマ・ホ FlashGet 、Uク
HKLM - Extensions: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
HKLM - Extensions: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
HKLM - Extensions: {F8475519-8412-4D40-A46E-692D9D04DF7F} - D:\DSLite2.07.45\DSLite.exe
HKLM - Extensions: {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
HKLM - Extensions: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
LSP: d:\windows\system32\imon.dll
LSP: d:\program files\bonjour\mdnsnsp.dll
DNS: {03463F0A-6D25-4963-AFB2-072BA4443453} - 168.95.192.1 168.95.1.1
================================================================================
Win32/Conficker worm has not been found active in the memory.
Do you want to perform scanning and cleaning anyway? (y/n)
Nothing was found.
Checking for Win32/Conficker.AA files:
Nothing was found.
================================================================================
磁碟空間 C: - 6,310,625,280 位元組可用
磁碟空間 D: - 27,123,675,136 位元組可用
磁碟空間 E: - 4,544,491,520 位元組可用
掃描結束時間: 2009-04-07 17:34:46.98
[/CODE]
script code: 11259
efix 5.1 20090403.10 - 2009-04-07 17:32:12.54 - ntfs
Microsoft Windows XP Service Pack 3 - SHIN
執行位置: D:\Documents and Settings\SHIN\桌面\EF.exe
================================================================================
EF刪除的檔案列表:
e:\ravmon.exe
================================================================================
EF修改的登錄值列表:
沒有刪除任何登錄值.
================================================================================
EF刪除的檔案備份位置列表:
e:\RavMon.exe => D:\ef_backup\backup\e\RavMon.exe.vir
================================================================================
各磁碟根目錄含有隱藏屬性的檔案 :
--sha-w 211 2007-03-02 05:51:32 C:\BOOT.BKK
--sh--w 211 2007-03-02 05:51:32 C:\boot.ini
--sha-r 213,830 2004-07-12 00:00:00 C:\bootfont.bin
--sha-r 0 2007-03-02 05:55:46 C:\IO.SYS
--sha-r 0 2007-03-02 05:55:46 C:\MSDOS.SYS
--sha-r 47,564 2004-07-12 00:00:00 C:\NTDETECT.COM
--sha-r 257,728 2008-08-23 04:45:52 C:\ntldr
--sha-w 9,728 2009-01-16 10:53:09 E:\Thumbs.db
********** Created 2009-03 -- 2009-04 Files: **********
2009-04-07 17:32 . 2009-04-07 17:32 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\wpdnse
2009-04-07 09:10 . 2009-04-07 09:10 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\flashgot.cq0gwrjl.default
2009-04-06 00:01 . 2009-04-06 00:05 d-------- <DIR> D:\WINDOWS\system32\ntmsdata
2009-04-05 12:13 . 2009-04-05 12:15 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-138
2009-04-01 11:37 . 2009-04-01 16:13 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-137
2009-03-30 19:19 . 2009-03-30 19:26 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-136
2009-03-30 18:37 . 2009-03-30 18:37 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\0330183700000580hb6p82wz6x
2009-03-30 18:35 . 2009-03-30 18:35 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\03301835000005809smj4uj9l3
2009-03-30 18:34 . 2009-03-30 18:34 d-------- <DIR> D:\Program Files\microsoft
2009-03-30 18:34 . 2009-03-30 18:34 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\03301834000005805yrg1x3ejk
2009-03-20 11:11 . 2009-03-21 01:32 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-135
2009-03-19 11:44 . 2009-03-19 14:07 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-134
2009-03-14 07:51 . 2009-03-14 12:48 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-133
2009-03-10 18:03 . 2009-03-10 22:29 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-132
2009-03-09 23:12 . 2009-03-10 00:13 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-131
2009-03-09 09:12 . 2009-03-09 16:20 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-130
2009-03-05 20:18 . 2009-03-05 20:20 d-------- <DIR> D:\WINDOWS\nview
2009-03-05 20:17 . 2009-03-05 20:18 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\iss1.tmp
2009-03-05 20:14 . 2009-03-05 20:15 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\{ffcb75b9-3c06-4648-bb19-8fa9d1c2ade0}
2009-03-05 20:13 . 2009-03-05 20:13 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\pft4c9~tmp
2009-03-05 20:13 . 2009-03-05 20:15 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\iss4ca.tmp
2009-03-05 18:57 . 2009-03-05 18:57 d-------- <DIR> D:\Program Files\daemon tools lite
2009-03-05 18:34 . 2009-03-05 18:34 d-------- <DIR> D:\koei
2009-03-05 18:32 . 2009-03-05 18:33 d-------- <DIR> D:\三國志11
2009-03-04 11:02 . 2009-03-04 11:21 d-------- <DIR> D:\DOCUME~1\SHIN\LOCALS~1\Temp\plugtmp-129
2009-04-07 17:29 . 2009-02-02 15:43 --a------ 30,720 D:\WINDOWS\nircmd.com
2009-04-07 17:14 . 2009-04-07 17:14 --a------ 344,064 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~dfa391.tmp
2009-04-07 17:14 . 2009-04-07 17:14 --a------ 344,064 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~df8426.tmp
2009-04-07 17:14 . 2009-04-07 17:14 --a----t- 16,384 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~dfa3a6.tmp
2009-04-07 17:14 . 2009-04-07 17:14 --a----t- 16,384 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~df8437.tmp
2009-04-07 09:00 . 2009-04-07 09:00 --a----t- 16,384 D:\WINDOWS\temp\perflib_perfdata_774.dat
2009-03-19 11:43 . 2009-03-19 11:43 --a------ 148,888 D:\WINDOWS\system32\javaws.exe
2009-03-19 11:43 . 2009-03-19 11:43 --a------ 144,792 D:\WINDOWS\system32\javaw.exe
2009-03-19 11:43 . 2009-03-19 11:43 --a------ 144,792 D:\WINDOWS\system32\java.exe
2009-03-05 19:26 . 2009-03-05 19:26 --a------ 664 D:\WINDOWS\system32\d3d9caps.dat
.
********** Modified 2009-02 -- 2009-04 files: **********
2009-04-07 09:14:43 ----atw 16,384 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~DF8437.tmp
2009-04-07 09:14:43 ----a-w 344,064 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~DF8426.tmp
2009-04-07 09:14:42 ----atw 16,384 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~DFA3A6.tmp
2009-04-07 09:14:42 ----a-w 344,064 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~DFA391.tmp
2009-04-07 01:00:11 --s-a-w 2,048 D:\WINDOWS\bootstat.dat
2009-04-06 07:54:33 d-----w 0 D:\DOCUME~1\SHIN\LOCALS~1\Temp\~nsu.tmp
2009-04-02 17:00:13 ----a-w 1,070 D:\WINDOWS\system32\cid_store.dat
2009-03-30 11:26:49 ----a-w 81,112 D:\WINDOWS\system32\perfc009.dat
2009-03-30 11:26:49 ----a-w 452,596 D:\WINDOWS\system32\perfh009.dat
2009-03-30 11:26:49 ----a-w 423,802 D:\WINDOWS\system32\prfh0404.dat
2009-03-30 11:26:49 ----a-w 206,232 D:\WINDOWS\system32\prfc0404.dat
2009-03-30 11:22:32 ----a-w 4,566 D:\WINDOWS\imsins.BAK
2009-03-19 03:43:36 ----a-w 410,984 D:\WINDOWS\system32\deploytk.dll
2009-03-13 03:44:47 ----a-w 216,312 D:\WINDOWS\system32\FNTCACHE.DAT
2009-02-25 04:55:00 ----a-w 24,768,960 D:\WINDOWS\system32\MRT.exe
2009-02-09 14:03:36 ----a-w 1,846,400 D:\WINDOWS\system32\win32k.sys
2009-02-06 11:19:04 ----a-w 305,528 D:\WINDOWS\WLXPGSS.SCR
2009-02-06 10:52:40 ----a-w 49,504 D:\WINDOWS\system32\sirenacm.dll
.
================================================================================
執行中的程序:
[PID: 844] D:\Program Files\CyberLink\Shared files\RichVideo.exe [N/A]
[PID: 588] D:\WINDOWS\system32\oodag.exe [O&O Software GmbH]
[PID: 552] D:\WINDOWS\system32\nvsvc32.exe [NVIDIA Corporation]
[PID: 532] D:\Program Files\Eset\nod32krn.exe [Eset ]
[PID: 424] D:\WINDOWS\System32\alg.exe [Microsoft Corporation]
[PID: 3864] D:\WINDOWS\system32\conime.exe [Microsoft Corporation]
[PID: 3624] D:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe [Sony Ericsson Mobile Communications AB]
[PID: 3620] D:\Program Files\eMule\emule.exe [hxxp://www.emule-project.net]
[PID: 3528] D:\Program Files\iTunes\iTunes.exe [Apple Inc.]
[PID: 3348] D:\Program Files\Common Files\Teleca Shared\Generic.exe [Teleca AB]
[PID: 320] D:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [Microsoft Corporation]
[PID: 2724] D:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe [Yahoo! Inc.]
[PID: 2672] D:\Program Files\iPod\bin\iPodService.exe [Apple Inc.]
[PID: 2532] D:\Program Files\DAEMON Tools Lite\daemon.exe [DT Soft Ltd]
[PID: 2508] D:\Program Files\Free Desktop Clock\DesktopClock.exe [N/A]
[PID: 2448] D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [Nero AG]
[PID: 2416] D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [Microsoft Corporation]
[PID: 2368] D:\WINDOWS\system32\ctfmon.exe [Microsoft Corporation]
[PID: 2320] D:\Program Files\Java\jre6\bin\jusched.exe [Sun Microsystems, Inc.]
[PID: 2220] D:\Program Files\Audio Deck\EnMixCPL.exe [N/A]
[PID: 2188] D:\Program Files\iTunes\iTunesHelper.exe [Apple Inc.]
[PID: 2080] D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [N/A]
[PID: 2072] D:\Program Files\Eset\nod32kui.exe [Eset ]
[PID: 2044] D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [Cyberlink Corp.]
[PID: 2028] D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverrider.exe [N/A]
[PID: 1908] D:\Program Files\Java\jre6\bin\jqs.exe [Sun Microsystems, Inc.]
[PID: 1784] D:\Program Files\Bonjour\mDNSResponder.exe [Apple Inc.]
[PID: 1772] D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [Apple Inc.]
[PID: 1596] D:\WINDOWS\system32\spoolsv.exe [Microsoft Corporation]
[PID: 1388] D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [Microsoft Corporation]
[PID: 1264] D:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [Microsoft Corporation]
系統執行程序中沒有檔案資訊的動態連結檔:
lsass.exe PID: (784)
=> D:\WINDOWS\system32\UxTheme.dll
UACtehmtldq.dll b60000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
winlogon.exe PID: (728)
UACtehmtldq.dll 9a0000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
=> D:\WINDOWS\system32\UxTheme.dll
explorer.exe PID: (3952)
=> D:\WINDOWS\system32\UxTheme.dll
UACugbfihko.dll e40000 86016 \\?\globalroot\systemroot\system32\UACugbfihko.dll
UACtehmtldq.dll f70000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
=> D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll
=> D:\WindowBlinds\tray.dll
svchost.exe PID: (980)
=> D:\WINDOWS\system32\UxTheme.dll
UACugbfihko.dll a20000 86016 \\?\globalroot\systemroot\system32\UACugbfihko.dll
UACtehmtldq.dll af0000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
svchost.exe PID: (1064)
=> D:\WINDOWS\system32\UxTheme.dll
UACugbfihko.dll a20000 86016 \\?\globalroot\systemroot\system32\UACugbfihko.dll
UACtehmtldq.dll af0000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
svchost.exe PID: (1236)
=> D:\WINDOWS\system32\UxTheme.dll
UACugbfihko.dll a20000 86016 \\?\globalroot\systemroot\system32\UACugbfihko.dll
UACtehmtldq.dll af0000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
svchost.exe PID: (1312)
=> D:\WINDOWS\system32\UxTheme.dll
UACugbfihko.dll a20000 86016 \\?\globalroot\systemroot\system32\UACugbfihko.dll
UACtehmtldq.dll af0000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
svchost.exe PID: (1420)
=> D:\WINDOWS\system32\UxTheme.dll
UACugbfihko.dll a20000 86016 \\?\globalroot\systemroot\system32\UACugbfihko.dll
UACtehmtldq.dll af0000 204800 \\?\globalroot\systemroot\system32\UACtehmtldq.dll
================================================================================
登錄值列表 *** 注意 : 部分正常值不會顯示 ***
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"Appinit_dlls"=wbsys.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [Microsoft Corporation]
"MsnMsgr"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Microsoft Corporation]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [Nero AG]
"Yahoo! Pager"="D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [Yahoo! Inc.]
"SkinClock"="D:\Program Files\Free Desktop Clock\DesktopClock.exe" [N/A]
"DAEMON Tools Lite"="D:\Program Files\DAEMON Tools Lite\daemon.exe" [DT Soft Ltd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="D:\WINDOWS\ime\IMJP8_1\imjpmig.exe" [Microsoft Corporation]
"PHIME2002ASync"="D:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe" [Microsoft Corporation]
"PHIME2002A"="D:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe" [Microsoft Corporation]
"NWEReboot"="" [File Not Found.]
"NeroFilterCheck"="D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [Nero AG]
"RemoteControl"="D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [Cyberlink Corp.]
"LanguageShortcut"="D:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [N/A]
"nod32kui"="D:\Program Files\Eset\nod32kui.exe" [Eset ]
"Sony Ericsson PC Suite"="D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [N/A]
"GIZMO2"="D:\Program Files\GIZMO2\GIZMO.exe" [ants Inc.]
"Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe" [Adobe Systems Incorporated]
"AppleSyncNotifier"="D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [Apple Inc.]
"QuickTime Task"="D:\Program Files\QuickTime\QTTask.exe" [Apple Inc.]
"iTunesHelper"="D:\Program Files\iTunes\iTunesHelper.exe" [Apple Inc.]
"NvCplDaemon"="D:\WINDOWS\system32\nvcpl.dll" [NVIDIA Corporation]
"nwiz"="D:\WINDOWS\system32\nwiz.exe" [N/A]
"NvMediaCenter"="D:\WINDOWS\system32\nvmctray.dll" [NVIDIA Corporation]
"SunJavaUpdateSched"="D:\Program Files\Java\jre6\bin\jusched.exe" [Sun Microsystems, Inc.]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" - 2006-10-18 21:47 133632 D:\WINDOWS\system32\WPDShServiceObj.dll
[HKEY_LOCAL_MACHINE\~\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
[HKEY_LOCAL_MACHINE\~\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
2006-05-16 15:19 81920 D:\PROGRA~1\FlashGet\Jccatch.dll
[HKEY_LOCAL_MACHINE\~\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}]
2007-11-23 18:08 1933256 D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
[HKEY_LOCAL_MACHINE\~\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\~\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
2009-03-19 11:43 35840 D:\Program Files\Java\jre6\bin\jp2ssv.dll
[HKEY_LOCAL_MACHINE\~\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
2009-03-19 11:43 73728 D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
D:\WindowBlinds\wbsrv.dll - 2007-05-03 14:13 176128 D:\WindowBlinds\WbSrv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"VIDC.XVID"="D:\WINDOWS\system32\xvidvfw.dll" [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
HonorAutoRunSetting=0x1
ASSOC: .html=FirefoxHTML
ASSOC: .txt=emeditor.txt
FTYPE: emeditor.txt=D:\Program Files\EmEditor\EMEDITOR.EXE %1
沒有數位簽章的系統檔案
2008-06-20 19:51 361600 D:\WINDOWS\system32\DRIVERS\TCPIP.SYS [Microsoft Corporation]
--> 2006-04-20 20:18 360576 D:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys [Sigcheck failed.]
--> 2007-10-31 00:53 360832 D:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys [Sigcheck failed.]
--> 2008-06-20 18:44 360960 D:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys [Sigcheck ok.]
--> 2008-06-20 19:51 361600 D:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys [Sigcheck ok.]
--> 2008-06-20 19:59 361600 D:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys [Sigcheck ok.]
--> 2008-06-20 18:45 360320 D:\WINDOWS\$NtServicePackUninstall$\tcpip.sys [Sigcheck ok.]
--> 2004-07-12 08:00 359040 D:\WINDOWS\$NtUninstallKB917953$\tcpip.sys [Sigcheck ok.]
--> 2006-04-20 19:51 359808 D:\WINDOWS\$NtUninstallKB941644$\tcpip.sys [Sigcheck failed.]
--> 2008-04-14 03:20 361344 D:\WINDOWS\$NtUninstallKB951748$\tcpip.sys [Sigcheck ok.]
--> 2007-10-31 01:20 360064 D:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys [Sigcheck failed.]
--> 2008-04-14 03:20 361344 D:\WINDOWS\ServicePackFiles\i386\tcpip.sys [Sigcheck ok.]
--> 2008-06-20 19:51 361600 D:\WINDOWS\system32\dllcache\tcpip.sys [Sigcheck ok.]
--> 2008-06-20 19:51 361600 D:\WINDOWS\system32\drivers\tcpip.sys [Sigcheck failed.]
================================================================================
服務 \ 驅動 列表:
顯示方式 : 啟動狀態 服務名稱;顯示名稱;檔案名稱
啟動狀態 : S0 = Boot Start S1 = System Start S2 = Auto Start S3 = Manual Start S4 = Disable S9 = Unknow
S2 AMON;AMON;D:\WINDOWS\system32\drivers\amon.sys [Eset ]
S3 drhard;DRHARD;D:\WINDOWS\system32\DRIVERS\DRHARD.SYS [Licensed for Gebhard Software]
S3 Envy24HFS;ICE Envy24 Family Audio Controller WDM;D:\WINDOWS\system32\drivers\Envy24HF.sys [VIA - IC Ensemble, Inc.]
S3 RivaTuner32;RivaTuner32;D:\Program Files\RivaTuner v2.0 Final Release\RivaTuner32.sys [N/A]
S3 s116bus;Sony Ericsson Device 116 driver (WDM);D:\WINDOWS\system32\DRIVERS\s116bus.sys [MCCI Corporation]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter;D:\WINDOWS\system32\DRIVERS\s116mdfl.sys [MCCI Corporation]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM);D:\WINDOWS\system32\DRIVERS\s116mgmt.sys [MCCI Corporation]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS);D:\WINDOWS\system32\DRIVERS\s116nd5.sys [MCCI Corporation]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface;D:\WINDOWS\system32\DRIVERS\s116obex.sys [MCCI Corporation]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM);D:\WINDOWS\system32\DRIVERS\s116unic.sys [MCCI Corporation]
S2 SQLWriter;SQL Server VSS Writer;D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [Microsoft Corporation]
S2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};D:\Program Files\CyberLink\PowerDVD\000.fcl [Cyberlink Corp.]
S3 napagent;Network Access Protection Agent;D:\WINDOWS\System32\qagentrt.dll [Microsoft Corporation]
================================================================================
被隱藏的驅動項目 ( 上面驅動項未顯示出來就可能有問題 ):
UACd.sys;D:\WINDOWS\system32\drivers\UACoyrodulr.sys
================================================================================
S0 sptd;sptd;D:\WINDOWS\system32\Drivers\sptd.sys [N/A]
S1 Tcpip;TCP/IP Protocol Driver;D:\WINDOWS\system32\DRIVERS\tcpip.sys [Microsoft Corporation <Sigcheck Failed>]
================================================================================
工作排程資料夾內的資料:
2009-04-02 D:\WINDOWS\TASKS\AppleSoftwareUpdate.job
- D:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34 566592]
IE 首頁設定:
Internet Explorer Version: 6.0.2900.5512
HKLM - Search Page = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sp/msgr8/*hxxp://tw.search.yahoo.com
HKCU - Start Page = hxxp://tw.yahoo.com/
HKCU - Search Page = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sp/msgr8/*hxxp://tw.search.yahoo.com
HKCU - Extra menu item: 下載編碼內容(&D.S.Lite) - D:\DSLite2.07.45\dl_text.html
HKCU - Extra menu item: 下載編碼內容(S&martGet) - D:\Documents and Settings\SHIN\桌面\未使用的桌面捷徑\SmartGet1.45.3\dl_text.html
HKCU - Extra menu item: 下載編碼檔案內容(&D.S.Lite) - D:\DSLite2.07.45\dl_url.html
HKCU - Extra menu item: 使用 FlashGet 下載 - D:\PROGRA~1\FlashGet\jc_link.htm
HKCU - Extra menu item: 使用S&martGet下載 - D:\Documents and Settings\SHIN\桌面\未使用的桌面捷徑\SmartGet1.45.3\dl_link.htm
HKCU - Extra menu item: 全部使用 FlashGet 下載 - D:\PROGRA~1\FlashGet\jc_all.htm
HKCU - Extra menu item: 全部使用Smart&Get下載 - D:\Documents and Settings\SHIN\桌面\未使用的桌面捷徑\SmartGet1.45.3\dl_all.htm
HKCU - Extra menu item: 匯出至 Microsoft Excel(&X) - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
HKCU - Extra menu item: ・?ウ。ィマ・ホ FlashGet 、Uク
HKLM - Extensions: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
HKLM - Extensions: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
HKLM - Extensions: {F8475519-8412-4D40-A46E-692D9D04DF7F} - D:\DSLite2.07.45\DSLite.exe
HKLM - Extensions: {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
HKLM - Extensions: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
LSP: d:\windows\system32\imon.dll
LSP: d:\program files\bonjour\mdnsnsp.dll
DNS: {03463F0A-6D25-4963-AFB2-072BA4443453} - 168.95.192.1 168.95.1.1
================================================================================
Win32/Conficker worm has not been found active in the memory.
Do you want to perform scanning and cleaning anyway? (y/n)
Nothing was found.
Checking for Win32/Conficker.AA files:
Nothing was found.
================================================================================
磁碟空間 C: - 6,310,625,280 位元組可用
磁碟空間 D: - 27,123,675,136 位元組可用
磁碟空間 E: - 4,544,491,520 位元組可用
掃描結束時間: 2009-04-07 17:34:46.98
[/CODE]
April 6, 2009
[CODE]
2009-04-06,15:48:23
System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 3 (Build 2600) - 管理許可權用戶 - 完整功能
以下內容被選中:
所有的啟動項目(包括註冊表、開機檔案夾、服務等)
流覽器載入項
正在運行的進程(包括進程模組資訊)
文件關聯
Winsock 提供者
Autorun.inf
HOSTS 文件
進程特權掃描
計畫任務
API HOOK
隱藏進程
啟動專案
註冊表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher]
<MsnMsgr><"D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background> [Microsoft Corporation]
<BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><"D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"> [Nero AG]
<Yahoo! Pager><"D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet> [(Verified)Yahoo! Inc.]
<SkinClock><D:\Program Files\Free Desktop Clock\DesktopClock.exe> []
<DAEMON Tools Lite><"D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun> [(Verified)DAEMON Tools Code Signing Services]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher]
<PHIME2002ASync><D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Component Publisher]
<PHIME2002A><D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Component Publisher]
<NVRTCLK><D:\WINDOWS\system32\NVRTCLK\NVRTClk.exe> []
<NWEReboot><> [N/A]
<NeroFilterCheck><D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe> [Nero AG]
<D3DOverrider><"D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverrider.exe" /s> []
<RemoteControl><"D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"> [(Verified)CyberLink]
<LanguageShortcut><"D:\Program Files\CyberLink\PowerDVD\Language\Language.exe"> [(Verified)CyberLink]
<nod32kui><"D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE> [Eset ]
<Sony Ericsson PC Suite><"D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions> []
<GIZMO2><D:\Program Files\GIZMO2\GIZMO.exe> [(Verified)ants Inc.]
<Adobe Reader Speed Launcher><"D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"]
<AppleSyncNotifier><D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe> [(Verified)Apple Inc.]
<QuickTime Task><"D:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Inc.]
<iTunesHelper><"D:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.]
<EnvyHFCPL><D:\Program Files\Audio Deck\EnMixCPL.exe 1> [File is missing]
<NvCplDaemon><RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<nwiz><nwiz.exe /install> []
<NvMediaCenter><RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SunJavaUpdateSched><"D:\Program Files\Java\jre6\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><D:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><wbsys.dll> [Stardock.Net, Inc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><LogonUI.EXE> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><D:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
<WPDShServiceObj><D:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
<WinlogonNotify: WBSrv><D:\WindowBlinds\wbsrv.dll> [Stardock]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><D:\WINDOWS\inf\unregmp2.exe /HideWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<自訂瀏覽器><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><D:\WINDOWS\system32\Rundll32.exe D:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
==================================
開機檔案夾
N/A
==================================
服務
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
<"D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple Inc.>
[Bonjour 服務 / Bonjour Service][Running/Auto Start]
<"D:\Program Files\Bonjour\mDNSResponder.exe"><Apple Inc.>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[iPod 服務 / iPod Service][Running/Manual Start]
<"D:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
<"D:\Program Files\Java\jre6\bin\jqs.exe" -service -config "D:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[NOD32 Kernel Service / NOD32krn][Running/Auto Start]
<"D:\Program Files\Eset\nod32krn.exe"><Eset>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<D:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[O&O Defrag / O&O Defrag][Running/Auto Start]
<D:\WINDOWS\system32\oodag.exe><O&O Software GmbH>
[Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start]
<"D:\Program Files\CyberLink\Shared files\RichVideo.exe"><>
==================================
驅動程式
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Stopped/Manual Start]
<system32\drivers\ALCXWDM.SYS><N/A>
[AMON / AMON][Running/Auto Start]
<\SystemRoot\system32\drivers\amon.sys><Eset>
[drhard / drhard][Stopped/Manual Start]
<\??\D:\WINDOWS\system32\DRIVERS\DRHARD.SYS><Licensed for Gebhard Software>
[EagleNT / EagleNT][Stopped/Manual Start]
<\??\D:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[ENTECH / ENTECH][Stopped/Manual Start]
<\??\D:\WINDOWS\system32\DRIVERS\ENTECH.sys><EnTech Taiwan>
[ICE Envy24 Family Audio Controller WDM / Envy24HFS][Running/Manual Start]
<system32\drivers\Envy24HF.sys><VIA - IC Ensemble, Inc.>
[GEAR ASPI Filter Driver / GEARAspiWDM][Running/Manual Start]
<System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[Mobile Action MA-660 USB Infrared Adapter / MA-620][Stopped/Manual Start]
<system32\DRIVERS\MA-620.sys><Mobile Action Tech. Inc.>
[MaVctrl / MaVctrl][Running/Auto Start]
<system32\DRIVERS\MaVc2K.sys><Mobile Action Technology Inc.>
[nod32drv / nod32drv][Running/System Start]
<\SystemRoot\system32\drivers\nod32drv.sys><N/A>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RivaTuner32 / RivaTuner32][Stopped/Manual Start]
<\??\D:\Program Files\RivaTuner v2.0 Final Release\RivaTuner32.sys><N/A>
[Sony Ericsson Device 116 driver (WDM) / s116bus][Stopped/Manual Start]
<system32\DRIVERS\s116bus.sys><MCCI Corporation>
[Sony Ericsson Device 116 USB WMC Modem Filter / s116mdfl][Stopped/Manual Start]
<system32\DRIVERS\s116mdfl.sys><MCCI Corporation>
[Sony Ericsson Device 116 USB WMC Modem Driver / s116mdm][Stopped/Manual Start]
<system32\DRIVERS\s116mdm.sys><MCCI Corporation>
[Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) / s116mgmt][Stopped/Manual Start]
<system32\DRIVERS\s116mgmt.sys><MCCI Corporation>
[Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) / s116nd5][Stopped/Manual Start]
<system32\DRIVERS\s116nd5.sys><MCCI Corporation>
[Sony Ericsson Device 116 USB WMC OBEX Interface / s116obex][Stopped/Manual Start]
<system32\DRIVERS\s116obex.sys><MCCI Corporation>
[Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) / s116unic][Stopped/Manual Start]
<system32\DRIVERS\s116unic.sys><MCCI Corporation>
[Sony Ericsson Device 069 driver (WDM) / se45bus][Stopped/Manual Start]
<system32\DRIVERS\se45bus.sys><MCCI>
[Sony Ericsson Device 069 USB WMC Modem Filter / se45mdfl][Stopped/Manual Start]
<system32\DRIVERS\se45mdfl.sys><MCCI>
[Sony Ericsson Device 069 USB WMC Modem Driver / se45mdm][Stopped/Manual Start]
<system32\DRIVERS\se45mdm.sys><MCCI>
[Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM) / se45mgmt][Stopped/Manual Start]
<system32\DRIVERS\se45mgmt.sys><MCCI>
[Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS) / se45nd5][Stopped/Manual Start]
<system32\DRIVERS\se45nd5.sys><MCCI>
[Sony Ericsson Device 069 USB WMC OBEX Interface / se45obex][Stopped/Manual Start]
<system32\DRIVERS\se45obex.sys><MCCI>
[Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM) / se45unic][Stopped/Manual Start]
<system32\DRIVERS\se45unic.sys><MCCI>
[Secdrv / Secdrv][Running/Auto Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
<\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver (version 4.x) / sfsync04][Running/Boot Start]
<\SystemRoot\System32\drivers\sfsync04.sys><Protection Technology>
[StarForce Protection VFS Driver (version 2.x) / sfvfs02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfvfs02.sys><Protection Technology>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Running/Manual Start]
<system32\DRIVERS\yk51x86.sys><Marvell>
[{95808DC4-FA4A-4c74-92FE-5B863F82066B} / {95808DC4-FA4A-4c74-92FE-5B863F82066B}][Running/Auto Start]
<\??\D:\Program Files\CyberLink\PowerDVD\000.fcl><Cyberlink Corp.>
==================================
流覽器載入項
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[IeCatch5 Class]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[Megaupload Toolbar]
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} <D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL, (Signed) MEGAUPLOAD >
[]
{5C255C8A-E604-49b4-9D64-90988571CECB} <, >
[Windows Live 登入小幫手]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435b-BC74-9C25C1C588A9} <D:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[BlogThisToolbarButton Class]
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} <D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll, (Signed) Microsoft Corporation>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\PROGRA~1\FlashGet\flashget.exe, FlashGet.com>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[D.S.Lite]
{F8475519-8412-4D40-A46E-692D9D04DF7F} <D:\DSLite2.07.45\DSLite.exe, watermonster.org>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <D:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[Megaupload Toolbar]
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} <D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL, (Signed) MEGAUPLOAD >
[Lotus Quickr Class]
{05D96F71-87C6-11D3-9BE4-00902742D6E0} <D:\WINDOWS\Downloaded Program Files\qp2.dll, IBM Corporation>
[CathayMyATM.ATMFunc]
{12755229-656A-4508-BC94-2DA4D314B4C8} <D:\WINDOWS\Downloaded Program Files\CathayMyATM.dll, Cathay United Bank>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <D:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[ewidoOnlineScan Control]
{193C772A-87BE-4B19-A7BB-445B226FE9A1} <D:\WINDOWS\DOWNLO~1\EWIDOO~1.DLL, (Signed) Anti-Malware Development a.s.>
[System Requirements Lab Class]
{1E54D648-B804-468d-BC78-4AFFED8E262E} <D:\WINDOWS\Downloaded Program Files\sysreqlab3.dll, (Signed) Husdawg, LLC>
[MSN Photo Upload Tool]
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} <D:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, (Signed) Microsoft® Corporation>
[CathayMyATM2.EsConn]
{5C253D25-00FD-4703-9924-E53792DF98C9} <D:\WINDOWS\Downloaded Program Files\CathayMyATM2.dll, uwccb>
[Autodesk MapGuide ActiveX Control]
{62789780-B744-11D0-986B-00609731A21D} <D:\WINDOWS\Downloaded Program Files\MgAxCtrl.dll, (Signed) Autodesk Inc.>
[DivXBrowserPlugin Object]
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} <D:\Program Files\DivX\DivX Web Player\npdivx32.dll, DivX,Inc.>
[Windows Live Photo Upload Control]
{7FC1B346-83E6-4774-8D20-1A6B09B0E737} <D:\WINDOWS\Downloaded Program Files\CONFLICT.1\MsnPUpld.dll, (Signed) Microsoft® Corporation>
[Java Plug-in 1.6.0_12]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <D:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[SopCore Control]
{8FEFF364-6A5F-4966-A917-A3AC28411659} <D:\PROGRA~1\SopCast\sopocx.ocx, SopCast.com>
[]
{B596344E-F60F-42C2-8640-5954EEDBD428} <, >
[FantaTennisActiveX Control]
{BEED76B7-F5FF-4FBE-99CE-E8529591BC9F} <D:\WINDOWS\DOWNLO~1\FANTAT~1.OCX, TODO: <Company name>>
[MessengerStatsClient Class]
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} <D:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_07]
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} <D:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_12]
{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} <D:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_12]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <D:\Program Files\Java\jre6\bin\npjpi160_12.dll, (Signed) Sun Microsystems, Inc.>
[HGPluginJP23 Class]
{D0FD5E32-CABD-4A6E-BD0F-94ACE89CCE03} <D:\WINDOWS\Downloaded Program Files\HGPluginJP23.dll, NHN Japan Corp.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, (Signed) Adobe Systems, Inc.>
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <D:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[Lotus Quickr Class]
{05D96F71-87C6-11D3-9BE4-00902742D6E0} <D:\WINDOWS\Downloaded Program Files\qp2.dll, IBM Corporation>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[PeerDraw Class]
{10072CEC-8CC1-11D1-986E-00A0C955B42E} <D:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, (Signed) Microsoft Corporation>
[CathayMyATM.ATMFunc]
{12755229-656A-4508-BC94-2DA4D314B4C8} <D:\WINDOWS\Downloaded Program Files\CathayMyATM.dll, Cathay United Bank>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <D:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[ewidoOnlineScan Control]
{193C772A-87BE-4B19-A7BB-445B226FE9A1} <D:\WINDOWS\DOWNLO~1\EWIDOO~1.DLL, (Signed) Anti-Malware Development a.s.>
[]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <, >
[]
{219C3416-8CB2-491A-A3C7-D9FCDDC9D600} <, >
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <D:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[CathayMyATM2.ATMDes]
{245E051B-5C83-4E6E-90BA-E08804252AA5} <D:\WINDOWS\Downloaded Program Files\CathayMyATM2.dll, uwccb>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, (Signed) N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <D:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[IeCatch5 Class]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <D:\WINDOWS\system32\mshtmled.dll, (Signed) Microsoft Corporation>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <D:\WINDOWS\system32\tdc.ocx, (Signed) Microsoft Corporation>
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <D:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Megaupload Toolbar]
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} <D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL, (Signed) MEGAUPLOAD >
[Microsoft Terminal Services Client Control (redist)]
{4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[MSN Photo Upload Tool]
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} <D:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, (Signed) Microsoft® Corporation>
[Microsoft Licensed Class Manager 1.0]
{5220CB21-C88D-11CF-B347-00AA00A28331} <D:\WINDOWS\system32\licmgr10.dll, (Signed) Microsoft Corporation>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[CathayMyATM2.EsConn]
{5C253D25-00FD-4703-9924-E53792DF98C9} <D:\WINDOWS\Downloaded Program Files\CathayMyATM2.dll, uwccb>
[]
{5C255C8A-E604-49B4-9D64-90988571CECB} <, >
[Autodesk MapGuide ActiveX Control]
{62789780-B744-11D0-986B-00609731A21D} <D:\WINDOWS\Downloaded Program Files\MgAxCtrl.dll, (Signed) Autodesk Inc.>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <D:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[DivXBrowserPlugin Object]
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} <D:\Program Files\DivX\DivX Web Player\npdivx32.dll, DivX,Inc.>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <, >
[]
{7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[Windows Live Photo Upload Control]
{7FC1B346-83E6-4774-8D20-1A6B09B0E737} <D:\WINDOWS\Downloaded Program Files\CONFLICT.1\MsnPUpld.dll, (Signed) Microsoft® Corporation>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <D:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[Windows Live 登入小幫手]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Microsoft Terminal Services Client Control (redist)]
{9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <D:\WINDOWS\system32\msnetobj.dll, (Signed) Microsoft Corporation>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <D:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[GetInfo2 Class]
{B345F37E-6763-433B-BC53-9B526A9B7B8B} <D:\PROGRA~1\Yahoo!\Common\yverinfo.dll, (Signed) Yahoo! Inc.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[]
{B596344E-F60F-42C2-8640-5954EEDBD428} <, >
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <D:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[FantaTennisActiveX Control]
{BEED76B7-F5FF-4FBE-99CE-E8529591BC9F} <D:\WINDOWS\DOWNLO~1\FANTAT~1.OCX, TODO: <Company name>>
[AUDIO__MID Moniker Class]
{CD3AFA74-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <D:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[HGPluginJP23 Class]
{D0FD5E32-CABD-4A6E-BD0F-94ACE89CCE03} <D:\WINDOWS\Downloaded Program Files\HGPluginJP23.dll, NHN Japan Corp.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, (Signed) Adobe Systems, Inc.>
[GetInfo Class]
{D5184A39-CBDF-4A4F-AC1A-7A45A852C883} <D:\PROGRA~1\Yahoo!\Common\yverinfo.dll, (Signed) Yahoo! Inc.>
[]
{D6E814A0-E0C5-11D4-8D29-0050BA6940E3} <, >
[iTunesDetector Class]
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} <D:\Program Files\iTunes\ITDetector.ocx, (Signed) Apple Inc.>
[MessengerChecker Class]
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} <D:\Program Files\Yahoo!\Messenger\YPagerChecker.dll, (Signed) Yahoo! Inc.>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435B-BC74-9C25C1C588A9} <D:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[CathayMyATM2.SVCFunc]
{F2C3FF04-91C9-41F2-9A22-5B2423AA2502} <D:\WINDOWS\Downloaded Program Files\CathayMyATM2.dll, uwccb>
[]
{F8475519-8412-4D40-A46E-692D9D04DF7F} <, >
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[下載編碼內容(&D.S.Lite)]
<D:\DSLite2.07.45\dl_text.html, N/A>
[下載編碼內容(S&martGet)]
<D:\Documents and Settings\SHIN\桌面\未使用的桌面捷徑\SmartGet1.45.3\dl_text.html, N/A>
[下載編碼檔案內容(&D.S.Lite)]
<D:\DSLite2.07.45\dl_url.html, N/A>
[使用 FlashGet 下載]
<D:\PROGRA~1\FlashGet\jc_link.htm, N/A>
[使用S&martGet下載]
<D:\Documents and Settings\SHIN\桌面\未使用的桌面捷徑\SmartGet1.45.3\dl_link.htm, N/A>
[全部使用 FlashGet 下載]
<D:\PROGRA~1\FlashGet\jc_all.htm, N/A>
[全部使用Smart&Get下載]
<D:\Documents and Settings\SHIN\桌面\未使用的桌面捷徑\SmartGet1.45.3\dl_all.htm, N/A>
[匯出至 Microsoft Excel(&X)]
<res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
[・?ウ。ィマ・ホ FlashGet 、Uク]
<, >
[ィマ・ホ FlashGet 、Uク]
<, >
==================================
正在運行的進程
[PID: 644 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 708 / SYSTEM][\??\D:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 732 / SYSTEM][\??\D:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WindowBlinds\wbsrv.dll] [Stardock, 5, 0, 0, 1]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[PID: 776 / SYSTEM][D:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[PID: 788 / SYSTEM][D:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 980 / SYSTEM][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACugbfihko.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[PID: 1068 / NETWORK SERVICE][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACugbfihko.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,5,11]
[PID: 1216 / SYSTEM][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACugbfihko.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,5,11]
[PID: 1304 / NETWORK SERVICE][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACugbfihko.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 1420 / LOCAL SERVICE][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACugbfihko.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[PID: 1596 / SYSTEM][D:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,5,11]
[PID: 1888 / SHIN][D:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACugbfihko.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WindowBlinds\tray.dll] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Free Desktop Clock\Clock.dll] [N/A, ]
[D:\PROGRA~1\FlashGet\jccatch.dll] [FlashGet, 1, 1, 5, 0]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,5,11]
[D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHT] [Adobe Systems, Inc., 8.0.0.0]
[D:\Program Files\Eset\nodshex.dll] [N/A, ]
[D:\Program Files\WinRAR\rarext.dll] [N/A, ]
[D:\Program Files\7-Zip\7-zip.dll] [N/A, ]
[D:\Program Files\EmEditor\EMEDSHL.DLL] [N/A, ]
[D:\WINDOWS\system32\CmdLineExt.dll] [Sony DADC Austria AG., 1,1,221,0]
[D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200]
[D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0]
[D:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.7801]
[D:\WINDOWS\system32\NVRSZHT.DLL] [NVIDIA Corporation, 6.14.10.7801]
[D:\WINDOWS\system32\nvshell.dll] [, ]
[PID: 196 / SHIN][D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverrider.exe] [, 1, 3, 0, 0]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[PID: 208 / SHIN][D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe] [Cyberlink Corp., 7.00.2406]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Cyberlink\PowerDVD\CLRCEngine3.dll] [CyberLink Corp., 7.00.1711 ]
[PID: 224 / SHIN][D:\Program Files\Eset\nod32kui.exe] [Eset , 2, 70, 39 ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\Program Files\Eset\nod32rui.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Eset\pu_amon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_amon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\pu_dmon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_dmon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\pu_emon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_emon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\pu_imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\pu_nod32.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_nod32.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\pu_upd.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_upd.dll] [Eset , 2, 70, 16 ]
[PID: 244 / SHIN][D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe] [, 2.2.10.58]
[D:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[D:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\Program Files\Common Files\Teleca Shared\tlib_log.dll] [Popwire AB, 1.1.1.139]
[D:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll] [N/A, ]
[D:\Program Files\Common Files\Teleca Shared\tlib_cmndlgs.dll] [Popwire AB, 1.1.0.19]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherLg.dll] [, 2.0.6.1]
[D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherBmp.dll] [, 2.0.5.1]
[D:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherMainDlg.dll] [Sony Ericsson Mobile Communications AB, 2.0.4.33]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\WINDOWS\system32\icm32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[D:\Program Files\Common Files\Teleca Shared\TC Device Mgmt.dll] [Teleca AB, 1.5.0.87]
[PID: 376 / SHIN][D:\Program Files\iTunes\iTunesHelper.exe] [Apple Inc., 8.0.1.11]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\iTunes\iTunesHelper.Resources\zh_TW.lproj\iTunesHelperLocalized.DLL] [Apple Inc., 8.0.1.2]
[D:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] [Apple Inc., 8.0.1.11]
[D:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Inc., 7.5.5 (990.7)]
[D:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll] [Apple Inc., 185.7.0.1]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 396 / SHIN][D:\Program Files\Audio Deck\EnMixCPL.exe] [, 0, 0, 2, 5]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Audio Deck\Envy24Api.dll] [N/A, ]
[PID: 460 / SHIN][D:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\NvMcTray.dll] [NVIDIA Corporation, 6.14.10.7801]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\WINDOWS\system32\NVRSZHT.DLL] [NVIDIA Corporation, 6.14.10.7801]
[PID: 488 / SHIN][D:\Program Files\Java\jre6\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.120.4]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[PID: 516 / SHIN][D:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[PID: 544 / SHIN][D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe] [Microsoft Corporation, 8.5.1302.1018]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\Program Files\Windows Live\Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Windows Live\Messenger\msgsres.dll] [Microsoft Corporation, 8.5.1302.1018]
[D:\WINDOWS\system32\msdmo.dll] [, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 576 / SHIN][D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe] [Nero AG, 1, 2, 0, 13]
[D:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[D:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll] [Nero AG, 3,19,0, 7200]
[D:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvrPS.dll] [Nero AG, 1, 2, 0, 13]
[D:\Program Files\Common Files\Ahead\Lib\NMDataServices.dll] [Nero AG, 1, 2, 0, 13]
[PID: 712 / SHIN][D:\Program Files\Free Desktop Clock\DesktopClock.exe] [N/A, ]
[D:\Program Files\Free Desktop Clock\Clock.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[PID: 1116 / SYSTEM][D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple Inc., 2.11.32.0]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 1132 / SHIN][D:\Program Files\DAEMON Tools Lite\daemon.exe] [DT Soft Ltd, 4.12.3.0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\DAEMON Tools Lite\DaemonPlugin.dll] [DT Soft Ltd, 4.12.0.0]
[D:\Program Files\DAEMON Tools Lite\daemon.dll] [DT Soft Ltd., 4.12.0.0]
[D:\Program Files\DAEMON Tools Lite\Lang\CHT.dll] [N/A, ]
[D:\Program Files\DAEMON Tools Lite\Lang\ENU.dll] [N/A, ]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\bw5mount.dll] [, 1.1.3.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\bwtmount.dll] [DT Soft Ltd., 1.01.0.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\ccdmount.dll] [DT Soft Ltd., 1.10.0.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\cuemount.dll] [DT Soft Ltd., 1.02.0.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\iszmount.dll] [DT Soft Ltd., 1.03.0.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\nrgmount.dll] [DT Soft Ltd., 1.12.0.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\pdimount.dll] [DT Soft Ltd., 1.01.0.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\pfcmount.dll] [DT Soft Ltd., 1.00.0.0]
[D:\Program Files\DAEMON Tools Lite\pfctoc.dll] [Padus(R), Inc., 1, 0, 0, 12]
[PID: 1208 / SYSTEM][D:\Program Files\Bonjour\mDNSResponder.exe] [Apple Inc., 1,0,5,11]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 1636 / SYSTEM][D:\Program Files\Java\jre6\bin\jqs.exe] [Sun Microsystems, Inc., 6.0.120.4]
[D:\Program Files\Java\jre6\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 1780 / SHIN][D:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe] [Yahoo! Inc., 8,1,0,0]
[D:\Program Files\Yahoo!\Messenger\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[D:\Program Files\Yahoo!\Messenger\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Yahoo!\Shared\YbSkin2.dll] [Yahoo! Inc., 2006, 10, 11, 1]
[D:\Program Files\Yahoo!\Messenger\res_msgr.dll] [Yahoo! Inc., 8,5,0,1]
[PID: 1976 / NETWORK SERVICE][D:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe] [Microsoft Corporation, 2005.090.4035.00]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[PID: 320 / SYSTEM][D:\Program Files\Eset\nod32krn.exe] [Eset , 2, 70, 39 ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\Program Files\Eset\nod32krr.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\ps_amon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_amon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\ps_dmon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_dmon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\ps_emon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_emon.dll] [Eset , 2, 70, 16 ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\ps_nod32.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_nod32.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\ps_upd.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_upd.dll] [Eset , 2, 70, 16 ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,5,11]
[PID: 384 / SYSTEM][D:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.7801]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[PID: 1876 / SYSTEM][D:\WINDOWS\system32\oodag.exe] [O&O Software GmbH, 8.0.1398]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\OODAGRS.DLL] [O&O Software GmbH, 8.0.1.1347]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 1260 / SYSTEM][D:\Program Files\CyberLink\Shared files\RichVideo.exe] [, 1.1.0808 ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[PID: 2084 / NETWORK SERVICE][D:\Program Files\Microsoft SQL Server\
2009-04-06,15:48:23
System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 3 (Build 2600) - 管理許可權用戶 - 完整功能
以下內容被選中:
所有的啟動項目(包括註冊表、開機檔案夾、服務等)
流覽器載入項
正在運行的進程(包括進程模組資訊)
文件關聯
Winsock 提供者
Autorun.inf
HOSTS 文件
進程特權掃描
計畫任務
API HOOK
隱藏進程
啟動專案
註冊表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher]
<MsnMsgr><"D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background> [Microsoft Corporation]
<BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><"D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"> [Nero AG]
<Yahoo! Pager><"D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet> [(Verified)Yahoo! Inc.]
<SkinClock><D:\Program Files\Free Desktop Clock\DesktopClock.exe> []
<DAEMON Tools Lite><"D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun> [(Verified)DAEMON Tools Code Signing Services]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher]
<PHIME2002ASync><D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Component Publisher]
<PHIME2002A><D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Component Publisher]
<NVRTCLK><D:\WINDOWS\system32\NVRTCLK\NVRTClk.exe> []
<NWEReboot><> [N/A]
<NeroFilterCheck><D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe> [Nero AG]
<D3DOverrider><"D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverrider.exe" /s> []
<RemoteControl><"D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"> [(Verified)CyberLink]
<LanguageShortcut><"D:\Program Files\CyberLink\PowerDVD\Language\Language.exe"> [(Verified)CyberLink]
<nod32kui><"D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE> [Eset ]
<Sony Ericsson PC Suite><"D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions> []
<GIZMO2><D:\Program Files\GIZMO2\GIZMO.exe> [(Verified)ants Inc.]
<Adobe Reader Speed Launcher><"D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"]
<AppleSyncNotifier><D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe> [(Verified)Apple Inc.]
<QuickTime Task><"D:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Inc.]
<iTunesHelper><"D:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.]
<EnvyHFCPL><D:\Program Files\Audio Deck\EnMixCPL.exe 1> [File is missing]
<NvCplDaemon><RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<nwiz><nwiz.exe /install> []
<NvMediaCenter><RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SunJavaUpdateSched><"D:\Program Files\Java\jre6\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><D:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><wbsys.dll> [Stardock.Net, Inc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><LogonUI.EXE> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><D:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
<WPDShServiceObj><D:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
<WinlogonNotify: WBSrv><D:\WindowBlinds\wbsrv.dll> [Stardock]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><D:\WINDOWS\inf\unregmp2.exe /HideWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<自訂瀏覽器><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><D:\WINDOWS\system32\Rundll32.exe D:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
==================================
開機檔案夾
N/A
==================================
服務
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
<"D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple Inc.>
[Bonjour 服務 / Bonjour Service][Running/Auto Start]
<"D:\Program Files\Bonjour\mDNSResponder.exe"><Apple Inc.>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[iPod 服務 / iPod Service][Running/Manual Start]
<"D:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
<"D:\Program Files\Java\jre6\bin\jqs.exe" -service -config "D:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[NOD32 Kernel Service / NOD32krn][Running/Auto Start]
<"D:\Program Files\Eset\nod32krn.exe"><Eset>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<D:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[O&O Defrag / O&O Defrag][Running/Auto Start]
<D:\WINDOWS\system32\oodag.exe><O&O Software GmbH>
[Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start]
<"D:\Program Files\CyberLink\Shared files\RichVideo.exe"><>
==================================
驅動程式
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Stopped/Manual Start]
<system32\drivers\ALCXWDM.SYS><N/A>
[AMON / AMON][Running/Auto Start]
<\SystemRoot\system32\drivers\amon.sys><Eset>
[drhard / drhard][Stopped/Manual Start]
<\??\D:\WINDOWS\system32\DRIVERS\DRHARD.SYS><Licensed for Gebhard Software>
[EagleNT / EagleNT][Stopped/Manual Start]
<\??\D:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[ENTECH / ENTECH][Stopped/Manual Start]
<\??\D:\WINDOWS\system32\DRIVERS\ENTECH.sys><EnTech Taiwan>
[ICE Envy24 Family Audio Controller WDM / Envy24HFS][Running/Manual Start]
<system32\drivers\Envy24HF.sys><VIA - IC Ensemble, Inc.>
[GEAR ASPI Filter Driver / GEARAspiWDM][Running/Manual Start]
<System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[Mobile Action MA-660 USB Infrared Adapter / MA-620][Stopped/Manual Start]
<system32\DRIVERS\MA-620.sys><Mobile Action Tech. Inc.>
[MaVctrl / MaVctrl][Running/Auto Start]
<system32\DRIVERS\MaVc2K.sys><Mobile Action Technology Inc.>
[nod32drv / nod32drv][Running/System Start]
<\SystemRoot\system32\drivers\nod32drv.sys><N/A>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RivaTuner32 / RivaTuner32][Stopped/Manual Start]
<\??\D:\Program Files\RivaTuner v2.0 Final Release\RivaTuner32.sys><N/A>
[Sony Ericsson Device 116 driver (WDM) / s116bus][Stopped/Manual Start]
<system32\DRIVERS\s116bus.sys><MCCI Corporation>
[Sony Ericsson Device 116 USB WMC Modem Filter / s116mdfl][Stopped/Manual Start]
<system32\DRIVERS\s116mdfl.sys><MCCI Corporation>
[Sony Ericsson Device 116 USB WMC Modem Driver / s116mdm][Stopped/Manual Start]
<system32\DRIVERS\s116mdm.sys><MCCI Corporation>
[Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) / s116mgmt][Stopped/Manual Start]
<system32\DRIVERS\s116mgmt.sys><MCCI Corporation>
[Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) / s116nd5][Stopped/Manual Start]
<system32\DRIVERS\s116nd5.sys><MCCI Corporation>
[Sony Ericsson Device 116 USB WMC OBEX Interface / s116obex][Stopped/Manual Start]
<system32\DRIVERS\s116obex.sys><MCCI Corporation>
[Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) / s116unic][Stopped/Manual Start]
<system32\DRIVERS\s116unic.sys><MCCI Corporation>
[Sony Ericsson Device 069 driver (WDM) / se45bus][Stopped/Manual Start]
<system32\DRIVERS\se45bus.sys><MCCI>
[Sony Ericsson Device 069 USB WMC Modem Filter / se45mdfl][Stopped/Manual Start]
<system32\DRIVERS\se45mdfl.sys><MCCI>
[Sony Ericsson Device 069 USB WMC Modem Driver / se45mdm][Stopped/Manual Start]
<system32\DRIVERS\se45mdm.sys><MCCI>
[Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM) / se45mgmt][Stopped/Manual Start]
<system32\DRIVERS\se45mgmt.sys><MCCI>
[Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS) / se45nd5][Stopped/Manual Start]
<system32\DRIVERS\se45nd5.sys><MCCI>
[Sony Ericsson Device 069 USB WMC OBEX Interface / se45obex][Stopped/Manual Start]
<system32\DRIVERS\se45obex.sys><MCCI>
[Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM) / se45unic][Stopped/Manual Start]
<system32\DRIVERS\se45unic.sys><MCCI>
[Secdrv / Secdrv][Running/Auto Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
<\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver (version 4.x) / sfsync04][Running/Boot Start]
<\SystemRoot\System32\drivers\sfsync04.sys><Protection Technology>
[StarForce Protection VFS Driver (version 2.x) / sfvfs02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfvfs02.sys><Protection Technology>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Running/Manual Start]
<system32\DRIVERS\yk51x86.sys><Marvell>
[{95808DC4-FA4A-4c74-92FE-5B863F82066B} / {95808DC4-FA4A-4c74-92FE-5B863F82066B}][Running/Auto Start]
<\??\D:\Program Files\CyberLink\PowerDVD\000.fcl><Cyberlink Corp.>
==================================
流覽器載入項
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[IeCatch5 Class]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[Megaupload Toolbar]
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} <D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL, (Signed) MEGAUPLOAD >
[]
{5C255C8A-E604-49b4-9D64-90988571CECB} <, >
[Windows Live 登入小幫手]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435b-BC74-9C25C1C588A9} <D:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[BlogThisToolbarButton Class]
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} <D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll, (Signed) Microsoft Corporation>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\PROGRA~1\FlashGet\flashget.exe, FlashGet.com>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[D.S.Lite]
{F8475519-8412-4D40-A46E-692D9D04DF7F} <D:\DSLite2.07.45\DSLite.exe, watermonster.org>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <D:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[Megaupload Toolbar]
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} <D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL, (Signed) MEGAUPLOAD >
[Lotus Quickr Class]
{05D96F71-87C6-11D3-9BE4-00902742D6E0} <D:\WINDOWS\Downloaded Program Files\qp2.dll, IBM Corporation>
[CathayMyATM.ATMFunc]
{12755229-656A-4508-BC94-2DA4D314B4C8} <D:\WINDOWS\Downloaded Program Files\CathayMyATM.dll, Cathay United Bank>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <D:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[ewidoOnlineScan Control]
{193C772A-87BE-4B19-A7BB-445B226FE9A1} <D:\WINDOWS\DOWNLO~1\EWIDOO~1.DLL, (Signed) Anti-Malware Development a.s.>
[System Requirements Lab Class]
{1E54D648-B804-468d-BC78-4AFFED8E262E} <D:\WINDOWS\Downloaded Program Files\sysreqlab3.dll, (Signed) Husdawg, LLC>
[MSN Photo Upload Tool]
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} <D:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, (Signed) Microsoft® Corporation>
[CathayMyATM2.EsConn]
{5C253D25-00FD-4703-9924-E53792DF98C9} <D:\WINDOWS\Downloaded Program Files\CathayMyATM2.dll, uwccb>
[Autodesk MapGuide ActiveX Control]
{62789780-B744-11D0-986B-00609731A21D} <D:\WINDOWS\Downloaded Program Files\MgAxCtrl.dll, (Signed) Autodesk Inc.>
[DivXBrowserPlugin Object]
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} <D:\Program Files\DivX\DivX Web Player\npdivx32.dll, DivX,Inc.>
[Windows Live Photo Upload Control]
{7FC1B346-83E6-4774-8D20-1A6B09B0E737} <D:\WINDOWS\Downloaded Program Files\CONFLICT.1\MsnPUpld.dll, (Signed) Microsoft® Corporation>
[Java Plug-in 1.6.0_12]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <D:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[SopCore Control]
{8FEFF364-6A5F-4966-A917-A3AC28411659} <D:\PROGRA~1\SopCast\sopocx.ocx, SopCast.com>
[]
{B596344E-F60F-42C2-8640-5954EEDBD428} <, >
[FantaTennisActiveX Control]
{BEED76B7-F5FF-4FBE-99CE-E8529591BC9F} <D:\WINDOWS\DOWNLO~1\FANTAT~1.OCX, TODO: <Company name>>
[MessengerStatsClient Class]
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} <D:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_07]
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} <D:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_12]
{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} <D:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_12]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <D:\Program Files\Java\jre6\bin\npjpi160_12.dll, (Signed) Sun Microsystems, Inc.>
[HGPluginJP23 Class]
{D0FD5E32-CABD-4A6E-BD0F-94ACE89CCE03} <D:\WINDOWS\Downloaded Program Files\HGPluginJP23.dll, NHN Japan Corp.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, (Signed) Adobe Systems, Inc.>
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <D:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[Lotus Quickr Class]
{05D96F71-87C6-11D3-9BE4-00902742D6E0} <D:\WINDOWS\Downloaded Program Files\qp2.dll, IBM Corporation>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[PeerDraw Class]
{10072CEC-8CC1-11D1-986E-00A0C955B42E} <D:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, (Signed) Microsoft Corporation>
[CathayMyATM.ATMFunc]
{12755229-656A-4508-BC94-2DA4D314B4C8} <D:\WINDOWS\Downloaded Program Files\CathayMyATM.dll, Cathay United Bank>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <D:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[ewidoOnlineScan Control]
{193C772A-87BE-4B19-A7BB-445B226FE9A1} <D:\WINDOWS\DOWNLO~1\EWIDOO~1.DLL, (Signed) Anti-Malware Development a.s.>
[]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <, >
[]
{219C3416-8CB2-491A-A3C7-D9FCDDC9D600} <, >
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <D:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[CathayMyATM2.ATMDes]
{245E051B-5C83-4E6E-90BA-E08804252AA5} <D:\WINDOWS\Downloaded Program Files\CathayMyATM2.dll, uwccb>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, (Signed) N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <D:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[IeCatch5 Class]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <D:\WINDOWS\system32\mshtmled.dll, (Signed) Microsoft Corporation>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <D:\WINDOWS\system32\tdc.ocx, (Signed) Microsoft Corporation>
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <D:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Megaupload Toolbar]
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} <D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL, (Signed) MEGAUPLOAD >
[Microsoft Terminal Services Client Control (redist)]
{4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[MSN Photo Upload Tool]
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} <D:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, (Signed) Microsoft® Corporation>
[Microsoft Licensed Class Manager 1.0]
{5220CB21-C88D-11CF-B347-00AA00A28331} <D:\WINDOWS\system32\licmgr10.dll, (Signed) Microsoft Corporation>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[CathayMyATM2.EsConn]
{5C253D25-00FD-4703-9924-E53792DF98C9} <D:\WINDOWS\Downloaded Program Files\CathayMyATM2.dll, uwccb>
[]
{5C255C8A-E604-49B4-9D64-90988571CECB} <, >
[Autodesk MapGuide ActiveX Control]
{62789780-B744-11D0-986B-00609731A21D} <D:\WINDOWS\Downloaded Program Files\MgAxCtrl.dll, (Signed) Autodesk Inc.>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <D:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[DivXBrowserPlugin Object]
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} <D:\Program Files\DivX\DivX Web Player\npdivx32.dll, DivX,Inc.>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <, >
[]
{7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[Windows Live Photo Upload Control]
{7FC1B346-83E6-4774-8D20-1A6B09B0E737} <D:\WINDOWS\Downloaded Program Files\CONFLICT.1\MsnPUpld.dll, (Signed) Microsoft® Corporation>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <D:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[Windows Live 登入小幫手]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Microsoft Terminal Services Client Control (redist)]
{9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <D:\WINDOWS\system32\msnetobj.dll, (Signed) Microsoft Corporation>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <D:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[GetInfo2 Class]
{B345F37E-6763-433B-BC53-9B526A9B7B8B} <D:\PROGRA~1\Yahoo!\Common\yverinfo.dll, (Signed) Yahoo! Inc.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[]
{B596344E-F60F-42C2-8640-5954EEDBD428} <, >
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <D:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[FantaTennisActiveX Control]
{BEED76B7-F5FF-4FBE-99CE-E8529591BC9F} <D:\WINDOWS\DOWNLO~1\FANTAT~1.OCX, TODO: <Company name>>
[AUDIO__MID Moniker Class]
{CD3AFA74-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <D:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[HGPluginJP23 Class]
{D0FD5E32-CABD-4A6E-BD0F-94ACE89CCE03} <D:\WINDOWS\Downloaded Program Files\HGPluginJP23.dll, NHN Japan Corp.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, (Signed) Adobe Systems, Inc.>
[GetInfo Class]
{D5184A39-CBDF-4A4F-AC1A-7A45A852C883} <D:\PROGRA~1\Yahoo!\Common\yverinfo.dll, (Signed) Yahoo! Inc.>
[]
{D6E814A0-E0C5-11D4-8D29-0050BA6940E3} <, >
[iTunesDetector Class]
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} <D:\Program Files\iTunes\ITDetector.ocx, (Signed) Apple Inc.>
[MessengerChecker Class]
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} <D:\Program Files\Yahoo!\Messenger\YPagerChecker.dll, (Signed) Yahoo! Inc.>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435B-BC74-9C25C1C588A9} <D:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[CathayMyATM2.SVCFunc]
{F2C3FF04-91C9-41F2-9A22-5B2423AA2502} <D:\WINDOWS\Downloaded Program Files\CathayMyATM2.dll, uwccb>
[]
{F8475519-8412-4D40-A46E-692D9D04DF7F} <, >
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[下載編碼內容(&D.S.Lite)]
<D:\DSLite2.07.45\dl_text.html, N/A>
[下載編碼內容(S&martGet)]
<D:\Documents and Settings\SHIN\桌面\未使用的桌面捷徑\SmartGet1.45.3\dl_text.html, N/A>
[下載編碼檔案內容(&D.S.Lite)]
<D:\DSLite2.07.45\dl_url.html, N/A>
[使用 FlashGet 下載]
<D:\PROGRA~1\FlashGet\jc_link.htm, N/A>
[使用S&martGet下載]
<D:\Documents and Settings\SHIN\桌面\未使用的桌面捷徑\SmartGet1.45.3\dl_link.htm, N/A>
[全部使用 FlashGet 下載]
<D:\PROGRA~1\FlashGet\jc_all.htm, N/A>
[全部使用Smart&Get下載]
<D:\Documents and Settings\SHIN\桌面\未使用的桌面捷徑\SmartGet1.45.3\dl_all.htm, N/A>
[匯出至 Microsoft Excel(&X)]
<res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
[・?ウ。ィマ・ホ FlashGet 、Uク]
<, >
[ィマ・ホ FlashGet 、Uク]
<, >
==================================
正在運行的進程
[PID: 644 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 708 / SYSTEM][\??\D:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 732 / SYSTEM][\??\D:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WindowBlinds\wbsrv.dll] [Stardock, 5, 0, 0, 1]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[PID: 776 / SYSTEM][D:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[PID: 788 / SYSTEM][D:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 980 / SYSTEM][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACugbfihko.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[PID: 1068 / NETWORK SERVICE][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACugbfihko.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,5,11]
[PID: 1216 / SYSTEM][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACugbfihko.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,5,11]
[PID: 1304 / NETWORK SERVICE][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACugbfihko.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 1420 / LOCAL SERVICE][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACugbfihko.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[PID: 1596 / SYSTEM][D:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,5,11]
[PID: 1888 / SHIN][D:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACugbfihko.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WindowBlinds\tray.dll] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Free Desktop Clock\Clock.dll] [N/A, ]
[D:\PROGRA~1\FlashGet\jccatch.dll] [FlashGet, 1, 1, 5, 0]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,5,11]
[D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHT] [Adobe Systems, Inc., 8.0.0.0]
[D:\Program Files\Eset\nodshex.dll] [N/A, ]
[D:\Program Files\WinRAR\rarext.dll] [N/A, ]
[D:\Program Files\7-Zip\7-zip.dll] [N/A, ]
[D:\Program Files\EmEditor\EMEDSHL.DLL] [N/A, ]
[D:\WINDOWS\system32\CmdLineExt.dll] [Sony DADC Austria AG., 1,1,221,0]
[D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200]
[D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0]
[D:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.7801]
[D:\WINDOWS\system32\NVRSZHT.DLL] [NVIDIA Corporation, 6.14.10.7801]
[D:\WINDOWS\system32\nvshell.dll] [, ]
[PID: 196 / SHIN][D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverrider.exe] [, 1, 3, 0, 0]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[PID: 208 / SHIN][D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe] [Cyberlink Corp., 7.00.2406]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Cyberlink\PowerDVD\CLRCEngine3.dll] [CyberLink Corp., 7.00.1711 ]
[PID: 224 / SHIN][D:\Program Files\Eset\nod32kui.exe] [Eset , 2, 70, 39 ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\Program Files\Eset\nod32rui.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Eset\pu_amon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_amon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\pu_dmon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_dmon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\pu_emon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_emon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\pu_imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\pu_nod32.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_nod32.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\pu_upd.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_upd.dll] [Eset , 2, 70, 16 ]
[PID: 244 / SHIN][D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe] [, 2.2.10.58]
[D:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[D:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\Program Files\Common Files\Teleca Shared\tlib_log.dll] [Popwire AB, 1.1.1.139]
[D:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll] [N/A, ]
[D:\Program Files\Common Files\Teleca Shared\tlib_cmndlgs.dll] [Popwire AB, 1.1.0.19]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherLg.dll] [, 2.0.6.1]
[D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherBmp.dll] [, 2.0.5.1]
[D:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherMainDlg.dll] [Sony Ericsson Mobile Communications AB, 2.0.4.33]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\WINDOWS\system32\icm32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[D:\Program Files\Common Files\Teleca Shared\TC Device Mgmt.dll] [Teleca AB, 1.5.0.87]
[PID: 376 / SHIN][D:\Program Files\iTunes\iTunesHelper.exe] [Apple Inc., 8.0.1.11]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\iTunes\iTunesHelper.Resources\zh_TW.lproj\iTunesHelperLocalized.DLL] [Apple Inc., 8.0.1.2]
[D:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] [Apple Inc., 8.0.1.11]
[D:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Inc., 7.5.5 (990.7)]
[D:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll] [Apple Inc., 185.7.0.1]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 396 / SHIN][D:\Program Files\Audio Deck\EnMixCPL.exe] [, 0, 0, 2, 5]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Audio Deck\Envy24Api.dll] [N/A, ]
[PID: 460 / SHIN][D:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\NvMcTray.dll] [NVIDIA Corporation, 6.14.10.7801]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\WINDOWS\system32\NVRSZHT.DLL] [NVIDIA Corporation, 6.14.10.7801]
[PID: 488 / SHIN][D:\Program Files\Java\jre6\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.120.4]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[PID: 516 / SHIN][D:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[PID: 544 / SHIN][D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe] [Microsoft Corporation, 8.5.1302.1018]
[D:\WINDOWS\system32\UxTheme.dll] [N/A, ]
[D:\Program Files\Windows Live\Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Windows Live\Messenger\msgsres.dll] [Microsoft Corporation, 8.5.1302.1018]
[D:\WINDOWS\system32\msdmo.dll] [, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 576 / SHIN][D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe] [Nero AG, 1, 2, 0, 13]
[D:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[D:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll] [Nero AG, 3,19,0, 7200]
[D:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvrPS.dll] [Nero AG, 1, 2, 0, 13]
[D:\Program Files\Common Files\Ahead\Lib\NMDataServices.dll] [Nero AG, 1, 2, 0, 13]
[PID: 712 / SHIN][D:\Program Files\Free Desktop Clock\DesktopClock.exe] [N/A, ]
[D:\Program Files\Free Desktop Clock\Clock.dll] [N/A, ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[PID: 1116 / SYSTEM][D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple Inc., 2.11.32.0]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 1132 / SHIN][D:\Program Files\DAEMON Tools Lite\daemon.exe] [DT Soft Ltd, 4.12.3.0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\DAEMON Tools Lite\DaemonPlugin.dll] [DT Soft Ltd, 4.12.0.0]
[D:\Program Files\DAEMON Tools Lite\daemon.dll] [DT Soft Ltd., 4.12.0.0]
[D:\Program Files\DAEMON Tools Lite\Lang\CHT.dll] [N/A, ]
[D:\Program Files\DAEMON Tools Lite\Lang\ENU.dll] [N/A, ]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\bw5mount.dll] [, 1.1.3.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\bwtmount.dll] [DT Soft Ltd., 1.01.0.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\ccdmount.dll] [DT Soft Ltd., 1.10.0.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\cuemount.dll] [DT Soft Ltd., 1.02.0.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\iszmount.dll] [DT Soft Ltd., 1.03.0.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\nrgmount.dll] [DT Soft Ltd., 1.12.0.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\pdimount.dll] [DT Soft Ltd., 1.01.0.0]
[D:\Program Files\DAEMON Tools Lite\Plugins\Images\pfcmount.dll] [DT Soft Ltd., 1.00.0.0]
[D:\Program Files\DAEMON Tools Lite\pfctoc.dll] [Padus(R), Inc., 1, 0, 0, 12]
[PID: 1208 / SYSTEM][D:\Program Files\Bonjour\mDNSResponder.exe] [Apple Inc., 1,0,5,11]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 1636 / SYSTEM][D:\Program Files\Java\jre6\bin\jqs.exe] [Sun Microsystems, Inc., 6.0.120.4]
[D:\Program Files\Java\jre6\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 1780 / SHIN][D:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe] [Yahoo! Inc., 8,1,0,0]
[D:\Program Files\Yahoo!\Messenger\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[D:\Program Files\Yahoo!\Messenger\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\RivaTuner v2.0 Final Release\Tools\D3DOverrider\D3DOverriderHooks.dll] [N/A, ]
[D:\Program Files\Yahoo!\Shared\YbSkin2.dll] [Yahoo! Inc., 2006, 10, 11, 1]
[D:\Program Files\Yahoo!\Messenger\res_msgr.dll] [Yahoo! Inc., 8,5,0,1]
[PID: 1976 / NETWORK SERVICE][D:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe] [Microsoft Corporation, 2005.090.4035.00]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[PID: 320 / SYSTEM][D:\Program Files\Eset\nod32krn.exe] [Eset , 2, 70, 39 ]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\Program Files\Eset\nod32krr.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\ps_amon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_amon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\ps_dmon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_dmon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\ps_emon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_emon.dll] [Eset , 2, 70, 16 ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\ps_nod32.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_nod32.dll] [Eset , 2, 70, 16 ]
[D:\Program Files\Eset\ps_upd.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_upd.dll] [Eset , 2, 70, 16 ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,5,11]
[PID: 384 / SYSTEM][D:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.7801]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[PID: 1876 / SYSTEM][D:\WINDOWS\system32\oodag.exe] [O&O Software GmbH, 8.0.1398]
[D:\WINDOWS\system32\wbsys.dll] [Stardock.Net, Inc, 4, 0, 0, 0]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WINDOWS\system32\OODAGRS.DLL] [O&O Software GmbH, 8.0.1.1347]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [Eset , 2, 70, 16 ]
[PID: 1260 / SYSTEM][D:\Program Files\CyberLink\Shared files\RichVideo.exe] [, 1.1.0808 ]
[\\?\globalroot\systemroot\system32\UACtehmtldq.dll] [N/A, ]
[D:\WindowBlinds\wblind.dll] [Stardock Corporation, 5.5]
[D:\WINDOWS\system32\UXTHEME.DLL] [N/A, ]
[D:\WindowBlinds\wbhelp.dll] [Stardock.Net, Inc, 4.01]
[PID: 2084 / NETWORK SERVICE][D:\Program Files\Microsoft SQL Server\
