HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ AddrPlus3TENCENTc:\program files\tencent\adplus\runner.exe
+ ATIPTAATI Desktop Control PanelATI Technologies, Inc.c:\program files\ati technologies\ati control panel\atiptaxx.exe
+ NeroFilterCheckNeroCheckAhead Software Gmbhc:\windows\system32\nerocheck.exe
+ RavTaskRavTimerBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravtask.exe
+ SoundManRealtek Sound ManagerRealtek Semiconductor Corp.C:\WINDOWS\soundman.exe
+ StormCodec_Helperc:\program files\ringz studio\storm codec\stormset.exe
+ TkBellExeRealNetworks SchedulerRealNetworks, Inc.c:\program files\common files\real\update_ob\realsched.exe
C:\Documents and Settings\All Users\「开始」菜单\程序\启动
+ AutoCAD 启动加速器.lnkAutoCAD Startup AcceleratorAutodesk, Incc:\program files\common files\autodesk shared\acstart16.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
+ helperdllc:\windows\system32\drivers\pupw.sys
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ Rising Execute File Exts hookRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ AutoCAD 数字签名图标覆盖处理程序AcSignIcon ModuleAutodeskc:\windows\system32\acsignicon.dll
+ Autodesk Drawing PreviewAcThumbnail ModuleAutodeskc:\program files\common files\autodesk shared\thumbnail\acthumbnail16.dll
+ Autodesk DWF PreviewAcThumbnail ModuleAutodeskc:\program files\common files\autodesk shared\thumbnail\acdwfthmbprxy16.dll
+ QQ Search HookTencentc:\program files\tencent\adplus\iehelp.dll
+ QQAddrBar Drop TargetTencentc:\program files\tencent\adplus\iehelp.dll
+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll
+ Tencent Browser HelperTencentc:\program files\tencent\adplus\iehelp.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects
+ CdnForIE ClassCdnForIECNNICc:\program files\cnnic\cdn\cdnforie.dll
+ DownloadValue ClassDownloadStart Modulec:\windows\system32\winhtp.dll
+ Infofo 工具栏珊瑚虫 Infofo 工具栏珊瑚虫工作室 泰格工作室c:\program files\infofo bar\infofobar.dll
+ QQBrowserHelper
Object ClassQQIEHelper Module深圳市腾讯计算机系统有限公司e:\program files\tencent\qq\qqiehelper.dll
+ Router LayerFile not found: C:\WINDOWS\System32\aclayer.dll
+ Tencent Browser HelperTencentc:\program files\tencent\adplus\iehelp.dll
+ ThunderIEHelper Classxunleibho BHOThunder Networking Technologies,LTDc:\windows\system32\xunleibho_v11.dll
+ URLMonitor ClassHAPHenbangc:\windows\system32\hap.dll
+ WMHlprObj ClassCNNIC Web Mail for WindowsCNNICc:\program files\cnnic\cdn\wmhlpr.dll
+ 百度超级搜霸BaiduBar ModuleBaidu.com, Inc.c:\program files\baidu\bar\baidubar.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
+ iehelp.dllTencentc:\program files\tencent\adplus\iehelp.dll
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ 一搜File not found: C:\Program Files\YiSou\yisou.dll
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ 浩方对战平台浩方对战平台上海浩方在线信息技术有限公司d:\game\hf\hfgame3\gameclient.exe
+ 易趣购物File not found: http://click2.ad4all.net/url2/urlmanage/url.asp?id=50
HKLM\System\CurrentControlSet\Services
+ Ati HotKey Pollerc:\windows\system32\ati2evxx.exe
+ ATI SmartATI Smartc:\windows\system32\ati2sgag.exe
+ GrayPigeonServer2.0监控管理.c:\windows\g_server2.0.exe
+ RsCCenterCCenterBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ccenter.exe
+ RsRavMonRavMondBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravmond.exe
HKLM\System\CurrentControlSet\Services
+ ALCXWDMRealtek AC'97 Audio Driver (WDM)Realtek Semiconductor Corp.c:\windows\system32\drivers\alcxwdm.sys
+ ati2mtagATI Radeon WindowsNT Miniport DriverATI Technologies Inc.c:\windows\system32\drivers\ati2mtag.sys
+ BaseTDIbasetdiBeijing Rising Technology Co., Ltd.c:\windows\system32\drivers\basetdi.sys
+ cdnprotcdnprotCNNICc:\windows\system32\drivers\cdnprot.sys
+ cdntrancdntranCNNICc:\windows\system32\drivers\cdntran.sys
+ d347busPnP BIOS Extension c:\windows\system32\drivers\d347bus.sys
+ d347prtSCSI miniport c:\windows\system32\drivers\d347prt.sys
+ ExpScanerExpScan.sysc:\program files\rising\rav\expscan.sys
+ FETNDISNDIS 5.0 miniport driverVIA Technologies, Inc. c:\windows\system32\drivers\fetnd5.sys
+ HOOKAPIHOOKAPI Driver瑞星软件有限公司c:\program files\rising\rav\hookapi.sys
+ HookContTDI HOOK DriverRising tech Co. ltdc:\program files\rising\rav\hookcont.sys
+ HookRegc:\program files\rising\rav\hookreg.sys
+ HookSysHooksysRisingc:\program files\rising\rav\hooksys.sys
+ MEMSCANMemScan Driver瑞星软件有限公司c:\program files\rising\rav\memscan.sys
+ npkcryptnProtect KeyCrypt DriverINCA Internet Co., Ltd.e:\program files\tencent\qq\npkcrypt.sys
+ PCAMPR5PCAUSA NDIS 5.0 MPR Protocol DriverPrinting Communications Assoc., Inc. (PCAUSA)c:\windows\system32\pcampr5.sys
+ PCANDIS5PCAUSA NDIS 5.0 Protocol DriverPrinting Communications Assoc., Inc. (PCAUSA)c:\windows\system32\pcandis5.sys
+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys
+ PxHelp20Px Engine Device Driver for Windows 2000/XPSonic Solutionsc:\windows\system32\drivers\pxhelp20.sys
+ SecdrvSafeDisc driverc:\windows\system32\drivers\secdrv.sys
+ viaagp1VIA NT AGP FilterVIA Technologies, Inc.c:\windows\system32\drivers\viaagp1.sys
+ viamraidVIA RAID DRIVER FOR WIN 2000/XP/2003IA32VIA Technologies inc,.ltdc:\windows\system32\drivers\viamraid.sys
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
+ autocheck autochk *File not found: autocheck
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
+ APIHookDll.dllFile not found: APIHookDll.dll
