不知是否還有漏網之魚,請各位高手幫忙分析一下,謝謝!!!
附上日誌.....
2008-03-21,08:33:12
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Home Edition Service Pack 2 (Build 2600) - 管理許可權用戶 - 完整功能
以下內容被選中:
所有的啟動項目(包括註冊表、開機檔案夾、服務等)
流覽器載入項
正在運行的進程(包括進程模組資訊)
文件關聯
Winsock 提供者
Autorun.inf
HOSTS 文件
進程特權掃描
啟動專案
註冊表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<Skype><"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized> [N/A]
<kava><C:\WINDOWS\system32\kavo.exe> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher]
<EPSON Stylus C41 Series><C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C41 Series" /O5 "LPT1:" /M "Stylus C41"> [SEIKO EPSON CORPORATION]
<EPSON Stylus CX3100><C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3100" /O6 "USB001" /M "Stylus CX3100"> [SEIKO EPSON CORPORATION]
<Acrobat Assistant 7.0><"C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"> [Adobe Systems Inc.]
<HPWS myPrintMileage Agent><C:\Program Files\Hewlett-Packard\HP Deskjet 1280\Toolbox\mpm.exe> []
<WinFaxAppPortStarter><wfxsnt40.exe> [Microsoft Corporation]
<SunJavaUpdateSched><C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe> [Sun Microsystems, Inc.]
<EssSpkPhone><essspk.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher, E=""]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<BluetoothAuthenticationAgent><rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent> [(Verified)Microsoft Windows Publisher]
<CJIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync> [(Verified)Microsoft Corporation]
<PHIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync> [(Verified)Microsoft Corporation]
<MxieAutoExecute><C:\Program Files\mxie\mxie_waiting.exe> [N/A]
<AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"> [N/A]
<ClubBox><"C:\Program Files\NextLink\GOGOBOX\gogobox.exe" -l> [NextLink, Co. LTD.]
<NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<avgnt><"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min> [Avira GmbH]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,C:\Program Files\Windows Media Player\svchost.exe,> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><"C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{A213B520-C6C2-11d0-AF9D-008029E1027E}><C:\Program Files\Symantec\WinFax\WfxSeh32.Dll> [Symantec Corporation]
<{FBF3B337-FEB6-403B-BBE2-2B67CB6563E3}><C:\WINDOWS\shareb32.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
<WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll> [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}]
<Fax><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser> [(Verified)Microsoft Windows Publisher]
==================================
開機檔案夾
[Adobe Acrobat Speed Launcher]
<C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\Adobe Acrobat Speed Launcher.lnk --> C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [N/A]><N>
[控制器]
<C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\控制器.LNK --> C:\PROGRA~1\Symantec\WinFax\WFXCTL32.EXE [N/A]><N>
==================================
服務
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[AntiVir PersonalEdition Classic Scheduler / AntiVirScheduler][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe"><Avira GmbH>
[AntiVir PersonalEdition Classic Guard / AntiVirService][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe"><Avira GmbH>
[Application Management / AppMgmt][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Kaspersky Internet Security 6.0 / AVP][Stopped/Auto Start]
<"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r><N/A>
[EpsonBidirectionalService / EpsonBidirectionalService][Running/Auto Start]
<C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe><N/A>
[EPSON Printer Status Agent2 / EPSONStatusAgent2][Running/Auto Start]
<C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe><SEIKO EPSON CORPORATION>
[GhostStartService / GhostStartService][Stopped/Auto Start]
<C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe"><Macrovision Corporation>
[WinFax PRO / wfxsvc][Running/Auto Start]
<C:\WINDOWS\system32\WFXSVC.EXE><Symantec Corporation>
[Windows Media Connect (WMC) / WmcCds][Stopped/Manual Start]
<c:\program files\windows media connect\mswmccds.exe><Microsoft Corporation>
[Windows Media Connect (WMC) Helper / WmcCdsLs][Stopped/Manual Start]
<C:\Program Files\Windows Media Connect\mswmcls.exe><Microsoft Corporation>
==================================
驅動程式
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[avgio / avgio][Running/System Start]
<\??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Manual Start]
<\??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
<system32\DRIVERS\avipbb.sys><AVIRA GmbH>
[EDSP Port Driver / Edspport][Running/Manual Start]
<system32\DRIVERS\es56hpi.sys><ESS Technology, Inc.>
[GhostPciScanner / GhPciScan][Running/System Start]
<\??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys><Symantec Corporation>
[NOWMEMDF / NOWMEMDF][Running/Manual Start]
<\??\C:\WINDOWS\system32\NOWMEMDF.sys><(c)NOWCOM>
[NPPTNT2 / NPPTNT2][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\npptNT2.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Pen Class / PenClass][Stopped/Boot Start]
<\SystemRoot\system32\Drivers\penclass.sys><N/A>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Sentinel / Sentinel][Running/Auto Start]
<\SystemRoot\System32\Drivers\SENTINEL.SYS><>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[ssmdrv / ssmdrv][Running/System Start]
<system32\DRIVERS\ssmdrv.sys><Avira GmbH>
[Driver for Todos eCode Connectable / TodosECAUsb][Stopped/Auto Start]
<System32\Drivers\TdsConn.sys><N/A>
==================================
流覽器載入項
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[AcroIEToolbarHelper Class]
{AE7CD045-E861-484f-8273-0445EE161910} <C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Java Plug-in 1.5.0_05]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll, Sun Microsystems, Inc.>
[網頁]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll, N/A>
[參考資料(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[新光銀行SKatm]
{E1056C34-E994-4CF9-AD0A-5BFE96747F8C} <C:\ESW\GoEzoZone.exe, N/A>
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Microsoft Office Template and Media Control]
{02BCC737-B171-4746-94C9-0D8A0B2C0089} <C:\PROGRA~1\MICROS~4\OFFICE11\IEAWSDC.DLL, >
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\macromed\Shockwave 10\Download.dll, Macromedia, Inc.>
[HiTestCom Class]
{1D7AF31F-2933-4B88-A72D-C578AD057708} <C:\WINDOWS\Downloaded Program Files\HiSECURETestCom.dll, >
[CathayMyATM2.EsConn]
{5C253D25-00FD-4703-9924-E53792DF98C9} <C:\WINDOWS\Downloaded Program Files\CathayMyATM2.dll, uwccb>
[KENCAPI Class]
{5F4D222D-5EEE-40A8-8810-5642B4E4F441} <C:\WINDOWS\Downloaded Program Files\FSCAPIATL.dll, Formosoft>
[Autodesk MapGuide ActiveX Control]
{62789780-B744-11D0-986B-00609731A21D} <C:\WINDOWS\Downloaded Program Files\MgAxCtrl.dll, Autodesk Inc.>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[PasswordMD5ClientCOMCtrl Class]
{650BBB86-3D77-49BA-A4B2-2455E44EB031} <C:\WINDOWS\DOWNLO~1\PASSWO~2.DLL, HiTRUST, Inc.>
[Java Plug-in 1.5.0_05]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll, Sun Microsystems, Inc.>
[NowStarter Control]
{A22B8FD2-4CAA-4EFB-82F7-680CD656D9B0} <C:\WINDOWS\DOWNLO~1\GNOWST~1.OCX, (C) NOWCOM>
[CertificateDBClientCOMCtrl Class]
{C9B6115C-DEA9-11D6-8C3C-0050BAA6346E} <C:\WINDOWS\Downloaded Program Files\CertificateDBClientCOM.dll, HiTRUST, Inc.>
[Java Plug-in 1.5.0_05]
{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[PasswordClientCOMCtrl Class]
{D431F24F-0D8A-43A2-AB0D-FF6F27DE95A8} <C:\WINDOWS\DOWNLO~1\PASSWO~1.DLL, HiTRUST, Inc.>
[XMLSignatureClientCOMCtrl Class]
{EB8D26BA-9A4C-444C-80D1-1B544F68D797} <C:\WINDOWS\Downloaded Program Files\XMLSignatureClientCOM.dll, HiTRUST, Inc.>
[MyWebSearch Search Assistant BHO]
{00A6FAF1-072E-44CF-8957-5838F569A31D} <, N/A>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[mwsBar BHO]
{07B18EA1-A523-4961-B6BB-170DE4475CCA} <, N/A>
[CEnroll Class]
{127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, Microsoft Corporation>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\macromed\Shockwave 10\Download.dll, Macromedia, Inc.>
[HiTestCom Class]
{1D7AF31F-2933-4B88-A72D-C578AD057708} <C:\WINDOWS\Downloaded Program Files\HiSECURETestCom.dll, >
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[IETag Factory]
{38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[KENCAPI Class]
{5F4D222D-5EEE-40A8-8810-5642B4E4F441} <C:\WINDOWS\Downloaded Program Files\FSCAPIATL.dll, Formosoft>
[Autodesk MapGuide ActiveX Control]
{62789780-B744-11D0-986B-00609731A21D} <C:\WINDOWS\Downloaded Program Files\MgAxCtrl.dll, Autodesk Inc.>
[PasswordMD5ClientCOMCtrl Class]
{650BBB86-3D77-49BA-A4B2-2455E44EB031} <C:\WINDOWS\DOWNLO~1\PASSWO~2.DLL, HiTRUST, Inc.>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[NowStarter Control]
{A22B8FD2-4CAA-4EFB-82F7-680CD656D9B0} <C:\WINDOWS\DOWNLO~1\GNOWST~1.OCX, (C) NOWCOM>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[AcroIEToolbarHelper Class]
{AE7CD045-E861-484F-8273-0445EE161910} <C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[CertificateDBClientCOMCtrl Class]
{C9B6115C-DEA9-11D6-8C3C-0050BAA6346E} <C:\WINDOWS\Downloaded Program Files\CertificateDBClientCOM.dll, HiTRUST, Inc.>
[AUDIO__MID Moniker Class]
{CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[PasswordClientCOMCtrl Class]
{D431F24F-0D8A-43A2-AB0D-FF6F27DE95A8} <C:\WINDOWS\DOWNLO~1\PASSWO~1.DLL, HiTRUST, Inc.>
[Yahoo! VersionInfo]
{D5184A39-CBDF-4A4F-AC1A-7A45A852C883} <C:\Program Files\Yahoo!\Common\YVerInfo.dll, Yahoo! Inc.>
[MessengerChecker Class]
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} <C:\Program Files\Yahoo!\Messenger\YPagerChecker.dll, Yahoo! Inc.>
[Messenger Class]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <, N/A>
[XMLSignatureClientCOMCtrl Class]
{EB8D26BA-9A4C-444C-80D1-1B544F68D797} <C:\WINDOWS\Downloaded Program Files\XMLSignatureClientCOM.dll, HiTRUST, Inc.>
[&Search]
<http://bar.mywebsearch.com/menusearch.html?p=ZC, N/A>
[&Windows Live Search]
<res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm, N/A>
[&使用BitComet下?本???]
<, N/A>
[Convert link target to Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[Convert link target to existing PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[Convert selected links to Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A>
[Convert selected links to existing PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A>
[Convert selection to Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[Convert selection to existing PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[Convert to Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[Convert to existing PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[Foxy 下載]
<res://C:\Program Files\Foxy\Foxy.exe/download.htm, N/A>
[Foxy 搜尋]
<res://C:\Program Files\Foxy\Foxy.exe/search.htm, N/A>
[匯出至 Microsoft Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
[匯出至 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000, N/A>
[在新的前景索引標籤中開啟]
<res://C:\Program Files\Windows Live Toolbar\Components\zh-tw\msntabres.dll.mui/230?40e1651e0c1c466f940117fa4d7caa55, N/A>
[在新的背景索引標籤中開啟]
<res://C:\Program Files\Windows Live Toolbar\Components\zh-tw\msntabres.dll.mui/229?40e1651e0c1c466f940117fa4d7caa55, N/A>
==================================
正在運行的進程
[PID: 468 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 516 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 540 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\klogon.dll] [Kaspersky Lab, 6.0.1.411]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.5510.0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 584 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 596 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 752 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 808 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 892 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1008 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1060 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1252 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\AdobePDF.dll] [Adobe Systems Incorporated., 7.0.0.00]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Adobe\Acrobat 7.0\Distillr\adistres.dll] [Adobe Systems Incorporated., 7.0.0.2004121400]
[C:\WINDOWS\system32\EBPMON2.DLL] [SEIKO EPSON CORPORATION, 2, 30, 0, 0]
[C:\WINDOWS\system32\hpwslmn.dll] [HP, 2.233.3.0]
[C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.2175.0]
[C:\WINDOWS\system32\WFXMNT40.DLL] [Microsoft Corporation, 7.00 (Build 019)]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.2175.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\BiMProNT.dll] [Black Ice Software, 2.00]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\WFXPNT40.DLL] [N/A, ]
[PID: 1296 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe] [Avira GmbH, 7.00.00.82]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.dll] [Avira GmbH, 7.00.00.01]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avevtlog.dll] [Avira GmbH, 7.00.00.20]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardmsg.dll] [Avira GmbH, 7.00.11.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll] [, 3, 3, 17, 1]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVPREF.DLL] [Avira GmbH, 7.00.02.02]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\SMTPLIB.DLL] [Avira GmbH, 1.02.00.17]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVPACK32.DLL] [Avira GmbH, 7.06.00.03]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\unacev2.dll] [N/A, ]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVEWIN32.DLL] [Avira GmbH, 7.6.0.75]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.00.00.04]
[PID: 1556 / SYSTEM][C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe] [N/A, ]
[C:\WINDOWS\system32\eEBUtil.dll] [SEIKO EPSON CORPORATION, 1, 0, 0, 0]
[C:\Program Files\Common Files\EPSON\EBAPI\eEBRSVC.dll] [SEIKO EPSON CORPORATION, 1, 0, 0, 0]
[C:\Program Files\Common Files\EPSON\EBAPI\eEBLPDev.dll] [SEIKO EPSON CORPORATION, 1, 0, 0, 0]
[C:\Program Files\Common Files\EPSON\EBAPI\eEBIPDev.dll] [SEIKO EPSON CORPORATION, 1, 1, 0, 0]
[C:\Program Files\Common Files\EPSON\EBAPI\eEBNWDev.dll] [N/A, ]
[C:\Program Files\Common Files\EPSON\EBAPI\eEBMSDev.dll] [SEIKO EPSON CORPORATION, 1, 1, 0, 0]
[C:\Program Files\Common Files\EPSON\EBAPI\EBPLPT.DLL] [SEIKO EPSON CORPORATION, 2, 26, 0, 0]
[PID: 1756 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe] [Avira GmbH, 7.00.00.62]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\schedr.dll] [Avira GmbH, 7.00.24.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avevtlog.dll] [Avira GmbH, 7.00.00.20]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll] [, 3, 3, 17, 1]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.00.00.04]
[PID: 1772 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1796 / SYSTEM][C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe] [SEIKO EPSON CORPORATION, 2, 3, 0, 0]
[C:\WINDOWS\system32\EBAPI2.DLL] [SEIKO EPSON CORPORATION, 1, 4, 0, 0]
[C:\Program Files\Common Files\EPSON\EBAPI\EBPLPT.DLL] [SEIKO EPSON CORPORATION, 2, 26, 0, 0]
[PID: 1844 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Common Files\Microsoft Shared\VS7Debug\1028\mdmui.dll] [Microsoft Corporation, 7.00.9466]
[PID: 1944 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 2028 / SYSTEM][C:\WINDOWS\system32\WFXSVC.EXE] [Symantec Corporation, 9.02.98.1128]
[PID: 192 / SYSTEM][C:\Program Files\Symantec\WinFax\WFXMOD32.EXE] [Symantec Corporation, 9.02.98.1128]
[C:\Program Files\Symantec\WinFax\DCCDA32I.dll] [N/A, ]
[C:\Program Files\Symantec\WinFax\dccutili.dll] [Symantec Corporation, 9.02.98.1128]
[C:\Program Files\Symantec\WinFax\WFXUT32I.dll] [Symantec Corporation, 9.02.98.1128]
[C:\Program Files\Symantec\WinFax\rtfctl32.dll] [Symantec Corporation, 9.02.98.1128]
[C:\Program Files\Symantec\WinFax\WFXIIF32.dll] [Symantec Corporation, 9.02.98.1128]
[C:\Program Files\Symantec\WinFax\Wfxvw32i.dll] [N/A, ]
[C:\Program Files\Symantec\WinFax\DCCRES32.DLL] [Symantec Corporation, 9.02.98.1128]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[C:\Program Files\Symantec\WinFax\WFXRES32.DLL] [Symantec Corporation, 9.02.98.1128]
[PID: 1348 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2116 / Owner][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.5510.0]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.0.2004121400]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\Program Files\Symantec\WinFax\WfxSeh32.Dll] [Symantec Corporation, 9.02.98.1128]
[PID: 2200 / Owner][C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe] [Adobe Systems Inc., 6.0.1.2004121400]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[PID: 2208 / Owner][C:\Program Files\Hewlett-Packard\HP Deskjet 1280\Toolbox\mpm.exe] [N/A, ]
[C:\Program Files\Hewlett-Packard\HP Deskjet 1280\Toolbox\HPWSTRE.dll] [Hewlett-Packard Company, 2004.1031.0.0]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[PID: 2216 / Owner][C:\WINDOWS\system32\wfxsnt40.exe] [Microsoft Corporation, 7.00 (Build 019)]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[PID: 2224 / Owner][C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe] [Sun Microsystems, Inc., 5.0.50.5]
[PID: 2232 / Owner][C:\WINDOWS\essspk.exe] [N/A, ]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2244 / Owner][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3018]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[PID: 2252 / Owner][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[PID: 2312 / Owner][C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe] [Avira GmbH, 7.02.00.16]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\cclib.dll] [Avira GmbH, 7.02.00.03]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71CHT.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.5510.0]
[c:\program files\avira\antivir personaledition classic\ccgen.dll] [Avira GmbH, 7.02.00.10]
[c:\program files\avira\antivir personaledition classic\ccgenrc.dll] [Avira GmbH, 7.02.04.02]
[c:\program files\avira\antivir personaledition classic\ccguard.dll] [Avira GmbH, 7.00.01.35]
[c:\program files\avira\antivir personaledition classic\ccgrdrc.dll] [Avira GmbH, 7.00.06.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.00.00.04]
[c:\program files\avira\antivir personaledition classic\ccupdate.dll] [Avira GmbH, 7.02.00.04]
[c:\program files\avira\antivir personaledition classic\ccupdrc.dll] [Avira GmbH, 7.02.01.00]
[c:\program files\avira\antivir personaledition classic\cclic.dll] [Avira GmbH, 7.02.00.04]
[c:\program files\avira\antivir personaledition classic\cclicrc.dll] [Avira GmbH, 7.02.01.00]
[c:\program files\avira\antivir personaledition classic\ccmsg.dll] [Avira GmbH, 7.00.00.00]
[PID: 2388 / Owner][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[PID: 2516 / Owner][C:\Program Files\Symantec\WinFax\WFXCTL32.EXE] [N/A, ]
[C:\Program Files\Symantec\WinFax\DCCDA32I.dll] [N/A, ]
[C:\Program Files\Symantec\WinFax\dccutili.dll] [Symantec Corporation, 9.02.98.1128]
[C:\Program Files\Symantec\WinFax\dccutilc.dll] [Symantec Corporation, 9.02.98.1128]
[C:\Program Files\Symantec\WinFax\WFXIIF32.dll] [Symantec Corporation, 9.02.98.1128]
[C:\Program Files\Symantec\WinFax\WFXUT32I.dll] [Symantec Corporation, 9.02.98.1128]
[C:\Program Files\Symantec\WinFax\rtfctl32.dll] [Symantec Corporation, 9.02.98.1128]
[C:\Program Files\Symantec\WinFax\WFXUT32C.dll] [Symantec Corporation, 9.02.98.1128]
[C:\Program Files\Symantec\WinFax\DCCTBP32.dll] [N/A, ]
[C:\Program Files\Symantec\WinFax\DCCRES32.DLL] [Symantec Corporation, 9.02.98.1128]
[C:\Program Files\Symantec\WinFax\WFXRES32.DLL] [Symantec Corporation, 9.02.98.1128]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[C:\Program Files\Symantec\WinFax\WFXIFCAS.DLL] [Symantec Corporation, 9.00.98.0000]
[C:\Program Files\Symantec\WinFax\Wfxvw32i.dll] [N/A, ]
[C:\Program Files\Symantec\WinFax\WFXCAS32.DNT] [N/A, ]
[C:\Program Files\Symantec\WinFax\wfxdms32.dll] [N/A, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.5510.0]
[C:\Program Files\Symantec\WinFax\WFXIFMOD.DLL] [Symantec Corporation, 9.02.98.1128]
[PID: 2592 / Owner][C:\WINDOWS\system32\ntvdm.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\RNBOVDD.DLL] [, ]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[C:\PROGRA~1\SYMANTEC\WINFAX\WFXCAS32.DNT] [N/A, ]
[C:\PROGRA~1\SYMANTEC\WINFAX\wfxdms32.dll] [N/A, ]
[C:\PROGRA~1\SYMANTEC\WINFAX\dccutili.dll] [Symantec Corporation, 9.02.98.1128]
[C:\PROGRA~1\SYMANTEC\WINFAX\DCCRES32.DLL] [Symantec Corporation, 9.02.98.1128]
[PID: 3840 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3932 / Owner][D:\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[D:\sreng2\Lang\1028.DLL] [System Repair Engineer, 2.5.16.900]
[C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.6550.0]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.5510.0]
[D:\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件關聯
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
進程特權掃描
特殊特權被允許: SeLoadDriverPrivilege [PID = 1296, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGUARD.EXE]
特殊特權被允許: SeLoadDriverPrivilege [PID = 2244, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特權被允許: SeLoadDriverPrivilege [PID = 2516, C:\PROGRAM FILES\SYMANTEC\WINFAX\WFXCTL32.EXE]
==================================
API HOOK
N/A
==================================
隱藏進程
N/A
==================================
我也來說兩句 查看全部評論 相關評論