我的电脑首先呢是招惹了3个玩意：  木马Loadmejx          木马Looked      还有一个恶意程序Sky99  就这么3个东西均出自于C/windows/rundL132.exe.  我的瑞星不理会他，卡卡能发现他但是杀不掉，我还弄的个超级兔子去卸他的时候被他弄的用不成了。  最后我按照路径把包含Rundl132.exe的东西全部都删掉了，我想请教对于上面那三个东西，正确的杀法应该是如何操作的，                                        请专家赐教：上面那三个到底是什么东西？应该如何对付才是正着？

谢谢楼上的，我的那三个玩意都是和威金有关系的么？

谢谢您的负责，我没有写错的。再就是，卡卡叫我把日志贴过来，但是我贴不了----总是说字数太多了，怎么办呢？

[Main]
Program=超级兔子IE修复专家
Version=V7.93
WindowsVersion=Windows XP
IEVersion=6.0.2800.1106
WinDir=C:\WINDOWS\
WinSystemDir=C:\WINDOWS\System32\
USERPROFILE=C:\Documents and Settings\jiajia
Admin=1
Detail=1
Date=2007-01-04
Time=14:50:43
Code=,
CDCode=,
Reg=0

[Soft]
1=联众世界
Max=1

[IE]
1_HKey=HKEY_CURRENT_USER
1_Key=Software\Microsoft\Internet Explorer\Main
1_Name=Window Title
1_Value=Microsoft Internet Explorer
2_HKey=HKEY_CURRENT_USER
2_Key=Software\Microsoft\Internet Explorer\Main
2_Name=Local Page
2_Value=about:blank
3_HKey=HKEY_CURRENT_USER
3_Key=Software\Microsoft\Internet Explorer\Main
3_Name=Search Page
3_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
4_HKey=HKEY_CURRENT_USER
4_Key=Software\Microsoft\Internet Explorer\Main
4_Name=Start Page
4_Value=http://www.haokan123.com/
5_HKey=HKEY_CURRENT_USER
5_Key=Software\Microsoft\Internet Explorer\Main
5_Name=Default_page_url
5_Value=http://www.microsoft.com/windows/ie_intl/cn/start/
6_HKey=HKEY_CURRENT_USER
6_Key=Software\Microsoft\Internet Explorer\Main
6_Name=First Home Page
6_Value=
7_HKey=HKEY_LOCAL_MACHINE
7_Key=Software\Microsoft\Internet Explorer\Main
7_Name=Search Page
7_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
8_HKey=HKEY_LOCAL_MACHINE
8_Key=Software\Microsoft\Internet Explorer\Main
8_Name=Start Page
8_Value=about:blank
9_HKey=HKEY_LOCAL_MACHINE
9_Key=Software\Microsoft\Internet Explorer\Main
9_Name=Default_page_url
9_Value=http://www.microsoft.com/windows/ie_intl/cn/start/
10_HKey=HKEY_LOCAL_MACHINE
10_Key=Software\Microsoft\Internet Explorer\Main
10_Name=First Home Page
10_Value=
11_HKey=HKEY_LOCAL_MACHINE
11_Key=Software\Microsoft\Internet Explorer\Main
11_Name=Search Page
11_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
12_HKey=HKEY_LOCAL_MACHINE
12_Key=Software\Microsoft\Internet Explorer\Main
12_Name=Start Page
12_Value=about:blank
Max=12

[IE2]
1_HKey=HKEY_CURRENT_USER
1_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
1_Name={01E04581-4EEE-11D0-BFE9-00AA005B4383}
1_FileName=%SystemRoot%\System32\browseui.dll
1_FileSize=1021952
1_FileDate=2002-10-7 20:00:00
1_FileVersion=6.0.2800.1106
1_FileCompanyName=Microsoft Corporation
2_HKey=HKEY_CURRENT_USER
2_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
2_Name={0E5CBF21-D15F-11D0-8301-00AA005B4383}
2_FileName=%SystemRoot%\system32\SHELL32.dll
2_FileSize=8194048
2_FileDate=2002-10-7 20:00:00
2_FileVersion=6.0.2800.1106
2_FileCompanyName=Microsoft Corporation
3_HKey=HKEY_CURRENT_USER
3_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
3_Name={B5A34A93-D538-43A7-8371-864CB6148D12}
3_FileName=
3_FileVersion=
3_FileCompanyName=
4_HKey=HKEY_CURRENT_USER
4_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
4_Name={43869BB3-22FD-4F15-9B46-238106BA2F4E}
4_FileName=C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
4_FileSize=729088
4_FileDate=2006-7-24 14:06:04
4_FileVersion=2.2.0.1612
4_FileCompanyName=Xiang Feng Technology
5_HKey=HKEY_CURRENT_USER
5_Key=Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
5_Name={01E04581-4EEE-11D0-BFE9-00AA005B4383}
5_FileName=%SystemRoot%\System32\browseui.dll
5_FileSize=1021952
5_FileDate=2002-10-7 20:00:00
5_FileVersion=6.0.2800.1106
5_FileCompanyName=Microsoft Corporation
6_HKey=HKEY_CURRENT_USER
6_Key=Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
6_Name={B5A34A93-D538-43A7-8371-864CB6148D12}
6_FileName=
6_FileVersion=
6_FileCompanyName=
7_HKey=HKEY_CURRENT_USER
7_Key=Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
7_Name={43869BB3-22FD-4F15-9B46-238106BA2F4E}
7_FileName=C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
7_FileSize=729088
7_FileDate=2006-7-24 14:06:04
7_FileVersion=2.2.0.1612
7_FileCompanyName=Xiang Feng Technology
8_HKey=HKEY_LOCAL_MACHINE
8_Key=SOFTWARE\Microsoft\Internet Explorer\Toolbar
8_Name={6C3797D2-3FEF-4cd4-B654-D3AE55B4128C}
8_FileName=C:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll
8_FileSize=221184
8_FileDate=2004-6-10 8:06:46
8_FileVersion=4.0.0.0
8_FileCompanyName=金山软件股份有限公司
9_HKey=HKEY_LOCAL_MACHINE
9_Key=SOFTWARE\Microsoft\Internet Explorer\Toolbar
9_Name={8E718888-423F-11D2-876E-00A0C9082467}
9_FileName=C:\WINDOWS\System32\msdxm.ocx
9_FileSize=842268
9_FileDate=2002-10-7 20:00:00
9_FileVersion=6.4.9.1125
9_FileCompanyName=Microsoft Corporation
10_HKey=HKEY_LOCAL_MACHINE
10_Key=SOFTWARE\Microsoft\Internet Explorer\Toolbar
10_Name={DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}
10_FileName=C:\WINDOWS\System32\KakaTool.dll
10_FileSize=348160
10_FileDate=2007-1-4 13:34:25
10_FileVersion=2.0.2.6
10_FileCompanyName=Beijing Rising Technology Co., Ltd.
11_HKey=HKEY_LOCAL_MACHINE
11_Key=SOFTWARE\Microsoft\Internet Explorer\Toolbar
11_Name={43869BB3-22FD-4F15-9B46-238106BA2F4E}
11_FileName=C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
11_FileSize=729088
11_FileDate=2006-7-24 14:06:04
11_FileVersion=2.2.0.1612
11_FileCompanyName=Xiang Feng Technology
Max=11

[IE3]
1_HKey=HKEY_CURRENT_USER
1_Key=Software\Microsoft\Internet Explorer\MenuExt\&使用迅雷下载
1_FileName=C:\Program Files\Sandai Technologies Inc\Thunder\geturl.htm
1_FileSize=2060
1_FileDate=2005-1-6 10:31:36
1_FileVersion=
1_FileCompanyName=
2_HKey=HKEY_CURRENT_USER
2_Key=Software\Microsoft\Internet Explorer\MenuExt\&使用迅雷下载全部链接
2_FileName=C:\Program Files\Sandai Technologies Inc\Thunder\getAllurl.htm
2_FileSize=583
2_FileDate=2005-1-6 10:31:36
2_FileVersion=
2_FileCompanyName=
3_HKey=HKEY_CURRENT_USER
3_Key=Software\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)
3_FileName=res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
3_FileVersion=
3_FileCompanyName=
4_HKey=HKEY_CURRENT_USER
4_Key=Software\Microsoft\Internet Explorer\MenuExt\添加到QQ自定义面板
4_FileName=C:\Program Files\Tencent\QQ\AddPanel.htm
4_FileSize=1815
4_FileDate=2005-3-30 11:19:42
4_FileVersion=
4_FileCompanyName=
5_HKey=HKEY_CURRENT_USER
5_Key=Software\Microsoft\Internet Explorer\MenuExt\添加到QQ表情
5_FileName=C:\Program Files\Tencent\QQ\AddEmotion.htm
5_FileSize=534
5_FileDate=2005-3-30 11:19:42
5_FileVersion=
5_FileCompanyName=
6_HKey=HKEY_CURRENT_USER
6_Key=Software\Microsoft\Internet Explorer\MenuExt\用QQ彩信发送该图片
6_FileName=C:\Program Files\Tencent\QQ\SendMMS.htm
6_FileSize=519
6_FileDate=2005-3-30 11:19:48
6_FileVersion=
6_FileCompanyName=
7_HKey=HKEY_LOCAL_MACHINE
7_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
7_Clsid={1FBA04EE-3024-11D2-8F1F-0000F87ABD16}
7_ButtonText=@shdoclc.dll,-866
7_MenuText=@shdoclc.dll,-864
7_FileName=%SystemRoot%\web\related.htm
7_FileSize=654
7_FileDate=2002-10-7 20:00:00
7_FileVersion=
7_FileCompanyName=
8_HKey=HKEY_LOCAL_MACHINE
8_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157b}
8_Clsid={1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
8_ButtonText=QQ
8_MenuText=腾讯QQ
8_FileName=
8_FileVersion=
8_FileCompanyName=
9_HKey=HKEY_LOCAL_MACHINE
9_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}
9_Clsid={1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
9_ButtonText=
9_MenuText=QQ炫彩工具条设置
9_FileName=
9_FileVersion=
9_FileCompanyName=
10_HKey=HKEY_CURRENT_USER
10_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping
10_Clsid=
10_ButtonText=
10_MenuText=
10_FileName=
10_FileVersion=
10_FileCompanyName=
11_HKey=HKEY_LOCAL_MACHINE
11_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54EBD53A-9BC1-480B-966A-843A333CA162}
11_Clsid=QQBrowserHelperObject Class
11_FileName=C:\Program Files\Tencent\QQ\QQIEHelper.dll
11_FileSize=184320
11_FileDate=2005-3-30 10:41:36
11_FileVersion=1.1.0.5
11_FileCompanyName=深圳市腾讯计算机系统有限公司
12_HKey=HKEY_LOCAL_MACHINE
12_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7369D35A-5B70-4A5B-B789-B25FE09B4AF3}
12_Clsid=超级兔子上网精灵
12_FileName=C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
12_FileSize=729088
12_FileDate=2006-7-24 14:06:04
12_FileVersion=2.2.0.1612
12_FileCompanyName=Xiang Feng Technology
13_HKey=HKEY_LOCAL_MACHINE
13_Key=SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes
13_Download=file://C:\WINDOWS\Java\classes\dajava.cab
13_FileName=
13_FileVersion=
13_FileCompanyName=
14_HKey=HKEY_LOCAL_MACHINE
14_Key=SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java
14_Download=file://C:\WINDOWS\Java\classes\xmldso.cab
14_FileName=
14_FileVersion=
14_FileCompanyName=
15_HKey=HKEY_LOCAL_MACHINE
15_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1511B879-2F75-4A75-9BA0-A6DADBF97A22}
15_NameServer=202.103.44.5,202.103.0.117
15_Clsid=
15_FileName=
15_FileVersion=
15_FileCompanyName=
16_HKey=HKEY_LOCAL_MACHINE
16_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2E36909A-6B73-4E80-BEEA-84BEA1025CE0}
16_NameServer=
16_Clsid=
16_FileName=
16_FileVersion=
16_FileCompanyName=
17_HKey=HKEY_LOCAL_MACHINE
17_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{40017955-764D-405D-B7F6-41D88B88A601}
17_NameServer=
17_Clsid=
17_FileName=
17_FileVersion=
17_FileCompanyName=
18_HKey=HKEY_LOCAL_MACHINE
18_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6ED43799-3DFA-4FE5-9D73-50CE10B23E3F}
18_NameServer=
18_Clsid=
18_FileName=
18_FileVersion=
18_FileCompanyName=
19_HKey=HKEY_LOCAL_MACHINE
19_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A03CFC12-B440-4B6B-A1DA-55B059536988}
19_NameServer=
19_Clsid=
19_FileName=
19_FileVersion=
19_FileCompanyName=
20_HKey=HKEY_LOCAL_MACHINE
20_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ACF19BE2-0219-4971-829F-5D4DB7D142F3}
20_NameServer=
20_Clsid=
20_FileName=
20_FileVersion=
20_FileCompanyName=
Max=20

[Link]
1_HKey=HKEY_CLASSES_ROOT
1_Key=.exe
1_Name=
1_Value=exefile
1_HKeyLink=HKEY_CLASSES_ROOT
1_KeyLink=exefile\shell\open\command
1_NameLink=
1_ValueLink="%1" %*
2_HKey=HKEY_CLASSES_ROOT
2_Key=.com
2_Name=
2_Value=comfile
2_HKeyLink=HKEY_CLASSES_ROOT
2_KeyLink=comfile\shell\open\command
2_NameLink=
2_ValueLink="%1" %*
3_HKey=HKEY_CLASSES_ROOT
3_Key=.lnk
3_Name=
3_Value=lnkfile
3_HKeyLink=HKEY_CLASSES_ROOT
3_KeyLink=lnkfile\CLSID
3_NameLink=
3_ValueLink={00021401-0000-0000-C000-000000000046}
4_HKey=HKEY_CLASSES_ROOT
4_Key=.txt
4_Name=
4_Value=txtfile
4_HKeyLink=HKEY_CLASSES_ROOT
4_KeyLink=txtfile\shell\open\command
4_NameLink=
4_ValueLink=%SystemRoot%\system32\NOTEPAD.EXE %1
4_FileSizeLink=66048
4_FileDateLink=2002-10-7 20:00:00
4_FileVersionLink=5.1.2600.0
4_FileCompanyNameLink=Microsoft Corporation
5_HKey=HKEY_CLASSES_ROOT
5_Key=.htm
5_Name=
5_Value=htmlfile
5_HKeyLink=HKEY_CLASSES_ROOT
5_KeyLink=htmlfile\shell\open\command
5_NameLink=
5_ValueLink="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
5_FileSizeLink=91136
5_FileDateLink=2002-10-7 20:00:00
5_FileVersionLink=6.0.2800.1106
5_FileCompanyNameLink=Microsoft Corporation
6_HKey=HKEY_CLASSES_ROOT
6_Key=.html
6_Name=
6_Value=htmlfile
6_HKeyLink=HKEY_CLASSES_ROOT
6_KeyLink=htmlfile\shell\open\command
6_NameLink=
6_ValueLink="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
6_FileSizeLink=91136
6_FileDateLink=2002-10-7 20:00:00
6_FileVersionLink=6.0.2800.1106
6_FileCompanyNameLink=Microsoft Corporation
7_HKey=HKEY_CLASSES_ROOT
7_Key=.url
7_Name=
7_Value=InternetShortcut
7_HKeyLink=HKEY_CLASSES_ROOT
7_KeyLink=InternetShortcut\shell\open\command
7_NameLink=
7_ValueLink=rundll32.exe shdocvw.dll,OpenURL %l
8_HKey=HKEY_CLASSES_ROOT
8_Key=PROTOCOLS\Filter\text/html
8_Name=CLSID
8_Value=
9_HKey=HKEY_CLASSES_ROOT
9_Key=PROTOCOLS\Filter\text/plain
9_Name=CLSID
9_Value=
10_HKey=HKEY_LOCAL_MACHINE
10_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
10_Name=
10_Value=http://
11_HKey=HKEY_LOCAL_MACHINE
11_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes
11_Name=www
11_Value=http://
Max=11

[Notify]
Max=0

[Shdoclc]
1_FileSize=548864
1_FileDate=2002-10-7 20:00:00
1_FileVersion=6.0.2600.0
1_FileCompanyName=Microsoft Corporation
Max=1

[AppInit_DLLs]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
1_Name=AppInit_DLLs
1_Value=
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
2_Name=Userinit
2_Value=C:\WINDOWS\System32\userinit.exe,
2_FileSize=20992
2_FileDate=2002-10-7 20:00:00
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
3_Name=Shell
3_Value=Explorer.exe
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
4_Name=System
3_Value=
Max=4

[WinSock2NameSpace]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001
1_Name=DisplayString
1_Value=Tcpip
1_Enabled=1
1_LibraryPath=%SystemRoot%\System32\mswsock.dll
1_FileSize=228352
1_FileDate=2002-10-7 20:00:00
1_FileVersion=5.1.2600.0
1_FileCompanyName=Microsoft Corporation
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002
2_Name=DisplayString
2_Value=NTDS
2_Enabled=1
2_LibraryPath=%SystemRoot%\System32\winrnr.dll
2_FileSize=14848
2_FileDate=2002-10-7 20:00:00
2_FileVersion=5.1.2600.0
2_FileCompanyName=Microsoft Corporation
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003
3_Name=DisplayString
3_Value=网络位置知晓 (NLA) 名称空间
3_Enabled=1
3_LibraryPath=%SystemRoot%\System32\mswsock.dll
3_FileSize=228352
3_FileDate=2002-10-7 20:00:00
3_FileVersion=5.1.2600.0
3_FileCompanyName=Microsoft Corporation
Max=3

[WinSock2Protocol]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001
1_Name=PackedCatalogItem
1_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002
2_Name=PackedCatalogItem
2_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003
3_Name=PackedCatalogItem
3_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004
4_Name=PackedCatalogItem
4_FileName=%SystemRoot%\system32\rsvpsp.dll
5_HKey=HKEY_LOCAL_MACHINE
5_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005
5_Name=PackedCatalogItem
5_FileName=%SystemRoot%\system32\rsvpsp.dll
6_HKey=HKEY_LOCAL_MACHINE
6_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006
6_Name=PackedCatalogItem
6_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
7_HKey=HKEY_LOCAL_MACHINE
7_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007
7_Name=PackedCatalogItem
7_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
8_HKey=HKEY_LOCAL_MACHINE
8_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008
8_Name=PackedCatalogItem
8_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
9_HKey=HKEY_LOCAL_MACHINE
9_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009
9_Name=PackedCatalogItem
9_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
10_HKey=HKEY_LOCAL_MACHINE
10_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010
10_Name=PackedCatalogItem
10_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
11_HKey=HKEY_LOCAL_MACHINE
11_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011
11_Name=PackedCatalogItem
11_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
Max=11

[WinSock2Winsock]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=System\CurrentControlSet\Services\Winsock2\Winsock
1_Name=PathName
1_Value=
1_Found=0
Max=1

[WOW]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Control\WOW
1_Name=cmdline
1_Value=%SystemRoot%\system32\ntvdm.exe -o
1_Filename=C:\WINDOWS\SYSTEM32\NTVDM.EXE
1_FileSize=393216
1_FileDate=2002-10-7 20:00:00
1_FileVersion=5.1.2600.1106
1_FileCompanyName=Microsoft Corporation
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SYSTEM\CurrentControlSet\Control\WOW
2_Name=wowcmdline
2_Value=%SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
2_Filename=C:\WINDOWS\SYSTEM32\NTVDM.EXE
2_FileSize=393216
2_FileDate=2002-10-7 20:00:00
2_FileVersion=5.1.2600.1106
2_FileCompanyName=Microsoft Corporation
Max=2

[ShellExecuteHooks]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
1_Name={AEB6717E-7E19-11d0-97EE-00C04FD91972}
1_ClsidName=URL 执行挂钩
1_FileName=C:\WINDOWS\System32\shell32.dll
1_FileSize=8194048
1_FileDate=2002-10-7 20:00:00
Max=1

[ShellServiceObjectDelayLoad]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
1_Name=PostBootReminder
1_Value={7849596a-48ea-486e-8937-a2a3009f31a9}
1_ClsidName=PostBootReminder 对象
1_FileName=%SystemRoot%\system32\SHELL32.dll
1_FileSize=8194048
1_FileDate=2002-10-7 20:00:00
1_FileVersion=6.0.2800.1106
1_FileCompanyName=Microsoft Corporation
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
2_Name=CDBurn
2_Value={fbeb8a05-beee-4442-804e-409d6c4515e9}
2_ClsidName=烧 CD 的 ShellFolder
2_FileName=%SystemRoot%\system32\SHELL32.dll
2_FileSize=8194048
2_FileDate=2002-10-7 20:00:00
2_FileVersion=6.0.2800.1106
2_FileCompanyName=Microsoft Corporation
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
3_Name=WebCheck
3_Value={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
3_ClsidName=WebCheck
3_FileName=%SystemRoot%\System32\webcheck.dll
3_FileSize=247296
3_FileDate=2002-10-7 20:00:00
3_FileVersion=6.0.2800.1106
3_FileCompanyName=Microsoft Corporation
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
4_Name=SysTray
4_Value={35CEC8A3-2BE6-11D2-8773-92E220524153}
4_ClsidName=SysTray
4_FileName=C:\WINDOWS\System32\stobject.dll
4_FileSize=117248
4_FileDate=2002-10-7 20:00:00
4_FileVersion=5.1.2600.1106
4_FileCompanyName=Microsoft Corporation
Max=4

[SharedTaskScheduler]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
1_Name={438755C2-A8BA-11D1-B96B-00A0C90312E1}
1_Value=Browseui 预加载程序
1_FileName=%SystemRoot%\System32\browseui.dll
1_FileSize=1021952
1_FileDate=2002-10-7 20:00:00
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
2_Name={8C7461EF-2B13-11d2-BE35-3078302C2030}
2_Value=组件类别缓存程序
2_FileName=%SystemRoot%\System32\browseui.dll
2_FileSize=1021952
2_FileDate=2002-10-7 20:00:00
Max=2

[ProtocolDefaults]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
1_Name=http
1_Value=3
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
2_Name=https
2_Value=3
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
3_Name=ftp
3_Value=3
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
4_Name=file
4_Value=3
5_HKey=HKEY_LOCAL_MACHINE
5_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
5_Name=@ivt
5_Value=1
6_HKey=HKEY_LOCAL_MACHINE
6_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
6_Name=shell
6_Value=0
Max=6

[BootExecute]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Control\Session Manager
1_Name=BootExecute
1_Value=autocheck autochk *
Max=1

[Startup]
Max=0

[AutoRun]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=Software\Microsoft\Windows\CurrentVersion\Run
1_Name=IMJPMIG8.1
1_Value=; "c:\windows\ime\imjp8_1\imjpmig.exe" /spoil /remadvdef /migration32
1_FileSize=208953
1_FileDate=2002-10-7 20:00:00
1_FileVersion=8.1.4005.0
1_FileCompanyName=Microsoft Corporation
2_HKey=HKEY_LOCAL_MACHINE
2_Key=Software\Microsoft\Windows\CurrentVersion\Run
2_Name=PHIME2002ASync
2_Value=c:\windows\system32\ime\tintlgnt\tintsetp.exe /sync
2_FileSize=455168
2_FileDate=2002-10-7 20:00:00
2_FileVersion=5.2.0.2801
2_FileCompanyName=Microsoft Corporation
3_HKey=HKEY_LOCAL_MACHINE
3_Key=Software\Microsoft\Windows\CurrentVersion\Run
3_Name=PHIME2002A
3_Value=c:\windows\system32\ime\tintlgnt\tintsetp.exe /imename
3_FileSize=455168
3_FileDate=2002-10-7 20:00:00
3_FileVersion=5.2.0.2801
3_FileCompanyName=Microsoft Corporation
4_HKey=HKEY_LOCAL_MACHINE
4_Key=Software\Microsoft\Windows\CurrentVersion\Run
4_Name=IMSCMig
4_Value=c:\progra~1\common~1\micros~1\ime\imsc40a\imscmig.exe /preload
4_FileSize=13368
4_FileDate=2003-7-14 22:57:20
4_FileVersion=6.0.0.2527
4_FileCompanyName=Microsoft Corporation
5_HKey=HKEY_LOCAL_MACHINE
5_Key=Software\Microsoft\Windows\CurrentVersion\Run
5_Name=TkBellExe
5_Value=; "c:\program files\common files\real\update_ob\realsched.exe"  -osboot
5_FileSize=180269
5_FileDate=2005-8-29 13:06:41
5_FileVersion=0.1.0.3208
5_FileCompanyName=RealNetworks, Inc.
6_HKey=HKEY_LOCAL_MACHINE
6_Key=Software\Microsoft\Windows\CurrentVersion\Run
6_Name=IgfxTray
6_Value=c:\windows\system32\igfxtray.exe
6_FileSize=155648
6_FileDate=2003-3-11 10:24:08
6_FileVersion=3.0.0.2082
6_FileCompanyName=Intel Corporation
7_HKey=HKEY_LOCAL_MACHINE
7_Key=Software\Microsoft\Windows\CurrentVersion\Run
7_Name=HotKeysCmds
7_Value=c:\windows\system32\hkcmd.exe
7_FileSize=114688
7_FileDate=2003-3-11 10:11:56
7_FileVersion=3.0.0.2082
7_FileCompanyName=Intel Corporation
8_HKey=HKEY_LOCAL_MACHINE
8_Key=Software\Microsoft\Windows\CurrentVersion\Run
8_Name=BigDogPath
8_Value=c:\windows\vm_sti.exe zsmc usb pc camera
8_FileSize=40960
8_FileDate=2004-6-9 15:37:02
8_FileVersion=4.2.610.4
8_FileCompanyName=BIGDOG
9_HKey=HKEY_LOCAL_MACHINE
9_Key=Software\Microsoft\Windows\CurrentVersion\Run
9_Name=SoundMan
9_Value=soundman.exe
9_FileSize=65024
9_FileDate=2004-2-9 16:54:14
9_FileVersion=5.1.0.24
9_FileCompanyName=Realtek Semiconductor Corp.
10_HKey=HKEY_LOCAL_MACHINE
10_Key=Software\Microsoft\Windows\CurrentVersion\Run
10_Name=KernelFaultCheck
10_Value=%systemroot%\system32\dumprep 0 -k
11_HKey=HKEY_LOCAL_MACHINE
11_Key=Software\Microsoft\Windows\CurrentVersion\Run
11_Name=RavTask
11_Value="c:\program files\rising\rav\ravtask.exe" -system
11_FileSize=118784
11_FileDate=2007-1-4 14:10:38
11_FileVersion=19.0.0.7
11_FileCompanyName=Beijing Rising Technology Co., Ltd.
12_HKey=HKEY_LOCAL_MACHINE
12_Key=Software\Microsoft\Windows\CurrentVersion\Run
12_Name=runeip
12_Value=c:\program files\rising\antispyware\runiep.exe
12_FileSize=86016
12_FileDate=2007-1-4 13:34:53
12_FileVersion=1.0.1.3
12_FileCompanyName=Beijing Rising Technology Co., Ltd.
13_HKey=HKEY_LOCAL_MACHINE
13_Key=Software\Microsoft\Windows NT\CurrentVersion\Windows
13_Name=load
13_Value=
14_HKey=HKEY_CURRENT_USER
14_Key=Software\Microsoft\Windows\CurrentVersion\Run
14_Name=ctfmon.exe
14_Value=c:\windows\system32\ctfmon.exe
14_FileSize=13312
14_FileDate=2002-10-7 20:00:00
14_FileVersion=5.1.2600.1106
14_FileCompanyName=Microsoft Corporation
15_HKey=HKEY_CURRENT_USER
15_Key=Software\Microsoft\Windows\CurrentVersion\Run
15_Name=Super Rabbit IEPro
15_Value=c:\program files\super rabbit\magicset\sriecli.exe /load
15_FileSize=937984
15_FileDate=2006-12-10 14:33:50
15_FileVersion=7.93.0.0
15_FileCompanyName=Super Rabbit Soft
16_HKey=HKEY_CURRENT_USER
16_Key=Software\Microsoft\Windows NT\CurrentVersion\Windows
16_Name=load
16_Value=
Max=16

[Process]
1_FileName=C:\WINDOWS\SYSTEM32\SMSS.EXE
1_FileSize=45568
1_FileDate=2002-10-7 20:00:00
1_FileVersion=5.1.2600.1106
1_FileCompanyName=Microsoft Corporation
2_FileName=C:\WINDOWS\SYSTEM32\WINLOGON.EXE
2_FileSize=501760
2_FileDate=2002-10-7 20:00:00
2_FileVersion=5.1.2600.1106
2_FileCompanyName=Microsoft Corporation
3_FileName=C:\WINDOWS\SYSTEM32\SERVICES.EXE
3_FileSize=101376
3_FileDate=2002-10-7 20:00:00
3_FileVersion=5.1.2600.0
3_FileCompanyName=Microsoft Corporation
4_FileName=C:\WINDOWS\SYSTEM32\LSASS.EXE
4_FileSize=11776
4_FileDate=2002-10-7 20:00:00
4_FileVersion=5.1.2600.1106
4_FileCompanyName=Microsoft Corporation
5_FileName=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
5_FileSize=12800
5_FileDate=2002-10-7 20:00:00
5_FileVersion=5.1.2600.0
5_FileCompanyName=Microsoft Corporation
6_FileName=C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
6_FileSize=110592
6_FileDate=2007-1-4 14:10:38
6_FileVersion=18.0.0.3
6_FileCompanyName=Beijing Rising Technology Co., Ltd.
7_FileName=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
7_FileSize=12800
7_FileDate=2002-10-7 20:00:00
7_FileVersion=5.1.2600.0
7_FileCompanyName=Microsoft Corporation
8_FileName=C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE
8_FileSize=278528
8_FileDate=2007-1-4 14:10:34
8_FileVersion=19.0.0.43
8_FileCompanyName=Beijing Rising Technology Co., Ltd.
9_FileName=C:\WINDOWS\EXPLORER.EXE
9_FileSize=948736
9_FileDate=2002-10-7 20:00:00
9_FileVersion=6.0.2800.1106
9_FileCompanyName=Microsoft Corporation
10_FileName=C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
10_FileSize=51200
10_FileDate=2002-10-7 20:00:00
10_FileVersion=5.1.2600.0
10_FileCompanyName=Microsoft Corporation
11_FileName=C:\WINDOWS\SYSTEM32\CONIME.EXE
11_FileSize=24576
11_FileDate=2002-10-7 20:00:00
11_FileVersion=5.1.2600.1106
11_FileCompanyName=Microsoft Corporation
12_FileName=C:\PROGRAM FILES\RISING\RAV\RAVSTUB.EXE
12_FileSize=90112
12_FileDate=2007-1-4 14:10:34
12_FileVersion=19.0.0.4
12_FileCompanyName=Beijing Rising Technology Co., Ltd.
13_FileName=C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE
13_FileSize=54784
13_FileDate=2005-8-29 12:48:28
13_FileVersion=4.20.20.0
13_FileCompanyName=Macrovision
14_FileName=C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
14_FileSize=322120
14_FileDate=2003-6-19 23:25:00
14_FileVersion=7.0.9466.0
14_FileCompanyName=Microsoft Corporation
15_FileName=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
15_FileSize=12800
15_FileDate=2002-10-7 20:00:00
15_FileVersion=5.1.2600.0
15_FileCompanyName=Microsoft Corporation
16_FileName=C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
16_FileSize=155648
16_FileDate=2003-3-11 10:24:08
16_FileVersion=3.0.0.2082
16_FileCompanyName=Intel Corporation
17_FileName=C:\WINDOWS\SYSTEM32\HKCMD.EXE
17_FileSize=114688
17_FileDate=2003-3-11 10:11:56
17_FileVersion=3.0.0.2082
17_FileCompanyName=Intel Corporation
18_FileName=C:\WINDOWS\VM_STI.EXE
18_FileSize=40960
18_FileDate=2004-6-9 15:37:02
18_FileVersion=4.2.610.4
18_FileCompanyName=BIGDOG
19_FileName=C:\WINDOWS\SOUNDMAN.EXE
19_FileSize=65024
19_FileDate=2004-2-9 16:54:14
19_FileVersion=5.1.0.24
19_FileCompanyName=Realtek Semiconductor Corp.
20_FileName=C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE
20_FileSize=118784
20_FileDate=2007-1-4 14:10:38
20_FileVersion=19.0.0.7
20_FileCompanyName=Beijing Rising Technology Co., Ltd.
21_FileName=C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE
21_FileSize=622592
21_FileDate=2007-1-4 14:10:34
21_FileVersion=19.0.0.36
21_FileCompanyName=Beijing Rising Technology Co., Ltd.
22_FileName=C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE
22_FileSize=86016
22_FileDate=2007-1-4 13:34:53
22_FileVersion=1.0.1.3
22_FileCompanyName=Beijing Rising Technology Co., Ltd.
23_FileName=C:\WINDOWS\SYSTEM32\CTFMON.EXE
23_FileSize=13312
23_FileDate=2002-10-7 20:00:00
23_FileVersion=5.1.2600.1106
23_FileCompanyName=Microsoft Corporation
24_FileName=C:\PROGRAM FILES\SUPER RABBIT\MAGICSET\SRIECLI.EXE
24_FileSize=937984
24_FileDate=2006-12-10 14:33:50
24_FileVersion=7.93.0.0
24_FileCompanyName=Super Rabbit Soft
25_FileName=C:\PROGRAM FILES\SUPER RABBIT\MAGICSET\SRIEH.EXE
25_FileSize=1376256
25_FileDate=2006-12-10 14:33:18
25_FileVersion=7.93.0.0
25_FileCompanyName=Super Rabbit Soft
26_FileName=[SYSTEM PROCESS]
27_FileName=C:\WINDOWS\System32\CSRSS.EXE
27_FileSize=4096
27_FileDate=2002-10-7 20:00:00
27_FileVersion=5.1.2600.0
27_FileCompanyName=Microsoft Corporation
28_FileName=C:\WINDOWS\System32\ALG.EXE
28_FileSize=41984
28_FileDate=2002-10-7 20:00:00
28_FileVersion=5.1.2600.1106
28_FileCompanyName=Microsoft Corporation
29_FileName=C:\WINDOWS\System32\WDFMGR.EXE
29_FileSize=38912
29_FileDate=2005-1-28 1:36:00
29_FileVersion=5.2.3790.1230
29_FileCompanyName=Microsoft Corporation
Max=29

[Hosts]
HostsFile=C:\WINDOWS\System32\Drivers\Etc\Hosts
1_Host=127.0.0.1      localhost
Max=1

[Service]
1_ServiceName=C-DillaCdaC11BA
1_DisplayName=C-DillaCdaC11BA
1_Description=
1_Status=已启动
1_StartType=自动
1_ServiceDll=
1_ImagePath=C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE

2_ServiceName=Macromedia Licensing Service
2_DisplayName=Macromedia Licensing Service
2_Description=Provides authentication services for Macromedia applications.
2_Status=停止
2_StartType=手动
2_ServiceDll=
2_ImagePath="C:\PROGRAM FILES\COMMON FILES\MACROMEDIA SHARED\SERVICE\MACROMEDIA LICENSING.EXE"

3_ServiceName=MDM
3_DisplayName=Machine Debug Manager
3_Description=支持对 Visual Studio 和脚本调试器进行本地和远程调试。如果该服务停止，调试器将不能正常工作。
3_Status=已启动
3_StartType=自动
3_ServiceDll=
3_ImagePath="C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"

4_ServiceName=ose
4_DisplayName=Office Source Engine
4_Description=可保存用于更新和修复的安装文件，并且在下载安装程序更新和 Watson 错误报告时必须使用。
4_Status=停止
4_StartType=手动
4_ServiceDll=
4_ImagePath=C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\SOURCE ENGINE\OSE.EXE

5_ServiceName=RsCCenter
5_DisplayName=Rising Process Communication Center
5_Description=
5_Status=已启动
5_StartType=自动
5_ServiceDll=
5_ImagePath="C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE"

6_ServiceName=RsRavMon
6_DisplayName=RsRavMon Service
6_Description=
6_Status=已启动
6_StartType=自动
6_ServiceDll=
6_ImagePath="C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE"

7_ServiceName=UMWdf
7_DisplayName=Windows User Mode Driver Framework
7_Description=启用 Windows 用户模式驱动程序。
7_Status=已启动
7_StartType=自动
7_ServiceDll=
7_ImagePath=C:\WINDOWS\SYSTEM32\WDFMGR.EXE

8_ServiceName=WmdmPmSN
8_DisplayName=Portable Media Serial Number Service
8_Description=Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
8_Status=停止
8_StartType=手动
8_ServiceDll=C:\WINDOWS\SYSTEM32\MSPMSNSV.DLL
8_ImagePath=C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS

Max=8

[END]
Max=1
终于贴完

不知道怎么扫？请指点-------不过我现在正弄了个威金的专杀正清着呢，也不晓得有不有？