这是用“autoruns”导出的,是日志吗?
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ CnsMin3721北京三七二一科技有限公司d:\windows\downloaded program files\cnsmin.dll
+ KAVRUNKAVRunkingsoftc:\kav2002\kavrun.exe
+ NvCplDaemonNVIDIA Display Properties ExtensionNVIDIA Corporationd:\windows\system32\nvcpl.dll
+ NvMediaCenterNVIDIA Media Center LibraryNVIDIA Corporationd:\windows\system32\nvmctray.dll
+ nwizNVIDIA nView Wizard, Version 56.72 NVIDIA Corporationd:\windows\system32\nwiz.exe
+ QuickTime TaskApple Computer, Inc.d:\program files\quicktime\qttask.exe
+ RavTaskRavTimerBeijing Rising Technology Co., Ltd.d:\program files\rising\rav\ravtask.exe
+ rfwRising Personal FireWall Main ProgramBeijing Rising Technology Corporation Limitedd:\program files\rising\rfw\rfw.exe
+ TkBellExeRealNetworks SchedulerRealNetworks, Inc.d:\program files\common files\real\update_ob\realsched.exe
+ vptrayFile not found: D:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
+ WinsSystemaasdfasasdfasdfc:\program files\internet explorer\syssmss.exe
+ WinsSystemaasdfasasdfasdfc:\program files\internet explorer\syssmss.exe
D:\Documents and Settings\All Users\「开始」菜单\程序\启动
+ Adobe Gamma Loader.lnkAdobe Gamma LoaderAdobe Systems, Inc.d:\program files\common files\adobe\calibration\adobe gamma loader.exe
+ LANFax Client.lnkLANFax Suite客户端程序北京华录北方电子有限责任公司d:\program files\lanfax suite\lanfax client\lfclient.exe
+ LANFax 发传真监视器.lnkSendFaxMonitor Microsoft 基础类应用程序d:\program files\lanfax suite\lanfax client\lfmonitor.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
+ Winpatch AutoUpdated:\windows\downloaded program files\#.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ cnshook.dll3721 CNS Module北京三七二一科技有限公司d:\windows\downloaded program files\cnshook.dll
+ cnsmin.dll3721北京三七二一科技有限公司d:\windows\downloaded program files\cnsmin.dll
+ Rising Execute File Exts hookRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.d:\windows\system32\ravext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.d:\windows\system32\ravext.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ 金山毒霸金山毒霸右键菜单支持程序Kingsoft Corp.c:\kav2002\kavext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects
+ 3721中文邮CesWeb Moduled:\program files\3721\ces\cesweb.dll
+ AcroIEHlprObj ClassAcroIEHelper Moduled:\program files\adobe\acrobat 5.0\reader\activex\acroiehelper.ocx
+ CnsHook Class3721 CNS Module北京三七二一科技有限公司d:\windows\downloaded program files\cnshook.dll
+ Google Toolbar HelperGoogle IE 客户端工具栏Google Inc.d:\program files\google\googletoolbar2.dll
+ IeCatch2 Classjccatch ModuleAmaze Softd:\program files\flashget\jccatch.dll
+ Infofo 工具栏珊瑚虫 Infofo 工具栏珊瑚虫工作室 泰格工作室c:\program files\infofo bar\infofobar.dll
+ ShowBar
Object ClassAlibabaIEToolBarAlibabad:\windows\system32\alibabatoolbar\__new\bar.dll
+ 上网助手Assist Moduled:\program files\3721\assist\assist.dll
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ FlashGet BarFlashGet IE BarAmaze Softd:\program files\flashget\fgiebar.dll
+ 上网助手Assist Moduled:\program files\3721\assist\assist.dll
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ &FlashGetFlashGetAmaze Softd:\program files\flashget\flashget.exe
+ &NetAntsNetAnts d:\program files\netants\netants.exe
+ 3721中文邮File not found: http://cmail.3721.com?fb=client
+ @shdoclc.dll,-864d:\windows\web\related.htm
+ Yahoo 1G电邮File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail
+ 清理上网记录File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean
+ 情景聊天File not found: http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/
+ 腾讯QQQQTENCENTc:\program files\tencent\qq\qq.exe
+ 修复浏览器File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair
+ 寻宝乐趣多File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao
+ 雅虎助手File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist
+ 易趣购物File not found: http://adfarm.mediaplex.com/ad/ck/4080-23171-9517-195?cn=song;icon;hp&mpro=http://www.ebay.com.cn
HKLM\System\CurrentControlSet\Services
+ C-DillaSrvC-Dilla RTS ServiceC-Dilla Ltdd:\windows\system32\drivers\cdantsrv.exe
+ DefWatchFile not found: D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
+ Norton AntiVirus ServerFile not found: D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
+ NVSvcProvides system and desktop level support to the NVIDIA display driverNVIDIA Corporationd:\windows\system32\nvsvc32.exe
+ RsCCenterCCenterBeijing Rising Technology Co., Ltd.d:\program files\rising\rav\ccenter.exe
+ RsRavMonRavMondBeijing Rising Technology Co., Ltd.d:\program files\rising\rav\ravmond.exe
HKLM\System\CurrentControlSet\Services
+ ac97intcIntel(r) Integrated Controller Hub Audio DriverIntel Corporationd:\windows\system32\drivers\ac97intc.sys
+ BaseTDIbasetdiBeijing Rising Technology Co., Ltd.d:\windows\system32\drivers\basetdi.sys
+ C-DillaC-Dilla Windows NT RTSMacrovisiond:\windows\system32\drivers\cdant.sys
+ ExpScanerExpScan.sysd:\program files\rising\rav\expscan.sys
+ FETNDISBNDIS 5.0 miniport driverVIA Technologies, Inc. d:\windows\system32\drivers\fetnd5b.sys
+ HookContTDI HOOK DriverRising tech Co. ltdd:\program files\rising\rav\hookcont.sys
+ HookRegd:\program files\rising\rav\hookreg.sys
+ HookSysHooksysRisingd:\program files\rising\rav\hooksys.sys
+ IPHOOKIP HOOK DriverBeijing Rising Technology Corporation Limitedd:\program files\rising\rfw\iphook.sys
+ kmsinputd:\windows\system32\drivers\kmsinput.sys
+ MEMSCANMemScan Driver瑞星软件有限公司d:\program files\rising\rav\memscan.sys
+ NAVAPFile not found: D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP.sys
+ NAVAPELFile not found: D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS
+ NAVENGAV EngineSymantec Corporationd:\program files\common files\symantec shared\virusdefs\20031217.004\naveng.sys
+ NAVEX15AV EngineSymantec Corporationd:\program files\common files\symantec shared\virusdefs\20031217.004\navex15.sys
+ New0d:\windows\system32\new.sys
+ NTSIMNetwork Device Monitor UtilityVIA Technologies, Inc. d:\windows\system32\ntsim.sys
+ nvNVIDIA Compatible Windows 2000 Miniport Driver, Version 56.72 NVIDIA Corporationd:\windows\system32\drivers\nv4_mini.sys
+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.d:\windows\system32\drivers\ptilink.sys
+ SecdrvSafeDisc driverd:\windows\system32\drivers\secdrv.sys
+ Sentineld:\windows\system32\drivers\sentinel.sys
+ SymEventSymantec Event LibrarySymantec Corporationd:\program files\symantec\symevent.sys
+ TDIHOOKTDI HOOK DriverBeijing Rising Technology Corporation Limitedd:\program files\rising\rfw\tdihook.sys
+ TOODISUSBTOODISUSBTooDisd:\windows\system32\drivers\toodis.sys
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
+ NavLogond:\windows\system32\navlogon.dll
HKCU\Control Panel\Desktop\Scrnsave.exe
+ D:\WINDOWS\System32\JAPANE~1.SCRScreensaver for SSA2TopThinks, INC.d:\windows\system32\japanese cats.scr
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ adimonHeidi? OLE to ADI Port MonitorAutodesk, Inc.d:\windows\system32\adimon.dll
+ HP Master MonitorWin32 Master MonitorHewlett-Packardd:\windows\system32\hpbmmon.dll
