我是靠谱客的博主 还单身戒指,最近开发中收集的这篇文章主要介绍Chrome 启动页面被114篡改的修复1 在PC上去除浏览器页面的篡改2 在Android的设备上,觉得挺不错的,现在分享给大家,希望可以做个参考。
概述
1 在PC上去除浏览器页面的篡改
我最终用下面的方法搞定:
使用了下面的工具:comboFix
【案】去网上下载一个版本,然后,直接运行就好了,要有点耐心,不要随意关闭窗口,直到生成了报告文件。
程序会找到非法插件的原始位置,然后,删除了这个文件。
楼主可以试试看ComboFix(pixnet.net 的页面)
關閉所有防毒軟件(包括Windows Defender),下載ComboFix至桌面 ,執行 ComboFix 掃毒。
掃瞄時不要執行其他程式或點擊 ComboFix視窗。
(ComboFix掃毒約10 -20分鐘,唔使裝"修復主控台程式")
完成掃瞄後,ComboFix 報告會自動彈出。
报告如下:
ComboFix 16-09-28.01 - Administrator 6/10/15 周六 11:38:58.1.4 - x64
Microsoft Windows 7 旗舰版 6.1.7601.1.936.86.2052.18.3792.1752 [GMT 8:00]
执行位置: d:documentsDownloadsComboFix.exe
* 成功创造新还原点
.
.
((((((((((((((((((((((((((((((((((((((( 被删除的档案 )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:windowstmp
D:360Downloads
.
.
((((((((((((((((((((((((((((((((((((((( 驱动/服务 )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------Legacy_BD0001
.
.
((((((((((((((((((((((((( 2016-09-15 至 2016-10-15 的新的档案 )))))))))))))))))))))))))))))))
.
.
2016-10-15 03:37 . 2016-10-15 03:37 16712 ----a-w- c:windowssystem32driversPROCEXP113.SYS
2016-10-15 03:15 . 2016-10-15 03:15 -------- d-----w- c:programdataHuorong
2016-10-15 02:04 . 2016-10-15 02:04 -------- d-----w- c:programdataCleanAndroid
2016-10-15 01:48 . 2016-09-30 02:53 488480 ----a-w- c:windowssystem32baiducn.ime
2016-10-15 01:48 . 2016-09-30 02:53 420896 ----a-w- c:windowsSysWow64baiducn.ime
2016-10-15 01:48 . 2016-10-15 01:48 -------- d-----w- c:program filesCommon FilesBaidu
2016-10-15 01:19 . 2016-10-15 01:19 130608 ----a-w- c:windowssystem32driversTsQBDrv.sys
2016-10-15 01:19 . 2016-10-15 01:19 -------- d-----w- c:program filesTencent
2016-10-15 01:06 . 2016-10-15 01:01 48632 ----a-w- c:windowssystem32driversAntiRkX64.sys
2016-10-15 01:05 . 2016-10-15 01:05 -------- d-----w- C:QMDownload
2016-10-15 01:01 . 2016-10-15 01:01 52728 ----a-w- c:windowssystem32driversTSSKX64.sys
2016-10-15 01:01 . 2016-10-15 01:01 -------- d-----w- c:program filesCommon FilesTencent
2016-10-15 01:01 . 2016-10-15 03:44 -------- d-----w- c:programdataTXQMPC
2016-10-15 01:01 . 2016-10-15 01:01 97880 ----a-w- c:windowssystem32driversTAOAccelerator64.sys
2016-10-15 01:01 . 2016-10-15 01:01 145400 ----a-w- c:windowssystem32driversTAOKernel64.sys
2016-10-15 01:01 . 2016-10-15 01:01 96248 ----a-w- c:windowssystem32driversTFsFltX64.sys
2016-10-15 00:30 . 2016-10-15 03:05 -------- d-----w- c:program files (x86)Google
2016-10-14 06:16 . 2016-10-14 06:16 269952 ----a-w- c:windowssystem32dtrampo.dll
2016-10-14 06:16 . 2016-10-14 06:16 45504 ----a-w- c:windowssystem32drivershrwfpdrv.sys
2016-10-14 06:16 . 2016-10-14 06:16 235136 ----a-w- c:windowsSysWow64dtrampo.dll
2016-10-14 06:16 . 2016-10-14 06:16 35776 ----a-w- c:windowssystem32drivershrfwdrv.sys
2016-10-14 06:16 . 2016-10-14 06:16 331712 ----a-w- c:windowssystem32driverssysdiag.sys
2016-10-05 13:43 . 2016-10-05 13:49 -------- d-----w- c:programdatakingsoft
2016-10-05 13:42 . 2016-10-05 13:42 -------- d-----w- c:usersPublicThunder Network
2016-10-05 13:34 . 2015-12-10 04:45 152344 ----a-w- c:windowsSysWow64driversbbrowserhlp.dll
2016-10-05 13:34 . 2015-12-10 04:45 152344 ----a-w- c:windowssystem32driversbbrowserhlp.dll
2016-10-05 13:34 . 2015-11-25 06:23 155640 ----a-w- c:windowssystem32driversbbrowserboost.sys
2016-10-05 13:28 . 2016-10-15 02:06 -------- d-----w- c:program files (x86)360
2016-10-05 13:28 . 2014-02-26 03:31 78168 ----a-w- c:windowssystem32drivers360AvFlt.sys
2016-10-05 13:28 . 2016-10-05 13:28 -------- d-----w- c:program files360
2016-10-05 13:28 . 2016-10-05 13:28 -------- d-----w- c:programdataThunder Network
2016-10-05 13:28 . 2016-10-05 13:28 -------- d-----w- c:program files (x86)Thunder Network
2016-10-05 13:28 . 2014-09-30 07:08 41800 ----a-w- c:windowssystem32bd64_x64.dll
2016-10-05 13:28 . 2014-09-30 07:08 39056 ----a-w- c:windowssystem32bd64_x86.dll
2016-10-05 13:28 . 2014-09-30 07:08 168776 ----a-w- c:windowssystem32driversbd0004.sys
2016-10-05 13:28 . 2014-09-30 07:08 145736 ----a-w- c:windowssystem32driversBDArKit.sys
2016-10-05 13:28 . 2014-09-30 07:08 104264 ----a-w- c:windowssystem32driversbd0001.sys
2016-10-05 13:28 . 2016-10-15 02:19 -------- d-----w- c:usersAdministrator
2016-10-05 13:25 . 2016-10-05 13:25 848230 ----a-w- c:windowsunins000.exe
2016-10-05 13:25 . 2016-10-15 02:42 796352 ----a-w- c:windowsSysWow64FlashPlayerApp.exe
2016-10-05 13:25 . 2016-10-15 02:42 142528 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl
2016-10-05 13:25 . 2016-10-15 02:42 -------- d-----w- c:windowssystem32Macromed
2016-10-05 13:25 . 2016-10-15 02:42 -------- d-----w- c:windowsSysWow64Macromed
2016-10-05 13:23 . 2015-05-26 12:57 29591040 ----a-w- c:windowssystem32igdrcl64.dll
2016-10-05 13:21 . 2010-05-26 03:41 248672 ----a-w- c:windowsSysWow64d3dx11_43.dll
2016-09-29 13:54 . 2009-09-16 14:26 331816 ----a-r- c:windowssystem32driversmv64xx.sys
2016-09-29 06:47 . 2016-10-15 01:25 -------- d-----w- c:programdataTencent
2016-09-29 06:42 . 2016-10-15 01:59 -------- d-----w- c:programdataPPLive
2016-09-29 06:42 . 2016-10-15 01:59 -------- d-----w- c:programdataBaidu
2016-09-29 06:41 . 2016-10-15 02:28 -------- d-----w- c:program files (x86)Common FilesTencent
2016-09-29 06:41 . 2010-11-21 03:24 346112 ----a-w- c:windowsSysWow64bcdedit.exe
2016-09-29 06:41 . 2016-09-29 06:41 -------- d-----w- C:dosh
2016-09-29 06:41 . 2016-09-29 06:41 499712 ----a-w- c:windowsSysWow64msvcp71.dll
2016-09-29 06:41 . 2016-09-29 06:41 348160 ----a-w- c:windowsSysWow64msvcr71.dll
2016-09-29 06:40 . 2016-09-29 06:40 -------- d-----w- c:program filesWinRAR
2016-09-29 06:38 . 2016-10-15 03:06 -------- d-sh--w- c:windowsInstaller
2016-09-29 06:38 . 2016-10-05 13:22 -------- d-s---w- c:program files (x86)Office2007
.
.
.
(((((((((((((((((((((((((((((((((((((((( 在三个月内被修改的档案 ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-09-02 15:16 . 2016-09-29 03:54 44032 ----a-w- c:windowsapppatchacwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( 重要登入点 ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*注意* 空白与合法缺省登录将不会被显示
REGEDIT4
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432Node~Browser Helper Objects{50F4150A-48B2-417A-BE4C-C83F580FB904}]
2014-05-30 10:05 140344 ----a-w- c:program files (x86)Common FilesTencentQQPhoneManager2.0.201.3192npQQPhoneManagerExt.dll
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432Node~Browser Helper Objects{DE05CF4A-7B0A-4775-B5E5-396244938679}]
2013-11-14 07:34 1857992 ----a-w- c:program files (x86)Thunder NetworkThunderThunder BHO Platformnp_tdieplat.dll
.
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"ctfmon"="c:windowsSystem32ctfmon.exe" [2009-07-14 8704]
"Lantern"="c:usersAdministratorAppDataRoamingLanternlantern.exe" [2016-09-22 13031200]
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]
"QQPCTray"="c:program files (x86)TencentQQPCMgr12.0.18061.220QQPCTRAY.EXE" [2016-10-15 362304]
"BaiduPinyin"="c:program files (x86)BaiduBaiduPinyin4.2.3181.0baidupinyin.exe" [2016-09-30 1539104]
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
.
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolkeyboard layoutse0200804]
Ime File REG_SZ BAIDUCN.IME
.
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolkeyboard layoutse0010804]
Ime File REG_SZ freeime.ime
.
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalQQPCRTP]
@="service"
.
R2 bbrowserboost;bbrowserboost;c:windowssystem32driversbbrowserboost.sys;c:windowsSYSNATIVEdriversbbrowserboost.sys [x]
R2 QQRepairFixSVC;QQRepairFixSVC;c:program files (x86)TencentQQPCMGRQQRepairFixSVC;c:program files (x86)TencentQQPCMGRQQRepairFixSVC [x]
R3 ahcix64s;ahcix64s;c:windowssystem32driversahcix64s.sys;c:windowsSYSNATIVEdriversahcix64s.sys [x]
R3 amd_sata;amd_sata;c:windowssystem32driversamd_sata.sys;c:windowsSYSNATIVEdriversamd_sata.sys [x]
R3 AntiRkX64;AntiRkX64;c:windowssystem32DriversAntiRKX64.sys;c:windowsSYSNATIVEDriversAntiRKX64.sys [x]
R3 asahci64;asahci64;c:windowssystem32driversasahci64.sys;c:windowsSYSNATIVEdriversasahci64.sys [x]
R3 BaiduPinyinCore;BaiduPinyinCore;c:windowsSysWOW64IMEBaiduPYBaiduPinyinCore.exe;c:windowsSysWOW64IMEBaiduPYBaiduPinyinCore.exe [x]
R3 BaiduUpdater;Baidu Updater;c:program files (x86)BaiduBaiduUpdatebdupdate.exe;c:program files (x86)BaiduBaiduUpdatebdupdate.exe [x]
R3 dmvsc;dmvsc;c:windowssystem32driversdmvsc.sys;c:windowsSYSNATIVEdriversdmvsc.sys [x]
R3 FTT3s;FTT3s;c:windowssystem32driversFTT3s.sys;c:windowsSYSNATIVEdriversFTT3s.sys [x]
R3 iaStorA;iaStorA;c:windowssystem32driversiaStorA.sys;c:windowsSYSNATIVEdriversiaStorA.sys [x]
R3 mv61xx;mv61xx;c:windowssystem32driversmv61xx.sys;c:windowsSYSNATIVEdriversmv61xx.sys [x]
R3 mv64xx;mv64xx;c:windowssystem32driversmv64xx.sys;c:windowsSYSNATIVEdriversmv64xx.sys [x]
R3 mv91cons;mv91cons;c:windowssystem32driversmv91cons.sys;c:windowsSYSNATIVEdriversmv91cons.sys [x]
R3 mvs94xx;mvs94xx;c:windowssystem32driversmvs94xx.sys;c:windowsSYSNATIVEdriversmvs94xx.sys [x]
R3 mvSata;mvSata;c:windowssystem32driversmvsata.sys;c:windowsSYSNATIVEdriversmvsata.sys [x]
R3 PNPMEM;Microsoft Memory Module Driver;c:windowssystem32DRIVERSpnpmem.sys;c:windowsSYSNATIVEDRIVERSpnpmem.sys [x]
R3 rccfg;AMD-RAID Config Device;c:windowssystem32driversrccfg.sys;c:windowsSYSNATIVEdriversrccfg.sys [x]
R3 rcraid;rcraid;c:windowssystem32driversrcraid.sys;c:windowsSYSNATIVEdriversrcraid.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys;c:windowsSYSNATIVEdriversrdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:windowssystem32driversSynth3dVsc.sys;c:windowsSYSNATIVEdriversSynth3dVsc.sys [x]
R3 TcHardWare;TcHardWare;c:program files (x86)TencentQQPCMgr12.0.18061.220QQPCHW-x64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220QQPCHW-x64.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:windowssystem32driversterminpt.sys;c:windowsSYSNATIVEdriversterminpt.sys [x]
R3 TSSKX64;TSSKX64;c:windowssystem32driverstsskx64.sys;c:windowsSYSNATIVEdriverstsskx64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys;c:windowsSYSNATIVEdriverstsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:windowssystem32driversTsUsbGD.sys;c:windowsSYSNATIVEdriversTsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:windowssystem32driverstsusbhub.sys;c:windowsSYSNATIVEdriverstsusbhub.sys [x]
R3 VGPU;VGPU;c:windowssystem32driversrdvgkmd.sys;c:windowsSYSNATIVEdriversrdvgkmd.sys [x]
R3 wpscloudsvr;WPS Office Cloud Service;c:usersAdministratorAppDataLocalkingsoftWPS Officewpscloudsvr.exe LocalService;c:usersAdministratorAppDataLocalkingsoftWPS Officewpscloudsvr.exe LocalService [x]
S0 amd_xata;amd_xata;c:windowssystem32driversamd_xata.sys;c:windowsSYSNATIVEdriversamd_xata.sys [x]
S0 iaStorF;iaStorF;c:windowssystem32driversiaStorF.sys;c:windowsSYSNATIVEdriversiaStorF.sys [x]
S0 iusb3hcs;英特尔(R) USB 3.0 主机控制器切换驱动程序;c:windowssystem32DRIVERSiusb3hcs.sys;c:windowsSYSNATIVEDRIVERSiusb3hcs.sys [x]
S1 QMUdisk;tencent QMUdisk;c:program files (x86)TencentQQPCMgr12.0.18061.220QMUdisk64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220QMUdisk64.sys [x]
S1 softaal;softaal;c:program files (x86)TencentQQPCMgr12.0.18061.220softaal64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220softaal64.sys [x]
S1 SRepairDrv;SRepairDrv;c:program files (x86)TencentQQPCMGRSRepairDrv;c:program files (x86)TencentQQPCMGRSRepairDrv [x]
S1 sysdiag;Huorong Network Security Core Kext;c:windowssystem32DRIVERSsysdiag.sys;c:windowsSYSNATIVEDRIVERSsysdiag.sys [x]
S1 TAOKernelDriver;Tencent Auto Optimize Platform.;c:windowssystem32DriversTAOKernel64.sys;c:windowsSYSNATIVEDriversTAOKernel64.sys [x]
S1 TSDefenseBt;TSDefenseBt;c:program files (x86)TencentQQPCMgr12.0.18061.220TSDefenseBT64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220TSDefenseBT64.sys [x]
S1 TSSysKit;TSSysKit;c:program files (x86)TencentQQPCMgr12.0.18061.220TSSysKit64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220TSSysKit64.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:windowsSystem32svchost.exe;c:windowsSYSNATIVEsvchost.exe [x]
S2 HipsDaemon;Huorong Network Security Daemon;d:program files (x86)HuorongSysdiagbinHipsDaemon.exe;d:program files (x86)HuorongSysdiagbinHipsDaemon.exe [x]
S2 hrwfpdrv;Huorong Network Security Firewall Core Kext (WFP);c:windowssystem32DRIVERShrwfpdrv.sys;c:windowsSYSNATIVEDRIVERShrwfpdrv.sys [x]
S2 QQPCRTP;QQPCMgr RTP Service;c:program files (x86)TencentQQPCMgr12.0.18061.220QQPCRTP.exe;c:program files (x86)TencentQQPCMgr12.0.18061.220QQPCRTP.exe [x]
S2 QQSysMonX64;QQSysMonX64;c:program files (x86)TencentQQPCMgr12.0.18061.220QQSysMonX64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220QQSysMonX64.sys [x]
S2 tsnethlpx64;TsNetHlpX64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220TsNetHlpX64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220TsNetHlpX64.sys [x]
S2 TsQBDrv;TsQBDrv;c:windowssystem32driversTsQBDrv.sys;c:windowsSYSNATIVEdriversTsQBDrv.sys [x]
S2 TxQBService;TxQBService;c:program filesTencentQQBrowserTsService.exe;c:program filesTencentQQBrowserTsService.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:windowssystem32viakaraokesrv.exe;c:windowsSYSNATIVEviakaraokesrv.exe [x]
S3 IntcDAud;英特尔(R) 显示器音频;c:windowssystem32DRIVERSIntcDAud.sys;c:windowsSYSNATIVEDRIVERSIntcDAud.sys [x]
S3 iusb3hub;英特尔(R) USB 3.0 集线器驱动程序;c:windowssystem32DRIVERSiusb3hub.sys;c:windowsSYSNATIVEDRIVERSiusb3hub.sys [x]
S3 iusb3xhc;英特尔(R) USB 3.0 可扩展主机控制器驱动程序;c:windowssystem32DRIVERSiusb3xhc.sys;c:windowsSYSNATIVEDRIVERSiusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys;c:windowsSYSNATIVEDRIVERSRt64win7.sys [x]
S3 TAOAccelerator;Tencent TAOAccelerator driver.;c:windowssystem32DriversTAOAccelerator64.sys;c:windowsSYSNATIVEDriversTAOAccelerator64.sys [x]
S3 TFsFlt;TFsFlt;c:windowssystem32DriversTFsFltX64.sys;c:windowsSYSNATIVEDriversTFsFltX64.sys [x]
S3 TS888x64;TS888x64;c:program files (x86)TencentQQPCMgr12.0.18061.220TS888x64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220TS888x64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:windowssystem32driversviahduaa.sys;c:windowsSYSNATIVEdriversviahduaa.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPSDRV
*NewlyCreated* - TS888X64
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftactive setupinstalled components{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-10-15 03:05 1364072 ----a-w- c:program files (x86)GoogleChromeApplication54.0.2840.59Installerchrmstp.exe
.
‘计划任务’ 文件夹 里的内容
.
2016-10-15 c:windowsTasksAdobe Flash Player Updater.job
- c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2016-10-05 02:42]
.
2016-10-15 c:windowsTasksGoogleUpdateTaskMachineCore.job
- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2016-10-15 03:01]
.
2016-10-15 c:windowsTasksGoogleUpdateTaskMachineUA.job
- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2016-10-15 03:01]
.
2016-10-15 c:windowsTasksQQBrowser Updater Task(Core).job
- c:program filesTencentQQBrowserQQBrowser.exe [2016-10-15 01:19]
.
2016-10-15 c:windowsTasksQQBrowser Updater Task.job
- c:program filesTencentQQBrowserQQBrowser.exe [2016-10-15 01:19]
.
2016-10-15 c:windowsTasksWpsExternal_Administrator_20161005215003.job
- c:usersAdministratorAppDataLocalKingsoftWPS Officeksolaunch.exe [2016-10-05 13:49]
.
2016-10-15 c:windowsTasksWpsNotifyTask_Administrator.job
- c:usersAdministratorAppDataLocalKingsoftWPS Office10.1.0.5975wtoolexwpsnotify.exe [2016-10-05 13:49]
.
2016-10-15 c:windowsTasksWpsUpdateTask_Administrator.job
- c:usersAdministratorAppDataLocalKingsoftWPS Office10.1.0.5975wtoolexwpsupdate.exe [2016-09-09 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE~Browser Helper Objects{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}]
2014-01-17 09:10 628680 ----a-w- c:program files (x86)Thunder NetworkThunderBHOXunleiBHO647.9.18.4724.dll
.
[HKEY_LOCAL_MACHINE~Browser Helper Objects{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}]
2016-10-15 01:01 446144 ----a-w- c:program files (x86)TencentQQPCMgr12.0.18061.220TSWebMon64.dat
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers.QMDeskTopGCIcon]
@="{B7667919-3765-4815-A66D-98A09BE662D6}"
[HKEY_CLASSES_ROOTCLSID{B7667919-3765-4815-A66D-98A09BE662D6}]
2016-10-15 01:01 471744 ----a-w- c:program files (x86)TencentQQPCMgr12.0.18061.220QMGCShellExt64.dll
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersQBOverlayIcon]
@="{96959DE7-C855-42BD-8382-2AAABF2A8F52}"
[HKEY_CLASSES_ROOTCLSID{96959DE7-C855-42BD-8382-2AAABF2A8F52}]
2016-10-15 02:20 205664 ----a-w- c:usersAdministratorAppDataLocalTencentQQBrowserUser DataQBShellIconshicqio77435.dll
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"Sysdiag"="d:program files (x86)HuorongSysdiagbinHipsTray.exe" [2016-10-14 1360512]
.
------- 而外的扫描 -------
.
uLocal Page = c:windowssystem32blank.htm
uStart Page = about:blank
mLocal Page = c:windowsSysWOW64blank.htm
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.689la.com/
IE: 使用迅雷下载 - c:program files (x86)Thunder NetworkThunderBHOgeturl.htm
IE: 使用迅雷下载全部链接 - c:program files (x86)Thunder NetworkThunderBHOgetallurl.htm
TCP: DhcpNameServer = 121.32.228.21 192.168.1.1
TCP: Interfaces{80F46764-B633-4E32-BA0E-25B88EBA06F7}: NameServer = 218.30.118.6,192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{DFACD043-FBC1-46AB-8C97-00570E0A690C} - c:windowsshell64.dll
.
.
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
" QQPCTray"=""c:\Program Files (x86)\Tencent\QQPCMgr\12.0.18061.220\QQPCTRAY.EXE" /regrun /qqrepair"
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001servicesQQRepair2442]
"ImagePath"=""c:program files (x86)TencentQQPCMGRQQRepair2442""
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001servicesQQRepairFixSVC]
"ImagePath"=""c:program files (x86)TencentQQPCMGRQQRepairFixSVC""
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001servicesSRepairDrv]
"ImagePath"="??c:program files (x86)TencentQQPCMGRSRepairDrv"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERSS-1-5-21-3123787243-2067808005-2493570559-500SoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.mhtmUserChoice]
@Denied: (2) (Administrator)
"Progid"="360ChromeURL"
.
[HKEY_USERSS-1-5-21-3123787243-2067808005-2493570559-500_ClassesSoftwareTencentQQBrowserfilehtmUserChoice]
@Denied: (2) (Administrator)
"ProgId"="QQBrowser.File"
"Hash"="MRqnJxyt1mo="
.
[HKEY_USERSS-1-5-21-3123787243-2067808005-2493570559-500_ClassesSoftwareTencentQQBrowserfilehtmlUserChoice]
@Denied: (2) (Administrator)
"ProgId"="QQBrowser.File"
"Hash"="pvfU5pRLIDU="
.
[HKEY_USERSS-1-5-21-3123787243-2067808005-2493570559-500_ClassesSoftwareTencentQQBrowserfileshtmlUserChoice]
@Denied: (2) (Administrator)
"ProgId"="QQBrowser.File"
"Hash"="evcNM68HiKk="
.
[HKEY_USERSS-1-5-21-3123787243-2067808005-2493570559-500_ClassesSoftwareTencentQQBrowserfilexhtUserChoice]
@Denied: (2) (Administrator)
"ProgId"="QQBrowser.File"
"Hash"="3zpRgqkXzls="
.
[HKEY_USERSS-1-5-21-3123787243-2067808005-2493570559-500_ClassesSoftwareTencentQQBrowserfilexhtmlUserChoice]
@Denied: (2) (Administrator)
"ProgId"="QQBrowser.File"
"Hash"="neEWU+3HcOo="
.
[HKEY_LOCAL_MACHINESOFTWAREClasses*shell銐婼) *C*A*B* *噀鯪command]
@="expand -r "%1""
.
[HKEY_LOCAL_MACHINESOFTWAREClassesAudioCDshellO(uQ*Q*q_髼璬>ecommand]
@=""c:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe" /disk "%1""
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\Windows\system32\Macromed\Flash\FlashUtil64_23_0_0_185_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}LocalServer32]
@="c:\Windows\system32\Macromed\Flash\FlashUtil64_23_0_0_185_ActiveX.exe"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesDVDshellO(uQ*Q*q_髼璬>ecommand]
@=""c:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe" /disk "%1""
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{299817DA-1FAC-4CE2-8F48-A108237013BD}ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{299817DA-1FAC-4CE2-8F48-A108237013BD}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_185_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}LocalServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_185_ActiveX.exe"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash32_23_0_0_185.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]
@="ShockwaveFlash.ShockwaveFlash.23"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash32_23_0_0_185.ocx, 1"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]
@="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash32_23_0_0_185.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash32_23_0_0_185.ocx, 1"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]
@="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{299817DA-1FAC-4CE2-8F48-A108237013BD}ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{299817DA-1FAC-4CE2-8F48-A108237013BD}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]
@Denied: (Full) (Everyone)
.
------------------------ 其他运行进程 ------------------------
.
c:program files (x86)TencentQQPCMgr12.0.18061.220pluginsQMNetMonQQPCNetFlow.exe
c:program files (x86)TencentQQPCMgr12.0.18061.220QQPCRealTimeSpeedup.exe
c:program files (x86)common filestencentqqdownload130tencentdl.exe
c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe
c:program files (x86)baiduBaiduPinyin4.2.3181.0BDIMEDataReport.exe
.
**************************************************************************
.
完成时间: 2016-10-15 11:47:49 - 电脑已重新启动
ComboFix-quarantined-files.txt 2016-10-15 03:47
.
Pre-Run: 8 个目录 103,757,479,936 可用字节
Post-Run: 13 个目录 103,592,697,856 可用字节
.
- - End Of File - - E35D508341AF11A69C2B36DD61DE1487
作者:居然有人
链接:https://www.zhihu.com/question/21876153/answer/23683564
来源:知乎
著作权归作者所有,转载请联系作者获得授权。
Microsoft Windows 7 旗舰版 6.1.7601.1.936.86.2052.18.3792.1752 [GMT 8:00]
执行位置: d:documentsDownloadsComboFix.exe
* 成功创造新还原点
.
.
((((((((((((((((((((((((((((((((((((((( 被删除的档案 )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:windowstmp
D:360Downloads
.
.
((((((((((((((((((((((((((((((((((((((( 驱动/服务 )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------Legacy_BD0001
.
.
((((((((((((((((((((((((( 2016-09-15 至 2016-10-15 的新的档案 )))))))))))))))))))))))))))))))
.
.
2016-10-15 03:37 . 2016-10-15 03:37 16712 ----a-w- c:windowssystem32driversPROCEXP113.SYS
2016-10-15 03:15 . 2016-10-15 03:15 -------- d-----w- c:programdataHuorong
2016-10-15 02:04 . 2016-10-15 02:04 -------- d-----w- c:programdataCleanAndroid
2016-10-15 01:48 . 2016-09-30 02:53 488480 ----a-w- c:windowssystem32baiducn.ime
2016-10-15 01:48 . 2016-09-30 02:53 420896 ----a-w- c:windowsSysWow64baiducn.ime
2016-10-15 01:48 . 2016-10-15 01:48 -------- d-----w- c:program filesCommon FilesBaidu
2016-10-15 01:19 . 2016-10-15 01:19 130608 ----a-w- c:windowssystem32driversTsQBDrv.sys
2016-10-15 01:19 . 2016-10-15 01:19 -------- d-----w- c:program filesTencent
2016-10-15 01:06 . 2016-10-15 01:01 48632 ----a-w- c:windowssystem32driversAntiRkX64.sys
2016-10-15 01:05 . 2016-10-15 01:05 -------- d-----w- C:QMDownload
2016-10-15 01:01 . 2016-10-15 01:01 52728 ----a-w- c:windowssystem32driversTSSKX64.sys
2016-10-15 01:01 . 2016-10-15 01:01 -------- d-----w- c:program filesCommon FilesTencent
2016-10-15 01:01 . 2016-10-15 03:44 -------- d-----w- c:programdataTXQMPC
2016-10-15 01:01 . 2016-10-15 01:01 97880 ----a-w- c:windowssystem32driversTAOAccelerator64.sys
2016-10-15 01:01 . 2016-10-15 01:01 145400 ----a-w- c:windowssystem32driversTAOKernel64.sys
2016-10-15 01:01 . 2016-10-15 01:01 96248 ----a-w- c:windowssystem32driversTFsFltX64.sys
2016-10-15 00:30 . 2016-10-15 03:05 -------- d-----w- c:program files (x86)Google
2016-10-14 06:16 . 2016-10-14 06:16 269952 ----a-w- c:windowssystem32dtrampo.dll
2016-10-14 06:16 . 2016-10-14 06:16 45504 ----a-w- c:windowssystem32drivershrwfpdrv.sys
2016-10-14 06:16 . 2016-10-14 06:16 235136 ----a-w- c:windowsSysWow64dtrampo.dll
2016-10-14 06:16 . 2016-10-14 06:16 35776 ----a-w- c:windowssystem32drivershrfwdrv.sys
2016-10-14 06:16 . 2016-10-14 06:16 331712 ----a-w- c:windowssystem32driverssysdiag.sys
2016-10-05 13:43 . 2016-10-05 13:49 -------- d-----w- c:programdatakingsoft
2016-10-05 13:42 . 2016-10-05 13:42 -------- d-----w- c:usersPublicThunder Network
2016-10-05 13:34 . 2015-12-10 04:45 152344 ----a-w- c:windowsSysWow64driversbbrowserhlp.dll
2016-10-05 13:34 . 2015-12-10 04:45 152344 ----a-w- c:windowssystem32driversbbrowserhlp.dll
2016-10-05 13:34 . 2015-11-25 06:23 155640 ----a-w- c:windowssystem32driversbbrowserboost.sys
2016-10-05 13:28 . 2016-10-15 02:06 -------- d-----w- c:program files (x86)360
2016-10-05 13:28 . 2014-02-26 03:31 78168 ----a-w- c:windowssystem32drivers360AvFlt.sys
2016-10-05 13:28 . 2016-10-05 13:28 -------- d-----w- c:program files360
2016-10-05 13:28 . 2016-10-05 13:28 -------- d-----w- c:programdataThunder Network
2016-10-05 13:28 . 2016-10-05 13:28 -------- d-----w- c:program files (x86)Thunder Network
2016-10-05 13:28 . 2014-09-30 07:08 41800 ----a-w- c:windowssystem32bd64_x64.dll
2016-10-05 13:28 . 2014-09-30 07:08 39056 ----a-w- c:windowssystem32bd64_x86.dll
2016-10-05 13:28 . 2014-09-30 07:08 168776 ----a-w- c:windowssystem32driversbd0004.sys
2016-10-05 13:28 . 2014-09-30 07:08 145736 ----a-w- c:windowssystem32driversBDArKit.sys
2016-10-05 13:28 . 2014-09-30 07:08 104264 ----a-w- c:windowssystem32driversbd0001.sys
2016-10-05 13:28 . 2016-10-15 02:19 -------- d-----w- c:usersAdministrator
2016-10-05 13:25 . 2016-10-05 13:25 848230 ----a-w- c:windowsunins000.exe
2016-10-05 13:25 . 2016-10-15 02:42 796352 ----a-w- c:windowsSysWow64FlashPlayerApp.exe
2016-10-05 13:25 . 2016-10-15 02:42 142528 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl
2016-10-05 13:25 . 2016-10-15 02:42 -------- d-----w- c:windowssystem32Macromed
2016-10-05 13:25 . 2016-10-15 02:42 -------- d-----w- c:windowsSysWow64Macromed
2016-10-05 13:23 . 2015-05-26 12:57 29591040 ----a-w- c:windowssystem32igdrcl64.dll
2016-10-05 13:21 . 2010-05-26 03:41 248672 ----a-w- c:windowsSysWow64d3dx11_43.dll
2016-09-29 13:54 . 2009-09-16 14:26 331816 ----a-r- c:windowssystem32driversmv64xx.sys
2016-09-29 06:47 . 2016-10-15 01:25 -------- d-----w- c:programdataTencent
2016-09-29 06:42 . 2016-10-15 01:59 -------- d-----w- c:programdataPPLive
2016-09-29 06:42 . 2016-10-15 01:59 -------- d-----w- c:programdataBaidu
2016-09-29 06:41 . 2016-10-15 02:28 -------- d-----w- c:program files (x86)Common FilesTencent
2016-09-29 06:41 . 2010-11-21 03:24 346112 ----a-w- c:windowsSysWow64bcdedit.exe
2016-09-29 06:41 . 2016-09-29 06:41 -------- d-----w- C:dosh
2016-09-29 06:41 . 2016-09-29 06:41 499712 ----a-w- c:windowsSysWow64msvcp71.dll
2016-09-29 06:41 . 2016-09-29 06:41 348160 ----a-w- c:windowsSysWow64msvcr71.dll
2016-09-29 06:40 . 2016-09-29 06:40 -------- d-----w- c:program filesWinRAR
2016-09-29 06:38 . 2016-10-15 03:06 -------- d-sh--w- c:windowsInstaller
2016-09-29 06:38 . 2016-10-05 13:22 -------- d-s---w- c:program files (x86)Office2007
.
.
.
(((((((((((((((((((((((((((((((((((((((( 在三个月内被修改的档案 ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-09-02 15:16 . 2016-09-29 03:54 44032 ----a-w- c:windowsapppatchacwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( 重要登入点 ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*注意* 空白与合法缺省登录将不会被显示
REGEDIT4
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432Node~Browser Helper Objects{50F4150A-48B2-417A-BE4C-C83F580FB904}]
2014-05-30 10:05 140344 ----a-w- c:program files (x86)Common FilesTencentQQPhoneManager2.0.201.3192npQQPhoneManagerExt.dll
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432Node~Browser Helper Objects{DE05CF4A-7B0A-4775-B5E5-396244938679}]
2013-11-14 07:34 1857992 ----a-w- c:program files (x86)Thunder NetworkThunderThunder BHO Platformnp_tdieplat.dll
.
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"ctfmon"="c:windowsSystem32ctfmon.exe" [2009-07-14 8704]
"Lantern"="c:usersAdministratorAppDataRoamingLanternlantern.exe" [2016-09-22 13031200]
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]
"QQPCTray"="c:program files (x86)TencentQQPCMgr12.0.18061.220QQPCTRAY.EXE" [2016-10-15 362304]
"BaiduPinyin"="c:program files (x86)BaiduBaiduPinyin4.2.3181.0baidupinyin.exe" [2016-09-30 1539104]
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
.
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolkeyboard layoutse0200804]
Ime File REG_SZ BAIDUCN.IME
.
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolkeyboard layoutse0010804]
Ime File REG_SZ freeime.ime
.
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalQQPCRTP]
@="service"
.
R2 bbrowserboost;bbrowserboost;c:windowssystem32driversbbrowserboost.sys;c:windowsSYSNATIVEdriversbbrowserboost.sys [x]
R2 QQRepairFixSVC;QQRepairFixSVC;c:program files (x86)TencentQQPCMGRQQRepairFixSVC;c:program files (x86)TencentQQPCMGRQQRepairFixSVC [x]
R3 ahcix64s;ahcix64s;c:windowssystem32driversahcix64s.sys;c:windowsSYSNATIVEdriversahcix64s.sys [x]
R3 amd_sata;amd_sata;c:windowssystem32driversamd_sata.sys;c:windowsSYSNATIVEdriversamd_sata.sys [x]
R3 AntiRkX64;AntiRkX64;c:windowssystem32DriversAntiRKX64.sys;c:windowsSYSNATIVEDriversAntiRKX64.sys [x]
R3 asahci64;asahci64;c:windowssystem32driversasahci64.sys;c:windowsSYSNATIVEdriversasahci64.sys [x]
R3 BaiduPinyinCore;BaiduPinyinCore;c:windowsSysWOW64IMEBaiduPYBaiduPinyinCore.exe;c:windowsSysWOW64IMEBaiduPYBaiduPinyinCore.exe [x]
R3 BaiduUpdater;Baidu Updater;c:program files (x86)BaiduBaiduUpdatebdupdate.exe;c:program files (x86)BaiduBaiduUpdatebdupdate.exe [x]
R3 dmvsc;dmvsc;c:windowssystem32driversdmvsc.sys;c:windowsSYSNATIVEdriversdmvsc.sys [x]
R3 FTT3s;FTT3s;c:windowssystem32driversFTT3s.sys;c:windowsSYSNATIVEdriversFTT3s.sys [x]
R3 iaStorA;iaStorA;c:windowssystem32driversiaStorA.sys;c:windowsSYSNATIVEdriversiaStorA.sys [x]
R3 mv61xx;mv61xx;c:windowssystem32driversmv61xx.sys;c:windowsSYSNATIVEdriversmv61xx.sys [x]
R3 mv64xx;mv64xx;c:windowssystem32driversmv64xx.sys;c:windowsSYSNATIVEdriversmv64xx.sys [x]
R3 mv91cons;mv91cons;c:windowssystem32driversmv91cons.sys;c:windowsSYSNATIVEdriversmv91cons.sys [x]
R3 mvs94xx;mvs94xx;c:windowssystem32driversmvs94xx.sys;c:windowsSYSNATIVEdriversmvs94xx.sys [x]
R3 mvSata;mvSata;c:windowssystem32driversmvsata.sys;c:windowsSYSNATIVEdriversmvsata.sys [x]
R3 PNPMEM;Microsoft Memory Module Driver;c:windowssystem32DRIVERSpnpmem.sys;c:windowsSYSNATIVEDRIVERSpnpmem.sys [x]
R3 rccfg;AMD-RAID Config Device;c:windowssystem32driversrccfg.sys;c:windowsSYSNATIVEdriversrccfg.sys [x]
R3 rcraid;rcraid;c:windowssystem32driversrcraid.sys;c:windowsSYSNATIVEdriversrcraid.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys;c:windowsSYSNATIVEdriversrdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:windowssystem32driversSynth3dVsc.sys;c:windowsSYSNATIVEdriversSynth3dVsc.sys [x]
R3 TcHardWare;TcHardWare;c:program files (x86)TencentQQPCMgr12.0.18061.220QQPCHW-x64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220QQPCHW-x64.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:windowssystem32driversterminpt.sys;c:windowsSYSNATIVEdriversterminpt.sys [x]
R3 TSSKX64;TSSKX64;c:windowssystem32driverstsskx64.sys;c:windowsSYSNATIVEdriverstsskx64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys;c:windowsSYSNATIVEdriverstsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:windowssystem32driversTsUsbGD.sys;c:windowsSYSNATIVEdriversTsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:windowssystem32driverstsusbhub.sys;c:windowsSYSNATIVEdriverstsusbhub.sys [x]
R3 VGPU;VGPU;c:windowssystem32driversrdvgkmd.sys;c:windowsSYSNATIVEdriversrdvgkmd.sys [x]
R3 wpscloudsvr;WPS Office Cloud Service;c:usersAdministratorAppDataLocalkingsoftWPS Officewpscloudsvr.exe LocalService;c:usersAdministratorAppDataLocalkingsoftWPS Officewpscloudsvr.exe LocalService [x]
S0 amd_xata;amd_xata;c:windowssystem32driversamd_xata.sys;c:windowsSYSNATIVEdriversamd_xata.sys [x]
S0 iaStorF;iaStorF;c:windowssystem32driversiaStorF.sys;c:windowsSYSNATIVEdriversiaStorF.sys [x]
S0 iusb3hcs;英特尔(R) USB 3.0 主机控制器切换驱动程序;c:windowssystem32DRIVERSiusb3hcs.sys;c:windowsSYSNATIVEDRIVERSiusb3hcs.sys [x]
S1 QMUdisk;tencent QMUdisk;c:program files (x86)TencentQQPCMgr12.0.18061.220QMUdisk64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220QMUdisk64.sys [x]
S1 softaal;softaal;c:program files (x86)TencentQQPCMgr12.0.18061.220softaal64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220softaal64.sys [x]
S1 SRepairDrv;SRepairDrv;c:program files (x86)TencentQQPCMGRSRepairDrv;c:program files (x86)TencentQQPCMGRSRepairDrv [x]
S1 sysdiag;Huorong Network Security Core Kext;c:windowssystem32DRIVERSsysdiag.sys;c:windowsSYSNATIVEDRIVERSsysdiag.sys [x]
S1 TAOKernelDriver;Tencent Auto Optimize Platform.;c:windowssystem32DriversTAOKernel64.sys;c:windowsSYSNATIVEDriversTAOKernel64.sys [x]
S1 TSDefenseBt;TSDefenseBt;c:program files (x86)TencentQQPCMgr12.0.18061.220TSDefenseBT64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220TSDefenseBT64.sys [x]
S1 TSSysKit;TSSysKit;c:program files (x86)TencentQQPCMgr12.0.18061.220TSSysKit64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220TSSysKit64.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:windowsSystem32svchost.exe;c:windowsSYSNATIVEsvchost.exe [x]
S2 HipsDaemon;Huorong Network Security Daemon;d:program files (x86)HuorongSysdiagbinHipsDaemon.exe;d:program files (x86)HuorongSysdiagbinHipsDaemon.exe [x]
S2 hrwfpdrv;Huorong Network Security Firewall Core Kext (WFP);c:windowssystem32DRIVERShrwfpdrv.sys;c:windowsSYSNATIVEDRIVERShrwfpdrv.sys [x]
S2 QQPCRTP;QQPCMgr RTP Service;c:program files (x86)TencentQQPCMgr12.0.18061.220QQPCRTP.exe;c:program files (x86)TencentQQPCMgr12.0.18061.220QQPCRTP.exe [x]
S2 QQSysMonX64;QQSysMonX64;c:program files (x86)TencentQQPCMgr12.0.18061.220QQSysMonX64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220QQSysMonX64.sys [x]
S2 tsnethlpx64;TsNetHlpX64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220TsNetHlpX64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220TsNetHlpX64.sys [x]
S2 TsQBDrv;TsQBDrv;c:windowssystem32driversTsQBDrv.sys;c:windowsSYSNATIVEdriversTsQBDrv.sys [x]
S2 TxQBService;TxQBService;c:program filesTencentQQBrowserTsService.exe;c:program filesTencentQQBrowserTsService.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:windowssystem32viakaraokesrv.exe;c:windowsSYSNATIVEviakaraokesrv.exe [x]
S3 IntcDAud;英特尔(R) 显示器音频;c:windowssystem32DRIVERSIntcDAud.sys;c:windowsSYSNATIVEDRIVERSIntcDAud.sys [x]
S3 iusb3hub;英特尔(R) USB 3.0 集线器驱动程序;c:windowssystem32DRIVERSiusb3hub.sys;c:windowsSYSNATIVEDRIVERSiusb3hub.sys [x]
S3 iusb3xhc;英特尔(R) USB 3.0 可扩展主机控制器驱动程序;c:windowssystem32DRIVERSiusb3xhc.sys;c:windowsSYSNATIVEDRIVERSiusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys;c:windowsSYSNATIVEDRIVERSRt64win7.sys [x]
S3 TAOAccelerator;Tencent TAOAccelerator driver.;c:windowssystem32DriversTAOAccelerator64.sys;c:windowsSYSNATIVEDriversTAOAccelerator64.sys [x]
S3 TFsFlt;TFsFlt;c:windowssystem32DriversTFsFltX64.sys;c:windowsSYSNATIVEDriversTFsFltX64.sys [x]
S3 TS888x64;TS888x64;c:program files (x86)TencentQQPCMgr12.0.18061.220TS888x64.sys;c:program files (x86)TencentQQPCMgr12.0.18061.220TS888x64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:windowssystem32driversviahduaa.sys;c:windowsSYSNATIVEdriversviahduaa.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPSDRV
*NewlyCreated* - TS888X64
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftactive setupinstalled components{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-10-15 03:05 1364072 ----a-w- c:program files (x86)GoogleChromeApplication54.0.2840.59Installerchrmstp.exe
.
‘计划任务’ 文件夹 里的内容
.
2016-10-15 c:windowsTasksAdobe Flash Player Updater.job
- c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2016-10-05 02:42]
.
2016-10-15 c:windowsTasksGoogleUpdateTaskMachineCore.job
- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2016-10-15 03:01]
.
2016-10-15 c:windowsTasksGoogleUpdateTaskMachineUA.job
- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2016-10-15 03:01]
.
2016-10-15 c:windowsTasksQQBrowser Updater Task(Core).job
- c:program filesTencentQQBrowserQQBrowser.exe [2016-10-15 01:19]
.
2016-10-15 c:windowsTasksQQBrowser Updater Task.job
- c:program filesTencentQQBrowserQQBrowser.exe [2016-10-15 01:19]
.
2016-10-15 c:windowsTasksWpsExternal_Administrator_20161005215003.job
- c:usersAdministratorAppDataLocalKingsoftWPS Officeksolaunch.exe [2016-10-05 13:49]
.
2016-10-15 c:windowsTasksWpsNotifyTask_Administrator.job
- c:usersAdministratorAppDataLocalKingsoftWPS Office10.1.0.5975wtoolexwpsnotify.exe [2016-10-05 13:49]
.
2016-10-15 c:windowsTasksWpsUpdateTask_Administrator.job
- c:usersAdministratorAppDataLocalKingsoftWPS Office10.1.0.5975wtoolexwpsupdate.exe [2016-09-09 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE~Browser Helper Objects{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}]
2014-01-17 09:10 628680 ----a-w- c:program files (x86)Thunder NetworkThunderBHOXunleiBHO647.9.18.4724.dll
.
[HKEY_LOCAL_MACHINE~Browser Helper Objects{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}]
2016-10-15 01:01 446144 ----a-w- c:program files (x86)TencentQQPCMgr12.0.18061.220TSWebMon64.dat
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers.QMDeskTopGCIcon]
@="{B7667919-3765-4815-A66D-98A09BE662D6}"
[HKEY_CLASSES_ROOTCLSID{B7667919-3765-4815-A66D-98A09BE662D6}]
2016-10-15 01:01 471744 ----a-w- c:program files (x86)TencentQQPCMgr12.0.18061.220QMGCShellExt64.dll
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersQBOverlayIcon]
@="{96959DE7-C855-42BD-8382-2AAABF2A8F52}"
[HKEY_CLASSES_ROOTCLSID{96959DE7-C855-42BD-8382-2AAABF2A8F52}]
2016-10-15 02:20 205664 ----a-w- c:usersAdministratorAppDataLocalTencentQQBrowserUser DataQBShellIconshicqio77435.dll
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"Sysdiag"="d:program files (x86)HuorongSysdiagbinHipsTray.exe" [2016-10-14 1360512]
.
------- 而外的扫描 -------
.
uLocal Page = c:windowssystem32blank.htm
uStart Page = about:blank
mLocal Page = c:windowsSysWOW64blank.htm
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.689la.com/
IE: 使用迅雷下载 - c:program files (x86)Thunder NetworkThunderBHOgeturl.htm
IE: 使用迅雷下载全部链接 - c:program files (x86)Thunder NetworkThunderBHOgetallurl.htm
TCP: DhcpNameServer = 121.32.228.21 192.168.1.1
TCP: Interfaces{80F46764-B633-4E32-BA0E-25B88EBA06F7}: NameServer = 218.30.118.6,192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{DFACD043-FBC1-46AB-8C97-00570E0A690C} - c:windowsshell64.dll
.
.
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
" QQPCTray"=""c:\Program Files (x86)\Tencent\QQPCMgr\12.0.18061.220\QQPCTRAY.EXE" /regrun /qqrepair"
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001servicesQQRepair2442]
"ImagePath"=""c:program files (x86)TencentQQPCMGRQQRepair2442""
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001servicesQQRepairFixSVC]
"ImagePath"=""c:program files (x86)TencentQQPCMGRQQRepairFixSVC""
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001servicesSRepairDrv]
"ImagePath"="??c:program files (x86)TencentQQPCMGRSRepairDrv"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERSS-1-5-21-3123787243-2067808005-2493570559-500SoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.mhtmUserChoice]
@Denied: (2) (Administrator)
"Progid"="360ChromeURL"
.
[HKEY_USERSS-1-5-21-3123787243-2067808005-2493570559-500_ClassesSoftwareTencentQQBrowserfilehtmUserChoice]
@Denied: (2) (Administrator)
"ProgId"="QQBrowser.File"
"Hash"="MRqnJxyt1mo="
.
[HKEY_USERSS-1-5-21-3123787243-2067808005-2493570559-500_ClassesSoftwareTencentQQBrowserfilehtmlUserChoice]
@Denied: (2) (Administrator)
"ProgId"="QQBrowser.File"
"Hash"="pvfU5pRLIDU="
.
[HKEY_USERSS-1-5-21-3123787243-2067808005-2493570559-500_ClassesSoftwareTencentQQBrowserfileshtmlUserChoice]
@Denied: (2) (Administrator)
"ProgId"="QQBrowser.File"
"Hash"="evcNM68HiKk="
.
[HKEY_USERSS-1-5-21-3123787243-2067808005-2493570559-500_ClassesSoftwareTencentQQBrowserfilexhtUserChoice]
@Denied: (2) (Administrator)
"ProgId"="QQBrowser.File"
"Hash"="3zpRgqkXzls="
.
[HKEY_USERSS-1-5-21-3123787243-2067808005-2493570559-500_ClassesSoftwareTencentQQBrowserfilexhtmlUserChoice]
@Denied: (2) (Administrator)
"ProgId"="QQBrowser.File"
"Hash"="neEWU+3HcOo="
.
[HKEY_LOCAL_MACHINESOFTWAREClasses*shell銐婼) *C*A*B* *噀鯪command]
@="expand -r "%1""
.
[HKEY_LOCAL_MACHINESOFTWAREClassesAudioCDshellO(uQ*Q*q_髼璬>ecommand]
@=""c:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe" /disk "%1""
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\Windows\system32\Macromed\Flash\FlashUtil64_23_0_0_185_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}LocalServer32]
@="c:\Windows\system32\Macromed\Flash\FlashUtil64_23_0_0_185_ActiveX.exe"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesDVDshellO(uQ*Q*q_髼璬>ecommand]
@=""c:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe" /disk "%1""
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{299817DA-1FAC-4CE2-8F48-A108237013BD}ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{299817DA-1FAC-4CE2-8F48-A108237013BD}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_185_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}LocalServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_185_ActiveX.exe"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash32_23_0_0_185.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]
@="ShockwaveFlash.ShockwaveFlash.23"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash32_23_0_0_185.ocx, 1"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]
@="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash32_23_0_0_185.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash32_23_0_0_185.ocx, 1"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]
@="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{299817DA-1FAC-4CE2-8F48-A108237013BD}ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{299817DA-1FAC-4CE2-8F48-A108237013BD}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]
@Denied: (Full) (Everyone)
.
------------------------ 其他运行进程 ------------------------
.
c:program files (x86)TencentQQPCMgr12.0.18061.220pluginsQMNetMonQQPCNetFlow.exe
c:program files (x86)TencentQQPCMgr12.0.18061.220QQPCRealTimeSpeedup.exe
c:program files (x86)common filestencentqqdownload130tencentdl.exe
c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe
c:program files (x86)baiduBaiduPinyin4.2.3181.0BDIMEDataReport.exe
.
**************************************************************************
.
完成时间: 2016-10-15 11:47:49 - 电脑已重新启动
ComboFix-quarantined-files.txt 2016-10-15 03:47
.
Pre-Run: 8 个目录 103,757,479,936 可用字节
Post-Run: 13 个目录 103,592,697,856 可用字节
.
- - End Of File - - E35D508341AF11A69C2B36DD61DE1487
作者:居然有人
链接:https://www.zhihu.com/question/21876153/answer/23683564
来源:知乎
著作权归作者所有,转载请联系作者获得授权。
2 在Android的设备上
需要清楚之前的所有用户数据即可
------------------------------------------------------------------------
https://www.zhihu.com/question/21876153
最后
以上就是还单身戒指为你收集整理的Chrome 启动页面被114篡改的修复1 在PC上去除浏览器页面的篡改2 在Android的设备上的全部内容,希望文章能够帮你解决Chrome 启动页面被114篡改的修复1 在PC上去除浏览器页面的篡改2 在Android的设备上所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复