这是新的autorun扫描日志
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ 00THotkeyTHotkey东芝公司c:\windows\system32\00thotkey.exe
+ Acrobat Assistant 7.0AcroTrayAdobe Systems Inc.c:\program files\adobe\acrobat 7.0\distillr\acrotray.exe
+ ccAppCommon Client User SessionSymantec Corporationc:\program files\common files\symantec shared\ccapp.exe
+ SynTPEnhSynaptics TouchPad EnhancementsSynaptics, Inc.c:\program files\synaptics\syntp\syntpenh.exe
+ SynTPLprTouchPad Driver Helper ApplicationSynaptics, Inc.c:\program files\synaptics\syntp\syntplpr.exe
+ TFncKyTFncKyTOSHIBA CorporationC:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
+ TFNF5TFnF5Toshiba Corp.c:\windows\system32\tfnf5.exe
+ TouchED触摸板 开/关 实用程序东芝公司c:\program files\toshiba\touched\touched.exe
+ Tpwrtray东芝省电东芝公司c:\windows\system32\tpwrtray.exe
+ vptraySymantec AntiVirusSymantec Corporationc:\program files\symantec antivirus\vptray.exe
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
+ NVMLCFile not found: C:\WINDOWS\System32\ronvidiat.dll
+ WinMediaRoNVidiaRoNVidiac:\windows\system32\nvbworks.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellService
ObjectDelayLoad
+ SysTray.ExysFile not found: C:\WINDOWS\system32\bnhkdkig.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Adobe.Acrobat.ContextMenuAdobe Acrobat Context MenuAdobe Systems Inc.c:\program files\adobe\acrobat 7.0\acrobat elements\contextmenu.dll
+ AutoCAD 数字签名图标覆盖处理程序AcSignIcon ModuleAutodeskc:\windows\system32\acsignicon.dll
+ Autodesk Drawing PreviewAcThumbnail ModuleAutodeskc:\program files\common files\autodesk shared\thumbnail\acthumbnail16.dll
+ Autodesk DWF PreviewAcThumbnail ModuleAutodeskc:\program files\common files\autodesk shared\thumbnail\acdwfthmbprxy16.dll
+ CuteFTP Shell ExtensionGlobalSCAPE, Inc.c:\program files\globalscape\cuteftp zh\cuteshell.dll
+ Desktop ExplorerNVIDIA Desktop Explorer, Version 36.39 NVIDIA Corporationc:\windows\system32\nvshell.dll
+ Desktop Explorer MenuNVIDIA Desktop Explorer, Version 36.39 NVIDIA Corporationc:\windows\system32\nvshell.dll
+ Display Panning CPL ExtensionFile not found: deskpan.dll
+ GT IndicatorIndicatorCUGtranc:\program files\gtran\zte dialer\gtindicator.dll
+ HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\windows\system32\hticons.dll
+ LDVP Shell ExtensionsSymantec AntiVirusSymantec Corporationc:\program files\common files\symantec shared\ssc\vpshell2.dll
+ pkcsetup.dllc:\windows\system32\pkcsetup.dll
+ robdyctl.dllc:\windows\system32\robdyctl.dll
+ Samsung YP-55Shell HookSamsung YP-55 Shell ExtensionSamsung, Inc.c:\windows\system32\yp55h.dll
+ Shell Extensions for RealOne PlayerRealPlayer Shell ExtensionsRealNetworks, Inc.c:\program files\real\realone player\rpshell.dll
+ TouchED触摸板 开/关 实用程序东芝公司c:\program files\toshiba\touched\touched.dll
+ WinRAR shell extensionc:\program files\winrar\rarext.dll
+ WinZipWinZip Shell Extension DLLWinZip Computing, Inc.c:\program files\winzip\wzshlstb.dll
+ WinZipWinZip Shell Extension DLLWinZip Computing, Inc.c:\program files\winzip\wzshlstb.dll
+ WinZipWinZip Shell Extension DLLWinZip Computing, Inc.c:\program files\winzip\wzshlstb.dll
+ WinZipWinZip Shell Extension DLLWinZip Computing, Inc.c:\program files\winzip\wzshlstb.dll
+ Yahoo! MailYMMAPI ModuleYahoo! Inc.c:\program files\yahoo!\common\ymmapi.dll
+ {506F4668-F13E-4AA1-BB04-B43203AB3CC0}c:\program files\microsoft office\visio11\visshe.dll
+ {D66DC78C-4F61-447F-942B-3FB6980118CF}c:\program files\microsoft office\visio11\visshe.dll
+ 粉碎文件Wiper 动态链接库c:\program files\yahoo!\assistant\assist\ywiper.dll
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ PDF Shell ExtensionPDF Shell ExtensionAdobe Systems, Inc.c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ &FlashGetFlashGetAmaze Softc:\program files\flashget\flashget.exe
Task Scheduler
+ Symantec NetDetect.jobSymantec NetDetectSymantec Corporationc:\program files\symantec\liveupdate\ndetect.exe
HKLM\System\CurrentControlSet\Services
+ C-DillaSrvC-Dilla RTS ServiceC-Dilla Ltdc:\windows\system32\drivers\cdantsrv.exe
+ ccEvtMgrSymantec 事件管理器Symantec Corporationc:\program files\common files\symantec shared\ccevtmgr.exe
+ ccSetMgrSymantec 设置管理器Symantec Corporationc:\program files\common files\symantec shared\ccsetmgr.exe
+ CVPNDCisco Systems VPN ClientCisco Systems, Inc.c:\program files\cisco systems\vpn client\cvpnd.exe
+ DefWatch监控和维护病毒定义。Symantec Corporationc:\program files\symantec antivirus\defwatch.exe
+ NVSvcNVIDIA Driver Helper Service, Version 36.39NVIDIA Corporationc:\windows\system32\nvsvc32.exe
+ Symantec AntiVirus提供 Symantec AntiVirus 的实时病毒扫描、报告和管理功能。Symantec Corporationc:\program files\symantec antivirus\rtvscan.exe
HKLM\System\CurrentControlSet\Services
+ ac97intcIntel(r) Integrated Controller Hub Audio DriverIntel Corporationc:\windows\system32\drivers\ac97intc.sys
+ atapic:\windows\system32\drivers\atapi.sys
+ C-DillaC-Dilla Windows NT RTSMacrovisionc:\windows\system32\drivers\cdant.sys
+ CA561Universal Serial Bus Camera DriverSPc:\windows\system32\drivers\spca561.sys
+ CVirtACisco Systems VPN AdapterCisco Systems, Inc.c:\windows\system32\drivers\cvirta.sys
+ CVPNDRVACisco Systems VPN Client IPSec DriverCisco Systems, Inc.c:\windows\system32\drivers\cvpndrva.sys
+ d346busPnP BIOS Extension c:\windows\system32\drivers\d346bus.sys
+ d346prtSCSI miniport c:\windows\system32\drivers\d346prt.sys
+ E100BNDIS 5 driverIntel Corporationc:\windows\system32\drivers\e100b325.sys
+ GEARAspiWDMCDRom Class Filter DriverGEAR Software Inc.c:\windows\system32\drivers\gearaspiwdm.sys
+ hwi4857USB Flash Memory Controller DriverCowon Systems, Inc.c:\windows\system32\drivers\hwi4857.sys
+ i386pc:\windows\system32\drivers\i386p.sys
+ kmsinputc:\windows\system32\drivers\kmsinput.sys
+ LHidFlt2Logitech HID Filter DriverLogitechc:\windows\system32\drivers\lhidflt2.sys
+ LHidUsbLogitech USB ReceiverLogitechc:\windows\system32\drivers\lhidusb.sys
+ LKbdFlt2Logitech Keyboard Filter DriverLogitechc:\windows\system32\drivers\lkbdflt2.sys
+ LMouFlt2Logitech Mouse Filter DriverLogitechc:\windows\system32\drivers\lmouflt2.sys
+ NAVENGAV EngineSymantec Corporationc:\program files\common files\symantec shared\virusdefs\20051130.006\naveng.sys
+ NAVEX15AV EngineSymantec Corporationc:\program files\common files\symantec shared\virusdefs\20051130.006\navex15.sys
+ NETMDUSBNet MD USB DriverSony Corporationc:\windows\system32\drivers\netmdusb.sys
+ NPFNPF Driver - TME extensionsPolitecnico di Torinoc:\windows\system32\drivers\npf.sys
+ nvNVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73 NVIDIA Corporationc:\windows\system32\drivers\nv4_mini.sys
+ pciSdTOSSDPCI.SYSTOSHIBAc:\windows\system32\drivers\tossdpci.sys
+ pfcPadus(R) ASPI ShellPadus, Inc.c:\windows\system32\drivers\pfc.sys
+ PortRSTBaromTec HMS30C6001 Reset DriverBarom Technologies Co., Ltd.c:\windows\system32\drivers\portrst.sys
+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys
+ PxHelp20Px Engine Device Driver for Windows 2000/XPSonic Solutionsc:\windows\system32\drivers\pxhelp20.sys
+ SAVRTAutoProtectSymantec Corporationc:\program files\symantec antivirus\savrt.sys
+ SAVRTPELSAVRTPELSymantec Corporationc:\program files\symantec antivirus\savrtpel.sys
+ SecdrvSafeDisc driverc:\windows\system32\drivers\secdrv.sys
+ SERIALOXDotSurfer Serial Device Driver for Win2K (JULY 18, 2001) GTRAN Korea INC.c:\windows\system32\drivers\serialox.sys
+ SMCIRDASMC IrCC NDIS 5.0 IrDA FIR Device DriverSMCc:\windows\system32\drivers\smcirda.sys
+ sonypvs1Sony Digital ImagingSony Corporationc:\windows\system32\drivers\sonypvs1.sys
+ SparrowAdaptec AIC-6x60 series SCSI miniportAdaptec, Inc.c:\windows\system32\drivers\sparrow.sys
+ SymEventSymantec Event LibrarySymantec Corporationc:\program files\symantec\symevent.sys
+ SYMREDRVRedirector Filter DriverSymantec Corporationc:\windows\system32\drivers\symredrv.sys
+ SYMTDINetwork Dispatch DriverSymantec Corporationc:\windows\system32\drivers\symtdi.sys
+ SynTPSynaptics Touchpad DriverSynaptics, Inc.c:\windows\system32\drivers\syntp.sys
+ TOSHIBASoftModemSoftModem Device DriverLTc:\windows\system32\drivers\ltsm.sys
+ tsdhdSD Card Host Controller DriverTOSHIBA Corporationc:\windows\system32\drivers\tsdhd.sys
+ TVALDToshiba ACPI-Based Value Added Logical Device DriverToshiba Corporationc:\windows\system32\drivers\tvald.sys
+ TVALDXToshiba ACPI-Based Value Added Logical Device Extension DriverToshiba Corporationc:\windows\system32\drivers\tvaldx.sys
+ TVALGTOSHIBA Value Added Logical and General Purpose Device DriverTOSHIBA Corporationc:\windows\system32\drivers\tvalg.sys
+ vsdatantTrueVector Device DriverZone Labs Inc.c:\windows\system32\vsdatant.sys
+ WDM_YAMAHAAC97YAMAHA AC-XG WDMYAMAHA CORPORATIONc:\windows\system32\drivers\yacxgc.sys
+ ZSMC301bVideo streaming and Capture Device DriverVMc:\windows\system32\drivers\usbvm31b.sys
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
+ APIHookDll.dllFile not found: APIHookDll.dll
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
+ msctl32.dllc:\windows\system32\msctl32.dll
+ NavLogonSymantec AntiVirus Logon NotificationSymantec Corporationc:\windows\system32\navlogon.dll
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ Adobe PDF PortAcrobat ? PDF PortAdobe Systems Incorporated.c:\windows\system32\adobepdf.dll
+ HP LaserJet 5 Language MonitorWin32 Language Monitor for direct connect HP printersHewlett-Packardc:\windows\system32\hpdcmon.dll
