遭遇修改系统时间、使用映像劫持的xibgptd.exe,netdde32.exe等2

简介: 遭遇修改系统时间、使用映像劫持的xibgptd.exe,netdde32.exe等2
(续log)

O9 - IE工具栏扩展按钮HKLM:中文上网 - {B012491E-8FA4-4851-AA9B-22E33784FBAD} - C:/Program Files/OCINS/config.exe
O9 - IE工具菜单扩展项HKLM:中文上网 - {B012491E-8FA4-4851-AA9B-22E33784FBAD} - C:/Program Files/OCINS/config.exe

O20 - AppInit_DLLs: jzgpri.dll

O23 - 服务: AEA6EAEC (AEA6EAEC) - C:/WINDOWS/system32/2DD519ED.EXE -p | 2007-8-10 8:7:20 | Microsoft(R) Windows(R) Operating System| ?| ? | (C) Microsoft Corporation. All rights reserved.| ? | Microsoft Corporation| ?| ?| ?(自动)
O23 - 服务: EagleNT (EagleNT) - C:/WINDOWS/system32/drivers/EagleNT.sys(手动)
O23 - 服务: he1p (he1p) - C:/WINDOWS/system32/he1p.exe -service | 2004-8-17 12:0:0 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | IExplorer | 版权所有(C) 2007 | 1, 0, 0, 1 | Microsoft Corporation |  | IExplorer | IExplorer.exe(自动)
O23 - 服务: qgqelbr (qgqelbr) - C:/WINDOWS/System32/drivers/qgqelbr.sys | 2007-4-7 14:13:22 |  sys 应用程序 | 1, 0, 1, 3 | sys 应用程序 | 版权所有 (C) 2006 | 1, 0, 1, 3 | 北京三七二一科技有限公司| ? | sys | sys.exe(引导)
O23 - 服务: RemoteDbg (Remote Debug Service) - C:/WINDOWS/system32/rundll32.exe RemoteDbg.dll,input(自动)
O23 - 服务: svchost (svchost) - C:/WINDOWS/system32/dllcache/svchost.exe -g | 2007-8-10 8:4:14 | Microsoft(R) Windows(R) Operating System| ?| ? | (C) Microsoft Corporation. All rights reserved.| ? | Microsoft Corporation| ?| ?| ?(自动)
O23 - 服务: SVCSVR (SVCSVR) - C:/WINDOWS/svrsvc.exe | 2004-8-17 12:0:0(自动)
O23 - 服务: TesSafe (TesSafe) - C:/WINDOWS/system32/TesSafe.sys | 2007-7-5 13:39:28(手动)
O23 - 服务: WinDHCPsvc (Windows DHCP Service) - C:/WINDOWS/system32/rundll32.exe windhcp.ocx,input(自动)

O24 - ShlExecHook: [] - {16B05AF4-16B0-9E38-F49E-5AF49E38D27C} = C:/WINDOWS/system32/JQXELW.dll
O24 - ShlExecHook: [] - {32311A42-AC1B-158F-FD32-5674345F23A3} = C:/WINDOWS/system32/dhcpri.dll
O24 - ShlExecHook: [] - {525AB2F3-234A-7469-2F43-E341713ABFA5} = C:/WINDOWS/system32/wgepri.dll
O24 - ShlExecHook: [] - {4562452F-FA36-BA4F-892A-FF5FBBAC5314} = C:/WINDOWS/system32/mydpri.dll
O24 - ShlExecHook: [] - {759AFD5B-159F-ACD8-954C-ACD545FA6587} = C:/WINDOWS/system32/jzgpri.dll

O26 - IFEO: 360rpt.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: 360Safe.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: 360tray.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: adam.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: AgentSvr.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: AppSvc32.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: ArSwp.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: AST.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: autoruns.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: avconsol.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: avgrssvc.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: AvMonitor.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: avp.com -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: avp.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: CCenter.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: ccSvcHst.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: EGHOST.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: Explorer.exe -> C:/WINDOWS/system32/netdde32.exe
O26 - IFEO: FileDsty.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: FTCleanerShell.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: FYFireWall.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: HijackThis.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: IceSword.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: iparmo.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: Iparmor.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: isPwdSvc.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: kabaload.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KaScrScn.SCR -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KASMain.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KASTask.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KAV32.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KAVDX.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KAVPF.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KAVPFW.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KAVSetup.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KAVStart.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KISLnchr.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KMailMon.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KMFilter.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KPFW32.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KPFW32X.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KPfwSvc.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KRegEx.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KRepair.com -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KsLoader.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KVCenter.kxp -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KvDetect.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KvfwMcl.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KVMonXP.kxp -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KVMonXP_1.kxp -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: kvol.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: kvolself.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KvReport.kxp -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KVScan.kxp -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KVSrvXP.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KVStub.kxp -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: kvupload.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: kvwsc.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KvXP.kxp -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KvXP_1.kxp -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KWatch.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KWatch9x.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: KWatchX.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: loaddll.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: MagicSet.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: mcconsol.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: mmqczj.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: mmsk.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: Navapsvc.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: Navapw32.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: nod32.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: nod32krn.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: nod32kui.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: NPFMntor.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: PFW.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: PFWLiveUpdate.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: QHSET.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: QQDoctor.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: QQKav.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: QQLiveUpdate.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: QQSC.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: QQUpdateCenter.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: Ras.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: Rav.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: RavMon.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: RavMonD.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: RavStub.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: RavTask.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: RegClean.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: rfwcfg.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: rfwmain.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: rfwsrv.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: RsAgent.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: Rsaupd.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: rstrui.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: runiep.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: safelive.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: scan32.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: shcfg32.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: SmartUp.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: SREng.EXE -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: symlcsvc.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: SysSafe.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: Timwp.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: TrojanDetector.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: Trojanwall.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: TrojDie.kxp -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: UIHost.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: UmxAgent.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: UmxAttachment.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: UmxCfg.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: UmxFwHlp.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: UmxPol.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: upiea.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: UpLive.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: USBCleaner.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: vsstat.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: webscanx.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe
O26 - IFEO: WoptiClean.exe -> C:/Program Files/Common Files/Microsoft Shared/xibgptd.exe

HKLM/SHOWALL    值非1
===/
相关文章
遭遇修改系统时间、使用映像劫持的xibgptd.exe,netdde32.exe等1
遭遇修改系统时间、使用映像劫持的xibgptd.exe,netdde32.exe等1
|
2月前
|
网络协议 安全
使用映像劫持,ARP欺骗,autorun.inf等技术的AV杀手mgemtjk.exe,sb.exe,qodwjay.exe,smsovct.exe等1
使用映像劫持,ARP欺骗,autorun.inf等技术的AV杀手mgemtjk.exe,sb.exe,qodwjay.exe,smsovct.exe等1
|
2月前
|
缓存 监控 安全
感染explorer.exe,使用映像劫持,ShellExecHook…的AV杀手GRHSGIH.EXE2
感染explorer.exe,使用映像劫持,ShellExecHook…的AV杀手GRHSGIH.EXE2
|
2月前
|
安全 测试技术 Windows
用WinRAR做无数次的注销或重启小病毒
用WinRAR做无数次的注销或重启小病毒
真正解决办法:WINDOWS7/WIN7提示错误:无法启动此程序,因为计算机中丢失D3DCOMPILER_47.dll。尝试重新安装该程序以解决此问题
真正解决办法:WINDOWS7/WIN7提示错误:无法启动此程序,因为计算机中丢失D3DCOMPILER_47.dll。尝试重新安装该程序以解决此问题
820 0
真正解决办法:WINDOWS7/WIN7提示错误:无法启动此程序,因为计算机中丢失D3DCOMPILER_47.dll。尝试重新安装该程序以解决此问题
|
安全 Windows
Windows 去除打开exe文件安全警告
 --> Win + R 打开运行窗口  --> 输入gpedit.msc 运行  --> 用户配置  --> 管理模板  --> Windows组件  --> 附件管理器  --> 中等风险文件类型的包含列表  --> 勾选已启用  --> 填写.exe  --> OK
1993 0
|
NoSQL MongoDB Windows
无法启动此程序,因为计算机丢失MSVCP140.dll
无法启动此程序,因为计算机丢失MSVCP140.dll
411 0
无法启动此程序,因为计算机丢失MSVCP140.dll
|
Windows
Windows 技术篇 - win10复制文件或文件夹时出错,提示“文件或目录损坏且无法读取“问题解决。windows驱动器、磁盘修复方法
Windows 技术篇 - win10复制文件或文件夹时出错,提示“文件或目录损坏且无法读取“问题解决。windows驱动器、磁盘修复方法
511 0
Windows 技术篇 - win10复制文件或文件夹时出错,提示“文件或目录损坏且无法读取“问题解决。windows驱动器、磁盘修复方法