HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ NvCplDaemon NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll
+ RfwMain Rising Personal FireWall Main Program Beijing Rising Technology Co., Ltd. c:\program files\rising\rfw\rfwmain.exe
+ SoundMam File not found: C:\WINDOWS\system32\SVOHOST.exe
C:\Documents and Settings\All Users\「开始」菜单\程序\启动
+ 河南网通宽带用户客户端.lnk Racer Putian Runway c:\program files\racer-henan-cnc\racer.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ pyjj File not found: ;
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ cnshook.dll 3721 CNS Module 北京三七二一科技有限公司 c:\windows\downloaded program files\cnshook.dll
+ Rising Execute File Exts hook Rising Shell Ext Module Beijing Rising Technology Co., Ltd. c:\windows\system32\ravext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Desktop Explorer NVIDIA Desktop Explorer, Version 100.31 NVIDIA Corporation c:\windows\system32\nvshell.dll
+ Desktop Explorer Menu NVIDIA Desktop Explorer, Version 100.31 NVIDIA Corporation c:\windows\system32\nvshell.dll
+ nView Desktop Context Menu NVIDIA Desktop Explorer, Version 100.31 NVIDIA Corporation c:\windows\system32\nvshell.dll
+ RISING Rising Shell Ext Module Beijing Rising Technology Co., Ltd. c:\windows\system32\ravext.dll
+ Shell Extensions for RealOne Player RealPlayer Shell Extensions RealNetworks, Inc. c:\program files\real\realplayer\rpshell.dll
+ Yahoo!Photo yPhtb Yahoo! China c:\program files\yahoo!\assistant\assist\yphtb.dll
+ 好看123上网精灵 HaoKanBar Toolbar Module Xiang Feng Technology c:\program files\super rabbit\magicset\haokanbar.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects
+ AntiFish Class yangling.dll Yahoo. c:\program files\yahoo!\assistant\assist\yangling.dll
+ BandIE Class BaiduBar Module Baidu.com, Inc. c:\program files\baidu\bar\baidubar.dll
+ CnsHook Class 3721 CNS Module 北京三七二一科技有限公司 c:\windows\downloaded program files\cnshook.dll
+ DragSearch BHO DragSearch c:\program files\yahoo!\assistant\assist\ydragsearch.dll
+ QQBrowserHelper
Object Class QQIEHelper Module 深圳市腾讯计算机系统有限公司 c:\program files\tencent\qq\qqiehelper.dll
+ Thunder Browser Helper XunLeiBHO Thunder Networking Technologies,LTD c:\program files\thunder network\thunder\comdlls\xunleibho_002.dll
+ Yahoo!Photo yPhtb Yahoo! China c:\program files\yahoo!\assistant\assist\yphtb.dll
+ 雅虎助手 ToolBar Yahoo! c:\program files\yahoo!\assistant\assist\yasbar.dll
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ 超级兔子上网精灵 HaoKanBar Toolbar Module Xiang Feng Technology c:\program files\super rabbit\magicset\haokanbar.dll
+ 雅虎助手 ToolBar Yahoo! c:\program files\yahoo!\assistant\assist\yasbar.dll
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ QQ QQ TENCENT c:\program files\tencent\qq\qq.exe
+ Yahoo 1G电邮 File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail
+ 播霸电视 File not found: http://itv.mop.com
+ 播霸电视 File not found: http://itv.mop.com
+ 豪杰超级解霸9 Hero Super Player V8 herosoft c:\program files\herosoft\hero 9\sthsdvd.exe
+ 清理上网记录 File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean
+ 情景聊天 File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg
+ 修复浏览器 File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair
+ 寻宝乐趣多 File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao
+ 寻宝乐趣多 File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao
+ 雅虎助手 File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist
HKLM\System\CurrentControlSet\Services
+ NetWorkLogon 支持网络上计算机远程登陆事件。如果此服务被停用,网络登陆将不可用。如果此服务被禁用,任何依赖它的服务将无法启动。 File not found: KB896425.log
+ NVSvc Provides system and desktop level support to the NVIDIA display driver NVIDIA Corporation c:\windows\system32\nvsvc32.exe
+ RfwService Rising Personal Firewall Service Beijing Rising Technology Co., Ltd. c:\program files\rising\rfw\rfwsrv.exe
+ RsRavMon RavMond Beijing Rising Technology Co., Ltd. c:\program files\rising\rav\ravmond.exe
+ SoundMAX Agent Service (default) SoundMAX service agent component Analog Devices, Inc. c:\program files\analog devices\soundmax\smagent.exe
HKLM\System\CurrentControlSet\Services
+ A_USBETHMP USB PowerPacket Network Adapter Intellon Corporation c:\windows\system32\drivers\usbethmp.sys
+ aeaudio Andrea Audio Stub Driver Andrea Electronics Corporation c:\windows\system32\drivers\aeaudio.sys
+ BaseTDI basetdi Beijing Rising Technology Co., Ltd. c:\windows\system32\drivers\basetdi.sys
+ ENUS_NDIS_DRIVER c:\windows\system32\enusndis.sys
+ ExpScaner ExpScan.sys c:\program files\rising\rav\expscan.sys
+ HOOKAPI HOOKAPI Driver 瑞星软件有限公司 c:\program files\rising\rav\hookapi.sys
+ HookCont TDI HOOK Driver Rising tech Co. ltd c:\program files\rising\rav\hookcont.sys
+ HookReg c:\program files\rising\rav\hookreg.sys
+ HookSys Hooksys Rising c:\program files\rising\rav\hooksys.sys
+ HookUrl HookUrl Beijing Rising Technology Co., Ltd. c:\program files\rising\rfw\hookurl.sys
+ kmsinput c:\windows\system32\drivers\kmsinput.sys
+ MEMSCAN MemScan Driver 瑞星软件有限公司 c:\program files\rising\rav\memscan.sys
+ mProcRs Rising Personal FireWall mprocrs.sys Beijing Rising Technology Co., Ltd. c:\program files\rising\rfw\mprocrs.sys
+ New0 c:\windows\system32\new.sys
+ NPF npf CACE Technologies c:\windows\system32\drivers\npf.sys
+ npkcrypt File not found: C:\Program Files\Tencent\qq\npkcrypt.sys
+ NPPTNT2 nProtect NPSC Kernel Mode Driver for NT INCA Internet Co., Ltd. c:\windows\system32\npptnt2.sys
+ nv NVIDIA Compatible Windows 2000 Miniport Driver, Version 71.81 NVIDIA Corporation c:\windows\system32\drivers\nv4_mini.sys
+ nvport Port Driver NVIDIA Corporation. c:\windows\system32\drivers\nvport.sys
+ pfc Padus(R) ASPI Shell Padus, Inc. c:\windows\system32\drivers\pfc.sys
+ prodrv06 StarForce Protection Environment Driver Protection Technology c:\windows\system32\drivers\prodrv06.sys
+ prohlp02 StarForce Protection Helper Driver Protection Technology c:\windows\system32\drivers\prohlp02.sys
+ prosync1 StarForce Protection Synchronization Driver Protection Technology c:\windows\system32\drivers\prosync1.sys
+ Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys
+ PxHelp20 Px Engine Device Driver for Windows 2000/XP Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys
+ RsFwDrv nt_fwdrv Beijing Rising Technology Co., Ltd. c:\program files\rising\rfw\rsfwdrv.sys
+ rtl8139 Realtek RTL8139/810x Family NDIS 5.1 Drv Realtek Semiconductor Corporation c:\windows\system32\drivers\r8139n51.sys
+ Secdrv SafeDisc driver c:\windows\system32\drivers\secdrv.sys
+ sfdrv01 StarForce Protection Environment Driver Protection Technology c:\windows\system32\drivers\sfdrv01.sys
+ sfhlp01 StarForce Protection Helper Driver Protection Technology c:\windows\system32\drivers\sfhlp01.sys
+ sfhlp02 StarForce Protection Helper Driver Protection Technology c:\windows\system32\drivers\sfhlp02.sys
+ sfsync02 StarForce Protection Synchronization Driver Protection Technology c:\windows\system32\drivers\sfsync02.sys
+ smwdm SoundMAX Integrated Digital Audio Analog Devices, Inc. c:\windows\system32\drivers\smwdm.sys
+ vusbser c:\windows\system32\drivers\vusbser.sys
+ ZSMC301b Video streaming and Capture Device Driver VM c:\windows\system32\drivers\usbvm31b.sys
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
+ MSTCP Provider MFCDLL c:\windows\system32\wmpcd32.dll
+ MSTCPChain Provider MFCDLL c:\windows\system32\wmpcd32.dll
