==================================
启动文件夹
[QQ游戏启动加速程序]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> C:\PROGRA~1\Tencent\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
<C:\WINDOWS\system32\ati2sgag.exe><>
[卡巴斯基反病毒软件 7.0 / AVP][Running/Auto Start]
<"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r><Kaspersky Lab>
[Help and Support / helpsvc][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
<><(File is missing)>
[Qvod Terminal / Qvod Terminal][Running/Auto Start]
<E:\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
==================================
驱动程序
[360AntiArp / 360AntiArp][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[BB-RUN / BB-RUN][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\bb-run.sys><N/A>
[DONTGO / DONTGO][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\DontGo.sys><N/A>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Running/Manual Start]
<system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HPTPRO / HPTPRO][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\hptpro.sys><N/A>
[JGOGO / JGOGO][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\JGOGO.sys><JMicron>
[kl1 / kl1][Running/Boot Start]
<\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
<system32\DRIVERS\klim5.sys><Kaspersky Lab>
[DDK PACKET Protocol / Packet][Running/Manual Start]
<system32\DRIVERS\ProtoDrv.sys><360安全中心>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
<\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SIFILTER / SIFILTER][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SIREMFIL / SIREMFIL][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SiRemFil.sys><N/A>
[System Restore Filter Driver / sr][Stopped/Disabled]
<system32\DRIVERS\sr.sys><N/A>
[sysHostSvc / sysHostSvc][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\GuiHelp.sys><Microsoft Corporation>
[VIAMRAID / VIAMRAID][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[Vinyl AC'97 Audio Controller (WDM) / VIAudio][Running/Manual Start]
<system32\drivers\vinyl97.sys><VIA Technologies, Inc.>
==================================
浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[Web 反病毒统计]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll, (Signed) Kaspersky Lab>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[PlayerCtrl Class]
{E05BC2A3-9A46-4A32-80C9-023A473F5B23} <D:\QQMusic\QzoneMusic.dll, (Signed) 深圳腾讯科技>
[使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
==================================
正在运行的进程
[PID: 868 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 932 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 956 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.1.325]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4117]
[C:\WINDOWS\system32\klogon.dll] [Kaspersky Lab, 7.0.1.325]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1000 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1012 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.1.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.1.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll] [Kaspersky Lab, 7.0.5.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
[PID: 1148 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4117]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 1192 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1304 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.1.325]
[PID: 1452 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.1.325]
[PID: 1520 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.1.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll] [Kaspersky Lab, 7.0.5.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
[PID: 1696 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1872 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.1.325]
[PID: 2032 / Administrator][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4117]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 204 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll] [ppstream.com, 1.0.0.2]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.1.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll] [Kaspersky Lab, 7.0.5.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll] [Kaspersky Lab, 7.0.1.325]
[C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1002]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29]
[C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
[PID: 436 / Administrator][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe] [ATI Technologies, Inc., 6.14.10.5157]
[C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll] [ATI Technologies, Inc., 6.14.10.5157]
[C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS] [ATI Technologies, Inc., 6.14.10.5157]
[C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll] [ATI Technologies, Inc., 6.14.10.5157]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.1.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll] [Kaspersky Lab, 7.0.5.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1002]
[PID: 472 / Administrator][C:\Program Files\360safe\antiarp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
[C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1002]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.1.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll] [Kaspersky Lab, 7.0.5.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.1.325]
[PID: 480 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 692 / SYSTEM][E:\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.1.325]
[PID: 804 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 644 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2808 / Administrator][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.1.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll] [Kaspersky Lab, 7.0.5.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1002]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll] [Kaspersky Lab, 7.0.1.325]
[c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll] [ppstream.com, 1.0.0.2]
[C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29]
[C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.1.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\klscav.dll] [Kaspersky Lab, 7.0.1.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prremote.dll] [Kaspersky Lab, 7.0.1.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prloader.dll] [Kaspersky Lab, 7.0.1.325]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prkernel.ppl] [Kaspersky Lab, 7.0.1.325]
[c:\program files\kaspersky lab\kaspersky anti-virus 7.0\params.ppl] [Kaspersky Lab, 7.0.1.325]
[c:\program files\kaspersky lab\kaspersky anti-virus 7.0\pxstub.ppl] [Kaspersky Lab, 7.0.1.325]
[c:\program files\kaspersky lab\kaspersky anti-virus 7.0\tempfile.ppl] [Kaspersky Lab, 7.0.1.325]
[c:\program files\kaspersky lab\kaspersky anti-virus 7.0\nfio.ppl] [Kaspersky Lab, 7.0.1.325]
[c:\program files\kaspersky lab\kaspersky anti-virus 7.0\fsdrvplg.ppl] [Kaspersky Lab, 7.0.1.325]
[c:\program files\kaspersky lab\kaspersky anti-virus 7.0\basegui.ppl] [Kaspersky Lab, 7.0.1.325]
[c:\program files\kaspersky lab\kaspersky anti-virus 7.0\thpimpl.ppl] [Kaspersky Lab, 7.0.1.325]
[c:\program files\kaspersky lab\kaspersky anti-virus 7.0\winreg.ppl] [Kaspersky Lab, 7.0.1.325]
[C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0]
[PID: 3548 / Administrator][C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5.8.3.541]
