HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
+ Explorer.exe c:\winnt\system32\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ HotKeysCmds hkcmd Module Intel Corporation c:\winnt\system32\hkcmd.exe
+ IgfxTray igfxTray Module Intel Corporation c:\winnt\system32\igfxtray.exe
+ NEC e-Border Credential SOCKS5 Credential Cache Manager NEC Corporation c:\program files\nec\e-border client\s5credmgr.exe
+ RavTask RavTimer Beijing Rising Technology Co., Ltd. c:\program files\rising\rav\ravtask.exe
+ RfwMain Rising Personal FireWall Main Program Beijing Rising Technology Co., Ltd. c:\program files\rising\rfw\rfwmain.exe
+ Sound c:\winnt\system32\explorer.exe
+ SoundMan Realtek Sound Manager Realtek Semiconductor Corp. c:\winnt\soundman.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ Rising Execute File Exts hook Rising Shell Ext Module Beijing Rising Technology Co., Ltd. c:\winnt\system32\ravext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ RISING Rising Shell Ext Module Beijing Rising Technology Co., Ltd. c:\winnt\system32\ravext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects
+ T2BHO Class DownloadBHO Module HDT, Inc. c:\winnt\downloaded program files\barhelp24.0.dll
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ 天下搜索 HDTBar Module c:\winnt\downloaded program files\iebar23.0.dll
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ @shdoclc.dll,-864 c:\winnt\web\related.htm
HKLM\System\CurrentControlSet\Services
+ RfwService Rising Personal Firewall Service Beijing Rising Technology Co., Ltd. c:\program files\rising\rfw\rfwsrv.exe
+ RsCCenter CCenter Beijing Rising Technology Co., Ltd. c:\program files\rising\rav\ccenter.exe
+ RsRavMon RavMond Beijing Rising Technology Co., Ltd. c:\program files\rising\rav\ravmond.exe
HKLM\System\CurrentControlSet\Services
+ ALCXWDM Realtek AC'97 Audio Driver (WDM) Realtek Semiconductor Corp. c:\winnt\system32\drivers\alcxwdm.sys
+ BaseTDI basetdi Beijing Rising Technology Co., Ltd. c:\winnt\system32\drivers\basetdi.sys
+ DCN530 DigitalChina DCN-530TX Fast Ethernet Adapter NDIS5 Driver Digitalchina Networks Limited. c:\winnt\system32\drivers\dcn530n5.sys
+ dmio NT Disk Manager I/O Driver VERITAS Software Corp. c:\winnt\system32\drivers\dmio.sys
+ dmload NT Disk Manager Startup Driver VERITAS Software Corp. c:\winnt\system32\drivers\dmload.sys
+ ExpScaner ExpScan.sys c:\program files\rising\rav\expscan.sys
+ HOOKAPI HOOKAPI Driver 瑞星软件有限公司 c:\program files\rising\rav\hookapi.sys
+ HookCont TDI HOOK Driver Rising tech Co. ltd c:\program files\rising\rav\hookcont.sys
+ HookReg c:\program files\rising\rav\hookreg.sys
+ HookSys Hooksys Rising c:\program files\rising\rav\hooksys.sys
+ ialm Intel Graphics Miniport Driver Intel Corporation c:\winnt\system32\drivers\ialmnt5.sys
+ MEMSCAN MemScan Driver 瑞星软件有限公司 c:\program files\rising\rav\memscan.sys
+ mProcRs Rising Personal FireWall mprocrs.sys Beijing Rising Technology Co., Ltd. c:\program files\rising\rfw\mprocrs.sys
+ oreans32 c:\winnt\system32\drivers\oreans32.sys
+ Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\winnt\system32\drivers\ptilink.sys
+ RsFwDrv nt_fwdrv Beijing Rising Technology Co., Ltd. c:\program files\rising\rfw\rsfwdrv.sys
+ WINIO c:\winnt\downloaded program files\winio.sys
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
+ igfxcui igfxsrvc Module Intel Corporation c:\winnt\system32\igfxsrvc.dll
HKCU\Control Panel\Desktop\Scrnsave.exe
+ (无) File not found: (无)
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
+ NEC e-Border Layered Service Provider SOCKS5 EZClient service provider hooks NEC Corporation c:\program files\nec\e-border client\s5spi.dll
+ NEC e-Border MSAFD Tcpip [TCP/IP] SOCKS5 EZClient service provider hooks NEC Corporation c:\program files\nec\e-border client\s5spi.dll
