HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ AddrPlus3TENCENTc:\program files\tencent\addrplus\runner.exe
+ CnsMin3721北京三七二一科技有限公司c:\windows\downloaded program files\cnsmin.dll
+ dl_accel下载加速专家北京三七二一科技有限公司c:\program files\3721\dlaccel\ydownloader.exe
+ nwizFile not found: rem
+ RavTaskRavTimerBeijing Rising Technology Co., Ltd.d:\program files\rising\rav\ravtask.exe
+ RfwMainRising Personal FireWall Main ProgramBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\rfwmain.exe
+ SoundManRealtek Sound ManagerRealtek Semiconductor Corp.C:\WINDOWS\soundman.exe
+ SysExplrc:\herosoft\hero2001\sysexplr.exe
+ TkBellExeRealNetworks SchedulerRealNetworks, Inc.c:\program files\common files\real\update_ob\realsched.exe
+ yassistseAssistSettingYahoo!c:\program files\yahoo!\assistant\yassistse.exe
+ YDTMain.exeFile not found: C:\PROGRA~1\YDT\YDTMain.exe
+ YLive.exeYLive c:\program files\yahoo!\assistant\ylive.exe
C:\Documents and Settings\胡庆云\「开始」菜单\程序\启动
+ 腾讯QQ.lnkQQTENCENTc:\program files\tencent\qq\qq.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ cnshook.dll3721 CNS Module北京三七二一科技有限公司c:\windows\downloaded program files\cnshook.dll
+ Rising Execute File Exts hookRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll
+ Shell Extensions for RealOne PlayerRealPlayer Shell ExtensionsRealNetworks, Inc.d:\program files\real\realplayer\rpshell.dll
+ Yahoo!PhotoyPhtbYahoo! Chinac:\program files\yahoo!\assistant\assist\yphtb.dll
+ 粉碎文件Wiper 动态链接库c:\program files\yahoo!\assistant\assist\ywiper.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Web 文件夹c:\program files\common files\microsoft shared\web folders\msonsext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects
+ AntiFish Classyangling.dllYahoo.c:\program files\yahoo!\assistant\assist\yangling.dll
+ CnsHook Class3721 CNS Module北京三七二一科技有限公司c:\windows\downloaded program files\cnshook.dll
+ DragSearch BHODragSearchc:\program files\yahoo!\assistant\assist\ydragsearch.dll
+ DragSearch BHODragSearchc:\program files\yisou\yisoub.dll
+ QQBrowserHelper
Object ClassQQIEHelper Module深圳市腾讯计算机系统有限公司c:\program files\tencent\qq\qqiehelper.dll
+ ThunderIEHelper Classxunleibho BHOc:\windows\system32\xunleibho_v6.dll
+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
+ coolbarToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll
+ 一搜YiSou ToolBar 3721c:\program files\yisou\yisou.dll
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ 清理上网记录File not found: http://assistant.3721.com/clean1.htm?fb=Cns
+ 上网助手File not found: http://assistant.3721.com/index.htm?fb=Cns
+ 修复浏览器File not found: http://assistant.3721.com/security1.htm?fb=Cns
HKLM\System\CurrentControlSet\Services
+ LexBceSLexBce ServiceLexmark International, Inc.c:\windows\system32\lexbces.exe
+ NVSvcNVIDIA Driver Helper Service, Version 43.45NVIDIA Corporationc:\windows\system32\nvsvc32.exe
+ RfwServiceRising Personal Firewall ServiceBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\rfwsrv.exe
+ RsCCenterCCenterBeijing Rising Technology Co., Ltd.d:\program files\rising\rav\ccenter.exe
+ RsRavMonRavMondBeijing Rising Technology Co., Ltd.d:\program files\rising\rav\ravmond.exe
HKLM\System\CurrentControlSet\Services
+ ac97intcIntel(r) Integrated Controller Hub Audio DriverIntel Corporationc:\windows\system32\drivers\ac97intc.sys
+ ALCXWDMRealtek AC'97 Audio Driver (WDM)Realtek Semiconductor Corp.c:\windows\system32\drivers\alcxwdm.sys
+ Aspi32ASPI for WIN32 Kernel DriverAdaptecc:\windows\system32\drivers\aspi32.sys
+ BaseTDIbasetdiBeijing Rising Technology Co., Ltd.c:\windows\system32\drivers\basetdi.sys
+ CDGscsiVirtual CDROM driverSavage Companyc:\windows\system32\drivers\cdgscsi.sys
+ ExpScanerExpScan.sysd:\program files\rising\rav\expscan.sys
+ HookContTDI HOOK DriverRising tech Co. ltdd:\program files\rising\rav\hookcont.sys
+ HookRegd:\program files\rising\rav\hookreg.sys
+ HookSysHooksysRisingd:\program files\rising\rav\hooksys.sys
+ IdeBusDrIntel Application Accelerator DriverIntel Corporationc:\windows\system32\drivers\idebusdr.sys
+ IdeChnDrIntel Application Accelerator DriverIntel Corporationc:\windows\system32\drivers\idechndr.sys
+ kmsinputc:\windows\system32\drivers\kmsinput.sys
+ machobusc:\windows\system32\drivers\machobus.sys
+ MEMSCANMemScan Driver瑞星软件有限公司d:\program files\rising\rav\memscan.sys
+ mProcRsRising Personal FireWall mprocrs.sysBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\mprocrs.sys
+ New0c:\windows\system32\new.sys
+ npkcryptnProtect KeyCrypt DriverINCA Internet Co., Ltd.c:\program files\tencent\qq\npkcrypt.sys
+ nvNVIDIA Compatible Windows 2000 Miniport Driver, Version 43.45 NVIDIA Corporationc:\windows\system32\drivers\nv4_mini.sys
+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys
+ RsFwDrvnt_fwdrvBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\rsfwdrv.sys
+ rtl8139NDIS 5.0 driver Realtek Semiconductor Corporation c:\windows\system32\drivers\rtl8139.sys
+ SecdrvSafeDisc driverc:\windows\system32\drivers\secdrv.sys
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ Lenovo Network PortLEXLMPM DLLLexmark International, Inc.c:\windows\system32\lexlmpm.dll
