Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <MsnMsgr><; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMAXPnP><; C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe>  [Analog Devices, Inc.]
    <SoundMAX><; "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <NvCplDaemon><; RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <nwiz><; nwiz.exe /install>  [NVIDIA Corporation]
    <NvMediaCenter><; RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit>  [NVIDIA Corporation]
    <Kingsoft ShareFairy><; C:\KAV2005\KShrMgr.exe>  []
    <KAVPersonal50><; "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize>  [Kaspersky Lab]
    <Super Rabbit SafeEdit><; F:\Program Files\MagicSet\SRFC.EXE /Load>  [Super Rabbit Soft]
    <RemoteControl><; "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe">  [Cyberlink Corp.]
    <StormCodec_Helper><; "F:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <Synchronization Manager><mobsync.exe /logon>  [Microsoft Corporation]
    <CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <Super Rabbit Winspeed><"F:\Program Files\MagicSet\winspeed.exe" /autokill:137,86,81,24,5>  [Super Rabbit Soft]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []

==================================

启动文件夹
服务
[pcAnywhere Host Service / awhost32]
  <C:\Program Files\Symantec\pcAnywhere\awhost32.exe><Symantec Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[FLEXlm License Manager / FLEXlm License Manager]
  <C:\flexlm\lmgrd.exe><N/A>
[Intel PDS / Intel PDS]
  <><N/A>
[kavsvc / kavsvc]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"><Kaspersky Lab>
[Registry Protector / lDOMANE]
  <C:\WINNT\SYSTEM32\RUNDLL32.EXE C:\WINNT\SYSTEM32\WBEM\SMTPCONFS.DLL,Export 1087><N/A>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINNT\system32\nvsvc32.exe><NVIDIA Corporation>
[OracleClientCache80 / OracleClientCache80]
  <D:\orant\BIN\ONRSD80.EXE><N/A>
[Windows Firewall/Internet Connection Sharing (SIC) / Service33224]
  <><N/A>
[Computer Browseres / Service610013]
  <c:\windows\realscehd.exe><N/A>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
  <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[VMware Authorization Service / VMAuthdService]
  <F:\New Folder\vmware-authd.exe><VMware, Inc.>
[VMware DHCP Service / VMnetDHCP]
  <C:\WINNT\system32\vmnetdhcp.exe><VMware, Inc.>
[VMware Virtual Mount Manager Extended / vmount2]
  <"C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe"><VMware, Inc.>
[VMware NAT Service / VMware NAT Service]
  <C:\WINNT\system32\vmnat.exe><VMware, Inc.>

==================================
浏览器加载项
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <F:\技术资料\TENCENT\QQ\QQ.EXE, TENCENT>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b}? <F:\技术资料\TENCENT\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <F:\技术资料\TENCENT\QQ\QQIEHelper.dll, N/A>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[东方卫士]
  {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EF} <C:\WINNT\system32\dfvs\dfvsol\DFVSIEBR.dll, >
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, N/A>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINNT\system32\LegitCheckControl.DLL, Microsoft? Corporation>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\WINNT\DOWNLO~1\POWERP~1.DLL, PPStream Inc.>
[Microsoft RDP Client Control (redist)]
  {7584C670-2274-4EFB-B00B-D6AABA6D3850} <C:\WINNT\Downloaded Program Files\msrdp.ocx, N/A>
[DFVSScanFile Control]
  {9BBD100C-E820-4930-9937-E8F3AA40E584} <C:\WINNT\system32\dfvs\dfvsol\DFVSSFOL.ocx, >
[PhotoUploadCtrl Control]
  {A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} <F:\技术资料\TENCENT\QQ\QZone\PHOTOU~1.OCX, tencent>
[Qzone Media Tools]
  {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} <F:\技术资料\TENCENT\QQ\VQQPLA~1.OCX, Tencent Technology (Shenzhen) Company Limited>
[MsnMessengerSetupDownloadControl Class]
  {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINNT\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[Ravonline]
  {DA984A6D-508E-11D6-AA49-0050FF3C628D} <C:\WINNT\Downloaded Program Files\RsOnline.dll, N/A>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINNT\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[VCR.Scan]
  {E4F500BF-C1A3-11D6-9697-0090961B771E} <C:\WINNT\Downloaded Program Files\VCRSCAN.OCX, N/A>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINNT\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[VqqSpeedDlProxy Class]
  {F138084D-84D7-48CD-BEA8-04772457516E} <C:\WINNT\vqqsdl.dll, Tencent>
[Google 搜索(&G)]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
  <F:\技术资料\TENCENT\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <F:\下载区\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <F:\下载区\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <F:\技术资料\TENCENT\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <F:\技术资料\TENCENT\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <F:\技术资料\TENCENT\QQ\SendMMS.htm, N/A>

==================================

==================================
正在运行的进程
[PID: 176][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 200][\??\C:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 220][\??\C:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6997>
[PID: 248][C:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.7035>
    [C:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.6605.297.3>
    [C:\WINNT\system32\cdnns.dll]  <N/A><N/A>
[PID: 260][C:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.7011>
[PID: 436][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 500][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
    [c:\WINNT\system32\urlmons32.dll]  <N/A><N/A>
    [C:\WINNT\system32\cdnns.dll]  <N/A><N/A>
[PID: 512][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 528][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 944][C:\WINNT\system32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.6172>
[PID: 984][C:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6972>
[PID: 1032][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  <Analog Devices, Inc.><3, 2, 6, 0>
[PID: 1040][C:\WINNT\system32\stisvc.exe]  <Microsoft Corporation><5.00.2195.6656>
[PID: 1060][F:\New Folder\vmware-authd.exe]  <VMware, Inc.><5.5.1 build-19175>
[PID: 660][C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe]  <VMware, Inc.><5.5.1 build-19175>
    [C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmxScsiLib.dll]  <VMware, Inc.><5.5.1 build-19175>
[PID: 1100][C:\WINNT\system32\vmnat.exe]  <VMware, Inc.><5.5.1 build-19175>
[PID: 1104][C:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0100>
[PID: 1116][C:\WINNT\system32\mspmspsv.exe]  <Microsoft Corporation><7.10.00.3059>
[PID: 1132][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
    [C:\WINNT\system32\cdnns.dll]  <N/A><N/A>
[PID: 820][C:\flexlm\lmgrd.exe]  <N/A><N/A>
    [C:\WINNT\system32\cdnns.dll]  <N/A><N/A>
[PID: 704][C:\flexlm\SNIAG.exe]  <N/A><N/A>
[PID: 1180][C:\WINNT\system32\vmnetdhcp.exe]  <VMware, Inc.><5.5.1 build-19175>
[PID: 1192][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 1332][C:\WINNT\TEMP\huacai904.exe]  <N/A><N/A>
[PID: 1160][C:\WINNT\TEMP\exewdr0e030.exe]  <内容版权所有人><1, 0, 0, 1>
[PID: 1072][c:\winnt\system32\inetsrv\csrss.exe]  <Microsoft><1.0.0.0>
[PID: 1540][C:\WINNT\Explorer.EXE]  <Microsoft Corporation><5.00.3700.6690>
    [C:\WINNT\system32\nvshell.dll]  <NVIDIA Corporation><6.14.10.6172>
    [C:\WINNT\system32\drivers\spoolsv.dll]  <><1, 0, 1, 1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll]  <Kaspersky Lab><5.0.1.18>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrch_ag.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\pr_rmt.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ccclient.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLUtil.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\rpt.dll]  <Kaspersky Lab><5.0.388.2>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\CCIFACE.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prloader.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prkernel.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal\prstring.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal\pr_srv.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal\pr_clnt.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal\tempfile.ppl]  <Kaspersky Lab><5.0.388.0>
[PID: 1684][C:\Program Files\Common Files\UPDATE2\Update.exe]  <N/A><N/A>
    [C:\WINNT\system32\cdnns.dll]  <N/A><N/A>
[PID: 1276][C:\WINNT\system32\conime.exe]  <Microsoft Corporation><5.00.2195.6655>
[PID: 668][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106>
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  <CNNIC><2, 0, 0, 0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll]  <Kaspersky Lab><5.0.1.18>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrch_ag.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\pr_rmt.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ccclient.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLUtil.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\rpt.dll]  <Kaspersky Lab><5.0.388.2>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\CCIFACE.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prloader.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prkernel.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal\prstring.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal\pr_srv.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal\pr_clnt.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal\tempfile.ppl]  <Kaspersky Lab><5.0.388.0>
    [C:\WINNT\system32\Macromed\Flash\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
[PID: 608][C:\Documents and Settings\Administrator\桌面\PXue_2006828164331_2296\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
[PID: 744][C:\Program Files\CNNIC\Cdn\cdnunins.exe]  <CNNIC><2, 4, 0, 1>

==================================

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者