System Repair Engineer Smart Scan Log2008-07-29,13:45:50 System Repair Engineer 2.6.12.1018 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理許可權用戶 - 完整功能 以下內容被選中: 所有的啟動項目(包括註冊表、開機檔案夾、服務等) 流覽器載入項 正在運行的進程(包括進程模組資訊) 文件關聯 Winsock 提供者 Autorun.inf HOSTS 文件 進程特權掃描 啟動專案 註冊表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] (ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [(Verified)Microsoft Windows Publisher] (MsnMsgr)("C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background) [(Verified)Microsoft Corporation] (Yahoo!Mini)("C:\Program Files\Yahoo!\Mini\YMiniUpdat2.exe" -c) [] (swg)(C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe) [(Verified)Google Inc] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] (load)() [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] (IMJPMIG8.1)(C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32) [(Verified)Microsoft Windows Publisher] (Acrobat Assistant 7.0)("C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe") [Adobe Systems Inc.] (igfxtray)(C:\WINDOWS\system32\igfxtray.exe) [(Verified)Microsoft Windows Hardware Compatibility Publisher] (igfxhkcmd)(C:\WINDOWS\system32\hkcmd.exe) [(Verified)Microsoft Windows Hardware Compatibility Publisher] (igfxpers)(C:\WINDOWS\system32\igfxpers.exe) [(Verified)Microsoft Windows Hardware Compatibility Publisher] (NeroFilterCheck)(C:\WINDOWS\system32\NeroCheck.exe) [Ahead Software Gmbh] (SoundMan)(SOUNDMAN.EXE) [(Verified)Microsoft Windows Hardware Compatibility Publisher] (ClubBox)() [N/A] ({0228e555-4f9c-4e35-a3ec-b109a192b4c2})(C:\Program Files\Google\Gmail Notifier\gnotify.exe) [Google Inc.] (Ulead AutoDetector v2)(C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe) [Ulead Systems, Inc.] (SunJavaUpdateSched)("C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe") [(Verified)"Sun Microsystems, Inc."] (LXCCCATS)(rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16) [(Verified)Microsoft Windows Hardware Compatibility Publisher] (SetDefPrt)(C:\Program Files\Brother\Brmfl04h\BrStDvPt.exe) [Brother Industories, Ltd.] (CJIMETIPSYNC)(C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync) [(Verified)Microsoft Corporation] (PHIMETIPSYNC)(C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync) [(Verified)Microsoft Corporation] (nod32kui)("C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE) [Eset ] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] (explorer)(`.vbe) [N/A] (test)(C:\WINDOWS\system32\wuauclt1.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] (shell)(Explorer.exe) [(Verified)Microsoft Windows Component Publisher] (Userinit)(C:\WINDOWS\system32\userinit.exe,) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] (AppInit_DLLs)() [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] (UIHost)(logonui.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] (WinlogonNotify: igfxcui)(igfxdev.dll) [(Verified)Microsoft Windows Hardware Compatibility Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] (WinlogonNotify: WgaLogon)(WgaLogon.dll) [Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\){26923b43-4d38-484f-9b9e-de460746276c}] (Internet Explorer)(%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE) [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\){881dd1c5-3dcf-431b-b061-f3f88e8be88a}] (Outlook Express)(%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE) [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] (Themes Setup)(%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll) [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] (Microsoft Outlook Express 6)("%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install) [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] (NetMeeting 3.01)(rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] (Windows Messenger 4.7)(rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] (Microsoft Windows Media Player)(rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] (Address Book 6)("%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install) [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] (N/A)(C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install) [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.EXE] (IFEO[360rpt.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safe.EXE] (IFEO[360safe.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.EXE] (IFEO[360tray.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ANTIARP.EXE] (IFEO[ANTIARP.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ast.EXE] (IFEO[Ast.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AutoRunKiller.EXE] (IFEO[AutoRunKiller.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.EXE] (IFEO[AvMonitor.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVP.EXE] (IFEO[AVP.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.EXE] (IFEO[CCenter.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Frameworkservice.EXE] (IFEO[Frameworkservice.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GFUpd.EXE] (IFEO[GFUpd.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GuardField.EXE] (IFEO[GuardField.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.EXE] (IFEO[IceSword.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.EXE] (IFEO[Iparmor.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASARP.EXE] (IFEO[KASARP.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavstart.EXE] (IFEO[kavstart.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kmailmon.EXE] (IFEO[kmailmon.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.EXE] (IFEO[KRegEx.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonxp.KXP] (IFEO[KVMonxp.KXP])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.EXE] (IFEO[KVSrvXP.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVWSC.EXE] (IFEO[KVWSC.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kwatch.EXE] (IFEO[kwatch.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Mmsk.EXE] (IFEO[Mmsk.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapsvc.EXE] (IFEO[Navapsvc.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.EXE] (IFEO[nod32krn.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Nod32kui.EXE] (IFEO[Nod32kui.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAV.EXE] (IFEO[RAV.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.EXE] (IFEO[RavStub.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Regedit.EXE] (IFEO[Regedit.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwmain.EXE] (IFEO[rfwmain.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwProxy.EXE] (IFEO[rfwProxy.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.EXE] (IFEO[rfwsrv.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwstub.EXE] (IFEO[rfwstub.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Runiep.EXE] (IFEO[Runiep.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPC32.EXE] (IFEO[VPC32.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPTRAY.EXE] (IFEO[VPTRAY.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WOPTILITIES.EXE] (IFEO[WOPTILITIES.EXE])(C:\WINDOWS\system32\dllcache\wuauclt.exe) [(Verified)Microsoft Windows Publisher] 開機檔案夾 [Adobe Acrobat Speed Launcher] (C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\Adobe Acrobat Speed Launcher.lnk --) [File is missing])(N) [AutoCAD 啟動加速器] (C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\AutoCAD 啟動加速器.lnk --) C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~1.EXE [Autodesk, Inc])(N) 服務 [Adobe LM Service / Adobe LM Service][Stopped/Manual Start] ("C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe")(Adobe Systems) [Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start] ("C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe")(Autodesk) [##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## / Bonjour Service][Running/Auto Start] ("C:\Program Files\Bonjour\mDNSResponder.exe")(Apple Computer, Inc.) [FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start] ("C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe")(Macrovision Europe Ltd.) [Google Updater Service / gusvc][Stopped/Manual Start] ("C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe")(Google) [Human Interface Device Access / HidServ][Stopped/Disabled] (C:\WINDOWS\System32\svchost.exe -k netsvcs--)%SystemRoot%\System32\hidserv.dll)(N/A) [lxcc_device / lxcc_device][Stopped/Manual Start] (C:\WINDOWS\system32\lxcccoms.exe -service)(Lexmark International, Inc.) [NOD32 Kernel Service / NOD32krn][Stopped/Auto Start] ("C:\Program Files\Eset\nod32krn.exe")(Eset) [Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start] ("C:\Program Files\Windows Live\installer\WLSetupSvc.exe")(Microsoft Corporation) 驅動程式 [Ad-Watch Connect Kernel Filter / Ad-Watch Connect Filter][Stopped/Manual Start] (\??\C:\WINDOWS\system32\drivers\NSDriver.sys)(N/A) [AW Real-Time Scanner / Ad-Watch Real-Time Scanner][Stopped/Manual Start] (\??\C:\WINDOWS\system32\drivers\AWRTPD.sys)(N/A) [Ad-Watch Registry Kernel Filter / Ad-Watch Registry Filter][Stopped/Manual Start] (\??\C:\WINDOWS\system32\drivers\AWRTRD.sys)(N/A) [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] (system32\drivers\ALCXWDM.SYS)(Realtek Semiconductor Corp.) [AMON / AMON][Running/Auto Start] (\??\C:\WINDOWS\system32\drivers\amon.sys)(Eset) [ialm / ialm][Running/Manual Start] (system32\DRIVERS\ialmnt5.sys)(Intel Corporation) [NOWMEMDF / NOWMEMDF][Stopped/Manual Start] (\??\C:\WINDOWS\system32\NOWMEMDF.sys)((c)NOWCOM) [直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start] (System32\DRIVERS\ptilink.sys)(Parallel Technologies, Inc.) [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start] (System32\DRIVERS\RTL8139.SYS)(Realtek Semiconductor Corporation) [Secdrv / Secdrv][Stopped/Manual Start] (System32\DRIVERS\secdrv.sys)(Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) 流覽器載入項 [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated) [FGCatchUrl] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} (C:\Program Files\FlashGet\jccatch.dll, www.flashget.com) [Megaupload Toolbar] {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} (C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL, (Signed) MEGAUPLOAD ) [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, (Signed) Sun Microsystems, Inc.) [] {7E853D72-626A-48EC-A868-BA8D5E23E045} (, ) [Windows Live 登入小幫手] {9030D464-4C02-4ABF-8ECC-5164760863C6} (C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation) [Google Toolbar Helper] {AA58ED58-01DD-4d91-8333-CF10577473F7} (c:\program files\google\googletoolbar1.dll, (Signed) Google Inc.) [AcroIEToolbarHelper Class] {AE7CD045-E861-484f-8273-0445EE161910} (C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated) [FlashGet GetFlash Class] {F156768E-81EF-470C-9057-481BA8380DBA} (C:\Program Files\FlashGet\getflash.dll, www.flashget.com) [Java Plug-in 1.6.0_05] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} (C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, (Signed) Sun Microsystems, Inc.) [參考資料(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} (C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation) [FlashGet] {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} (C:\Program Files\FlashGet\FlashGet.exe, FlashGet.com) [Adobe PDF] {47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated) [Megaupload Toolbar] {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} (C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL, (Signed) MEGAUPLOAD ) [&Google] {2318C2B1-4965-11d4-9B18-009027A5CD4F} (c:\program files\google\googletoolbar1.dll, (Signed) Google Inc.) [NowStarter Control] {072039AB-2117-4ED5-A85F-9B9EB903E021} (C:\WINDOWS\DOWNLO~1\CONFLICT.1\NOWSTA~1.OCX, (Signed) (C) NOWCOM) [asusTek_sysctrl Class] {0D41B8C5-2599-4893-8183-00195EC8D5F9} (C:\WINDOWS\DOWNLO~1\ASUSTE~1.DLL, ) [Shockwave ActiveX Control] {166B1BCA-3F9C-11CF-8075-444553540000} (C:\WINDOWS\system32\Adobe\Director\SwDir.dll, (Signed) Adobe Systems, Inc.) [Windows Genuine Advantage Validation Tool] {17492023-C23A-453E-A040-C7C580BBF700} (C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation) [PasswordMD5ClientCOMCtrl Class] {650BBB86-3D77-49BA-A4B2-2455E44EB031} (C:\WINDOWS\DOWNLO~1\PASSWO~2.DLL, HiTRUST, Inc.) [Java Plug-in 1.6.0_05] {8AD9C840-044E-11D1-B3E9-00805F499D93} (C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, (Signed) Sun Microsystems, Inc.) [] {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} (, ) [CertificateDBClientCOMCtrl Class] {C9B6115C-DEA9-11D6-8C3C-0050BAA6346E} (C:\WINDOWS\Downloaded Program Files\CertificateDBClientCOM.dll, (Signed) HiTRUST, Inc.) [Java Plug-in 1.6.0_03] {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, (Signed) Sun Microsystems, Inc.) [Java Plug-in 1.6.0_05] {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, (Signed) Sun Microsystems, Inc.) [Java Plug-in 1.6.0_05] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll, (Signed) Sun Microsystems, Inc.) [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.) [PasswordClientCOMCtrl Class] {D431F24F-0D8A-43A2-AB0D-FF6F27DE95A8} (C:\WINDOWS\DOWNLO~1\PASSWO~1.DLL, HiTRUST, Inc.) [XMLSignatureClientCOMCtrl Class] {EB8D26BA-9A4C-444C-80D1-1B544F68D797} (C:\WINDOWS\Downloaded Program Files\XMLSignatureClientCOM.dll, (Signed) HiTRUST, Inc.) [MultiUpload Control] {F6E361B4-40F3-4C90-8A95-D95E0D8CBCD4} (C:\WINDOWS\DOWNLO~1\CONFLICT.1\MULTIU~1.OCX, (?)???) [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated) [NowStarter Control] {072039AB-2117-4ED5-A85F-9B9EB903E021} (C:\WINDOWS\DOWNLO~1\CONFLICT.1\NOWSTA~1.OCX, (Signed) (C) NOWCOM) [] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} (, ) [] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} (, ) [&Google] {2318C2B1-4965-11D4-9B18-009027A5CD4F} (c:\program files\google\googletoolbar1.dll, (Signed) Google Inc.) [FGCatchUrl] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} (C:\Program Files\FlashGet\jccatch.dll, www.flashget.com) [Adobe PDF] {47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated) [Megaupload Toolbar] {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} (C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL, (Signed) MEGAUPLOAD ) [] {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} (, ) [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, (Signed) Sun Microsystems, Inc.) [] {7E853D72-626A-48EC-A868-BA8D5E23E045} (, ) [Windows Live 登入小幫手] {9030D464-4C02-4ABF-8ECC-5164760863C6} (C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation) [] {92780B25-18CC-41C8-B9BE-3C9C571A8263} (, ) [Google Toolbar Helper] {AA58ED58-01DD-4D91-8333-CF10577473F7} (c:\program files\google\googletoolbar1.dll, (Signed) Google Inc.) [AcroIEToolbarHelper Class] {AE7CD045-E861-484F-8273-0445EE161910} (C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated) [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} (C:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation) [AUDIO__MP3 Moniker Class] {CD3AFA76-B84F-48F0-9393-7EDC34128127} (C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation) [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.) [] {D6E814A0-E0C5-11D4-8D29-0050BA6940E3} (, ) [MessengerChecker Class] {DA4F543C-C8A9-4E88-9A79-548CBB46F18F} (C:\Program Files\Yahoo!\Messenger\YPagerChecker.dll, (Signed) Yahoo! Inc.) [FlashGet GetFlash Class] {F156768E-81EF-470C-9057-481BA8380DBA} (C:\Program Files\FlashGet\getflash.dll, www.flashget.com) [MultiUpload Control] {F6E361B4-40F3-4C90-8A95-D95E0D8CBCD4} (C:\WINDOWS\DOWNLO~1\CONFLICT.1\MULTIU~1.OCX, (?)???) [FGAutoLive] {F90D830D-C175-4bbe-82C7-FF94669A4C42} (C:\Program Files\FlashGet\fgupdate.dll, www.flashget.com) [FGCatchUrl] {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} (C:\Program Files\FlashGet\jccatch.dll, www.flashget.com) [&使用 FlashGet 下載] (C:\Program Files\FlashGet\jc_link.htm, N/A) [&全部使用 FlashGet 下載] (C:\Program Files\FlashGet\jc_all.htm, N/A) [匯出至 Microsoft Office Excel(&X)] (res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A) [設為 Messenger Live 頭像] (\SetMSNDP.htm, N/A) [轉換到現有 PDF] (res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A) [轉換為 Adobe PDF] (res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A) [轉換連結目標到現有 PDF] (res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A) [轉換連結目標為 Adobe PDF] (res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A) [轉換選定的連結到現有 PDF] (res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A) [轉換選定的連結為 Adobe PDF] (res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A) [轉換選擇內容到現有 PDF] (res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A) [轉換選擇內容為 Adobe PDF] (res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A) 正在運行的進程 [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 492 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 516 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WgaLogon.dll] [Microsoft Corporation, 1.7.0018.1] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.8164.0] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 560 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 572 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] [PID: 728 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 788 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1] [PID: 876 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] [C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1] [PID: 984 / NETWORK SERVICE][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] [PID: 1084 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] [PID: 1256 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [C:\WINDOWS\system32\lxcclmpm.DLL] [Lexmark International, Inc., 1.101.97.0] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] [C:\WINDOWS\system32\AdobePDF.dll] [Adobe Systems Incorporated., 7.0.0.00] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Adobe\Acrobat 7.0\Distillr\AdistRes.CHT] [, ] [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2] [C:\WINDOWS\system32\PDFreDirectLEMonNT.dll] [N/A, ] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\lxccPP5C.dll] [Lexmark International, Inc., 2.15.43.6] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2] [PID: 1432 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe] [Apple Computer, Inc., 1,0,3,1] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] [PID: 1988 / Fanglinh][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 17.0.50.0] [C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.8164.0] [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 17.0.50.0] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\Program Files\Eset\nodshex.dll] [N/A, ] [C:\WINDOWS\system32\contmenu.dll] [N/A, ] [C:\Program Files\Common Files\Autodesk shared\dwf common\DWFShellExtension.dll] [Autodesk, Inc., 1.1.0.278] [C:\Program Files\Common Files\Autodesk shared\dwf common\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Common Files\Autodesk shared\dwf common\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll] [Adobe Systems Inc., 7.0.5.2005092300\0] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MFC71CHT.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.cht] [Adobe Systems Inc., 7.0.5.2005092300\0] [C:\Program Files\Yahoo!\Mini\Ymkh10.dll] [N/A, ] [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.5.2005092300] [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0] [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.CHT] [Adobe Systems, Inc., 7.0.0.0] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4396] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007] [PID: 248 / Fanglinh][C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe] [Adobe Systems Inc., 7.0.1.2005092300] [C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.cht] [Adobe Systems Inc., 7.0.0.0] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [PID: 268 / Fanglinh][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.4396] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4396] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4396] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [PID: 276 / Fanglinh][C:\WINDOWS\system32\igfxpers.exe] [Intel Corporation, 3.0.0.4396] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4396] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [PID: 332 / Fanglinh][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5.1.0.40] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [PID: 376 / Fanglinh][C:\Program Files\Google\Gmail Notifier\gnotify.exe] [Google Inc., 1.0.25.0] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.8164.0] [C:\Program Files\Yahoo!\Mini\Ymkh10.dll] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 396 / Fanglinh][C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe] [Ulead Systems, Inc., 2.0.0.0] [C:\Program Files\Common Files\Ulead Systems\AutoDetector\u32Comm.dll] [Ulead Systems, Inc., 8.0.0.0] [C:\Program Files\Common Files\Ulead Systems\AutoDetector\DetMethod.dll] [, 1, 0, 0, 1] [C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor_Res.dll] [Ulead Systems, Inc., 2.0.0.0] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.8164.0] [PID: 432 / Fanglinh][C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.50.13] [PID: 992 / Fanglinh][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [PID: 1020 / Fanglinh][C:\Program Files\Windows Live\Messenger\msnmsgr.exe] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Windows Live\Messenger\MSNCore.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Windows Live\Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1] [C:\Program Files\Windows Live\Messenger\ContactsUX.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Windows Live\Messenger\CRYPTNET.dll] [N/A, ] [C:\Program Files\MSNShell\Bin\ShellDll02.dll] [MSNShell Team, 4.2.28.32] [C:\Program Files\Windows Live\Messenger\msgslang.8.5.1302.1018.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Windows Live\Messenger\msgsres.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\MSNShell\Bin\ShellDll.dll] [N/A, ] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\Program Files\Windows Live\Messenger\lcapi.dll] [Microsoft Corporation, 1.7.256.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)] [C:\WINDOWS\system32\msdmo.dll] [, ] [C:\Program Files\Windows Live\Messenger\lcres.dll] [Microsoft Corp., 1.7.109.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)] [C:\Program Files\Windows Live\Messenger\RTMPLTFM.dll] [Microsoft Corporation, 3.0.5774.0 built by: media_msn80] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] [C:\Program Files\Windows Live\Messenger\MSGSWCAM.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\WINDOWS\system32\sirenacm.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Yahoo!\Mini\Ymkh10.dll] [N/A, ] [C:\Program Files\Windows Live\Messenger\lmcdata.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Windows Live\Messenger\contact.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1] [C:\Program Files\Windows Live\Messenger\abssm.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Windows Live\Messenger\dfsr.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Windows Live\Messenger\custsat.dll] [Microsoft Corporation, 9.0.3790.2428 (srv03_sp1_qfe.050422-1043)] [C:\Program Files\Windows Live\Messenger\usnsvcps.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.8164.0] [C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 17.0.50.0] [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0] [C:\WINDOWS\system32\Macromed\Common\SwSupport.dll] [Adobe Systems, Inc., 10.4r25] [C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007] [PID: 1324 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1828 / Fanglinh][C:\Program Files\Yahoo!\Mini\YMini.exe] [Yahoo! Korea Corp., 2, 5, 1, 0] [C:\Program Files\Yahoo!\Mini\ncnt2.dll] [N/A, ] [C:\Program Files\Yahoo!\Mini\yjHookUtils.dll] [??? ???, 1.7.0.0] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\Program Files\Yahoo!\Mini\Ymkh10.dll] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.8164.0] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1] [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0] [C:\WINDOWS\system32\Macromed\Common\SwSupport.dll] [Adobe Systems, Inc., 10.4r25] [PID: 1520 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] [PID: 2280 / Fanglinh][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [PID: 2480 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2580 / Fanglinh][C:\Program Files\Yahoo!\Mini\YASearch.exe] [N/A, ] [C:\Program Files\Yahoo!\Mini\Ymkh10.dll] [N/A, ] [C:\Program Files\Yahoo!\Mini\cbnt.dll] [N/A, ] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\Program Files\Yahoo!\Mini\yjhookutils.dll] [??? ???, 1.7.0.0] [C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.8164.0] [PID: 3620 / Fanglinh][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [C:\WINDOWS\system32\mucltui.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\Program Files\Yahoo!\Mini\Ymkh10.dll] [N/A, ] [PID: 4036 / Fanglinh][C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe] [Microsoft Corporation, 4.200.520.1] [C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll] [Microsoft Corporation, 4.200.520.1] [PID: 220 / Fanglinh][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 17.0.50.0] [C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL] [MEGAUPLOAD , 5.0.0.226] [c:\program files\google\googletoolbar1.dll] [Google Inc., 4, 0, 1601, 4978] [C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll] [Adobe Systems Incorporated, 7.0.5.2005092300] [C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.CHT] [Adobe Systems Incorporated, 7.0.0.0] [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.5.2005092300] [C:\Program Files\FlashGet\jccatch.dll] [www.flashget.com, 1, 8, 4, 1007] [C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll] [Sun Microsystems, Inc., 6.0.50.13] [C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll] [Microsoft Corporation, 4.200.520.1] [C:\Program Files\FlashGet\getflash.dll] [www.flashget.com, 1, 8, 4, 1003] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1] [C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll] [Microsoft Corporation, 4.200.520.1] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] [C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.8164.0] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [C:\Program Files\Yahoo!\Mini\Ymkh10.dll] [N/A, ] [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL] [Microsoft Corporation, 11.0.8164] [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSTCICJA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007] [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 17.0.50.0] [PID: 2656 / SYSTEM][C:\Program Files\Windows Live\Messenger\usnsvc.exe] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Windows Live\Messenger\usnsvcps.dll] [Microsoft Corporation, 8.5.1302.1018] [PID: 1596 / Fanglinh][C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE] [Microsoft Corporation, 11.0.8169] [C:\Program Files\Common Files\Microsoft Shared\office11\mso.dll] [Microsoft Corporation, 11.0.8172] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\Program Files\Common Files\Microsoft Shared\office11\riched20.dll] [Microsoft Corporation, 5.50.99.2050] [C:\Program Files\Eset\Dmon.dll] [Eset , 2, 51, 20 ] [C:\PROGRA~1\MICROS~2\OFFICE11\ADDINS\SYMINPUT.DLL] [Microsoft Corporation, 1.02] [C:\WINDOWS\system32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9782] [C:\WINDOWS\system32\VB6CHT.DLL] [Microsoft Corporation, 6.00.8988] [C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.8164.0] [C:\Program Files\Common Files\Microsoft Shared\PROOF\MSSPELL3.DLL] [Microsoft Corporation, 1.1.6215] [C:\Program Files\Common Files\Microsoft Shared\PROOF\mslid.dll] [Microsoft Corporation, 1.0.2305] [C:\Program Files\Common Files\Microsoft Shared\PROOF\1028\MSGR3EN.DLL] [Microsoft Corporation, 3.1.2303] [C:\Program Files\Yahoo!\Mini\Ymkh10.dll] [N/A, ] [C:\Program Files\Microsoft Office\OFFICE11\msostyle.dll] [Microsoft Corporation, 11.0.8164] [C:\Program Files\Common Files\Microsoft Shared\PROOF\1028\MSGR3TC.DLL] [Microsoft Corporation, 1.0.2926.0] [C:\Program Files\Common Files\Microsoft Shared\PROOF\WDBRKCHT.DLL] [Microsoft Corporation, 4, 0, 0, 3102] [C:\Program Files\Common Files\Microsoft Shared\PROOF\TCSMRLEX.DLL] [MSTC, 4, 0, 0, 1908] [C:\Program Files\Common Files\Microsoft Shared\PROOF\TCNAME.DLL] [MSTC, 4, 0, 0, 2925] [C:\Program Files\Common Files\Microsoft Shared\PROOF\TCPARSER.DLL] [MSTC, 4, 0, 0, 2925] [C:\Program Files\Common Files\Microsoft Shared\PROOF\TCWBCore.DLL] [MSTC, 4, 0, 0, 2925] [C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\INTLNAME.DLL] [Microsoft Corporation, 11.0.8157] [C:\Program Files\Common Files\Microsoft Shared\Smart Tag\CHDATEST.DLL] [Microsoft Corporation, 2.00] [C:\Program Files\Common Files\Microsoft Shared\Smart Tag\Chinese Measurement Converter\CHMETCNV.DLL] [Microsoft Corp., 1.00] [C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\FNAME.DLL] [Microsoft Corporation, 11.0.8164] [C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\1028\stintl.dll] [Microsoft Corporation, 11.0.8161] [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\BRUMF04B.DLL] [Brother Industries Ltd., 3.07] [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\BRLMF04B.DLL] [Brother Industries Ltd., 3.07] [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\BROMF04B.DLL] [Brother Industries Ltd., 3.07] [C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007] [PID: 1048 / Fanglinh][C:\Program Files\FlashGet\FlashGet.exe] [FlashGet.com, 1, 9, 6, 1073] [C:\Program Files\FlashGet\FGBTCORE.dll] [, 1, 0, 0, 36] [C:\Program Files\FlashGet\FGEMCORE.dll] [, 1, 0, 3, 1002] [C:\Program Files\FlashGet\debugrpt.dll] [flashget, 1, 0, 0, 1006] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1] [C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007] [C:\Program Files\Yahoo!\Mini\Ymkh10.dll] [N/A, ] [C:\Program Files\FlashGet\fgupdate.dll] [www.flashget.com, 1, 8, 1, 1003] [C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.8164.0] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 17.0.50.0] [PID: 3756 / Fanglinh][C:\Documents and Settings\Fanglinh\桌面\SREngLdr.EXE] [Smallfrogs Studio, 2.6.12.1018] [PID: 2564 / Fanglinh][C:\Documents and Settings\Fanglinh\桌面\SRE11db0a40.EXE] [Smallfrogs Studio, 2.6.12.1018] [C:\Documents and Settings\Fanglinh\桌面\Lang\1028.DLL] [System Repair Engineer, 2.6.12.1018] [C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007] [C:\WINDOWS\system32\MSTCIPHA.IME] [Microsoft Corporation, 6.5.8165.0] [C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.8164.0] [C:\Program Files\Yahoo!\Mini\Ymkh10.dll] [N/A, ] [C:\Documents and Settings\Fanglinh\桌面\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1] [C:\WINDOWS\system32\imon.dll] [Eset , 2, 51, 20 ] [C:\Program Files\Eset\pr_imon.dll] [N/A, ] 文件關聯 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR Error. [AutoCADScriptFile] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] Winsock 提供者 NOD32 protected [MSAFD Tcpip [TCP/IP]] C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support) NOD32 protected [MSAFD Tcpip [UDP/IP]] C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support) NOD32 protected [MSAFD Tcpip [RAW/IP]] C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support) NOD32 protected [RSVP UDP Service Provider] C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support) NOD32 protected [RSVP TCP Service Provider] C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support) NOD32 C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support) Autorun.inf N/A HOSTS 文件 127.0.0.1 localhost 進程特權掃描 特殊特權被允許: SeLoadDriverPrivilege [PID = 248, C:\PROGRAM FILES\ADOBE\ACROBAT 7.0\DISTILLR\ACROTRAY.EXE] 特殊特權被允許: SeLoadDriverPrivilege [PID = 376, C:\PROGRAM FILES\GOOGLE\GMAIL NOTIFIER\GNOTIFY.EXE] 特殊特權被允許: SeLoadDriverPrivilege [PID = 396, C:\PROGRAM FILES\COMMON FILES\ULEAD SYSTEMS\AUTODETECTOR\MONITOR.EXE] 特殊特權被允許: SeLoadDriverPrivilege [PID = 1828, C:\PROGRAM FILES\YAHOO!\MINI\YMINI.EXE] 特殊特權被允許: SeLoadDriverPrivilege [PID = 2580, C:\PROGRAM FILES\YAHOO!\MINI\YASEARCH.EXE] 特殊特權被允許: SeLoadDriverPrivilege [PID = 1048, C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE] 特殊特權被允許: SeLoadDriverPrivilege [PID = 3756, C:\DOCUMENTS AND SETTINGS\FANGLINH\桌面\SRENGLDR.EXE] API HOOK N/A 隱藏進程 N/A