[Main]
Program=超级兔子IE修复专家
Version=V7.85
WindowsVersion=Windows XP
IEVersion=4.0.0000
WinDir=E:\WINDOWS\
WinSystemDir=E:\WINDOWS\system32\
USERPROFILE=E:\Documents and Settings\Administrator
Admin=1
Detail=1
Date=2006-11-05
Time=20:38:22
Code=,
CDCode=,
Reg=0

[Soft]
Max=0

[IE]
1_HKey=HKEY_CURRENT_USER
1_Key=Software\Microsoft\Internet Explorer\Main
1_Name=Window Title
1_Value=Microsoft Internet Explorer
2_HKey=HKEY_CURRENT_USER
2_Key=Software\Microsoft\Internet Explorer\Main
2_Name=Local Page
2_Value=about:blank
3_HKey=HKEY_CURRENT_USER
3_Key=Software\Microsoft\Internet Explorer\Main
3_Name=Search Page
3_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
4_HKey=HKEY_CURRENT_USER
4_Key=Software\Microsoft\Internet Explorer\Main
4_Name=Start Page
4_Value=
5_HKey=HKEY_CURRENT_USER
5_Key=Software\Microsoft\Internet Explorer\Main
5_Name=Default_page_url
5_Value=http://www.microsoft.com/windows/ie_intl/cn/start/
6_HKey=HKEY_CURRENT_USER
6_Key=Software\Microsoft\Internet Explorer\Main
6_Name=First Home Page
6_Value=
7_HKey=HKEY_LOCAL_MACHINE
7_Key=Software\Microsoft\Internet Explorer\Main
7_Name=Search Page
7_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
8_HKey=HKEY_LOCAL_MACHINE
8_Key=Software\Microsoft\Internet Explorer\Main
8_Name=Start Page
8_Value=http://www.yo101.com
9_HKey=HKEY_LOCAL_MACHINE
9_Key=Software\Microsoft\Internet Explorer\Main
9_Name=Default_page_url
9_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
10_HKey=HKEY_LOCAL_MACHINE
10_Key=Software\Microsoft\Internet Explorer\Main
10_Name=First Home Page
10_Value=
11_HKey=HKEY_LOCAL_MACHINE
11_Key=Software\Microsoft\Internet Explorer\Main
11_Name=Search Page
11_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
12_HKey=HKEY_LOCAL_MACHINE
12_Key=Software\Microsoft\Internet Explorer\Main
12_Name=Start Page
12_Value=http://www.yo101.com
Max=12

[IE2]
1_HKey=HKEY_CURRENT_USER
1_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
1_Name={01E04581-4EEE-11D0-BFE9-00AA005B4383}
1_FileName=%SystemRoot%\system32\browseui.dll
1_FileSize=1022464
1_FileDate=2006-5-10 下午 01:26:20
1_FileVersion=6.0.2900.2904
2_HKey=HKEY_CURRENT_USER
2_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
2_Name={0E5CBF21-D15F-11D0-8301-00AA005B4383}
2_FileName=%SystemRoot%\system32\SHELL32.dll
2_FileSize=8312320
2_FileDate=2006-3-17 下午 12:46:42
2_FileVersion=6.0.2900.2869
3_HKey=HKEY_CURRENT_USER
3_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
3_Name={43869BB3-22FD-4F15-9B46-238106BA2F4E}
3_FileName=D:\兔子优~1\MAGICSET\haokanbar.dll
3_FileSize=729088
3_FileDate=2006-7-24 下午 02:06:04
3_FileVersion=2.2.0.1612
4_HKey=HKEY_CURRENT_USER
4_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
4_Name={7A38130D-BEB7-4D60-BE7A-4C4AB6A85CD1}
4_FileName=
4_FileVersion=
5_HKey=HKEY_CURRENT_USER
5_Key=Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
5_Name={01E04581-4EEE-11D0-BFE9-00AA005B4383}
5_FileName=%SystemRoot%\system32\browseui.dll
5_FileSize=1022464
5_FileDate=2006-5-10 下午 01:26:20
5_FileVersion=6.0.2900.2904
6_HKey=HKEY_CURRENT_USER
6_Key=Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
6_Name={43869BB3-22FD-4F15-9B46-238106BA2F4E}
6_FileName=D:\兔子优~1\MAGICSET\haokanbar.dll
6_FileSize=729088
6_FileDate=2006-7-24 下午 02:06:04
6_FileVersion=2.2.0.1612
7_HKey=HKEY_LOCAL_MACHINE
7_Key=SOFTWARE\Microsoft\Internet Explorer\Toolbar
7_Name={43869BB3-22FD-4F15-9B46-238106BA2F4E}
7_FileName=D:\兔子优~1\MAGICSET\haokanbar.dll
7_FileSize=729088
7_FileDate=2006-7-24 下午 02:06:04
7_FileVersion=2.2.0.1612
Max=7

[IE3]
1_HKey=HKEY_CURRENT_USER
1_Key=Software\Microsoft\Internet Explorer\MenuExt\上传到QQ网络硬盘
1_FileName=D:\腾讯QQ\AddToNetDisk.htm
1_FileSize=534
1_FileDate=2006-5-23 下午 03:35:18
1_FileVersion=
2_HKey=HKEY_CURRENT_USER
2_Key=Software\Microsoft\Internet Explorer\MenuExt\添加到QQ自定义面板
2_FileName=D:\腾讯QQ\AddPanel.htm
2_FileSize=1815
2_FileDate=2006-5-23 下午 03:35:16
2_FileVersion=
3_HKey=HKEY_CURRENT_USER
3_Key=Software\Microsoft\Internet Explorer\MenuExt\添加到QQ表情
3_FileName=D:\腾讯QQ\AddEmotion.htm
3_FileSize=534
3_FileDate=2006-5-23 下午 03:35:16
3_FileVersion=
4_HKey=HKEY_CURRENT_USER
4_Key=Software\Microsoft\Internet Explorer\MenuExt\用QQ彩信发送该图片
4_FileName=D:\腾讯QQ\SendMMS.htm
4_FileSize=519
4_FileDate=2006-5-23 下午 03:35:36
4_FileVersion=
5_HKey=HKEY_LOCAL_MACHINE
5_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157b}
5_Clsid={1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
5_ButtonText=QQ
5_MenuText=腾讯QQ
5_FileName=
5_FileVersion=
6_HKey=HKEY_LOCAL_MACHINE
6_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}
6_Clsid={1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
6_ButtonText=QQ炫彩工具条设置
6_MenuText=QQ炫彩工具条设置
6_FileName=
6_FileVersion=
7_HKey=HKEY_CURRENT_USER
7_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping
7_Clsid=
7_ButtonText=
7_MenuText=
7_FileName=
7_FileVersion=
8_HKey=HKEY_CURRENT_USER
8_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\{f15c22ef-534e-414d-ab5d-1425cd806e41}
8_Clsid={1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
8_ButtonText=哇哇网址导航
8_MenuText=哇哇网址导航
8_FileName=
8_FileVersion=
9_HKey=HKEY_CURRENT_USER
9_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\{f15c22ef-534e-414d-ab5d-1425cd806e42}
9_Clsid={1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
9_ButtonText=哇哇软件下载
9_MenuText=哇哇软件下载
9_FileName=
9_FileVersion=
10_HKey=HKEY_LOCAL_MACHINE
10_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7369D35A-5B70-4A5B-B789-B25FE09B4AF3}
10_Clsid=超级兔子上网精灵
10_FileName=D:\兔子优~1\MAGICSET\haokanbar.dll
10_FileSize=729088
10_FileDate=2006-7-24 下午 02:06:04
10_FileVersion=2.2.0.1612
11_HKey=HKEY_LOCAL_MACHINE
11_Key=SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}
11_Download=http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
11_FileName=
11_FileVersion=
12_HKey=HKEY_LOCAL_MACHINE
12_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1889E1A5-18ED-418E-B063-F4850CE5CD5B}
12_NameServer=
12_Clsid=
12_FileName=
12_FileVersion=
13_HKey=HKEY_LOCAL_MACHINE
13_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{529D8331-E5EA-423A-9F81-828EB60C4F49}
13_NameServer=
13_Clsid=
13_FileName=
13_FileVersion=
14_HKey=HKEY_LOCAL_MACHINE
14_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{530E6D1D-8269-4E9B-BA97-F898A3AF4C73}
14_NameServer=202.102.199.68 202.102.192.68
14_Clsid=
14_FileName=
14_FileVersion=
15_HKey=HKEY_LOCAL_MACHINE
15_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{773169A4-46A6-4607-9676-62FBCEDD857E}
15_NameServer=
15_Clsid=
15_FileName=
15_FileVersion=
16_HKey=HKEY_LOCAL_MACHINE
16_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A508EE03-EBF4-40CF-9247-F56612CA3896}
16_NameServer=
16_Clsid=
16_FileName=
16_FileVersion=
Max=16

[Link]
1_HKey=HKEY_CLASSES_ROOT
1_Key=.exe
1_Name=
1_Value=exefile
1_HKeyLink=HKEY_CLASSES_ROOT
1_KeyLink=exefile\shell\open\command
1_NameLink=
1_ValueLink="%1" %*
2_HKey=HKEY_CLASSES_ROOT
2_Key=.com
2_Name=
2_Value=comfile
2_HKeyLink=HKEY_CLASSES_ROOT
2_KeyLink=comfile\shell\open\command
2_NameLink=
2_ValueLink="%1" %*
3_HKey=HKEY_CLASSES_ROOT
3_Key=.lnk
3_Name=
3_Value=lnkfile
3_HKeyLink=HKEY_CLASSES_ROOT
3_KeyLink=lnkfile\CLSID
3_NameLink=
3_ValueLink={00021401-0000-0000-C000-000000000046}
4_HKey=HKEY_CLASSES_ROOT
4_Key=.txt
4_Name=
4_Value=txtfile
4_HKeyLink=HKEY_CLASSES_ROOT
4_KeyLink=txtfile\shell\open\command
4_NameLink=
4_ValueLink=%SystemRoot%\system32\NOTEPAD.EXE %1
4_FileSizeLink=66560
4_FileDateLink=2005-8-1 上午 08:00:00
4_FileVersionLink=5.1.2600.2180
5_HKey=HKEY_CLASSES_ROOT
5_Key=.htm
5_Name=
5_Value=htmlfile
5_HKeyLink=HKEY_CLASSES_ROOT
5_KeyLink=htmlfile\shell\open\command
5_NameLink=
5_ValueLink="E:\Program Files\Internet Explorer\iexplore.exe" -nohome
5_FileSizeLink=93184
5_FileDateLink=2005-8-1 上午 08:00:00
5_FileVersionLink=6.0.2900.2180
6_HKey=HKEY_CLASSES_ROOT
6_Key=.html
6_Name=
6_Value=htmlfile
6_HKeyLink=HKEY_CLASSES_ROOT
6_KeyLink=htmlfile\shell\open\command
6_NameLink=
6_ValueLink="E:\Program Files\Internet Explorer\iexplore.exe" -nohome
6_FileSizeLink=93184
6_FileDateLink=2005-8-1 上午 08:00:00
6_FileVersionLink=6.0.2900.2180
7_HKey=HKEY_CLASSES_ROOT
7_Key=.url
7_Name=
7_Value=InternetShortcut
7_HKeyLink=HKEY_CLASSES_ROOT
7_KeyLink=InternetShortcut\shell\open\command
7_NameLink=
7_ValueLink=rundll32.exe shdocvw.dll,OpenURL %l
8_HKey=HKEY_CLASSES_ROOT
8_Key=PROTOCOLS\Filter\text/html
8_Name=CLSID
8_Value=
9_HKey=HKEY_CLASSES_ROOT
9_Key=PROTOCOLS\Filter\text/plain
9_Name=CLSID
9_Value=
10_HKey=HKEY_LOCAL_MACHINE
10_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
10_Name=
10_Value=http://
11_HKey=HKEY_LOCAL_MACHINE
11_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes
11_Name=www
11_Value=http://
Max=11

[Shdoclc]
1_FileSize=498176
1_FileDate=2005-8-1 上午 08:00:00
1_FileVersion=6.0.2900.2180
Max=1

[AppInit_DLLs]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
1_Name=AppInit_DLLs
1_Value=
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
2_Name=Userinit
2_Value=E:\WINDOWS\system32\userinit.exe,
2_FileSize=23552
2_FileDate=2005-8-1 上午 08:00:00
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
3_Name=Shell
3_Value=Explorer.exe
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
4_Name=System
3_Value=
Max=4

[WinSock2NameSpace]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001
1_Name=DisplayString
1_Value=Tcpip
1_Enabled=1
1_LibraryPath=%SystemRoot%\System32\mswsock.dll
1_FileSize=240640
1_FileDate=2005-8-1 上午 08:00:00
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002
2_Name=DisplayString
2_Value=NTDS
2_Enabled=1
2_LibraryPath=%SystemRoot%\System32\winrnr.dll
2_FileSize=16896
2_FileDate=2005-8-1 上午 08:00:00
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003
3_Name=DisplayString
3_Value=网络位置知晓 (NLA) 名称空间
3_Enabled=1
3_LibraryPath=%SystemRoot%\System32\mswsock.dll
3_FileSize=240640
3_FileDate=2005-8-1 上午 08:00:00
Max=3

[WinSock2Protocol]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001
1_Name=PackedCatalogItem
1_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
1_Value=
??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀％?揿礀挀氀愀搀昀?      ? ????耀?銡?ā              ? ? ? ? ā ?          ?匀????吀挀瀀椀瀀?嬀吀?倀??倀崀                                                                                                                                                                                                                                           
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002
2_Name=PackedCatalogItem
2_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
2_Value=
??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀％?揿礀挀氀愀搀??      ? ????耀?銡?ā              ? ? ? ? ? ?      ?  MSAFD Tcpip [UDP/IP]                                                                                                                                                                                                                                           
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003
3_Name=PackedCatalogItem
3_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
3_Value=
??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀％?揿礀挀氀愀搀??      ? ????耀?銡?ā              ? ? ? ? ?  ?    ?  MSAFD Tcpip [RAW/IP]                                                                                                                                                                                                                                           
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004
4_Name=PackedCatalogItem
4_FileName=%SystemRoot%\system32\rsvpsp.dll
4_Value=?揿愀洀瘀椀搀?　?椀渀昀 ā 戀? ccdecode.inf
  ? certclas.inf  ?? communic.inf    ??comnt5.inf    ? corelist.inf  ???cyclad☉       ?鵠?????
龍???唼u 砀??嚇u ? ? ? ? ? ?      ?  RSVP UDP Service Provider ??    ā ?矵?? ??
  捻欿??矵?w ???矵豈?聆氿?封?攀瘀椀挀攀尀笀???????????　???　????????????????　??　紀 ??????　??　紀 ????屐瀂鯁倂?

????蠴畖? ?畕類??墶矷??  ???矚易?坐u 瀀鯁 ??龐矛???矚??矵??矵
?? ??  tt??矵
??矵    X ??矵
??
陳畗  ???SY?倀?? ā ?躐?漀渀琀?矵
5_HKey=HKEY_LOCAL_MACHINE
5_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005
5_Name=PackedCatalogItem
5_FileName=%SystemRoot%\system32\rsvpsp.dll
5_Value=?揿愀洀瘀椀搀?　?椀渀昀 ā 戀? ccdecode.inf
  ? certclas.inf  ?? communic.inf    ??comnt5.inf    ? corelist.inf  ???cyclad?       ?鵠?????
ockdow  ?  ? ? ? ? ā ?          刀匀嘀倀?吀?倀?匀攀爀瘀椀挀攀?倀爀漀瘀椀搀攀爀  ?姨?姨???????囝??      ?????? ?囝??囜 搀??矵 ???樀?w 囜囜耂 ā ???t?  ??t?  ?  ??铀? ? ? ā ?t???
??囜    ` 誥矵?蠿????矵 ? ?蠀?  ???w??矵??矵??  ??斴矷????????矵?矚      ?          ? ?????ā ? ??    栀鯊 搀岨?矵?桷鯊 搀岨??
6_HKey=HKEY_LOCAL_MACHINE
6_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006
6_Name=PackedCatalogItem
6_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
6_Value=
??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀％?揿礀挀氀愀搀??      ? 　弘玍?锑è往??
                    耀        ?匀????一攀琀??伀匀?嬀尀?攀瘀椀挀攀尀一攀琀?吀开吀挀瀀椀瀀开笀???????????　???　????????????????　??　紀崀?匀?儀倀????吀?　                                                                                                                                                                         
7_HKey=HKEY_LOCAL_MACHINE
7_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007
7_Name=PackedCatalogItem
7_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
7_Value=
??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀％?揿礀挀氀愀搀??      ? 　弘玍?锑è往??
                    耀        ?匀????一攀琀??伀匀?嬀尀?攀瘀椀挀攀尀一攀琀?吀开吀挀瀀椀瀀开笀???????????　???　????????????????　??　紀崀???吀??刀???　                                                                                                                                                                         
8_HKey=HKEY_LOCAL_MACHINE
8_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008
8_Name=PackedCatalogItem
8_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
8_Value=
??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀％?揿礀挀氀愀搀??        　弘玍?锑è往??
                   ??        ?匀????一攀琀??伀匀?嬀尀?攀瘀椀挀攀尀一攀琀?吀开吀挀瀀椀瀀开笀???????????　????????????　??????????　紀崀?匀?儀倀????吀??                                                                                                                                                                         
9_HKey=HKEY_LOCAL_MACHINE
9_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009
9_Name=PackedCatalogItem
9_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
9_Value=
??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀％?揿礀挀氀愀搀??        　弘玍?锑è往??
                   ??        ?匀????一攀琀??伀匀?嬀尀?攀瘀椀挀攀尀一攀琀?吀开吀挀瀀椀瀀开笀???????????　????????????　??????????　紀崀???吀??刀????                                                                                                                                                                         
10_HKey=HKEY_LOCAL_MACHINE
10_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010
10_Name=PackedCatalogItem
10_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
10_Value=
??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀％?揿礀挀氀愀搀??        　弘玍?锑è往??
                   ＿?        MSAFD NetBIOS [\Device\NetBT_Tcpip_{F9DE49EA-8406-4523-B289-91B8F0BDE0DA}] SEQPACKET

11_HKey=HKEY_LOCAL_MACHINE
11_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011
11_Name=PackedCatalogItem
11_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
11_Value=
??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀％?揿礀挀氀愀搀??        　弘玍?锑è往??
                   ＿?        MSAFD NetBIOS [\Device\NetBT_Tcpip_{F9DE49EA-8406-4523-B289-91B8F0BDE0DA}] DATAGRAM 2                                                                                                                                                                         
Max=11

[WinSock2Winsock]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=System\CurrentControlSet\Services\Winsock2\Winsock
1_Name=PathName
1_Value=
1_Found=0
Max=1

[WOW]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Control\WOW
1_Name=cmdline
1_Value=%SystemRoot%\system32\ntvdm.exe -o
1_Filename=E:\WINDOWS\SYSTEM32\NTVDM.EXE
1_FileSize=417280
1_FileDate=2005-8-1 上午 08:00:00
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SYSTEM\CurrentControlSet\Control\WOW
2_Name=wowcmdline
2_Value=%SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
2_Filename=E:\WINDOWS\SYSTEM32\NTVDM.EXE
2_FileSize=417280
2_FileDate=2005-8-1 上午 08:00:00
Max=2

[ShellExecuteHooks]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
1_Name={AEB6717E-7E19-11d0-97EE-00C04FD91972}
1_ClsidName=URL 执行挂钩
1_FileName=E:\WINDOWS\system32\shell32.dll
1_FileSize=8312320
1_FileDate=2006-3-17 下午 12:46:42
Max=1

[ShellServiceObjectDelayLoad]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
1_Name=PostBootReminder
1_Value={7849596a-48ea-486e-8937-a2a3009f31a9}
1_ClsidName=PostBootReminder 对象
1_FileName=%SystemRoot%\system32\SHELL32.dll
1_FileSize=8312320
1_FileDate=2006-3-17 下午 12:46:42
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
2_Name=CDBurn
2_Value={fbeb8a05-beee-4442-804e-409d6c4515e9}
2_ClsidName=烧 CD 的 ShellFolder
2_FileName=%SystemRoot%\system32\SHELL32.dll
2_FileSize=8312320
2_FileDate=2006-3-17 下午 12:46:42
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
3_Name=WebCheck
3_Value={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
3_ClsidName=WebCheck
3_FileName=%SystemRoot%\system32\webcheck.dll
3_FileSize=265728
3_FileDate=2005-8-1 上午 08:00:00
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
4_Name=SysTray
4_Value={35CEC8A3-2BE6-11D2-8773-92E220524153}
4_ClsidName=SysTray
4_FileName=E:\WINDOWS\system32\stobject.dll
4_FileSize=121344
4_FileDate=2005-8-1 上午 08:00:00
Max=4

[SharedTaskScheduler]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
1_Name={438755C2-A8BA-11D1-B96B-00A0C90312E1}
1_Value=Browseui 预加载程序
1_FileName=%SystemRoot%\system32\browseui.dll
1_FileSize=1022464
1_FileDate=2006-5-10 下午 01:26:20
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
2_Name={8C7461EF-2B13-11d2-BE35-3078302C2030}
2_Value=组件类别缓存程序
2_FileName=%SystemRoot%\system32\browseui.dll
2_FileSize=1022464
2_FileDate=2006-5-10 下午 01:26:20
Max=2

[ProtocolDefaults]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
1_Name=http
1_Value=3
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
2_Name=https
2_Value=3
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
3_Name=ftp
3_Value=3
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
4_Name=file
4_Value=3
5_HKey=HKEY_LOCAL_MACHINE
5_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
5_Name=@ivt
5_Value=1
6_HKey=HKEY_LOCAL_MACHINE
6_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
6_Name=shell
6_Value=0
Max=6

[BootExecute]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Control\Session Manager
1_Name=BootExecute
1_Value=autocheck autochk *
Max=1

[AutoRun]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=Software\Microsoft\Windows\CurrentVersion\Run
1_Name=PHIME2002ASync
1_Value=e:\windows\system32\ime\tintlgnt\tintsetp.exe /sync
1_FileSize=455168
1_FileDate=2005-8-1 上午 08:00:00
1_FileVersion=5.2.0.2801
2_HKey=HKEY_LOCAL_MACHINE
2_Key=Software\Microsoft\Windows\CurrentVersion\Run
2_Name=PHIME2002A
2_Value=e:\windows\system32\ime\tintlgnt\tintsetp.exe /imename
2_FileSize=455168
2_FileDate=2005-8-1 上午 08:00:00
2_FileVersion=5.2.0.2801
3_HKey=HKEY_LOCAL_MACHINE
3_Key=Software\Microsoft\Windows\CurrentVersion\Run
3_Name=RavTask
3_Value="e:\program files\rising\rav\ravtask.exe" -system
3_FileSize=114688
3_FileDate=2006-3-30 下午 05:57:57
3_FileVersion=18.0.0.22
4_HKey=HKEY_LOCAL_MACHINE
4_Key=Software\Microsoft\Windows\CurrentVersion\Run
4_Name=Cmaudio
4_Value=; rundll32 cmicnfg.cpl,cmictrlwnd
5_HKey=HKEY_LOCAL_MACHINE
5_Key=Software\Microsoft\Windows\CurrentVersion\Run
5_Name=Super Rabbit SafeEdit
5_Value=; d:\兔子优化大师\magicset\srfc.exe /load
5_FileSize=43520
5_FileDate=2004-12-5 下午 07:31:32
5_FileVersion=2.20.0.0
6_HKey=HKEY_LOCAL_MACHINE
6_Key=Software\Microsoft\Windows\CurrentVersion\Run
6_Name=StormCodec_Helper
6_Value="d:\新建文件夹\storm codec\stormset.exe" /s /opti
6_FileVersion=
7_HKey=HKEY_LOCAL_MACHINE
7_Key=Software\Microsoft\Windows NT\CurrentVersion\Windows
7_Name=load
7_Value=
8_HKey=HKEY_CURRENT_USER
8_Key=Software\Microsoft\Windows NT\CurrentVersion\Windows
8_Name=load
8_Value=
Max=8

[Process]
1_FileName=E:\WINDOWS\SYSTEM32\SMSS.EXE
1_FileSize=50688
1_FileDate=2005-8-1 上午 08:00:00
1_FileVersion=5.1.2600.2180
2_FileName=E:\WINDOWS\SYSTEM32\WINLOGON.EXE
2_FileSize=487424
2_FileDate=2005-8-1 上午 08:00:00
2_FileVersion=5.1.2600.2180
3_FileName=E:\WINDOWS\SYSTEM32\SERVICES.EXE
3_FileSize=108032
3_FileDate=2005-8-1 上午 08:00:00
3_FileVersion=5.1.2600.2180
4_FileName=E:\WINDOWS\SYSTEM32\LSASS.EXE
4_FileSize=13312
4_FileDate=2005-8-1 上午 08:00:00
4_FileVersion=5.1.2600.2180
5_FileName=E:\WINDOWS\SYSTEM32\SVCHOST.EXE
5_FileSize=14336
5_FileDate=2005-8-1 上午 08:00:00
5_FileVersion=5.1.2600.2180
6_FileName=E:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
6_FileSize=110592
6_FileDate=2006-3-30 下午 05:57:57
6_FileVersion=18.0.0.3
7_FileName=E:\WINDOWS\SYSTEM32\SVCHOST.EXE
7_FileSize=14336
7_FileDate=2005-8-1 上午 08:00:00
7_FileVersion=5.1.2600.2180
8_FileName=E:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE
8_FileSize=266240
8_FileDate=2006-11-5 下午 12:00:12
8_FileVersion=18.0.1.47
9_FileName=E:\WINDOWS\EXPLORER.EXE
9_FileSize=976896
9_FileDate=2005-8-1 上午 08:00:00
9_FileVersion=6.0.2900.2180
10_FileName=E:\WINDOWS\SYSTEM32\SPOOLSV.EXE
10_FileSize=57856
10_FileDate=2005-8-1 上午 08:00:00
10_FileVersion=5.1.2600.2696
11_FileName=E:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE
11_FileSize=114688
11_FileDate=2006-3-30 下午 05:57:57
11_FileVersion=18.0.0.22
12_FileName=E:\PROGRAM FILES\RISING\RAV\RAVMON.EXE
12_FileSize=614400
12_FileDate=2006-11-5 下午 12:00:12
12_FileVersion=18.0.1.39
13_FileName=E:\WINDOWS\SYSTEM32\CTFMON.EXE
13_FileSize=15360
13_FileDate=2005-8-1 上午 08:00:00
13_FileVersion=5.1.2600.2180
14_FileName=E:\PROGRAM FILES\RISING\RAV\RSAGENT.EXE
14_FileSize=106496
14_FileDate=2006-3-30 下午 05:57:12
14_FileVersion=18.0.0.12
15_FileName=E:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
15_FileSize=93184
15_FileDate=2005-8-1 上午 08:00:00
15_FileVersion=6.0.2900.2180
16_FileName=E:\WINDOWS\MSAGENT\AGENTSVR.EXE
16_FileSize=256512
16_FileDate=2005-8-1 上午 08:00:00
16_FileVersion=2.0.0.3422
17_FileName=D:\兔子优化大师\MAGICSET\IEHELP.EXE
17_FileSize=1359872
17_FileDate=2006-10-10 下午 11:18:02
17_FileVersion=7.85.0.0
18_FileName=[SYSTEM PROCESS]
19_FileName=E:\WINDOWS\system32\CSRSS.EXE
19_FileSize=6144
19_FileDate=2005-8-1 上午 08:00:00
19_FileVersion=5.1.2600.2180
20_FileName=E:\WINDOWS\system32\ALG.EXE
20_FileSize=44544
20_FileDate=2005-8-1 上午 08:00:00
20_FileVersion=5.1.2600.2180
Max=20

[Hosts]
HostsFile=E:\WINDOWS\system32\Drivers\Etc\Hosts
1_Host=127.0.0.1      localhost
Max=1

[Service]
1_ServiceName=DcomLaunch
1_DisplayName=DCOM Server Process Launcher
1_Description=为 DCOM 服务提供加载功能。
1_Status=已启动
1_StartType=自动
1_ServiceDll=E:\WINDOWS\SYSTEM32\RPCSS.DLL
1_ImagePath=E:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH

2_ServiceName=HTTPFilter
2_DisplayName=HTTP SSL
2_Description=此服务通过安全套接字层(SSL)实现 HTTP 服务的安全超文本传送协议(HTTPS)。如果此服务被禁用，任何依赖它的服务将无法启动。
2_Status=停止
2_StartType=手动
2_ServiceDll=E:\WINDOWS\SYSTEM32\W3SSL.DLL
2_ImagePath=E:\WINDOWS\SYSTEM32\SVCHOST.EXE -K HTTPFILTER

3_ServiceName=NetDDEdsdm
3_DisplayName=Network DDE DSDM
3_Description=管理动态数据交换 (DDE) 网络共享。如果此服务终止，DDE 网络共享将不可用。如果此服务被禁用，任何依赖它的服务将无法启动。
3_Status=停止
3_StartType=已禁用
3_ServiceDll=
3_ImagePath=E:\WINDOWS\SYSTEM32\NETDDE.EXE

4_ServiceName=RsCCenter
4_DisplayName=Rising Process Communication Center
4_Description=
4_Status=已启动
4_StartType=自动
4_ServiceDll=
4_ImagePath="E:\PROGRAM FILES\RISING\RAV\CCENTER.EXE"

5_ServiceName=RsRavMon
5_DisplayName=Rising RealTime Monitor
5_Description=
5_Status=已启动
5_StartType=自动
5_ServiceDll=
5_ImagePath="E:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE"

6_ServiceName=UMWdf
6_DisplayName=Windows User Mode Driver Framework
6_Description=启用 Windows 用户模式驱动程序。
6_Status=停止
6_StartType=手动
6_ServiceDll=
6_ImagePath=E:\WINDOWS\SYSTEM32\WDFMGR.EXE

7_ServiceName=WmdmPmSN
7_DisplayName=Portable Media Serial Number Service
7_Description=Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
7_Status=停止
7_StartType=手动
7_ServiceDll=E:\WINDOWS\SYSTEM32\MSPMSNSV.DLL
7_ImagePath=E:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS

8_ServiceName=wscsvc
8_DisplayName=Security Center
8_Description=监视系统安全设置和配置。
8_Status=已启动
8_StartType=自动
8_ServiceDll=E:\WINDOWS\SYSTEM32\WSCSVC.DLL
8_ImagePath=E:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS

9_ServiceName=xmlprov
9_DisplayName=Network Provisioning Service
9_Description=为自动网络提供管理基于域的 XML 配置文件。
9_Status=停止
9_StartType=手动
9_ServiceDll=E:\WINDOWS\SYSTEM32\XMLPROV.DLL
9_ImagePath=E:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS

Max=9

[END]
Max=1

下载SREng2（最新版） ，使用“智能扫描”，按下“扫描”按钮进行扫描，
扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完，分次粘完，请不要修改。

下载地址
http://www.kztechs.com/sreng/sreng2.zip

【回复“红夜鬼1”的帖子】
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <PHIME2002ASync><E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <Cmaudio><; RunDll32 cmicnfg.cpl,CMICtrlWnd>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><E:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; E:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ]
  <E:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Rising Process Communication Center / RsCCenter]
  <"e:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon]
  <"e:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[C-Media WDM Audio Interface / cmuda]
  <system32\drivers\cmuda.sys><C-Media Inc>
[dtscsi / dtscsi]
  <\SystemRoot\System32\Drivers\dtscsi.sys><DT Soft Ltd.>
[EagleNT / EagleNT]
  <\??\E:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner]
  <\??\e:\Program Files\Rising\Rav\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont]
  <\??\e:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\e:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\e:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HSFHWBS2 / HSFHWBS2]
  <system32\DRIVERS\HSFBS2S2.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP]
  <system32\DRIVERS\HSFDPSP2.sys><Conexant Systems, Inc.>
[ids00026 / ids00026]
  <\??\E:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys><N/A>
[mdmxsdk / mdmxsdk]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[MEMSCAN / MEMSCAN]
  <\??\e:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[npkcrypt / npkcrypt]
  <\??\D:\腾讯QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RSPPSYS / RSPPSYS]
  <\??\E:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SetupNT / SetupNT]
  <\SystemRoot\system32\SetupNT.sys><N/A>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01]
  <\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02]
  <\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver (version 3.x) / sfsync03]
  <\SystemRoot\System32\drivers\sfsync03.sys><Protection Technology>
[sptd / sptd]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[TSP / TSP]
  <\??\E:\WINDOWS\system32\drivers\klif.sys><N/A>

==================================
浏览器加载项
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\兔子优~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\腾讯QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <, N/A>
[哇哇网址导航]
  {f15c22ef-534e-414d-ab5d-1425cd806e41} <http://www.51viva.com/dlplugin/redirect.jsp?refer=dtoolbar&cur=http://114.yesky.com/, N/A>
[哇哇软件下载]
  {f15c22ef-534e-414d-ab5d-1425cd806e42} <http://www.51viva.com/dlplugin/redirect.jsp?refer=dtoolbar&cur=http://www.mydown.com/, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\兔子优~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <E:\WINDOWS\system32\Macromed\Flash\Flash.ocx, Macromedia, Inc.>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <E:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\兔子优~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\兔子优~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[上传到QQ网络硬盘]
  <D:\腾讯QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <D:\腾讯QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\腾讯QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\腾讯QQ\SendMMS.htm, N/A>

==================================

正在运行的进程
[PID: 632][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 688][\??\E:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 712][\??\E:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 760][E:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 772][E:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936][E:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1016][E:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1136][e:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1156][E:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1240][E:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1356][E:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1380][e:\Program Files\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 47]
    [e:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [e:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [e:\Program Files\Rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [e:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [e:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [e:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [e:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [e:\Program Files\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 18, 1, 0, 12]
    [E:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 33]
    [E:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [E:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [e:\Program Files\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [e:\Program Files\Rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 2]
    [e:\Program Files\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [e:\Program Files\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [e:\Program Files\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [e:\Program Files\Rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [E:\Program Files\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [E:\Program Files\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 35]
    [E:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
    [E:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [E:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 15]
    [E:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 30]
    [E:\Program Files\Rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19]
    [E:\Program Files\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 24]
    [E:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [E:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [E:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [E:\Program Files\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [E:\Program Files\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[PID: 1584][E:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1712][E:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [E:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [E:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [E:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [E:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 1736][E:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 39]
    [E:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
    [E:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [E:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [E:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [E:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [E:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [E:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 1772][E:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp.050610-1527)]
    [E:\WINDOWS\system32\E_SL2023.DLL]  [SEIKO EPSON CORPORATION, 2, 4, 0, 0]
[PID: 1576][D:\千千静听\TTPlayer.exe]  [Alen Soft, 4, 6, 8, 0]
    [D:\千千静听\ttpcomm.dll]  [N/A, N/A]
    [D:\千千静听\ttpres.dll]  [Alen Soft, 4, 6, 8, 0]
[PID: 1392][E:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1948][E:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[PID: 1060][E:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2484][E:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[PID: 2276][E:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1708][D:\腾讯QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [D:\腾讯QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 160]
    [D:\腾讯QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [D:\腾讯QQ\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 3, 2, 1]
    [D:\腾讯QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [D:\腾讯QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [D:\腾讯QQ\QQMainFrame.dll]  [N/A, N/A]
    [D:\腾讯QQ\CQQApplication.dll]  [N/A, N/A]
    [D:\腾讯QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [E:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [D:\腾讯QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\GroupLive.dll]  [N/A, N/A]
    [D:\腾讯QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\QQPlugin.dll]  [N/A, N/A]
    [D:\腾讯QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\QQSysMsgMng.dll]  [N/A, N/A]
    [D:\腾讯QQ\QRingMng.dll]  [N/A, N/A]
    [D:\腾讯QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [D:\腾讯QQ\QQAllInOne.dll]  [N/A, N/A]
    [D:\腾讯QQ\SCCore.dll]  [N/A, N/A]
    [D:\腾讯QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\QQCustomFace.dll]  [N/A, N/A]
    [D:\腾讯QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [E:\WINDOWS\system32\Macromed\Flash\Flash.ocx]  [Macromedia, Inc., 6,0,84,0]
    [D:\腾讯QQ\QQAvatar.dll]  [N/A, N/A]
    [D:\腾讯QQ\QQSceneMng.dll]  [N/A, N/A]
    [D:\腾讯QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [D:\腾讯QQ\BQQApplication.dll]  [N/A, N/A]
    [D:\腾讯QQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\腾讯QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [D:\腾讯QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [D:\腾讯QQ\QQUdpGetFileLib.dll]  [tencent, 0, 2, 2, 3]
    [D:\腾讯QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 200]
    [D:\腾讯QQ\QQFileTransfer.dll]  [Tencent, 5, 0, 202, 180]
    [D:\腾讯QQ\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 0, 6, 60]
    [D:\腾讯QQ\GroupConnection.dll]  [Tencent, 5, 0, 202, 170]
[PID: 1532][D:\腾讯QQ\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [D:\腾讯QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 584][E:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\兔子优~1\MAGICSET\haokanbar.dll]  [Xiang Feng Technology, 2, 2, 0, 1612]
[PID: 3644][E:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.382\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================

文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["E:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================