大概28日下午4点，问题第一次出现，
系统：  Windows 2000 Pro  SP4
症状：
      开机到桌面，登陆，输入用户名/密码后，出现“Explorer.exe”错误，桌面无法显示，必须注销或者手动启动该进程。
      用Goust重新恢复系统，升级瑞星到最新版本，今天所有系统又全部出现此问题。
扫描日志如下：

[CODE]

2006-12-30,13:29:11

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><ctfmon.exe>  [Microsoft Corporation]
    <svcshare><C:\WINNT\system32\drivers\spoclsv.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"d:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Corporation]
    <LoadIE><C:\WINNT\rund1132.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{1A404685-7563-4d02-B0F6-58B308A406A9}><d:\program files\rising\rfw\fqcwumfc.dll>  [N/A]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINNT\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Intel Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <d:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <d:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"d:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon][Running/Auto Start]
  <"d:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Remote Administrator Service / r_server][Running/Auto Start]
  <"C:\WINNT\system32\r_server.exe" /service><>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
  <C:\WINNT\system32\rundll32.exe windhcp.ocx,start><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\mspmsnsv.dll><Microsoft Corporation>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[Intel(R) PRO Network Connection Driver / E100B][Running/Manual Start]
  <system32\DRIVERS\e100bnt5.sys><Intel Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rav\ExpScan.sys><>
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS><N/A>
[HookCont / HookCont][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[ISO CD-ROM Device Driver / ISODrive][Stopped/Manual Start]
  <\??\E:\TOOL\cr-UltraISO\drivers\ISODrive.sys><EZB Systems, Inc.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\d:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Stopped/Disabled]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8139-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[wswx521 / wswx521][Running/]
  <2 - 系统找不到指定的文件。
><N/A>

==================================
浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_015.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINNT\system32\KakaTool.dll, N/A>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Dldrv2 Control]
  {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} <C:\WINNT\DOWNLO~1\Dldrv.ocx, GIGA>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[使用Web迅雷下载]
  <d:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <d:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 152][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 176][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 172][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6714]
    [d:\program files\rising\rfw\fqcwumfc.dll]  [, 1, 0, 0, 11]
[PID: 224][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.6700]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
[PID: 236][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.6695]
[PID: 384][d:\program files\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 30]
    [C:\WINNT\system32\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [d:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
    [d:\program files\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
    [d:\program files\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 9]
    [d:\program files\rising\rfw\psapi.dll]  [Microsoft Corporation, 4.00]
    [d:\program files\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [d:\program files\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
    [d:\program files\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 396][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 428][d:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 532][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.6659]
    [C:\WINNT\system32\AdobePDF.dll]  [Adobe Systems Incorporated., 7.0.0.00]
    [C:\WINNT\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\Adobe\Acrobat 7.0\Distillr\adistres.dll]  [Adobe Systems Incorporated., 7.0.5.2005092300]
    [C:\WINNT\system32\EBPMON2.DLL]  [SEIKO EPSON CORPORATION, 2, 33, 0, 0]
    [C:\WINNT\system32\hpbmmon.dll]  [Hewlett-Packard, 10.00.14]
    [C:\WINNT\system32\hpdomon.dll]  [Hewlett-Packard, 03.42.00]
    [C:\WINNT\system32\HPBHealr.dll]  [N/A, N/A]
    [C:\WINNT\system32\hptcpmon.dll]  [Hewlett Packard, 2.40.00.015]
    [C:\WINNT\system32\hptcpmib.dll]  [Hewlett Packard, 2.40.00.015]
[PID: 564][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 608][C:\WINNT\system32\r_server.exe]  [, 2, 2, 0, 0]
[PID: 764][d:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [d:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [d:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 692][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1148][C:\WINNT\explorer.exe]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\igfxpph.dll]  [Intel Corporation, 3.0.0.4384]
    [C:\WINNT\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4384]
    [C:\WINNT\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4384]
    [C:\WINNT\system32\igfxress.dll]  [Intel Corporation, 3.0.0.4384]
    [C:\WINNT\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4384]
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [d:\program files\rising\rfw\fqcwumfc.dll]  [, 1, 0, 0, 11]
    [C:\WINNT\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_015.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [C:\WINNT\system32\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\WINNT\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [d:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\mui\fallback\0804\msctf.dll.mui]  [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
    [C:\WINNT\system32\msimtf.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[PID: 1040][C:\WINNT\system32\explore3.exe]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\TEMP\ikt8.dll]  [N/A, N/A]
[PID: 1252][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [c:\program files\google\googletoolbar1.dll]  [Google Inc., 4, 0, 1019, 5266]
    [C:\WINNT\system32\msxml3.dll]  [Microsoft Corporation, 8.30.9926.0]
    [d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_015.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [C:\WINNT\system32\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\WINNT\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINNT\system32\msimtf.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\mui\fallback\0804\msctf.dll.mui]  [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
    [d:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINNT\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 1280][C:\WINNT\system32\ctfmon.exe]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\system32\MSUTB.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\mui\fallback\0804\msutb.dll.mui]  [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
    [C:\WINNT\mui\fallback\0804\msctf.dll.mui]  [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[PID: 1396][D:\Program Files\Rising\Rav\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [D:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\WINNT\mui\fallback\0804\msctf.dll.mui]  [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[PID: 1416][C:\WINNT\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3422]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[PID: 280][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [c:\program files\google\googletoolbar1.dll]  [Google Inc., 4, 0, 1019, 5266]
    [C:\WINNT\system32\msxml3.dll]  [Microsoft Corporation, 8.30.9926.0]
    [d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_015.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [C:\WINNT\system32\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\WINNT\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINNT\mui\fallback\0804\msctf.dll.mui]  [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
    [C:\WINNT\system32\msimtf.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [d:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINNT\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 1316][D:\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\mui\fallback\0804\msctf.dll.mui]  [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[C:\]
[AutoRun]
OPEN=setup.exe
shellexecute=setup.exe
shell\Auto\command=setup.exe
[D:\]
[AutoRun]
OPEN=setup.exe
shellexecute=setup.exe
shell\Auto\command=setup.exe
[E:\]
[AutoRun]
OPEN=setup.exe
shellexecute=setup.exe
shell\Auto\command=setup.exe
[F:\]
[AutoRun]
OPEN=setup.exe
shellexecute=setup.exe
shell\Auto\command=setup.exe

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1      www.winopen.cn
127.0.0.1      www.tanip.com
127.0.0.1      www.365tc.com
127.0.0.1      code.winopen.cn
127.0.0.1      code1.winopen.cn
127.0.0.1      code2.winopen.cn
127.0.0.1      code3.winopen.cn
127.0.0.1      code4.winopen.cn
127.0.0.1      www.djk66.com
127.0.0.1      www.158soft.com
127.0.0.1      www.10359172.com
127.0.0.1      www.ietool.cn
127.0.0.1      www.456link.com
127.0.0.1      www.159.com
127.0.0.1      www.17510.com
127.0.0.1      www.at58.cn
127.0.0.1      www.nb46.com
127.0.0.1      www.qqget.cn
127.0.0.1      www.6tan.com
127.0.0.1      www.ip321.cn
127.0.0.1      www.ip369.com
127.0.0.1      www.369ip.com.cn
127.0.0.1    rhino.acme.com
127.0.0.1    www.369ip.com.cn
127.0.0.1    x.acme.com
127.0.0.1    cn.47555.cn
127.0.0.1    new3.etsoft.com.cn
127.0.0.1    new3.etsoft.com
127.0.0.1    etsoft.com
127.0.0.1    wl.etsoft.com.cn
127.0.0.1    wl.etsoft.com
127.0.0.1    down.jschina.com.cn
127.0.0.1    down.jschina.com
127.0.0.1    jschina.com
127.0.0.1    wow.etsoft.com.cn
127.0.0.1    wow.etsoft.com
127.0.0.1    new3.etsoft.com.cn
127.0.0.1    new3.etsoft.com
127.0.0.1    sw.etsoft.com.cn
127.0.0.1    mh.etsoft.com.cn
127.0.0.1    wool.etsoft.com.cn
127.0.0.1    zt.soft.com.cn
127.0.0.1    www.gaodumm.com
127.0.0.1    www.97725.com
127.0.0.1    www.ac86.cn

==================================
API HOOK
N/A

==================================


[/CODE]