史萊姆論壇 - 查看單個文章

a0821 · 2008-10-10, 07:01 PM

已經把風扇散熱模組灰塵清無效哭泣
EFIX 4.86 - user 2008-10-10 18:48:28.60 - NTFS
Microsoft Windows XP [版本 5.1.2600] - Service Pack 2

=======================================================
EFix刪除的檔案列表:

沒有刪除任何檔案.

=======================================================
EFix刪除的登錄值列表:

沒有刪除任何登錄值.

=======================================================
****** Created 2008-09 to 2008-10 Files ******

2008-10-10 . 2008-10-10 18:48 d-------- C:\NEFix
2008-10-10 . 2008-10-10 18:47 d-------- C:\WINDOWS\EFIXUNT
2008-10-09 . 2008-10-10 18:38 d-------- C:\WINDOWS\Prefetch
2008-10-09 . 2008-10-09 18:51 d-------- C:\WINDOWS\setup.pss
2008-10-02 . 2008-10-02 16:01 d--hs---- C:\Config.Msi
2008-10-02 . 2008-10-02 10:01 d-------- C:\Documents and Settings\All Users\「開始」
2008-10-02 . 2008-10-02 09:59 d-------- C:\WINDOWS\ServicePackFiles
2008-10-02 . 2008-10-02 09:59 d-------- C:\WINDOWS\network diagnostic
2008-10-02 . 2008-10-02 09:58 d-------- C:\WINDOWS\SYSTEM32\zh-tw
2008-10-02 . 2008-10-02 09:58 d-------- C:\WINDOWS\SYSTEM32\zh-cht
2008-10-02 . 2008-10-02 09:58 d-------- C:\WINDOWS\SYSTEM32\bits
2008-10-02 . 2008-10-02 09:58 d-------- C:\WINDOWS\l2schemas
2008-10-02 . 2008-10-02 09:42 d-------- C:\WINDOWS\SYSTEM32\ReinstallBackups
2008-10-02 . 2008-10-02 09:37 d-------- C:\WINDOWS\EHome
2008-10-01 . 2008-10-01 23:42 d-------- C:\Program Files\Skype
2008-09-25 . 2008-09-25 11:10 dr--s---- C:\WINDOWS\assembly
2008-09-25 . 2008-09-25 11:08 d-------- C:\WINDOWS\SYSTEM32\URTTemp
2008-09-25 . 2008-09-25 11:07 d-------- C:\WINDOWS\Microsoft.NET
2008-09-14 . 2008-09-14 22:12 d-------- C:\Program Files\myBabylon_Chinese_-_S
2008-09-14 . 2008-09-14 22:12 d-------- C:\Program Files\Conduit

2008-10-09 . 2008-10-09 19:18 -rah----- 488 C:\WINDOWS\SYSTEM32\logonui.exe.manifest
2008-10-09 . 2004-08-04 20:00 --a------ 24661 C:\WINDOWS\SYSTEM32\spxcoins.dll
2008-10-09 . 2004-08-04 20:00 --a------ 13312 C:\WINDOWS\SYSTEM32\irclass.dll
2008-10-07 . 2008-10-10 18:38 --a------ 6029312 C:\Documents and Settings\user\ntuser.dat
2008-10-01 . 2008-10-01 23:46 --ah----- 56 C:\WINDOWS\SYSTEM32\ezsidmv.dat
2008-09-25 . 2008-09-25 11:12 --a------ 1086 C:\WINDOWS\COM+.log

=======================================================
執行中的程序:

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe <LogMeIn, Inc.>
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe <Adobe Systems Incorporated>
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe <Cyberlink Corp.>
C:\Program Files\ESET\ESET Smart Security\egui.exe <ESET>
C:\Program Files\LogMeIn\x86\LMIGuardian.exe <LogMeIn, Inc.>
C:\Program Files\Messenger\msmsgs.exe <Microsoft Corporation>
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe <Google Inc.>
C:\Program Files\Skype\Phone\Skype.exe <Skype Technologies S.A.>
C:\Program Files\Skype\Plugin Manager\skypePM.exe <Skype Technologies>
C:\Program Files\ESET\ESET Smart Security\ekrn.exe <ESET>
C:\Program Files\LogMeIn\x86\RaMaint.exe <LogMeIn, Inc.>
C:\Program Files\LogMeIn\x86\LogMeIn.exe <LogMeIn, Inc.>
C:\Program Files\LogMeIn\x86\LMIGuardian.exe <LogMeIn, Inc.>
C:\Program Files\CyberLink\Shared Files\RichVideo.exe <N/A>
C:\WINDOWS\system32\wbem\wmiprvse.exe <Microsoft Corporation>
C:\WINDOWS\System32\alg.exe <Microsoft Corporation>
C:\WINDOWS\system32\cmd.exe <Microsoft Corporation>
C:\WINDOWS\explorer.exe <Microsoft Corporation>

=======================================================

登錄值列表 *** 注意 : 部分正常值不會顯示 ***

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 20:00]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-15 00:30]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-17 09:31]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-09-29 17:57]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 20:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 20:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 20:00]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2008-02-28 15:31]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 15:10]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 22:55]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-03-18 22:23]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40]
"ClubBox"= []
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 20:00]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 20:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
2008-09-29 17:57 C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35402328-ce6f-4dd8-ac91-2eda9fe175ba}]
2008-08-20 23:03 C:\Program Files\myBabylon_Chinese_-_S\tbmyBa.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
2008-02-29 16:49 C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2008-07-14 10:05 c:\Program Files\Google\GoogleToolbar2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
2008-09-17 09:31 C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
"DllName"="LMIinit.dll" --a------ 2008-05-28 12:32 C:\WINDOWS\system32\LMIinit.dll

MD5: 453888766da789f18fbbf5b20e4bc17f 2004-08-04 20:00 976896 C:\WINDOWS\explorer.exe
MD5: 50d8db3bf83670339a8616eb5a75bf06 2007-06-13 21:10 977920 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
MD5: 453888766da789f18fbbf5b20e4bc17f 2004-08-04 20:00 976896 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
MD5: f7a2245d8bd832d1e7a01c26d5e6efd0 2008-04-15 00:30 978432 C:\WINDOWS\SoftwareDistribution\Download\ddeea2e60eea6a8aa518f17577b56d41\explorer.exe
MD5: 453888766da789f18fbbf5b20e4bc17f 2004-08-04 20:00 976896 C:\WINDOWS\system32\dllcache\explorer.exe
MD5: 613d7c29c9e3e2375971da7e42e4e330 2008-04-15 00:31 25088 C:\WINDOWS\SoftwareDistribution\Download\ddeea2e60eea6a8aa518f17577b56d41\userinit.exe
MD5: f3a20a3c6a4df7fe038f4cca70080b10 2004-08-04 20:00 23552 C:\WINDOWS\system32\userinit.exe
MD5: f3a20a3c6a4df7fe038f4cca70080b10 2004-08-04 20:00 23552 C:\WINDOWS\system32\dllcache\userinit.exe
MD5: 82fe81c7f30172a315ad70327b868436 2008-04-15 00:30 108544 C:\WINDOWS\SoftwareDistribution\Download\ddeea2e60eea6a8aa518f17577b56d41\services.exe
MD5: 90463a559a0d57b5d4b3e698e1bdde92 2004-08-04 20:00 108032 C:\WINDOWS\system32\services.exe
MD5: 90463a559a0d57b5d4b3e698e1bdde92 2004-08-04 20:00 108032 C:\WINDOWS\system32\dllcache\services.exe

C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]

服務 \ 驅動列表:

顯示方式 : 啟動狀態服務名稱;顯示名稱;檔案名稱

啟動狀態 : S0 = Boot Start S1 = System Start S2 = Auto Start S3 = Manual Start S4 = Disable S9 = Unknow

S2 eamon;EAMON;C:\WINDOWS\SYSTEM32\DRIVERS\eamon.sys [2008-03-01 04:52]
S1 easdrv;easdrv;C:\WINDOWS\SYSTEM32\DRIVERS\easdrv.sys [2008-03-01 04:53]
S3 EhttpSrv;Eset HTTP Server;"C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe" [2008-03-01 04:58]
S2 ekrn;Eset Service;"C:\Program Files\ESET\ESET Smart Security\ekrn.exe" [2008-03-18 22:35]
S2 epfw;epfw;C:\WINDOWS\SYSTEM32\DRIVERS\epfw.sys [2008-03-01 04:56]
S3 Epfwndis;Eset Personal Firewall;C:\WINDOWS\SYSTEM32\DRIVERS\Epfwndis.sys [2008-03-01 04:56]
S1 epfwtdi;epfwtdi;C:\WINDOWS\SYSTEM32\DRIVERS\epfwtdi.sys [2008-03-01 04:56]
S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 15:31]
S3 lmimirr;lmimirr;C:\WINDOWS\SYSTEM32\DRIVERS\lmimirr.sys [2008-02-28 15:31]
S2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 13:39]
S3 napagent;Network Access Protection Agent;C:\WINDOWS\System32\svchost.exe -k netsvcs []
S3 NOWMEMDF;NOWMEMDF;C:\WINDOWS\system32\NOWMEMDF.sys [2005-11-02 10:23]
S3 vncdrv;vncdrv;C:\WINDOWS\SYSTEM32\DRIVERS\vncdrv.sys [2004-06-26 13:22]

napagent;Network Access Protection Agent;C:\WINDOWS\System32\qagentrt.dll [2008-04-15 00:29]

=======================================================
winsock file list:

=======================================================

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

SCANNING HIDDEN FILES ...

SCANNING HIDDEN PROCESSES ...

SCANNING HIDDEN AUTOSTART ENTRIES ...

=======================================================

4.86 2008-10-10 02:21:02 GMT+00:00 C:\NEFIX\BACKUP\LOG1.TXT
4.86 2008-10-10 04:34:50 GMT+00:00 C:\NEFIX\BACKUP\LOG2.TXT
4.86 2008-10-10 04:43:13 GMT+00:00 C:\NEFIX\BACKUP\LOG3.TXT
4.86 2008-10-10 10:29:25 GMT+00:00 C:\NEFIX\BACKUP\LOG4.TXT

=======================================================
可使用空間 : 14,530,486,272 位元組可用
掃描結束時間: 2008-10-10 18:50:28.18

2008-10-10, 07:01 PM	#3 (permalink)
a0821 長老會員榮譽勳章勳章總數3 UID - 2100 在線等級: 註冊日期: 2002-12-06 住址: Hualien 文章: 102 精華: 0 現金: 15570 金幣資產: 20570 金幣	已經把風扇散熱模組灰塵清已經把風扇散熱模組灰塵清無效哭泣 EFIX 4.86 - user 2008-10-10 18:48:28.60 - NTFS Microsoft Windows XP [版本 5.1.2600] - Service Pack 2 ======================================================= EFix刪除的檔案列表: 沒有刪除任何檔案. ======================================================= EFix刪除的登錄值列表: 沒有刪除任何登錄值. ======================================================= **** Created 2008-09 to 2008-10 Files ** 2008-10-10 . 2008-10-10 18:48 d-------- C:\NEFix 2008-10-10 . 2008-10-10 18:47 d-------- C:\WINDOWS\EFIXUNT 2008-10-09 . 2008-10-10 18:38 d-------- C:\WINDOWS\Prefetch 2008-10-09 . 2008-10-09 18:51 d-------- C:\WINDOWS\setup.pss 2008-10-02 . 2008-10-02 16:01 d--hs---- C:\Config.Msi 2008-10-02 . 2008-10-02 10:01 d-------- C:\Documents and Settings\All Users\「開始」 2008-10-02 . 2008-10-02 09:59 d-------- C:\WINDOWS\ServicePackFiles 2008-10-02 . 2008-10-02 09:59 d-------- C:\WINDOWS\network diagnostic 2008-10-02 . 2008-10-02 09:58 d-------- C:\WINDOWS\SYSTEM32\zh-tw 2008-10-02 . 2008-10-02 09:58 d-------- C:\WINDOWS\SYSTEM32\zh-cht 2008-10-02 . 2008-10-02 09:58 d-------- C:\WINDOWS\SYSTEM32\bits 2008-10-02 . 2008-10-02 09:58 d-------- C:\WINDOWS\l2schemas 2008-10-02 . 2008-10-02 09:42 d-------- C:\WINDOWS\SYSTEM32\ReinstallBackups 2008-10-02 . 2008-10-02 09:37 d-------- C:\WINDOWS\EHome 2008-10-01 . 2008-10-01 23:42 d-------- C:\Program Files\Skype 2008-09-25 . 2008-09-25 11:10 dr--s---- C:\WINDOWS\assembly 2008-09-25 . 2008-09-25 11:08 d-------- C:\WINDOWS\SYSTEM32\URTTemp 2008-09-25 . 2008-09-25 11:07 d-------- C:\WINDOWS\Microsoft.NET 2008-09-14 . 2008-09-14 22:12 d-------- C:\Program Files\myBabylon_Chinese_-_S 2008-09-14 . 2008-09-14 22:12 d-------- C:\Program Files\Conduit 2008-10-09 . 2008-10-09 19:18 -rah----- 488 C:\WINDOWS\SYSTEM32\logonui.exe.manifest 2008-10-09 . 2004-08-04 20:00 --a------ 24661 C:\WINDOWS\SYSTEM32\spxcoins.dll 2008-10-09 . 2004-08-04 20:00 --a------ 13312 C:\WINDOWS\SYSTEM32\irclass.dll 2008-10-07 . 2008-10-10 18:38 --a------ 6029312 C:\Documents and Settings\user\ntuser.dat 2008-10-01 . 2008-10-01 23:46 --ah----- 56 C:\WINDOWS\SYSTEM32\ezsidmv.dat 2008-09-25 . 2008-09-25 11:12 --a------ 1086 C:\WINDOWS\COM+.log ======================================================= 執行中的程序: C:\Program Files\LogMeIn\x86\LogMeInSystray.exe <LogMeIn, Inc.> C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe <Adobe Systems Incorporated> C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe <Cyberlink Corp.> C:\Program Files\ESET\ESET Smart Security\egui.exe <ESET> C:\Program Files\LogMeIn\x86\LMIGuardian.exe <LogMeIn, Inc.> C:\Program Files\Messenger\msmsgs.exe <Microsoft Corporation> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe <Google Inc.> C:\Program Files\Skype\Phone\Skype.exe <Skype Technologies S.A.> C:\Program Files\Skype\Plugin Manager\skypePM.exe <Skype Technologies> C:\Program Files\ESET\ESET Smart Security\ekrn.exe <ESET> C:\Program Files\LogMeIn\x86\RaMaint.exe <LogMeIn, Inc.> C:\Program Files\LogMeIn\x86\LogMeIn.exe <LogMeIn, Inc.> C:\Program Files\LogMeIn\x86\LMIGuardian.exe <LogMeIn, Inc.> C:\Program Files\CyberLink\Shared Files\RichVideo.exe <N/A> C:\WINDOWS\system32\wbem\wmiprvse.exe <Microsoft Corporation> C:\WINDOWS\System32\alg.exe <Microsoft Corporation> C:\WINDOWS\system32\cmd.exe <Microsoft Corporation> C:\WINDOWS\explorer.exe <Microsoft Corporation> ======================================================= 登錄值列表 * 注意 : 部分正常值不會顯示 *** [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 20:00] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-15 00:30] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-17 09:31] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-09-29 17:57] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 20:00] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 20:00] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 20:00] "LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2008-02-28 15:31] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 15:10] "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 22:55] "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-03-18 22:23] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40] "ClubBox"= [] "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 20:00] "KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" [] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 20:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] 2006-10-22 23:08 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] 2008-09-29 17:57 C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35402328-ce6f-4dd8-ac91-2eda9fe175ba}] 2008-08-20 23:03 C:\Program Files\myBabylon_Chinese_-_S\tbmyBa.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] 2008-02-29 16:49 C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] 2008-07-14 10:05 c:\Program Files\Google\GoogleToolbar2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] 2008-09-17 09:31 C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit] "DllName"="LMIinit.dll" --a------ 2008-05-28 12:32 C:\WINDOWS\system32\LMIinit.dll MD5: 453888766da789f18fbbf5b20e4bc17f 2004-08-04 20:00 976896 C:\WINDOWS\explorer.exe MD5: 50d8db3bf83670339a8616eb5a75bf06 2007-06-13 21:10 977920 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe MD5: 453888766da789f18fbbf5b20e4bc17f 2004-08-04 20:00 976896 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe MD5: f7a2245d8bd832d1e7a01c26d5e6efd0 2008-04-15 00:30 978432 C:\WINDOWS\SoftwareDistribution\Download\ddeea2e60eea6a8aa518f17577b56d41\explorer.exe MD5: 453888766da789f18fbbf5b20e4bc17f 2004-08-04 20:00 976896 C:\WINDOWS\system32\dllcache\explorer.exe MD5: 613d7c29c9e3e2375971da7e42e4e330 2008-04-15 00:31 25088 C:\WINDOWS\SoftwareDistribution\Download\ddeea2e60eea6a8aa518f17577b56d41\userinit.exe MD5: f3a20a3c6a4df7fe038f4cca70080b10 2004-08-04 20:00 23552 C:\WINDOWS\system32\userinit.exe MD5: f3a20a3c6a4df7fe038f4cca70080b10 2004-08-04 20:00 23552 C:\WINDOWS\system32\dllcache\userinit.exe MD5: 82fe81c7f30172a315ad70327b868436 2008-04-15 00:30 108544 C:\WINDOWS\SoftwareDistribution\Download\ddeea2e60eea6a8aa518f17577b56d41\services.exe MD5: 90463a559a0d57b5d4b3e698e1bdde92 2004-08-04 20:00 108032 C:\WINDOWS\system32\services.exe MD5: 90463a559a0d57b5d4b3e698e1bdde92 2004-08-04 20:00 108032 C:\WINDOWS\system32\dllcache\services.exe C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360] 服務 \ 驅動列表: 顯示方式 : 啟動狀態服務名稱;顯示名稱;檔案名稱啟動狀態 : S0 = Boot Start S1 = System Start S2 = Auto Start S3 = Manual Start S4 = Disable S9 = Unknow S2 eamon;EAMON;C:\WINDOWS\SYSTEM32\DRIVERS\eamon.sys [2008-03-01 04:52] S1 easdrv;easdrv;C:\WINDOWS\SYSTEM32\DRIVERS\easdrv.sys [2008-03-01 04:53] S3 EhttpSrv;Eset HTTP Server;"C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe" [2008-03-01 04:58] S2 ekrn;Eset Service;"C:\Program Files\ESET\ESET Smart Security\ekrn.exe" [2008-03-18 22:35] S2 epfw;epfw;C:\WINDOWS\SYSTEM32\DRIVERS\epfw.sys [2008-03-01 04:56] S3 Epfwndis;Eset Personal Firewall;C:\WINDOWS\SYSTEM32\DRIVERS\Epfwndis.sys [2008-03-01 04:56] S1 epfwtdi;epfwtdi;C:\WINDOWS\SYSTEM32\DRIVERS\epfwtdi.sys [2008-03-01 04:56] S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 15:31] S3 lmimirr;lmimirr;C:\WINDOWS\SYSTEM32\DRIVERS\lmimirr.sys [2008-02-28 15:31] S2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 13:39] S3 napagent;Network Access Protection Agent;C:\WINDOWS\System32\svchost.exe -k netsvcs [] S3 NOWMEMDF;NOWMEMDF;C:\WINDOWS\system32\NOWMEMDF.sys [2005-11-02 10:23] S3 vncdrv;vncdrv;C:\WINDOWS\SYSTEM32\DRIVERS\vncdrv.sys [2004-06-26 13:22] napagent;Network Access Protection Agent;C:\WINDOWS\System32\qagentrt.dll [2008-04-15 00:29] ======================================================= winsock file list: ======================================================= catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net SCANNING HIDDEN FILES ... SCANNING HIDDEN PROCESSES ... SCANNING HIDDEN AUTOSTART ENTRIES ... ======================================================= 4.86 2008-10-10 02:21:02 GMT+00:00 C:\NEFIX\BACKUP\LOG1.TXT 4.86 2008-10-10 04:34:50 GMT+00:00 C:\NEFIX\BACKUP\LOG2.TXT 4.86 2008-10-10 04:43:13 GMT+00:00 C:\NEFIX\BACKUP\LOG3.TXT 4.86 2008-10-10 10:29:25 GMT+00:00 C:\NEFIX\BACKUP\LOG4.TXT ======================================================= 可使用空間 : 14,530,486,272 位元組可用掃描結束時間: 2008-10-10 18:50:28.18
	__________________ 下載無限無限下載
	送花文章: 90, 收花文章: 10 篇, 收花: 12 次