HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ CmaudioCmiCnfg DLLC-Media Corporationc:\windows\system\cmicnfg.cpl
+ CnsMin3721北京三七二一科技有限公司c:\windows\downloaded program files\cnsmin.dll
+ internet.exeFile not found: C:/WINDOWS/system.hta
+ NvCplDaemonNVIDIA Display Properties ExtensionNVIDIA Corporationc:\windows\system32\nvcpl.dll
+ nwizNVIDIA nView Wizard, Version 53.03 NVIDIA Corporationc:\windows\system32\nwiz.exe
+ RavMonRavMon Rising realtime monitor Beijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravmon.exe
+ RavTimerRavTimerBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravtimer.exe
+ RfwMainRising Personal FireWall Main ProgramBeijing Rising Technology Corporation Limitedc:\program files\rising\rfw\rfwmain.exe
+ TkBellExeRealNetworks SchedulerRealNetworks, Inc.c:\program files\common files\real\update_ob\realsched.exe
+ YDTMain.exeFile not found: C:\PROGRA~1\YDT\YDTMain.exe
C:\Documents and Settings\a\「开始」菜单\程序\启动
+ 腾讯QQ.lnkQQTENCENTd:\qq\qq.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ KugooFile not found: E:\KUGOO\KUGOO2\kugoo.exe
+ SonudManc:\windows\wnilogon.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ cnshook.dll3721 CNS Module北京三七二一科技有限公司c:\windows\downloaded program files\cnshook.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Desktop ExplorerNVIDIA Desktop Explorer, Version 53.03 NVIDIA Corporationc:\windows\system32\nvshell.dll
+ Desktop Explorer MenuNVIDIA Desktop Explorer, Version 53.03 NVIDIA Corporationc:\windows\system32\nvshell.dll
+ Display Panning CPL ExtensionFile not found: deskpan.dll
+ HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\windows\system32\hticons.dll
+ nView Desktop Context MenuNVIDIA Desktop Explorer, Version 53.03 NVIDIA Corporationc:\windows\system32\nvshell.dll
+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll
+ Shell Extensions for RealOne PlayerRealPlayer Shell ExtensionsRealNetworks, Inc.c:\program files\real\realplayer\rpshell.dll
+ Yahoo!PhotoFile not found: C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
+ 粉碎文件File not found: C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ywiper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects
+ CnsHook Class3721 CNS Module北京三七二一科技有限公司c:\windows\downloaded program files\cnshook.dll
+ DragSearch BHOFile not found: C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
+ DragSearch BHODragSearchc:\program files\yisou\yisoub.dll
+ QQBrowserHelper
Object ClassQQIEHelper Module深圳市腾讯计算机系统有限公司d:\qq\qqiehelper.dll
+ ThunderIEHelper Classxunleibho BHOc:\windows\system32\xunleibho_v8.dll
+ ThunderIEHelper ClassThunderBHO Modulec:\windows\system32\thunderbho_v04.dll
+ Yahoo!PhotoFile not found: C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ 一搜YiSou ToolBar 3721c:\program files\yisou\yisou.dll
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ @shdoclc.dll,-864c:\windows\web\related.htm
+ Yahoo 1G电邮File not found: http://cn.mail.yahoo.com/promo/rd1
+ 浩方对战平台浩方对战平台上海浩方在线信息技术有限公司d:\浩方对战平台\gameclient.exe
+ 清理上网记录File not found: http://assistant.3721.com/clean1.htm?fb=Cns
+ 情景聊天File not found: http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/
+ 上网助手File not found: http://assistant.3721.com/index.htm?fb=Cns
+ 手机短信File not found: http://sms.3721.com/ie/index.htm?pid=U_3721_assist
+ 腾讯QQQQTENCENTd:\qq\qq.exe
+ 修复浏览器File not found: http://assistant.3721.com/security1.htm?fb=Cns
+ 寻宝乐趣多File not found: http://hot.3721.com/rd/shop_btn.htm
+ 迅雷Thunder Networking Technologies,LTDd:\迅雷下载\thunder.exe
HKLM\System\CurrentControlSet\Services
+ NVSvcProvides system and desktop level support to the NVIDIA display driverNVIDIA Corporationc:\windows\system32\nvsvc32.exe
+ RfwServiceRising Personal Firewall ServiceBeijing Rising Technology Corporation Limitedc:\program files\rising\rfw\rfwsrv.exe
+ RsCCenterCCenterrisingc:\program files\rising\rav\ccenter.exe
+ RsRavMonRavMonBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravmond.exe
+ Schedule使用户能在此计算机上配置和制定自动任务的日程。如果此服务被终止,这些任务将无法在日程时间里运行。如果此服务被禁用,任何依赖它的服务将无法启动。c:\windows\system32\arcldrer.exe
HKLM\System\CurrentControlSet\Services
+ BaseTDIbasetdiRisingc:\windows\system32\drivers\basetdi.sys
+ cmudaC-Media Audio WDM DriverC-Media Incc:\windows\system32\drivers\cmuda.sys
+ ExpScanerExpScan.sysc:\program files\rising\rav\expscan.sys
+ FETNDISNDIS 5.0 miniport driverVIA Technologies, Inc. c:\windows\system32\drivers\fetnd5.sys
+ HookContTDI HOOK DriverRising tech Co. ltdc:\program files\rising\rav\hookcont.sys
+ HookRegc:\program files\rising\rav\hookreg.sys
+ HookSys瑞星c:\program files\rising\rav\hooksys.sys
+ kmsinputc:\windows\system32\drivers\kmsinput.sys
+ MSKSSRVFile not found: system32\drivers\MSKSSRV.sys
+ MSPCLOCKFile not found: system32\drivers\MSPCLOCK.sys
+ MSPQMFile not found: system32\drivers\MSPQM.sys
+ npkcryptnProtect KeyCrypt DriverINCA Internet Co., Ltd.d:\qq\npkcrypt.sys
+ nvNVIDIA Compatible Windows 2000 Miniport Driver, Version 53.03 NVIDIA Corporationc:\windows\system32\drivers\nv4_mini.sys
+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys
+ RsFwDrvnt_fwdrvRisingc:\program files\rising\rfw\rsfwdrv.sys
+ SecdrvSafeDisc driverc:\windows\system32\drivers\secdrv.sys
+ viaagp1VIA NT AGP FilterVIA Technologies, Inc.c:\windows\system32\drivers\viaagp1.sys
+ VIAudioFile not found: system32\drivers\viaudios.sys
+ Yysujhfmc:\windows\system32\drivers\yysujhfm.sys
是这个了吧
