[Main]
Program=超 级 兔 子 IE 修 复 专 家
Version=V7.95
WindowsVersion=Windows XP
IEVersion=6.0.2900.2180
WinDir=C:\WINDOWS\
WinSystemDir=C:\WINDOWS\system32\
USERPROFILE=C:\Documents and Settings\Lenovo
Admin=1
Detail=1
Date=2007-01-25
Time=09:13:30
Code=,
CDCode=,
Reg=0

[Soft]
Max=0

[IE]
1_HKey=HKEY_CURRENT_USER
1_Key=Software\Microsoft\Internet Explorer\Main
1_Name=Window Title
1_Value=Microsoft Internet Explorer
2_HKey=HKEY_CURRENT_USER
2_Key=Software\Microsoft\Internet Explorer\Main
2_Name=Local Page
2_Value=about:blank
3_HKey=HKEY_CURRENT_USER
3_Key=Software\Microsoft\Internet Explorer\Main
3_Name=Search Page
3_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
4_HKey=HKEY_CURRENT_USER
4_Key=Software\Microsoft\Internet Explorer\Main
4_Name=Start Page
4_Value=http://www.haokan123.com/
5_HKey=HKEY_CURRENT_USER
5_Key=Software\Microsoft\Internet Explorer\Main
5_Name=Default_page_url
5_Value=http://www.microsoft.com/windows/ie_intl/cn/start/
6_HKey=HKEY_CURRENT_USER
6_Key=Software\Microsoft\Internet Explorer\Main
6_Name=First Home Page
6_Value=
7_HKey=HKEY_LOCAL_MACHINE
7_Key=Software\Microsoft\Internet Explorer\Main
7_Name=Search Page
7_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
8_HKey=HKEY_LOCAL_MACHINE
8_Key=Software\Microsoft\Internet Explorer\Main
8_Name=Start Page
8_Value=about:blank
9_HKey=HKEY_LOCAL_MACHINE
9_Key=Software\Microsoft\Internet Explorer\Main
9_Name=Default_page_url
9_Value=http://www.microsoft.com/windows/ie_intl/cn/start/
10_HKey=HKEY_LOCAL_MACHINE
10_Key=Software\Microsoft\Internet Explorer\Main
10_Name=First Home Page
10_Value=
11_HKey=HKEY_LOCAL_MACHINE
11_Key=Software\Microsoft\Internet Explorer\Main
11_Name=Search Page
11_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
12_HKey=HKEY_LOCAL_MACHINE
12_Key=Software\Microsoft\Internet Explorer\Main
12_Name=Start Page
12_Value=about:blank
Max=12

[IE2]
1_HKey=HKEY_CURRENT_USER
1_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
1_Name={01E04581-4EEE-11D0-BFE9-00AA005B4383}
1_FileName=%SystemRoot%\system32\browseui.dll
1_FileSize=1016832
1_FileDate=2004-8-7
1_FileVersion=6.0.2900.2180
1_FileCompanyName=Microsoft Corporation
2_HKey=HKEY_CURRENT_USER
2_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
2_Name={0E5CBF21-D15F-11D0-8301-00AA005B4383}
2_FileName=%SystemRoot%\system32\SHELL32.dll
2_FileSize=8311296
2_FileDate=2006-7-13 21:34:56
2_FileVersion=6.0.2900.2951
2_FileCompanyName=Microsoft Corporation
3_HKey=HKEY_CURRENT_USER
3_Key=Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
3_Name={01E04581-4EEE-11D0-BFE9-00AA005B4383}
3_FileName=%SystemRoot%\system32\browseui.dll
3_FileSize=1016832
3_FileDate=2004-8-7
3_FileVersion=6.0.2900.2180
3_FileCompanyName=Microsoft Corporation
Max=3

IE3]
1_HKey=HKEY_CURRENT_USER
1_Key=Software\Microsoft\Internet Explorer\MenuExt\&使用BitComet下载
1_FileName=res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
1_FileVersion=
1_FileCompanyName=
2_HKey=HKEY_CURRENT_USER
2_Key=Software\Microsoft\Internet Explorer\MenuExt\&使用BitComet下载全部链接
2_FileName=res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
2_FileVersion=
2_FileCompanyName=
3_HKey=HKEY_CURRENT_USER
3_Key=Software\Microsoft\Internet Explorer\MenuExt\&使用BitComet下载本页视频
3_FileName=res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
3_FileVersion=
3_FileCompanyName=
4_HKey=HKEY_CURRENT_USER
4_Key=Software\Microsoft\Internet Explorer\MenuExt\上传到QQ网络硬盘
4_FileName=C:\Program Files\Tencent\QQ\AddToNetDisk.htm
4_FileSize=534
4_FileDate=2006-12-7 18:13:26
4_FileVersion=
4_FileCompanyName=
5_HKey=HKEY_CURRENT_USER
5_Key=Software\Microsoft\Internet Explorer\MenuExt\使用脱兔下载
5_FileName=C:\Program Files\Tuotu\TT_one.htm
5_FileSize=1665
5_FileDate=2005-9-6 16:46:58
5_FileVersion=
5_FileCompanyName=
6_HKey=HKEY_CURRENT_USER
6_Key=Software\Microsoft\Internet Explorer\MenuExt\使用脱兔下载全部链接
6_FileName=C:\Program Files\Tuotu\TT_all.htm
6_FileSize=619
6_FileDate=2005-12-1 14:05:32
6_FileVersion=
6_FileCompanyName=
7_HKey=HKEY_CURRENT_USER
7_Key=Software\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)
7_FileName=res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
7_FileVersion=
7_FileCompanyName=
8_HKey=HKEY_CURRENT_USER
8_Key=Software\Microsoft\Internet Explorer\MenuExt\添加到QQ自定义面板
8_FileName=C:\Program Files\Tencent\QQ\AddPanel.htm
8_FileSize=1815
8_FileDate=2006-12-7 18:13:26
8_FileVersion=
8_FileCompanyName=
9_HKey=HKEY_CURRENT_USER
9_Key=Software\Microsoft\Internet Explorer\MenuExt\添加到QQ表情
9_FileName=C:\Program Files\Tencent\QQ\AddEmotion.htm
9_FileSize=534
9_FileDate=2006-12-7 18:13:26
9_FileVersion=
9_FileCompanyName=
10_HKey=HKEY_CURRENT_USER
10_Key=Software\Microsoft\Internet Explorer\MenuExt\用QQ彩信发送该图片
10_FileName=C:\Program Files\Tencent\QQ\SendMMS.htm
10_FileSize=519
10_FileDate=2006-12-7 18:13:46
10_FileVersion=
10_FileCompanyName=
11_HKey=HKEY_LOCAL_MACHINE
11_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}
11_Clsid={1FBA04EE-3024-11D2-8F1F-0000F87ABD16}
11_ButtonText=启动迅雷5
11_MenuText=启动迅雷5
11_FileName=
11_FileVersion=
11_FileCompanyName=
12_HKey=HKEY_LOCAL_MACHINE
12_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157b}
12_Clsid={1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
12_ButtonText=QQ
12_MenuText=腾讯QQ
12_FileName=
12_FileVersion=
12_FileCompanyName=
13_HKey=HKEY_CURRENT_USER
13_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping
13_Clsid=
13_ButtonText=
13_MenuText=
13_FileName=
13_FileVersion=
13_FileCompanyName=
14_HKey=HKEY_LOCAL_MACHINE
14_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0005A87D-D626-4B3A-84F9-1D9571695F55}
14_Clsid=ThunderIEHelper Class
14_FileName=C:\WINDOWS\system32\xunleibho_v13.dll
14_FileVersion=
14_FileCompanyName=
15_HKey=HKEY_LOCAL_MACHINE
15_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
15_Clsid=AcroIEHlprObj Class
15_FileName=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
15_FileSize=63128
15_FileDate=2006-1-12 20:38:22
15_FileVersion=7.0.7.142
15_FileCompanyName=Adobe Systems Incorporated
16_HKey=HKEY_LOCAL_MACHINE
16_Key=SOFTWARE\Microsoft\Code Store Database\Distribution Units\{05C1004E-2596-48E5-8E26-39362985EEB9}
16_Download=http://p3p.sogou.com/MMCShell.cab
16_FileName=C:\WINDOWS\Downloaded Program Files\MMCShell.inf
16_FileSize=227
16_FileDate=2006-6-9 14:32:48
16_FileVersion=
16_FileCompanyName=
17_HKey=HKEY_LOCAL_MACHINE
17_Key=SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}
17_Download=http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
17_FileName=C:\WINDOWS\Downloaded Program Files\swflash.inf
17_FileSize=5019
17_FileDate=2006-11-9 14:36:12
17_FileVersion=
17_FileCompanyName=
18_HKey=HKEY_LOCAL_MACHINE
18_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{40784049-F8CD-457D-BEB1-D9760B63114E}
18_NameServer=
18_Clsid=
18_FileName=
18_FileVersion=
18_FileCompanyName=
19_HKey=HKEY_LOCAL_MACHINE
19_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{70F0D637-82C0-4FE8-B6ED-7061E04D688F}
19_NameServer=
19_Clsid=
19_FileName=
19_FileVersion=
19_FileCompanyName=
20_HKey=HKEY_LOCAL_MACHINE
20_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BF194F1D-F6E0-421D-A735-13E551DA068C}
20_NameServer=
20_Clsid=
20_FileName=
20_FileVersion=
20_FileCompanyName=
21_HKey=HKEY_LOCAL_MACHINE
21_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{CAA2ED5D-2E01-4403-B13E-4A35F78A8F50}
21_NameServer=
21_Clsid=
21_FileName=
21_FileVersion=
21_FileCompanyName=
22_HKey=HKEY_LOCAL_MACHINE
22_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DEFF78EC-15EB-4A23-8A41-B7E4C9C2AE11}
22_NameServer=
22_Clsid=
22_FileName=
22_FileVersion=
22_FileCompanyName=
23_HKey=HKEY_LOCAL_MACHINE
23_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F0664E4F-5549-4EE6-B842-A888A35165DC}
23_NameServer=
23_Clsid=
23_FileName=
23_FileVersion=
23_FileCompanyName=
Max=23

[Link]
1_HKey=HKEY_CLASSES_ROOT
1_Key=.exe
1_Name=
1_Value=exefile
1_HKeyLink=HKEY_CLASSES_ROOT
1_KeyLink=exefile\shell\open\command
1_NameLink=
1_ValueLink="%1" %*
2_HKey=HKEY_CLASSES_ROOT
2_Key=.com
2_Name=
2_Value=comfile
2_HKeyLink=HKEY_CLASSES_ROOT
2_KeyLink=comfile\shell\open\command
2_NameLink=
2_ValueLink="%1" %*
3_HKey=HKEY_CLASSES_ROOT
3_Key=.lnk
3_Name=
3_Value=lnkfile
3_HKeyLink=HKEY_CLASSES_ROOT
3_KeyLink=lnkfile\CLSID
3_NameLink=
3_ValueLink={00021401-0000-0000-C000-000000000046}
4_HKey=HKEY_CLASSES_ROOT
4_Key=.txt
4_Name=
4_Value=txtfile
4_HKeyLink=HKEY_CLASSES_ROOT
4_KeyLink=txtfile\shell\open\command
4_NameLink=
4_ValueLink=%SystemRoot%\system32\NOTEPAD.EXE %1
4_FileSizeLink=66560
4_FileDateLink=2004-8-7
4_FileVersionLink=5.1.2600.2180
4_FileCompanyNameLink=Microsoft Corporation
5_HKey=HKEY_CLASSES_ROOT
5_Key=.htm
5_Name=
5_Value=htmlfile
5_HKeyLink=HKEY_CLASSES_ROOT
5_KeyLink=htmlfile\shell\open\command
5_NameLink=
5_ValueLink="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
5_FileSizeLink=93184
5_FileDateLink=2004-8-7 8:00:00
5_FileVersionLink=6.0.2900.2180
5_FileCompanyNameLink=Microsoft Corporation
6_HKey=HKEY_CLASSES_ROOT
6_Key=.html
6_Name=
6_Value=htmlfile
6_HKeyLink=HKEY_CLASSES_ROOT
6_KeyLink=htmlfile\shell\open\command
6_NameLink=
6_ValueLink="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
6_FileSizeLink=93184
6_FileDateLink=2004-8-7 8:00:00
6_FileVersionLink=6.0.2900.2180
6_FileCompanyNameLink=Microsoft Corporation
7_HKey=HKEY_CLASSES_ROOT
7_Key=.url
7_Name=
7_Value=InternetShortcut
7_HKeyLink=HKEY_CLASSES_ROOT
7_KeyLink=InternetShortcut\shell\open\command
7_NameLink=
7_ValueLink=rundll32.exe shdocvw.dll,OpenURL %l
8_HKey=HKEY_CLASSES_ROOT
8_Key=PROTOCOLS\Filter\text/html
8_Name=CLSID
8_Value=
9_HKey=HKEY_CLASSES_ROOT
9_Key=PROTOCOLS\Filter\text/plain
9_Name=CLSID
9_Value=
10_HKey=HKEY_LOCAL_MACHINE
10_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
10_Name=
10_Value=http://
11_HKey=HKEY_LOCAL_MACHINE
11_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes
11_Name=www
11_Value=http://
Max=11

[Notify]
Max=0

[Shdoclc]
1_FileSize=498176
1_FileDate=2004-8-7
1_FileVersion=6.0.2900.2180
1_FileCompanyName=Microsoft Corporation
Max=1

[AppInit_DLLs]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
1_Name=AppInit_DLLs
1_Value=
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
2_Name=Userinit
2_Value=C:\WINDOWS\system32\userinit.exe,
2_FileSize=23552
2_FileDate=2004-8-7
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
3_Name=Shell
3_Value=Explorer.exe
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
4_Name=System
3_Value=
Max=4

[WinSock2NameSpace]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001
1_Name=DisplayString
1_Value=Tcpip
1_Enabled=1
1_LibraryPath=%SystemRoot%\System32\mswsock.dll
1_FileSize=240640
1_FileDate=2004-8-7
1_FileVersion=5.1.2600.2180
1_FileCompanyName=Microsoft Corporation
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002
2_Name=DisplayString
2_Value=NTDS
2_Enabled=1
2_LibraryPath=%SystemRoot%\System32\winrnr.dll
2_FileSize=16896
2_FileDate=2004-8-7
2_FileVersion=5.1.2600.2180
2_FileCompanyName=Microsoft Corporation
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003
3_Name=DisplayString
3_Value=网络位置知晓 (NLA) 名称空间
3_Enabled=1
3_LibraryPath=%SystemRoot%\System32\mswsock.dll
3_FileSize=240640
3_FileDate=2004-8-7
3_FileVersion=5.1.2600.2180
3_FileCompanyName=Microsoft Corporation
Max=3

[WinSock2Protocol]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001
1_Name=PackedCatalogItem
1_FileName=%SystemRoot%\system32\mswsock.dll
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002
2_Name=PackedCatalogItem
2_FileName=%SystemRoot%\system32\mswsock.dll
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003
3_Name=PackedCatalogItem
3_FileName=%SystemRoot%\system32\mswsock.dll
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004
4_Name=PackedCatalogItem
4_FileName=%SystemRoot%\system32\rsvpsp.dll
5_HKey=HKEY_LOCAL_MACHINE
5_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005
5_Name=PackedCatalogItem
5_FileName=%SystemRoot%\system32\rsvpsp.dll
6_HKey=HKEY_LOCAL_MACHINE
6_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006
6_Name=PackedCatalogItem
6_FileName=%SystemRoot%\system32\mswsock.dll
7_HKey=HKEY_LOCAL_MACHINE
7_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007
7_Name=PackedCatalogItem
7_FileName=%SystemRoot%\system32\mswsock.dll
8_HKey=HKEY_LOCAL_MACHINE
8_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008
8_Name=PackedCatalogItem
8_FileName=%SystemRoot%\system32\mswsock.dll
9_HKey=HKEY_LOCAL_MACHINE
9_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009
9_Name=PackedCatalogItem
9_FileName=%SystemRoot%\system32\mswsock.dll
10_HKey=HKEY_LOCAL_MACHINE
10_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010
10_Name=PackedCatalogItem
10_FileName=%SystemRoot%\system32\mswsock.dll
11_HKey=HKEY_LOCAL_MACHINE
11_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011
11_Name=PackedCatalogItem
11_FileName=%SystemRoot%\system32\mswsock.dll
12_HKey=HKEY_LOCAL_MACHINE
12_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012
12_Name=PackedCatalogItem
12_FileName=%SystemRoot%\system32\mswsock.dll
13_HKey=HKEY_LOCAL_MACHINE
13_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013
13_Name=PackedCatalogItem
13_FileName=%SystemRoot%\system32\mswsock.dll
14_HKey=HKEY_LOCAL_MACHINE
14_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014
14_Name=PackedCatalogItem
14_FileName=%SystemRoot%\system32\mswsock.dll
15_HKey=HKEY_LOCAL_MACHINE
15_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015
15_Name=PackedCatalogItem
15_FileName=%SystemRoot%\system32\mswsock.dll
16_HKey=HKEY_LOCAL_MACHINE
16_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016
16_Name=PackedCatalogItem
16_FileName=%SystemRoot%\system32\mswsock.dll
17_HKey=HKEY_LOCAL_MACHINE
17_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017
17_Name=PackedCatalogItem
17_FileName=%SystemRoot%\system32\mswsock.dll
Max=17

[WinSock2Winsock]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=System\CurrentControlSet\Services\Winsock2\Winsock
1_Name=PathName
1_Value=
1_Found=0
Max=1

[WOW]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Control\WOW
1_Name=cmdline
1_Value=%SystemRoot%\system32\ntvdm.exe -o
1_Filename=C:\WINDOWS\SYSTEM32\NTVDM.EXE
1_FileSize=417280
1_FileDate=2004-8-7
1_FileVersion=5.1.2600.2180
1_FileCompanyName=Microsoft Corporation
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SYSTEM\CurrentControlSet\Control\WOW
2_Name=wowcmdline
2_Value=%SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
2_Filename=C:\WINDOWS\SYSTEM32\NTVDM.EXE
2_FileSize=417280
2_FileDate=2004-8-7
2_FileVersion=5.1.2600.2180
2_FileCompanyName=Microsoft Corporation
Max=2

[ShellExecuteHooks]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
1_Name={AEB6717E-7E19-11d0-97EE-00C04FD91972}
1_ClsidName=URL 执行挂钩
1_FileName=C:\WINDOWS\system32\shell32.dll
1_FileSize=8311296
1_FileDate=2006-7-13 21:34:56
Max=1

[ShellServiceObjectDelayLoad]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
1_Name=PostBootReminder
1_Value={7849596a-48ea-486e-8937-a2a3009f31a9}
1_ClsidName=PostBootReminder 对象
1_FileName=%SystemRoot%\system32\SHELL32.dll
1_FileSize=8311296
1_FileDate=2006-7-13 21:34:56
1_FileVersion=6.0.2900.2951
1_FileCompanyName=Microsoft Corporation
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
2_Name=CDBurn
2_Value={fbeb8a05-beee-4442-804e-409d6c4515e9}
2_ClsidName=烧 CD 的 ShellFolder
2_FileName=%SystemRoot%\system32\SHELL32.dll
2_FileSize=8311296
2_FileDate=2006-7-13 21:34:56
2_FileVersion=6.0.2900.2951
2_FileCompanyName=Microsoft Corporation
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
3_Name=WebCheck
3_Value={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
3_ClsidName=WebCheck
3_FileName=%SystemRoot%\system32\webcheck.dll
3_FileSize=265728
3_FileDate=2004-8-7
3_FileVersion=6.0.2900.2180
3_FileCompanyName=Microsoft Corporation
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
4_Name=SysTray
4_Value={35CEC8A3-2BE6-11D2-8773-92E220524153}
4_ClsidName=SysTray
4_FileName=C:\WINDOWS\system32\stobject.dll
4_FileSize=121344
4_FileDate=2004-8-7
4_FileVersion=5.1.2600.2180
4_FileCompanyName=Microsoft Corporation
Max=4

[SharedTaskScheduler]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
1_Name={438755C2-A8BA-11D1-B96B-00A0C90312E1}
1_Value=Browseui 预加载程序
1_FileName=%SystemRoot%\system32\browseui.dll
1_FileSize=1016832
1_FileDate=2004-8-7
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
2_Name={8C7461EF-2B13-11d2-BE35-3078302C2030}
2_Value=组件类别缓存程序
2_FileName=%SystemRoot%\system32\browseui.dll
2_FileSize=1016832
2_FileDate=2004-8-7
Max=2

[ProtocolDefaults]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
1_Name=http
1_Value=3
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
2_Name=https
2_Value=3
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
3_Name=ftp
3_Value=3
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
4_Name=file
4_Value=3
5_HKey=HKEY_LOCAL_MACHINE
5_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
5_Name=@ivt
5_Value=1
6_HKey=HKEY_LOCAL_MACHINE
6_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
6_Name=shell
6_Value=0
Max=6

[BootExecute]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Control\Session Manager
1_Name=BootExecute
1_Value=autocheck autochk *
Max=1

[Startup]
1_LnkFile=C:\Documents and Settings\All Users\「开始」菜单\程序\启动\WanSo.lnk
1_ExeFile=WanSo
Max=1

[AutoRun]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=Software\Microsoft\Windows\CurrentVersion\Run
1_Name=IMJPMIG8.1
1_Value="c:\windows\ime\imjp8_1\imjpmig.exe" /spoil /remadvdef /migration32
1_FileSize=208952
1_FileDate=2004-8-7 8:00:00
1_FileVersion=8.1.4202.0
1_FileCompanyName=Microsoft Corporation
2_HKey=HKEY_LOCAL_MACHINE
2_Key=Software\Microsoft\Windows\CurrentVersion\Run
2_Name=PHIME2002ASync
2_Value=c:\windows\system32\ime\tintlgnt\tintsetp.exe /sync
2_FileSize=455168
2_FileDate=2004-8-7 8:00:00
2_FileVersion=5.2.0.2801
2_FileCompanyName=Microsoft Corporation
3_HKey=HKEY_LOCAL_MACHINE
3_Key=Software\Microsoft\Windows\CurrentVersion\Run
3_Name=PHIME2002A
3_Value=c:\windows\system32\ime\tintlgnt\tintsetp.exe /imename
3_FileSize=455168
3_FileDate=2004-8-7 8:00:00
3_FileVersion=5.2.0.2801
3_FileCompanyName=Microsoft Corporation
4_HKey=HKEY_LOCAL_MACHINE
4_Key=Software\Microsoft\Windows\CurrentVersion\Run
4_Name=SiSPower
4_Value=rundll32.exe sispower.dll,modeagent
4_FileSize=49152
4_FileDate=2006-5-5 21:13:40
4_FileVersion=6.14.10.3740
4_FileCompanyName=Silicon Integrated Systems Corporation
5_HKey=HKEY_LOCAL_MACHINE
5_Key=Software\Microsoft\Windows\CurrentVersion\Run
5_Name=SoundMan
5_Value=soundman.exe
5_FileSize=577536
5_FileDate=2006-1-11 15:08:36
5_FileVersion=5.1.0.51
5_FileCompanyName=Realtek Semiconductor Corp.
6_HKey=HKEY_LOCAL_MACHINE
6_Key=Software\Microsoft\Windows\CurrentVersion\Run
6_Name=FASTKEY
6_Value=c:\program files\lenovo\功能键盘\hotkeyb.exe
6_FileSize=86016
6_FileDate=2005-11-7 9:35:52
6_FileVersion=2.2.0.1
6_FileCompanyName=联想电脑公司
7_HKey=HKEY_LOCAL_MACHINE
7_Key=Software\Microsoft\Windows\CurrentVersion\Run
7_Name=TkBellExe
7_Value="c:\program files\common files\real\update_ob\realsched.exe"  -osboot
7_FileSize=180269
7_FileDate=2006-7-14 17:08:24
7_FileVersion=0.1.0.3208
7_FileCompanyName=RealNetworks, Inc.
8_HKey=HKEY_LOCAL_MACHINE
8_Key=Software\Microsoft\Windows\CurrentVersion\Run
8_Name=StormCodec_Helper
8_Value="c:\program files\ringz studio\storm codec\stormset.exe" /s /opti
8_FileSize=296631
8_FileDate=2006-4-8 15:17:26
8_FileVersion=
8_FileCompanyName=
9_HKey=HKEY_LOCAL_MACHINE
9_Key=Software\Microsoft\Windows\CurrentVersion\Run
9_Name=IMSCMig
9_Value=c:\progra~1\common~1\micros~1\ime\imsc40a\imscmig.exe /preload
9_FileSize=13368
9_FileDate=2003-7-14 22:57:20
9_FileVersion=6.0.0.2527
9_FileCompanyName=Microsoft Corporation
10_HKey=HKEY_LOCAL_MACHINE
10_Key=Software\Microsoft\Windows\CurrentVersion\Run
10_Name=RavTask
10_Value="c:\program files\rising\rav\ravtask.exe" -system
10_FileSize=118784
10_FileDate=2007-1-21 14:17:24
10_FileVersion=19.0.0.7
10_FileCompanyName=Beijing Rising Technology Co., Ltd.
11_HKey=HKEY_LOCAL_MACHINE
11_Key=Software\Microsoft\Windows\CurrentVersion\Run
11_Name=RfwMain
11_Value="c:\program files\rising\rfw\rfwmain.exe" -startup
11_FileSize=454656
11_FileDate=2007-1-21 14:30:12
11_FileVersion=5.0.0.70
11_FileCompanyName=Beijing Rising Technology Co., Ltd.
12_HKey=HKEY_LOCAL_MACHINE
12_Key=Software\Microsoft\Windows\CurrentVersion\Run
12_Name=Thunder
12_Value="c:\program files\thunder network\thunder\thunder.exe" /s
12_FileVersion=
12_FileCompanyName=
13_HKey=HKEY_LOCAL_MACHINE
13_Key=Software\Microsoft\Windows\CurrentVersion\Run
13_Name=runeip
13_Value=c:\program files\rising\antispyware\runiep.exe
13_FileSize=86016
13_FileDate=2007-1-24 7:34:52
13_FileVersion=1.0.1.6
13_FileCompanyName=Beijing Rising Technology Co., Ltd.
14_HKey=HKEY_LOCAL_MACHINE
14_Key=Software\Microsoft\Windows\CurrentVersion\Run
14_Name=KernelFaultCheck
14_Value=%systemroot%\system32\dumprep 0 -k
15_HKey=HKEY_LOCAL_MACHINE
15_Key=Software\Microsoft\Windows\CurrentVersion\Run
15_Name=Super Rabbit SafeEdit
15_Value=c:\program files\super rabbit\magicset\srfc.exe /load
15_FileSize=43520
15_FileDate=2004-12-5 19:31:32
15_FileVersion=2.20.0.0
15_FileCompanyName=Super Rabbit Soft
16_HKey=HKEY_LOCAL_MACHINE
16_Key=Software\Microsoft\Windows\CurrentVersion\Run
16_Name=TuoTu
16_Value=c:\program files\tuotu\tuotu.exe /m
16_FileSize=3465216
16_FileDate=2007-1-12 16:39:16
16_FileVersion=2.1.0.63
16_FileCompanyName=Tuotu.com
17_HKey=HKEY_LOCAL_MACHINE
17_Key=Software\Microsoft\Windows\CurrentVersion\RunOnce
17_Name=KKDelay
17_Value=c:\program files\rising\antispyware\runonce.exe
17_FileSize=61440
17_FileDate=2007-1-22 6:38:54
17_FileVersion=19.0.0.2
17_FileCompanyName=Beijing Rising Technology Co., Ltd.
18_HKey=HKEY_LOCAL_MACHINE
18_Key=Software\Microsoft\Windows NT\CurrentVersion\Windows
18_Name=load
18_Value=
19_HKey=HKEY_CURRENT_USER
19_Key=Software\Microsoft\Windows\CurrentVersion\Run
19_Name=ctfmon.exe
19_Value=c:\windows\system32\ctfmon.exe
19_FileSize=15360
19_FileDate=2004-8-7
19_FileVersion=5.1.2600.2180
19_FileCompanyName=Microsoft Corporation
20_HKey=HKEY_CURRENT_USER
20_Key=Software\Microsoft\Windows NT\CurrentVersion\Windows
20_Name=load
20_Value=
Max=20

[ShellServiceObjectDelayLoad]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
1_Name=PostBootReminder
1_Value={7849596a-48ea-486e-8937-a2a3009f31a9}
1_ClsidName=PostBootReminder 对象
1_FileName=%SystemRoot%\system32\SHELL32.dll
1_FileSize=8311296
1_FileDate=2006-7-13 21:34:56
1_FileVersion=6.0.2900.2951
1_FileCompanyName=Microsoft Corporation
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
2_Name=CDBurn
2_Value={fbeb8a05-beee-4442-804e-409d6c4515e9}
2_ClsidName=烧 CD 的 ShellFolder
2_FileName=%SystemRoot%\system32\SHELL32.dll
2_FileSize=8311296
2_FileDate=2006-7-13 21:34:56
2_FileVersion=6.0.2900.2951
2_FileCompanyName=Microsoft Corporation
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
3_Name=WebCheck
3_Value={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
3_ClsidName=WebCheck
3_FileName=%SystemRoot%\system32\webcheck.dll
3_FileSize=265728
3_FileDate=2004-8-7
3_FileVersion=6.0.2900.2180
3_FileCompanyName=Microsoft Corporation
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
4_Name=SysTray
4_Value={35CEC8A3-2BE6-11D2-8773-92E220524153}
4_ClsidName=SysTray
4_FileName=C:\WINDOWS\system32\stobject.dll
4_FileSize=121344
4_FileDate=2004-8-7
4_FileVersion=5.1.2600.2180
4_FileCompanyName=Microsoft Corporation
Max=4

[SharedTaskScheduler]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
1_Name={438755C2-A8BA-11D1-B96B-00A0C90312E1}
1_Value=Browseui 预加载程序
1_FileName=%SystemRoot%\system32\browseui.dll
1_FileSize=1016832
1_FileDate=2004-8-7
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
2_Name={8C7461EF-2B13-11d2-BE35-3078302C2030}
2_Value=组件类别缓存程序
2_FileName=%SystemRoot%\system32\browseui.dll
2_FileSize=1016832
2_FileDate=2004-8-7
Max=2

[ProtocolDefaults]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
1_Name=http
1_Value=3
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
2_Name=https
2_Value=3
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
3_Name=ftp
3_Value=3
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
4_Name=file
4_Value=3
5_HKey=HKEY_LOCAL_MACHINE
5_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
5_Name=@ivt
5_Value=1
6_HKey=HKEY_LOCAL_MACHINE
6_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
6_Name=shell
6_Value=0
Max=6

[BootExecute]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Control\Session Manager
1_Name=BootExecute
1_Value=autocheck autochk *
Max=1

[Startup]
1_LnkFile=C:\Documents and Settings\All Users\「开始」菜单\程序\启动\WanSo.lnk
1_ExeFile=WanSo
Max=1

[AutoRun]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=Software\Microsoft\Windows\CurrentVersion\Run
1_Name=IMJPMIG8.1
1_Value="c:\windows\ime\imjp8_1\imjpmig.exe" /spoil /remadvdef /migration32
1_FileSize=208952
1_FileDate=2004-8-7 8:00:00
1_FileVersion=8.1.4202.0
1_FileCompanyName=Microsoft Corporation
2_HKey=HKEY_LOCAL_MACHINE
2_Key=Software\Microsoft\Windows\CurrentVersion\Run
2_Name=PHIME2002ASync
2_Value=c:\windows\system32\ime\tintlgnt\tintsetp.exe /sync
2_FileSize=455168
2_FileDate=2004-8-7 8:00:00
2_FileVersion=5.2.0.2801
2_FileCompanyName=Microsoft Corporation
3_HKey=HKEY_LOCAL_MACHINE
3_Key=Software\Microsoft\Windows\CurrentVersion\Run
3_Name=PHIME2002A
3_Value=c:\windows\system32\ime\tintlgnt\tintsetp.exe /imename
3_FileSize=455168
3_FileDate=2004-8-7 8:00:00
3_FileVersion=5.2.0.2801
3_FileCompanyName=Microsoft Corporation
4_HKey=HKEY_LOCAL_MACHINE
4_Key=Software\Microsoft\Windows\CurrentVersion\Run
4_Name=SiSPower
4_Value=rundll32.exe sispower.dll,modeagent
4_FileSize=49152
4_FileDate=2006-5-5 21:13:40
4_FileVersion=6.14.10.3740
4_FileCompanyName=Silicon Integrated Systems Corporation
5_HKey=HKEY_LOCAL_MACHINE
5_Key=Software\Microsoft\Windows\CurrentVersion\Run
5_Name=SoundMan
5_Value=soundman.exe
5_FileSize=577536
5_FileDate=2006-1-11 15:08:36
5_FileVersion=5.1.0.51
5_FileCompanyName=Realtek Semiconductor Corp.
6_HKey=HKEY_LOCAL_MACHINE
6_Key=Software\Microsoft\Windows\CurrentVersion\Run
6_Name=FASTKEY
6_Value=c:\program files\lenovo\功能键盘\hotkeyb.exe
6_FileSize=86016
6_FileDate=2005-11-7 9:35:52
6_FileVersion=2.2.0.1
6_FileCompanyName=联想电脑公司
7_HKey=HKEY_LOCAL_MACHINE
7_Key=Software\Microsoft\Windows\CurrentVersion\Run
7_Name=TkBellExe
7_Value="c:\program files\common files\real\update_ob\realsched.exe"  -osboot
7_FileSize=180269
7_FileDate=2006-7-14 17:08:24
7_FileVersion=0.1.0.3208
7_FileCompanyName=RealNetworks, Inc.
8_HKey=HKEY_LOCAL_MACHINE
8_Key=Software\Microsoft\Windows\CurrentVersion\Run
8_Name=StormCodec_Helper
8_Value="c:\program files\ringz studio\storm codec\stormset.exe" /s /opti
8_FileSize=296631
8_FileDate=2006-4-8 15:17:26
8_FileVersion=
8_FileCompanyName=
9_HKey=HKEY_LOCAL_MACHINE
9_Key=Software\Microsoft\Windows\CurrentVersion\Run
9_Name=IMSCMig
9_Value=c:\progra~1\common~1\micros~1\ime\imsc40a\imscmig.exe /preload
9_FileSize=13368
9_FileDate=2003-7-14 22:57:20
9_FileVersion=6.0.0.2527
9_FileCompanyName=Microsoft Corporation
10_HKey=HKEY_LOCAL_MACHINE
10_Key=Software\Microsoft\Windows\CurrentVersion\Run
10_Name=RavTask
10_Value="c:\program files\rising\rav\ravtask.exe" -system
10_FileSize=118784
10_FileDate=2007-1-21 14:17:24
10_FileVersion=19.0.0.7
10_FileCompanyName=Beijing Rising Technology Co., Ltd.
11_HKey=HKEY_LOCAL_MACHINE
11_Key=Software\Microsoft\Windows\CurrentVersion\Run
11_Name=RfwMain
11_Value="c:\program files\rising\rfw\rfwmain.exe" -startup
11_FileSize=454656
11_FileDate=2007-1-21 14:30:12
11_FileVersion=5.0.0.70
11_FileCompanyName=Beijing Rising Technology Co., Ltd.
12_HKey=HKEY_LOCAL_MACHINE
12_Key=Software\Microsoft\Windows\CurrentVersion\Run
12_Name=Thunder
12_Value="c:\program files\thunder network\thunder\thunder.exe" /s
12_FileVersion=
12_FileCompanyName=
13_HKey=HKEY_LOCAL_MACHINE
13_Key=Software\Microsoft\Windows\CurrentVersion\Run
13_Name=runeip
13_Value=c:\program files\rising\antispyware\runiep.exe
13_FileSize=86016
13_FileDate=2007-1-24 7:34:52
13_FileVersion=1.0.1.6
13_FileCompanyName=Beijing Rising Technology Co., Ltd.
14_HKey=HKEY_LOCAL_MACHINE
14_Key=Software\Microsoft\Windows\CurrentVersion\Run
14_Name=KernelFaultCheck
14_Value=%systemroot%\system32\dumprep 0 -k
15_HKey=HKEY_LOCAL_MACHINE
15_Key=Software\Microsoft\Windows\CurrentVersion\Run
15_Name=Super Rabbit SafeEdit
15_Value=c:\program files\super rabbit\magicset\srfc.exe /load
15_FileSize=43520
15_FileDate=2004-12-5 19:31:32
15_FileVersion=2.20.0.0
15_FileCompanyName=Super Rabbit Soft
16_HKey=HKEY_LOCAL_MACHINE
16_Key=Software\Microsoft\Windows\CurrentVersion\Run
16_Name=TuoTu
16_Value=c:\program files\tuotu\tuotu.exe /m
16_FileSize=3465216
16_FileDate=2007-1-12 16:39:16
16_FileVersion=2.1.0.63
16_FileCompanyName=Tuotu.com
17_HKey=HKEY_LOCAL_MACHINE
17_Key=Software\Microsoft\Windows\CurrentVersion\RunOnce
17_Name=KKDelay
17_Value=c:\program files\rising\antispyware\runonce.exe
17_FileSize=61440
17_FileDate=2007-1-22 6:38:54
17_FileVersion=19.0.0.2
17_FileCompanyName=Beijing Rising Technology Co., Ltd.
18_HKey=HKEY_LOCAL_MACHINE
18_Key=Software\Microsoft\Windows NT\CurrentVersion\Windows
18_Name=load
18_Value=
19_HKey=HKEY_CURRENT_USER
19_Key=Software\Microsoft\Windows\CurrentVersion\Run
19_Name=ctfmon.exe
19_Value=c:\windows\system32\ctfmon.exe
19_FileSize=15360
19_FileDate=2004-8-7
19_FileVersion=5.1.2600.2180
19_FileCompanyName=Microsoft Corporation
20_HKey=HKEY_CURRENT_USER
20_Key=Software\Microsoft\Windows NT\CurrentVersion\Windows
20_Name=load
20_Value=
Max=20

[ModuleUsage]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MMCShell.dll
1_Name=.Owner
1_Value={05C1004E-2596-48E5-8E26-39362985EEB9}
1_Clsid=
1_FileName=C:\WINDOWS\Downloaded Program Files\MMCShell.dll
1_FileSize=118784
1_FileDate=2006-6-9 20:19:40
1_FileVersion=2.0.0.22
1_FileCompanyName=Sohu.com Inc.
Max=1

[Process]
1_FileName=C:\WINDOWS\SYSTEM32\SMSS.EXE
1_FileSize=50688
1_FileDate=2004-8-7
1_FileVersion=5.1.2600.2180
1_FileCompanyName=Microsoft Corporation
2_FileName=C:\WINDOWS\SYSTEM32\WINLOGON.EXE
2_FileSize=487424
2_FileDate=2004-8-7
2_FileVersion=5.1.2600.2180
2_FileCompanyName=Microsoft Corporation
3_FileName=C:\WINDOWS\SYSTEM32\SERVICES.EXE
3_FileSize=108032
3_FileDate=2004-8-7
3_FileVersion=5.1.2600.2180
3_FileCompanyName=Microsoft Corporation
4_FileName=C:\WINDOWS\SYSTEM32\LSASS.EXE
4_FileSize=13312
4_FileDate=2004-8-7
4_FileVersion=5.1.2600.2180
4_FileCompanyName=Microsoft Corporation
5_FileName=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
5_FileSize=14336
5_FileDate=2004-8-7
5_FileVersion=5.1.2600.2180
5_FileCompanyName=Microsoft Corporation
6_FileName=C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
6_FileSize=110592
6_FileDate=2007-1-21 14:13:54
6_FileVersion=18.0.0.3
6_FileCompanyName=Beijing Rising Technology Co., Ltd.
7_FileName=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
7_FileSize=14336
7_FileDate=2004-8-7
7_FileVersion=5.1.2600.2180
7_FileCompanyName=Microsoft Corporation
8_FileName=C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE
8_FileSize=278528
8_FileDate=2007-1-21 14:17:22
8_FileVersion=19.0.0.43
8_FileCompanyName=Beijing Rising Technology Co., Ltd.
9_FileName=C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE
9_FileSize=151552
9_FileDate=2007-1-21 14:30:12
9_FileVersion=5.0.0.30
9_FileCompanyName=Beijing Rising Technology Co., Ltd.
10_FileName=C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
10_FileSize=57856
10_FileDate=2005-6-11 7:53:32
10_FileVersion=5.1.2600.2696
10_FileCompanyName=Microsoft Corporation
11_FileName=C:\PROGRAM FILES\RISING\RAV\RAVSTUB.EXE
11_FileSize=90112
11_FileDate=2007-1-21 14:13:54
11_FileVersion=19.0.0.4
11_FileCompanyName=Beijing Rising Technology Co., Ltd.
12_FileName=C:\WINDOWS\EXPLORER.EXE
12_FileSize=976896
12_FileDate=2004-8-7
12_FileVersion=6.0.2900.2180
12_FileCompanyName=Microsoft Corporation
13_FileName=C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE
13_FileSize=454656
13_FileDate=2007-1-21 14:30:12
13_FileVersion=5.0.0.70
13_FileCompanyName=Beijing Rising Technology Co., Ltd.
14_FileName=C:\WINDOWS\SOUNDMAN.EXE
14_FileSize=577536
14_FileDate=2006-1-11 15:08:36
14_FileVersion=5.1.0.51
14_FileCompanyName=Realtek Semiconductor Corp.
15_FileName=C:\PROGRAM FILES\LENOVO\功能键盘\HOTKEYB.EXE
15_FileSize=86016
15_FileDate=2005-11-7 9:35:52
15_FileVersion=2.2.0.1
15_FileCompanyName=联想电脑公司
16_FileName=C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
16_FileSize=180269
16_FileDate=2006-7-14 17:08:24
16_FileVersion=0.1.0.3208
16_FileCompanyName=RealNetworks, Inc.
17_FileName=C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE
17_FileSize=118784
17_FileDate=2007-1-21 14:17:24
17_FileVersion=19.0.0.7
17_FileCompanyName=Beijing Rising Technology Co., Ltd.
18_FileName=C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE
18_FileSize=622592
18_FileDate=2007-1-21 14:13:54
18_FileVersion=19.0.0.36
18_FileCompanyName=Beijing Rising Technology Co., Ltd.
19_FileName=C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE
19_FileSize=86016
19_FileDate=2007-1-24 7:34:52
19_FileVersion=1.0.1.6
19_FileCompanyName=Beijing Rising Technology Co., Ltd.
20_FileName=C:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\THUNDER5.EXE
20_FileSize=1437696
20_FileDate=2007-1-12 16:24:42
20_FileVersion=5.5.4.268
20_FileCompanyName=Thunder Networking Technologies,LTD
21_FileName=C:\PROGRAM FILES\TUOTU\TUOTU.EXE
21_FileSize=3465216
21_FileDate=2007-1-12 16:39:16
21_FileVersion=2.1.0.63
21_FileCompanyName=Tuotu.com
22_FileName=C:\WINDOWS\SYSTEM32\CTFMON.EXE
22_FileSize=15360
22_FileDate=2004-8-7
22_FileVersion=5.1.2600.2180
22_FileCompanyName=Microsoft Corporation
23_FileName=C:\PROGRAM FILES\RISING\RAV\RSAGENT.EXE
23_FileSize=233472
23_FileDate=2007-1-21 14:13:52
23_FileVersion=19.0.0.9
23_FileCompanyName=Beijing Rising Technology Co., Ltd.
24_FileName=C:\WINDOWS\MSAGENT\AGENTSVR.EXE
24_FileSize=256512
24_FileDate=2006-10-12 19:09:54
24_FileVersion=2.0.0.3424
24_FileCompanyName=Microsoft Corporation
25_FileName=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
25_FileSize=14336
25_FileDate=2004-8-7
25_FileVersion=5.1.2600.2180
25_FileCompanyName=Microsoft Corporation
26_FileName=C:\PROGRAM FILES\RISING\RAV\RAV.EXE
26_FileSize=380928
26_FileDate=2007-1-21 14:13:54
26_FileVersion=19.0.0.28
26_FileCompanyName=Beijing Rising Technology Co., Ltd.
27_FileName=C:\PROGRAM FILES\RISING\ANTISPYWARE\RAS.EXE
27_FileSize=856064
27_FileDate=2007-1-22 6:38:52
27_FileVersion=1.0.4.5
27_FileCompanyName=Beijing Rising Technology Co., Ltd.
28_FileName=C:\PROGRAM FILES\OPERA\OPERA.EXE
28_FileSize=79360
28_FileDate=2007-1-19 18:17:20
28_FileVersion=9.12.8701.0
28_FileCompanyName=Opera Software
29_FileName=C:\PROGRAM FILES\RISING\RFW\RFWCFG.EXE
29_FileSize=1396736
29_FileDate=2007-1-23 6:36:42
29_FileVersion=5.0.1.41
29_FileCompanyName=Beijing Rising Technology Co., Ltd.
30_FileName=C:\PROGRAM FILES\SUPER RABBIT\MAGICSET\SRIEH.EXE
30_FileSize=1392640
30_FileDate=2007-1-17 23:30:32
30_FileVersion=7.95.0.0
30_FileCompanyName=Super Rabbit Soft
31_FileName=[SYSTEM PROCESS]
32_FileName=C:\WINDOWS\system32\CSRSS.EXE
32_FileSize=6144
32_FileDate=2004-8-7
32_FileVersion=5.1.2600.2180
32_FileCompanyName=Microsoft Corporation
33_FileName=C:\WINDOWS\system32\ALG.EXE
33_FileSize=44544
33_FileDate=2004-8-7
33_FileVersion=5.1.2600.2180
33_FileCompanyName=Microsoft Corporation
Max=33

[Hosts]
HostsFile=C:\WINDOWS\system32\Drivers\Etc\Hosts
1_Host=127.0.0.1      localhost
Max=1

[Service]
1_ServiceName=Adobe LM Service
1_DisplayName=Adobe LM Service
1_Description=AdobeLM Service
1_Status=停止
1_StartType=手动
1_ServiceDll=
1_ImagePath="C:\PROGRAM FILES\COMMON FILES\ADOBE SYSTEMS SHARED\SERVICE\ADOBELMSVC.EXE"

2_ServiceName=ose
2_DisplayName=Office Source Engine
2_Description=可保存用于更新和修复的安装文件，并且在下载安装程序更新和 Watson 错误报告时必须使用。
2_Status=停止
2_StartType=手动
2_ServiceDll=
2_ImagePath="C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\SOURCE ENGINE\OSE.EXE"

3_ServiceName=RfwProxySrv
3_DisplayName=Rising Proxy  Service
3_Description=Rising Personal Proxy Service
3_Status=停止
3_StartType=手动
3_ServiceDll=
3_ImagePath=C:\PROGRAM FILES\RISING\RFW\RFWPROXY.EXE

4_ServiceName=RfwService
4_DisplayName=Rising Personal Firewall Service
4_Description=Rising Personal Firewall Service
4_Status=已启动
4_StartType=自动
4_ServiceDll=
4_ImagePath=C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE

5_ServiceName=RsCCenter
5_DisplayName=Rising Process Communication Center
5_Description=
5_Status=已启动
5_StartType=自动
5_ServiceDll=
5_ImagePath="C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE"

6_ServiceName=RsRavMon
6_DisplayName=Rising RealTime Monitor
6_Description=
6_Status=已启动
6_StartType=自动
6_ServiceDll=
6_ImagePath="C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE"

7_ServiceName=Win32DDS
7_DisplayName=Win32 Display Driver
7_Description=Provides system and desktop level support to the display driver
7_Status=停止
7_StartType=自动
7_ServiceDll=
7_ImagePath=C:\WINDOWS\SYSTEM32\RUNDLL32.EXE WINDDS32.DLL,INPUT

Max=7

[Driver]
1_ServiceName=Arp1394
1_DisplayName=1394 ARP 客户端协议
1_Description=1394 ARP 客户端协议
1_ServiceDll=
1_ImagePath=SYSTEM32\DRIVERS\ARP1394.SYS
2_ServiceName=BaseTDI
2_DisplayName=Rising TDI Base Driver
2_Description=
2_ServiceDll=
2_ImagePath=SYSTEM32\DRIVERS\BASETDI.SYS
3_ServiceName=cg300
3_DisplayName=cg300VidCap
3_Description=
3_ServiceDll=
3_ImagePath=SYSTEM32\DRIVERS\CG300VC.SYS
4_ServiceName=cg300Au
4_DisplayName=cg300 Audio Capture
4_Description=
4_ServiceDll=
4_ImagePath=SYSTEM32\DRIVERS\CG300AU.SYS
5_ServiceName=ExpScaner
5_DisplayName=ExpScaner
5_Description=
5_ServiceDll=
5_ImagePath=C:\PROGRAM FILES\RISING\RAV\EXPSCAN.SYS
6_ServiceName=fkwld
6_DisplayName=fkwld
6_Description=
6_ServiceDll=
6_ImagePath=SYSTEM32\DRIVERS\FKWLD.SYS
7_ServiceName=HookCont
7_DisplayName=HookCont
7_Description=
7_ServiceDll=
7_ImagePath=C:\PROGRAM FILES\RISING\RAV\HOOKCONT.SYS
8_ServiceName=HookReg
8_DisplayName=HookReg
8_Description=
8_ServiceDll=
8_ImagePath=C:\PROGRAM FILES\RISING\RAV\HOOKREG.SYS
9_ServiceName=HookSys
9_DisplayName=HookSys
9_Description=
9_ServiceDll=
9_ImagePath=C:\PROGRAM FILES\RISING\RAV\HOOKSYS.SYS
10_ServiceName=HookUrl
10_DisplayName=HookUrl
10_Description=
10_ServiceDll=
10_ImagePath=C:\PROGRAM FILES\RISING\RFW\HOOKURL.SYS
11_ServiceName=MEMSCAN
11_DisplayName=MEMSCAN
11_Description=
11_ServiceDll=
11_ImagePath=C:\PROGRAM FILES\RISING\RAV\MEMSCAN.SYS
12_ServiceName=mProcRs
12_DisplayName=mProcRs
12_Description=
12_ServiceDll=
12_ImagePath=C:\PROGRAM FILES\RISING\RFW\MPROCRS.SYS
13_ServiceName=NIC1394
13_DisplayName=1394 网络驱动程序
13_Description=
13_ServiceDll=
13_ImagePath=SYSTEM32\DRIVERS\NIC1394.SYS
14_ServiceName=pfc
14_DisplayName=Padus ASPI Shell
14_Description=
14_ServiceDll=
14_ImagePath=SYSTEM32\DRIVERS\PFC.SYS
15_ServiceName=RsAntiSpyware
15_DisplayName=RsAntiSpyware
15_Description=
15_ServiceDll=
15_ImagePath=\SYSTEMROOT\SYSTEM32\DRIVERS\RSBOOT.SYS
16_ServiceName=RsFwDrv
16_DisplayName=RsFwDrv
16_Description=
16_ServiceDll=
16_ImagePath=C:\PROGRAM FILES\RISING\RFW\RSFWDRV.SYS
17_ServiceName=RsNTGDI
17_DisplayName=RsNTGDI
17_Description=
17_ServiceDll=
17_ImagePath=SYSTEM32\DRIVERS\RSNTGDI.SYS
18_ServiceName=RSPPSYS
18_DisplayName=RSPPSYS
18_Description=
18_ServiceDll=
18_ImagePath=C:\PROGRAM FILES\RISING\RAV\RSPPSYS.SYS
19_ServiceName=RTL8023xp
19_DisplayName=Realtek 10/100/1000 NIC Family all in one NDIS XP Driver
19_Description=
19_ServiceDll=
19_ImagePath=SYSTEM32\DRIVERS\RTLNICXP.SYS
20_ServiceName=rtl8139
20_DisplayName=Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver
20_Description=
20_ServiceDll=
20_ImagePath=SYSTEM32\DRIVERS\RTL8139.SYS
21_ServiceName=SiS315
21_DisplayName=
21_Description=
21_ServiceDll=
21_ImagePath=SYSTEM32\DRIVERS\SISGRP.SYS
22_ServiceName=SiSkp
22_DisplayName=
22_Description=
22_ServiceDll=
22_ImagePath=SYSTEM32\DRIVERS\SRVKP.SYS
23_ServiceName=syswav
23_DisplayName=syswav
23_Description=
23_ServiceDll=
23_ImagePath=\SYSTEMROOT\SYSTEM32\DRIVERS\SYSWAV.SYS
Max=23

[END]
Max=1

[CODE]

2007-01-25,09:36:45

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <SiSPower><Rundll32.exe SiSPower.dll,ModeAgent>  [Silicon Integrated Systems Corporation]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <FASTKEY><C:\Program Files\Lenovo\功能键盘\HotKeyB.exe>  [联想电脑公司]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <Thunder><"C:\Program Files\Thunder Network\Thunder\Thunder.exe" /s>  [Thunder Networking Technologies,LTD]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <Super Rabbit SafeEdit><C:\Program Files\Super Rabbit\MagicSet\SRFC.EXE /Load>  [Super Rabbit Soft]
    <TuoTu><C:\Program Files\Tuotu\Tuotu.exe /m>  [Tuotu.com]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
[WanSo]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\WanSo.lnk --> C:\WINDOWS\system32\rundll32.exe [Microsoft Corporation]><N>

==================================

服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Win32 Display Driver / Win32DDS][Stopped/Auto Start]
  <C:\WINDOWS\system32\\rundll32.exe windds32.dll,input><Microsoft Corporation>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cg300VidCap / cg300][Running/Manual Start]
  <system32\DRIVERS\cg300vc.sys><Daheng Imavision Inc.>
[cg300 Audio Capture / cg300Au][Running/Manual Start]
  <system32\DRIVERS\cg300au.sys><Daheng Imavision Inc.>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[fkwld / fkwld][Running/System Start]
  <system32\drivers\fkwld.sys><Microsoft Corporation>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Disabled]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SiS315 / SiS315][Running/Manual Start]
  <system32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>
[SiSkp / SiSkp][Running/System Start]
  <system32\DRIVERS\srvkp.sys><Silicon Integrated Systems Corporation>
[syswav / syswav][Stopped/System Start]
  <\SystemRoot\system32\drivers\syswav.sys><N/A>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>

==================================
浏览器加载项
[Thunder Browser Helper]
  {0005A87B-D626-4B3A-84F9-1D9571695F55} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v13.dll, N/A>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Thunder Browser Helper]
  {0005A87B-D626-4B3A-84F9-1D9571695F55} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {0005A87C-D626-4B3A-84F9-1D9571695F55} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v13.dll, N/A>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO.dll, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[]
  {A692062A-11A1-461B-BE99-B520F01F9DAE} <c:\baidu.ini, N/A>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[&使用BitComet下载]
  <res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm, N/A>
[&使用BitComet下载全部链接]
  <res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[&使用BitComet下载本页视频]
  <res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm, N/A>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用脱兔下载]
  <C:\Program Files\Tuotu\TT_one.htm, N/A>
[使用脱兔下载全部链接]
  <C:\Program Files\Tuotu\TT_all.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>