中广告毒~help!
时间:2014-08-04
来源:互联网
忘记了下载什么令电脑中毒,在右下出现一个没logo的东西
没办法关掉,而且时不时会弹出一个广告视窗「game」
线上扫毒过,没扫到任何东西
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:32:17, on 1/7/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PPStream\PPSProtect.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\360\360Safe\safemon\360Tray.exe
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PPStream\PPSKernel.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\DOCUME~1\Heiley\LOCALS~1\Temp\RarSFX0\taskmgr.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Heiley\「开始」功能表\程式集\启动\intr.exe
C:\Program Files\PPStream\PPStream.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\PPStream\AndroidService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
没办法关掉,而且时不时会弹出一个广告视窗「game」
线上扫毒过,没扫到任何东西
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:32:17, on 1/7/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PPStream\PPSProtect.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\360\360Safe\safemon\360Tray.exe
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PPStream\PPSKernel.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\DOCUME~1\Heiley\LOCALS~1\Temp\RarSFX0\taskmgr.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Heiley\「开始」功能表\程式集\启动\intr.exe
C:\Program Files\PPStream\PPStream.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\PPStream\AndroidService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
作者: 小笨月 发布时间: 2014-08-04
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: QPMIEHelper - {50F4150A-48B2-417A-BE4C-C83F580FB904} - C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3180\npQQPhoneManagerExt.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360\360Safe\safemon\safemon.dll
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: PPStream Video Acc Helper - {FB4F6285-4C32-49F2-950F-A5998F9CEC6C} - C:\Program Files\PPStream\plugins\IEHelper.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [InstallerLauncher] "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
O4 - HKLM\..\Run: [360Safetray] "C:\Program Files\360\360Safe\safemon\360tray.exe" /start
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [jay] c:\Program Files\Cmd Files\inte.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QvodPlayer] C:\Program Files\QvodPlayer\QvodTerminal.exe
O4 - HKCU\..\Run: [PPS Accelerator] C:\Program Files\PPStream\PPSKernel.exe
O4 - HKCU\..\Run: [NextLive] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Heiley\Application Data\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [taskmgr] C:\DOCUME~1\Heiley\LOCALS~1\Temp\RarSFX0\taskmgr.exe
O4 - HKCU\..\Run: [wins] "C:\DOCUME~1\Heiley\LOCALS~1\Temp\RarSFX0\taskmgr.exe" -tray
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [PPS Accelerator] C:\Program Files\PPStream\\PPSKernel.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://buttons.videodownloadconv ... s=205320000&p2=^HJ^xdm073^YYA^hk&si=pconvIE&a=476EBC6D-8E71-48F5-9BB8-9B4A455B6D11&n=2014010915&cv=3
O8 - Extra context menu item: Foxy Download - res://C:\DOCUME~1\Heiley\LOCALS~1\Temp\RarSFX0\taskmgr.exe/download.htm
O8 - Extra context menu item: Foxy search - res://C:\DOCUME~1\Heiley\LOCALS~1\Temp\RarSFX0\taskmgr.exe/search.htm
O8 - Extra context menu item: 下载 - res://C:\Program Files\Honey\kupeer\9kupe.exe/download.htm
O8 - Extra context menu item: 汇出至 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 搜寻 - res://C:\Program Files\Honey\kupeer\9kupe.exe/search.htm
O9 - Extra button: 把σ戈? - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {95B3F550-91C4-4627-BCC4-521288C52977} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.co ... s/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{54B67410-C781-41CB-8528-212398F09D35}: NameServer = 168.95.1.1,168.95.192.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{D0AFBB38-6CA9-437D-A845-42B1DA74957C}: NameServer = 168.95.1.1,168.95.192.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{54B67410-C781-41CB-8528-212398F09D35}: NameServer = 168.95.1.1,168.95.192.1
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour 服务 (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Unknown owner - C:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe (file missing)
O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files\DefaultTab\DefaultTabSearch.exe (file missing)
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Documents and Settings\Heiley\Application Data\DefaultTab\DefaultTab\DTUpdate.exe (file missing)
O23 - Service: iPod ?叭 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Prsionyta Instruments Domain Service (Prsionaljrq) - Unknown owner - C:\Program Files\Common Files\svchost.exe
O23 - Service: Prsionlcg Instruments Domain Service (Prsionalufo) - Unknown owner - C:\Program Files\Common Files\svchost.exe
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe
O23 - Service: 主?防御 (ZhuDongFangYu) - 360.cn - C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe
--
End of file - 10674 bytes
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: QPMIEHelper - {50F4150A-48B2-417A-BE4C-C83F580FB904} - C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3180\npQQPhoneManagerExt.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360\360Safe\safemon\safemon.dll
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: PPStream Video Acc Helper - {FB4F6285-4C32-49F2-950F-A5998F9CEC6C} - C:\Program Files\PPStream\plugins\IEHelper.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [InstallerLauncher] "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
O4 - HKLM\..\Run: [360Safetray] "C:\Program Files\360\360Safe\safemon\360tray.exe" /start
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [jay] c:\Program Files\Cmd Files\inte.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QvodPlayer] C:\Program Files\QvodPlayer\QvodTerminal.exe
O4 - HKCU\..\Run: [PPS Accelerator] C:\Program Files\PPStream\PPSKernel.exe
O4 - HKCU\..\Run: [NextLive] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Heiley\Application Data\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [taskmgr] C:\DOCUME~1\Heiley\LOCALS~1\Temp\RarSFX0\taskmgr.exe
O4 - HKCU\..\Run: [wins] "C:\DOCUME~1\Heiley\LOCALS~1\Temp\RarSFX0\taskmgr.exe" -tray
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [PPS Accelerator] C:\Program Files\PPStream\\PPSKernel.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://buttons.videodownloadconv ... s=205320000&p2=^HJ^xdm073^YYA^hk&si=pconvIE&a=476EBC6D-8E71-48F5-9BB8-9B4A455B6D11&n=2014010915&cv=3
O8 - Extra context menu item: Foxy Download - res://C:\DOCUME~1\Heiley\LOCALS~1\Temp\RarSFX0\taskmgr.exe/download.htm
O8 - Extra context menu item: Foxy search - res://C:\DOCUME~1\Heiley\LOCALS~1\Temp\RarSFX0\taskmgr.exe/search.htm
O8 - Extra context menu item: 下载 - res://C:\Program Files\Honey\kupeer\9kupe.exe/download.htm
O8 - Extra context menu item: 汇出至 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 搜寻 - res://C:\Program Files\Honey\kupeer\9kupe.exe/search.htm
O9 - Extra button: 把σ戈? - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {95B3F550-91C4-4627-BCC4-521288C52977} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.co ... s/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{54B67410-C781-41CB-8528-212398F09D35}: NameServer = 168.95.1.1,168.95.192.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{D0AFBB38-6CA9-437D-A845-42B1DA74957C}: NameServer = 168.95.1.1,168.95.192.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{54B67410-C781-41CB-8528-212398F09D35}: NameServer = 168.95.1.1,168.95.192.1
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour 服务 (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Unknown owner - C:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe (file missing)
O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files\DefaultTab\DefaultTabSearch.exe (file missing)
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Documents and Settings\Heiley\Application Data\DefaultTab\DefaultTab\DTUpdate.exe (file missing)
O23 - Service: iPod ?叭 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Prsionyta Instruments Domain Service (Prsionaljrq) - Unknown owner - C:\Program Files\Common Files\svchost.exe
O23 - Service: Prsionlcg Instruments Domain Service (Prsionalufo) - Unknown owner - C:\Program Files\Common Files\svchost.exe
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe
O23 - Service: 主?防御 (ZhuDongFangYu) - 360.cn - C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe
--
End of file - 10674 bytes
作者: 小笨月 发布时间: 2014-08-04
相关阅读 更多
热门阅读
-
office 2019专业增强版最新2021版激活秘钥/序列号/激活码推荐 附激活工具
阅读:74
-
如何安装mysql8.0
阅读:31
-
Word快速设置标题样式步骤详解
阅读:28
-
20+道必知必会的Vue面试题(附答案解析)
阅读:37
-
HTML如何制作表单
阅读:22
-
百词斩可以改天数吗?当然可以,4个步骤轻松修改天数!
阅读:31
-
ET文件格式和XLS格式文件之间如何转化?
阅读:24
-
react和vue的区别及优缺点是什么
阅读:121
-
支付宝人脸识别如何关闭?
阅读:21
-
腾讯微云怎么修改照片或视频备份路径?
阅读:28
