100 - 安全 - Process: Apache.exe [apache web server網(wǎng)絡(luò )服務(wù)器。] - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
100 - 安全 - Process: svchost.exe [service host process是一個(gè)標準的動(dòng)態(tài)連接庫主機處理服務(wù)。] - C:\windows\system32\svchost.exe -k imgsvc
100 - 安全 - Process: nSvcAppFlt.exe [nvidia公司出品的主板相關(guān)驅動(dòng)程序。] - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
100 - 安全 - Process: alg.exe [這是一個(gè)應用層網(wǎng)關(guān)服務(wù)用于網(wǎng)絡(luò )共享。] - C:\windows\System32\alg.exe
100 - 安全 - Process: QQ.exe [騰訊公司出品的qq即時(shí)通訊軟件。] - C:\Program Files\Tencent\QQ\QQ.exe
100 - 安全 - Process: QQPet.exe [騰訊公司出品的QQ寵物相關(guān)程序。] - C:\Program Files\Tencent\QQ\qqpet\qqpet.exe
100 - 安全 - Process: 360Safe.exe [360安全衛士] - D:\360安全衛士\360Safe.exe /updatesetup
100 - 安全 - Process: 360tray.exe [360安全衛士實(shí)時(shí)保護模塊] - D:\360安全衛士\safemon\360Tray.exe
R0 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://go.microsoft.com/fwlink/?LinkId=54896
R0 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://go.microsoft.com/fwlink/?LinkId=54896
R0 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL=http://go.microsoft.com/fwlink/?LinkId=69157
R0 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL=http://go.microsoft.com/fwlink/?LinkId=54896
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\windows\system32\blank.htm
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
O2 - 安全 - BHO: (WebThunder Browser Helper) - [Web迅雷, 支持多資源超線(xiàn)程技術(shù)的下載工具。] - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll
O2 - 安全 - BHO: (CBrowseStakeout Class) - [金山毒霸2007反釣魚(yú)插件。] - {55302805-482E-470E-8A57-6795A1487F90} - C:\KAV2007\KAVAFish.DLL
O2 - 安全 - BHO: (BandIE Class) - [百度超級搜霸相關(guān)插件。] - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - 安全 - Toolbar: (百度超級搜霸) - [比特精靈搜索工具欄] - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O4 - 安全 - HKLM\..\Run: [IMJPMIG8.1] [微軟Microsoft輸入法編輯器程序。] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 安全 - HKLM\..\Run: [PHIME2002ASync] [輸入法軟件相關(guān)程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 安全 - HKLM\..\Run: [PHIME2002A] [輸入法軟件相關(guān)程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 安全 - HKLM\..\Run: [nTrayFw] [nvidia防火墻。] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - 安全 - HKLM\..\Run: [SoundMan] [Realtek聲卡相關(guān)程序。] SOUNDMAN.EXE
O4 - 安全 - HKLM\..\Run: [NvCplDaemon] [是NVIDIA顯示卡相關(guān)動(dòng)態(tài)鏈接庫文件。] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 安全 - HKLM\..\Run: [nwiz] [是NVidia的Nview特性相關(guān)程序。該程序用于用戶(hù)對其特性進(jìn)行配置,將桌面擴展到多臺顯示器上。 ] nwiz.exe /install
O4 - 安全 - HKLM\..\Run: [NvMediaCenter] [是NVidia顯示卡相關(guān)文件。] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - 安全 - HKLM\..\Run: [NeroFilterCheck] [nero cd/dvd刻錄軟件。] C:\WINDOWS\system32\NeroCheck.exe
O4 - 安全 - HKLM\..\Run: [KavStart] [金山出品的金山毒霸殺毒軟件。] "C:\KAV2007\KAVStart.exe" -startup
O4 - 安全 - HKLM\..\Run: [TkBellExe] [是Real Networks產(chǎn)品定時(shí)升級檢測程序。] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 安全 - HKLM\..\Run: [BigDog303] [一款攝像頭相關(guān)程序。] C:\windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - 安全 - HKLM\..\Run: [StormCodec_Helper] [是暴風(fēng)影音的插件。] "D:\暴風(fēng)影音\StormSet.exe" /S /opti
O4 - 安全 - HKLM\..\Run: [PPHIDPAD] [小蒙恬手寫(xiě)板驅動(dòng)。] C:\WINPENJR\Win32\pphidpad.exe
O4 - 安全 - HKLM\..\Run: [360Safetray] [360safe實(shí)時(shí)保護功能模塊。] D:\360安全衛士\safemon\360Tray.exe /start
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp輸入法圖標。] C:\windows\system32\ctfmon.exe
O4 - 安全 - HKCU\..\Run: [KavPFW] [金山出品的防火墻軟件。] "C:\KAV2007\KPFW32.EXE"
O4 - 安全 - Startup folder: [QQ游戲啟動(dòng)加速程序.lnk] [qq游戲啟動(dòng)加速相關(guān)程序。] C:\Documents and Settings\Administrator\「開(kāi)始」菜單\程序\啟動(dòng)\QQ游戲啟動(dòng)加速程序.lnk
O8 - 安全 - Extra context menu item: 導出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O11 - 安全 - Options Group: International*
O18 - 安全 - Protocol: OFFICE 相關(guān) - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O23 - 安全 - Service: Adobe LM Service [adobe公司相關(guān)產(chǎn)品的許可服務(wù)程序。] - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" - (not running)
O23 - 安全 - Service: Ati HotKey Poller [ati顯卡相關(guān)后臺程序。] - C:\windows\system32\Ati2evxx.exe - (running)
O23 - 安全 - Service: ATI Smart [是一個(gè)ati圖形顯示卡驅程的相關(guān)進(jìn)程。] - C:\WINDOWS\system32\ati2sgag.exe - (not running)
O23 - 安全 - Service: KWatchSvc [金山毒霸反病毒軟件相關(guān)程序。] - C:\KAV2007\KWatch.EXE - (running)
O23 - 安全 - Service: NVSvc [是NVIDIA顯示卡相關(guān)程序。] - C:\windows\system32\nvsvc32.exe - (not running)
O23 - 安全 - Service: ShadowSystemService [影子系統相關(guān)服務(wù)。] - C:\WINDOWS\system32\shadow\ShadowService.exe - (running)
O25 - 安全 - ABOUT: DesktopItemNavigationFailure - res://ieframe.dll/navcancl.htm
O25 - 安全 - ABOUT: NavigationCanceled - res://ieframe.dll/navcancl.htm
O25 - 安全 - ABOUT: NavigationFailure - res://ieframe.dll/navcancl.htm
O25 - 安全 - ABOUT: OfflineInformation - res://ieframe.dll/offcancl.htm
O25 - 安全 - ABOUT: PostNotCached - res://ieframe.dll/repost.htm
=======================================
O31 - 未知 - Folder Menu: {7D4D6379-F301-4311-BEBA-E26EB0561882} - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll - Nero AG - Nero Digital Shell Extension - 2.0.0.8 - 1802240 - 2891b62b2a8181d827add753dccdce7f
O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll - - - - 0 -
O31 - 未知 - SEApproved: 無(wú)效的CLSID:Shell extensions for file compression - - - - - 0 -
O31 - 未知 - SEApproved: 無(wú)效的CLSID:加密上下文菜單 - - - - - 0 -
O31 - 未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} - - - - - 0 -
O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - - - - - 0 -
O31 - 未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} - - - - - 0 -
O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 128000 - e4f292118ecba53dd843549413246ceb
O31 - 未知 - SEApproved: {1CDB2949-8F65-4355-8456-263E7C208A5D} - C:\WINDOWS\system32\nvshell.dll - - - 6.14.10.11060 - 466944 - 4450bbaf1b77f2b87ab9c5ee4e69532c
O31 - 未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - C:\WINDOWS\system32\nvshell.dll - - - 6.14.10.11060 - 466944 - 4450bbaf1b77f2b87ab9c5ee4e69532c
O31 - 未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - C:\WINDOWS\system32\nvshell.dll - - - 6.14.10.11060 - 466944 - 4450bbaf1b77f2b87ab9c5ee4e69532c
O31 - 未知 - SEApproved: {e82a2d71-5b2f-43a0-97b8-81be15854de8} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
O31 - 未知 - SEApproved: {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
O31 - 未知 - SEApproved: {5E2121EE-0300-11D4-8D3B-444553540000} - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll - - ACE Context Menu - 2.0.0.0 - 73728 - 69350dda4219352d0e80d3739122991c
O31 - 未知 - SEApproved: {B327765E-D724-4347-8B16-78AE18552FC3} - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll - Nero AG - Nero Digital Shell Extension - 2.0.0.8 - 1802240 - 2891b62b2a8181d827add753dccdce7f
O31 - 未知 - SEApproved: {7F1CF152-04F8-453A-B34C-E609530A9DC8} - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll - Nero AG - Nero Digital Shell Extension - 2.0.0.8 - 1802240 - 2891b62b2a8181d827add753dccdce7f
O31 - 未知 - SEApproved: {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - C:\Program Files\Real\RealOne Player\rpshellext.dll - RealNetworks - RealOne Player Shell Extensions - 1.0.0.447 - 45105 - 56706ca7053b1e45ff02c4c822c52358
O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 128000 - e4f292118ecba53dd843549413246ceb
O31 - 未知 - Directory Menu: {E49446FE-9679-4b85-A994-D96137867905} - C:\KAV2007\KAVEXT.DLL - Kingsoft Corporation - Kingsoft Antivirus Explorer Integration - 2007.5.11.28 - 49152 - ac9c8b92bf2202c6bdf310e938c0144f
O31 - 未知 - LSA: Security Packages - sv1_0.dll - - - - 0 -
O31 - 未知 - LSA: Security Packages - channel.dll - - - - 0 -
=======================================
O40 - Explorer.EXE - Kingsoft Corporation - C:\KAV2007\KASocket.dll - Kingsoft Antivirus Winsock Module - 4cdac52c4c01170528a285eb6be39ce9
O40 - Explorer.EXE - Kingsoft Corporation - C:\KAV2007\KMailOEBand.dll - KMailOEB Dynamic Link Library - 3ba6a1f607d7f99969c3a82ad2f3d05d
O40 - Explorer.EXE - Microsoft Corporation - C:\windows\system32\MSVCR71.dll - Microsoft? C Runtime Library - 86f1895ae8c5e8b17d99ece768a70732
O40 - Explorer.EXE - Microsoft Corporation - C:\windows\system32\MSVCP71.dll - Microsoft? C++ Runtime Library - 561fa2abb31dfa8fab762145f81667c2 |