<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system\SHELLEX.DLL> []
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
<UPnPMonitor><C:\WINDOWS\system32\upnpui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
<WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll> [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\System32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\System32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<自訂瀏覽器><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\system32\ssflwbox.scr> [(Verified)Microsoft Windows Component Publisher]
==================================
開機檔案夾
[hpoddt01.exe]
<C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\hpoddt01.exe.lnk --> C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpotdd01.exe [Hewlett-Packard]><N>
[AntiCrash 5.0]
<C:\Documents and Settings\Administrator\「開始」功能表\程式集\啟動\AntiCrash 5.0.lnk --> C:\PROGRA~1\JIBREE~1\ANTICR~1.0\ANTICR~1.EXE [Jibreel Incorporated.]><N>
[Hare]
<C:\Documents and Settings\Administrator\「開始」功能表\程式集\啟動\Hare.lnk --> C:\PROGRA~1\DACHSH~1\Hare\Hare.exe [N/A]><N>
==================================
服務
[MS Driver Management Service / 360svc][Running/Auto Start]
<C:\WINDOWS\sYSTEM32\SVCHOST.EXE -K NETSVCS-->C:\WINDOWS\system32\360svcSystem.dll><360安全中心>
[Kaspersky Internet Security 7.0 / AVP][Stopped/Manual Start]
<"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r><Kaspersky Lab>
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
<C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[iPodService / iPodService][Stopped/Manual Start]
<C:\Program Files\iPod\bin\iPodService.exe><Apple Computer, Inc.>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
<"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[Kingsoft Basic Service / kaccore][Running/Auto Start]
<"C:\Program Files\Kingsoft\KAC\Service\kaccore.exe"><Kingsoft Corporation>
[Pml Driver HPZ12 / Pml Driver HPZ12][Stopped/Manual Start]
<C:\WINDOWS\system32\HPZipm12.exe><HP>
==================================
驅動程式
[a347bus / a347bus][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\a347bus.sys><>
[a347scsi / a347scsi][Running/Boot Start]
<\SystemRoot\System32\Drivers\a347scsi.sys><>
[標準 IDE/ESDI 硬碟控制器 / atapi][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\atapi.sys><N/A>
[CdaC15BA / CdaC15BA][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS><Macrovision Europe Ltd>
[d347bus / d347bus][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\d347bus.sys><>
[d347prt / d347prt][Running/Boot Start]
<\SystemRoot\System32\Drivers\d347prt.sys><>
[Intel(R) PRO Network Connection Driver / E100B][Running/Manual Start]
<System32\DRIVERS\e100b325.sys><Intel Corporation>
[ENTECH / ENTECH][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys><EnTech Taiwan>
[EZUSB PC/SC Smart Card Reader / EZUSB][Stopped/Manual Start]
<system32\DRIVERS\ezusb.sys><Castles Technology Co.,Ltd>
[GEARAspiWDM / GEARAspiWDM][Running/Manual Start]
<System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[IEEE-1284.4 Driver HPZid412 / HPZid412][Stopped/Manual Start]
<system32\DRIVERS\HPZid412.sys><HP>
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Stopped/Manual Start]
<system32\DRIVERS\HPZipr12.sys><HP>
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Stopped/Manual Start]
<system32\DRIVERS\HPZius12.sys><HP>
[ialm / ialm][Running/Manual Start]
<System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Imx5123 / Imx5123][Stopped/Manual Start]
<system32\drivers\Imx5123.sys><Inmax Technology Corp.>
[KAVBootC / KAVBootC][Running/Boot Start]
<\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[kl1 / kl1][Running/Boot Start]
<\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[Kaspersky Lab Boot Guard Driver / KLBG][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\klbg.sys><Kaspersky Lab>
[Kaspersky Lab KLFltDev / KLFLTDEV][Running/Manual Start]
<system32\DRIVERS\klfltdev.sys><Kaspersky Lab>
[KLIF / KLIF][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
<system32\DRIVERS\klim5.sys><Kaspersky Lab>
[MintRoot / MintRoot][Stopped/Manual Start]
<\??\C:\Program Files\Common Files\System\MintRoot.sys><N/A>
[pavboot / pavboot][Running/Boot Start]
<\SystemRoot\system32\drivers\pavboot.sys><Panda Security, S.L.>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Qualcomm Diagnostic Port 3197 / qcusbser][Stopped/Manual Start]
<system32\DRIVERS\qcusbser.sys><QUALCOMM Incorporated>
[Secdrv / Secdrv][Stopped/Manual Start]
<System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[smwdm / smwdm][Running/Manual Start]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<System32\DRIVERS\tcpip.sys><Microsoft Corporation>
[tmcomm / tmcomm][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\tmcomm.sys><Trend Micro Inc.>
[WheelMouse USB Lower Filter Driver / whfltr2k][Stopped/Manual Start]
<system32\DRIVERS\whfltr2k.sys><>
[X4HSX32 / X4HSX32][Running/Auto Start]
<\??\C:\Program Files\OTTOPLAYER\X4HSX32.Sys><Exent Technologies Ltd.>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Stopped/Manual Start]
<system32\drivers\ialmsbw.sys><Intel Corporation>
[Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Stopped/Manual Start]
<system32\drivers\ialmkchw.sys><Intel Corporation>
==================================
流覽器載入項
[Octh Class]
{000123B4-9B42-4900-B3F7-F4B073EFC214} <C:\Program Files\Orbitdownloader\orbitcth.dll, (Signed) Orbitdownloader.com>
[&Yahoo! Toolbar Helper]
{02478D38-C3F9-4efb-9B51-7695ECA05670} <C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll, (Signed) Yahoo! Inc.>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll, (Signed) BitComet>
[IETimber]
{489873CE-F3E1-44A3-8E89-04BE26BE4446} <C:\Program Files\Internet Explorer\IETimber\IETimber.dll, (Signed) 北京世?乾坤?件>
[]
{7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <, >
[FlashGetBHO]
{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} <C:\Documents and Settings\Administrator\Application Data\FlashGetBHO\FlashGetBHO31.dll, (Signed) FlashGet>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[]
{F01CB278-9AE5-427F-90CC-FBD913B44E8E} <, >
[?????@???p]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll, (Signed) Kaspersky Lab>
[]
{4528BBE0-4E08-11D5-AD55-00010333D0AD} <C:\PROGRA~1\Yahoo!\common\yhexbmestw.dll, (Signed) >
[Real.com]
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} <C:\WINDOWS\System32\Shdocvw.dll, (Signed) Microsoft Corporation>
[BitComet]
{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} <, >
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[D.S.Lite]
{F8475519-8412-4D40-A46E-692D9D04DF7F} <D:\DSLite 2.07.45\DSLite.exe, watermonster.org>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[&IE Doctor Bar]
{123249EB-F891-44C4-946F-450064F9080E} <C:\PROGRA~1\IEDOCT~1\IEDrBar.dll, N/A>
[Dr.eye WebPage Translation]
{92B255FE-94E2-4BCA-958D-3926CE38913F} <C:\PROGRA~1\Inventec\Dreye\DreyeMT\DREYEI~1.DLL, >
[Dr.eye 線上辭典]
{08B2E5B7-9E4D-4FB9-831D-F4E407A1CE7E} <C:\Program Files\Inventec\Dreye iDictionary\DrODWBar.dll, >
[Yahoo! Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll, (Signed) Yahoo! Inc.>
[Grab Pro]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} <C:\Program Files\Orbitdownloader\GrabPro.dll, (Signed) >
[]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <, >
[MMCPlayer Class]
{05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[]
{072039AB-2117-4ED5-A85F-9B9EB903E021} <, >
[BMSpeedCheck Control]
{0AE0F5F9-8233-49A4-A3C8-004CE190787B} <C:\WINDOWS\DOWNLO~1\BMSPEE~1.OCX, ???>
[CathayMyATM.ATMFunc]
{12755229-656A-4508-BC94-2DA4D314B4C8} <C:\WINDOWS\system32\CathayMyATM.dll, Cathay United Bank>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Adobe\Director\SwDir.dll, (Signed) Adobe Systems, Inc.>