收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 ad30443.exe
12下一页
返回列表 发新帖
查看: 2721|回复: 15
收起左侧

[可疑文件] ad30443.exe

[复制链接]
My↘じ★ve
发表于 2015-7-29 16:04:43 | 显示全部楼层 |阅读模式


To COMODO

http://bbs.kafan.cn/thread-1842954-1-1.html

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

jayavira
发表于 2015-7-29 16:08:06 | 显示全部楼层
2015/7/29 16:06:51        已删除        木马程序 Trojan.Win32.BHO.hlh        C:\Users\Administrator\Downloads\ad30443\ad30443.exe//cpush.dll        高       
回复

举报

XywCloud
发表于 2015-7-29 16:19:21 | 显示全部楼层
BAV Killed
回复

举报

z2009
发表于 2015-7-29 16:23:13 | 显示全部楼层
avast 杀
回复

举报

ericdj
发表于 2015-7-29 16:34:32 | 显示全部楼层
NS 解压杀,Adware.CPush
[mw_shl_code=css,true]Resolved Threats:
Adware.CPush
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Low Performance, Medium Privacy)  
Categories: Adware
Status: Fully Resolved
-----------
305 Registry Entries
HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell\OpenHomePage\Command - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell\OpenHomePage\Command - Repaired
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main->Enable Browser Extensions:yes - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch - Repaired
HKEY_USERS\S-1-5-21-590869728-3239259236-68230568-1001\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - Repaired
HKEY_USERS\S-1-5-21-590869728-3239259236-68230568-1001\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcLocator\->Start:3 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtLmSsp\->Start:3 - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11F09AFD-75AD-4E51-AB43-E09E9351CE16} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34A12A06-48C0-420D-8F11-73552EE9631A} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CDE9EB54-A08E-4570-B748-13F5DDB5781C} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{942476EC-B01C-47c6-A821-2BFD9695638D} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0AD3AB16-6D0E-4F04-8660-FB1F36BC2DC0} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2F685B36-C53A-4653-9231-1DAE5736DE45} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{50C4CDD9-22D7-49FF-AC6D-7D4D528A3AB2} - No Action Required
HKEY_CLASSES_ROOT\Interface\{08E47385-778B-440E-90B2-C22EA09D490B} - No Action Required
HKEY_CLASSES_ROOT\Interface\{323FB1A4-E303-4167-85DF-5CD5D2A82621} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DE2267BD-B163-407F-9E8D-6ADEC771E7AB} - No Action Required
HKEY_CLASSES_ROOT\TypeLib\{63E3B145-3AAA-4D15-A438-C7CC05720A51} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\newespushpopupad.belogc - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\newespushpopupad.belogc.1 - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NewAdPopup.PopupBlock - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NewAdPopup.PopupBlock.1 - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NewAdPopup.ToolbarDetector - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NewAdPopup.ToolbarDetector.1 - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NewMediaPopup.DdLogic - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NewMediaPopup.DdLogic.1 - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NewMediasPopup.EdLogic - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NewMediasPopup.EdLogic.1 - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\newecocomediapop.popcoco - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\newecocomediapop.popcoco.1 - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\newepushpopupad.bflogc - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\newepushpopupad.bflogc.1 - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\MicroPlugins - No Action Required
HKEY_CLASSES_ROOT\NewaAertdPoup.BZShow.1 - No Action Required
HKEY_CLASSES_ROOT\NewaAertdPoup.BZShow - No Action Required
HKEY_CLASSES_ROOT\NewsCocoMediaPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewsCocoMediaPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\NewMediasActive.RELogic - No Action Required
HKEY_CLASSES_ROOT\NewMediasActive.RELogic.1 - No Action Required
HKEY_CLASSES_ROOT\NewMediasPopup.FDLogic - No Action Required
HKEY_CLASSES_ROOT\NewMediasPopup.FDLogic.1 - No Action Required
HKEY_CLASSES_ROOT\NevvPoup.AALogc.1 - No Action Required
HKEY_CLASSES_ROOT\NevvPoup.AALogc - No Action Required
HKEY_CLASSES_ROOT\NewAdPopup.CdLogic.1 - No Action Required
HKEY_CLASSES_ROOT\NewAdPopup.CdLogic - No Action Required
HKEY_CLASSES_ROOT\NewsAocoMedianPop.PopAoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewsAocoMedianPop.PopAoco - No Action Required
HKEY_CLASSES_ROOT\NewvPushPopupAd.AZLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewvPushPopupAd.AZLogc - No Action Required
HKEY_CLASSES_ROOT\NewzCocoMediazPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewzCocoMediazPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\NewedPushPoupAd.BDLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewedPushPoupAd.BDLogc - No Action Required
HKEY_CLASSES_ROOT\NewvCocoMediazPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewvCocoMediazPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\NewPushsPopAd.AYLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewPushsPopAd.AYLogc - No Action Required
HKEY_CLASSES_ROOT\NewCocoMediaPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewCocoMediaPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\NewsPoupupAd.AFLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewsPoupupAd.AFLogc - No Action Required
HKEY_CLASSES_ROOT\NewCocosMediazPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewCocosMediazPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\NewPushPopAd.AVLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewPushPopAd.AVLogc - No Action Required
HKEY_CLASSES_ROOT\NevwBoboMediazPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NevwBoboMediazPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\NevwPoopupPushAd.ASLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NevwPoopupPushAd.ASLogc - No Action Required
HKEY_CLASSES_ROOT\NewzPushPopopAd.BALogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewzPushPopopAd.BALogc - No Action Required
HKEY_CLASSES_ROOT\NewePushsPopupAd.BGLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewePushsPopupAd.BGLogc - No Action Required
HKEY_CLASSES_ROOT\NewAdPopup.BHLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewAdPopup.BHLogc - No Action Required
HKEY_CLASSES_ROOT\NewdCocoMediaPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewdCocoMediaPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\NewsAdsPopup.BJLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewsAdsPopup.BJLogc - No Action Required
HKEY_CLASSES_ROOT\NewzsAdsPopup.BLLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewzsAdsPopup.BLLogc - No Action Required
HKEY_CLASSES_ROOT\NewPushPuopAd.BCLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewPushPuopAd.BCLogc - No Action Required
HKEY_CLASSES_ROOT\NewzPushsPuopAd.BCLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewzPushsPuopAd.BCLogc - No Action Required
HKEY_CLASSES_ROOT\NevvAdsPopup.BNLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NevvAdsPopup.BNLogc - No Action Required
HKEY_CLASSES_ROOT\NewszAdsPopup.BMLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewszAdsPopup.BMLogc - No Action Required
HKEY_CLASSES_ROOT\NewvCocoMediaPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewvCocoMediaPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\NewzCocoMediaPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewzCocoMediaPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\NewszAdzPopup.BQLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewszAdzPopup.BQLogc - No Action Required
HKEY_CLASSES_ROOT\NewzBoboMediaPop.PopBoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewzBoboMediaPop.PopBoco - No Action Required
HKEY_CLASSES_ROOT\NewzAdzPopup.BPLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewzAdzPopup.BPLogc - No Action Required
HKEY_CLASSES_ROOT\NewzBocoMediaPop.PopBoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewzBocoMediaPop.PopBoco - No Action Required
HKEY_CLASSES_ROOT\NewzAdsPopup.BOLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewzAdsPopup.BOLogc - No Action Required
HKEY_CLASSES_ROOT\NezdAdPopup.CBLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezdAdPopup.CBLogc - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NewPushPuopAd.BCLogc.1 - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NewPushPuopAd.BCLogc - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NewzPushsPuopAd.BCLogc.1 - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NewzPushsPuopAd.BCLogc - No Action Required
HKEY_CLASSES_ROOT\NeweCocoMediaPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NeweCocoMediaPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\NewePushPopupAd.BFLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewePushPopupAd.BFLogc - No Action Required
HKEY_CLASSES_ROOT\NewsAdPopup.BILogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewsAdPopup.BILogc - No Action Required
HKEY_CLASSES_ROOT\NewzCocoMediaPop.PopBoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewzCocoMediaPop.PopBoco - No Action Required
HKEY_CLASSES_ROOT\NewzzAdzPopup.BRLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewzzAdzPopup.BRLogc - No Action Required
HKEY_CLASSES_ROOT\MewAdPopup.BSLogc.1 - No Action Required
HKEY_CLASSES_ROOT\MewAdPopup.BSLogc - No Action Required
HKEY_CLASSES_ROOT\MewBocoMediaPop.PopBoco.1 - No Action Required
HKEY_CLASSES_ROOT\MewBocoMediaPop.PopBoco - No Action Required
HKEY_CLASSES_ROOT\NewdPushPopAd.AWLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewdPushPopAd.AWLogc - No Action Required
HKEY_CLASSES_ROOT\NewsCocoMediazPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewsCocoMediazPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\NewPoupAd.ACLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewPoupAd.ACLogc - No Action Required
HKEY_CLASSES_ROOT\MewBofoMediaPop.PopBofo.1 - No Action Required
HKEY_CLASSES_ROOT\MewBofoMediaPop.PopBofo - No Action Required
HKEY_CLASSES_ROOT\MezwAdPopup.BVLogc.1 - No Action Required
HKEY_CLASSES_ROOT\MezwAdPopup.BVLogc - No Action Required
HKEY_CLASSES_ROOT\NewPopupPushAd.ARLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewPopupPushAd.ARLogc - No Action Required
HKEY_CLASSES_ROOT\NewdCocMediazPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewdCocMediazPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\MewBodoMediaPop.PopBodo.1 - No Action Required
HKEY_CLASSES_ROOT\MewBodoMediaPop.PopBodo - No Action Required
HKEY_CLASSES_ROOT\MewvAdPopup.BTLogc.1 - No Action Required
HKEY_CLASSES_ROOT\MewvAdPopup.BTLogc - No Action Required
HKEY_CLASSES_ROOT\SideBar.InfoBand.1 - No Action Required
HKEY_CLASSES_ROOT\SideBar.InfoBand - No Action Required
HKEY_CLASSES_ROOT\SideBar.SideBarHlp.1 - No Action Required
HKEY_CLASSES_ROOT\SideBar.SideBarHlp - No Action Required
HKEY_CLASSES_ROOT\MewBohoMediaPop.PopBoho.1 - No Action Required
HKEY_CLASSES_ROOT\MewBohoMediaPop.PopBoho - No Action Required
HKEY_CLASSES_ROOT\MewBojoMediaPop.PopBojo.1 - No Action Required
HKEY_CLASSES_ROOT\MewBojoMediaPop.PopBojo - No Action Required
HKEY_CLASSES_ROOT\MewBogoMediaPop.PopBogo.1 - No Action Required
HKEY_CLASSES_ROOT\MewBogoMediaPop.PopBogo - No Action Required
HKEY_CLASSES_ROOT\MezsAdPopup.BWLogc.1 - No Action Required
HKEY_CLASSES_ROOT\MezsAdPopup.BWLogc - No Action Required
HKEY_CLASSES_ROOT\MezzAdPopup.BXLogc.1 - No Action Required
HKEY_CLASSES_ROOT\MezzAdPopup.BXLogc - No Action Required
HKEY_CLASSES_ROOT\NewAdPopup.ToolbarDetector.1 - No Action Required
HKEY_CLASSES_ROOT\NewAdPopup.ToolbarDetector - No Action Required
HKEY_CLASSES_ROOT\NezdAdPopup.BZLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezdAdPopup.BZLogc - No Action Required
HKEY_CLASSES_ROOT\MewBoioMediaPop.PopBoio.1 - No Action Required
HKEY_CLASSES_ROOT\MewBoioMediaPop.PopBoio - No Action Required
HKEY_CLASSES_ROOT\MezcAdPopup.BYLogc.1 - No Action Required
HKEY_CLASSES_ROOT\MezcAdPopup.BYLogc - No Action Required
HKEY_CLASSES_ROOT\NewsAdvPusher.BRLogic - No Action Required
HKEY_CLASSES_ROOT\NewsAdvPusher.BRLogic.1 - No Action Required
HKEY_CLASSES_ROOT\NewsCocoMediumsPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewsCocoMediumsPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\NezoAdPopup.CMLogc.1 - No Action Required
HKEY_CLASSES_ROOT\MewBokoMediaPop.PopBoko.1 - No Action Required
HKEY_CLASSES_ROOT\MewBokoMediaPop.PopBoko - No Action Required
HKEY_CLASSES_ROOT\MewBoloMediaPop.PopBolo.1 - No Action Required
HKEY_CLASSES_ROOT\MewBoloMediaPop.PopBolo - No Action Required
HKEY_CLASSES_ROOT\NewCocoMediazPop.PopCoco.1 - No Action Required
HKEY_CLASSES_ROOT\NewCocoMediazPop.PopCoco - No Action Required
HKEY_CLASSES_ROOT\NewdPoupopsAd.AOLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewdPoupopsAd.AOLogc - No Action Required
HKEY_CLASSES_ROOT\NezeAdPopup.CCLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezeAdPopup.CCLogc - No Action Required
HKEY_CLASSES_ROOT\NezfAdPopup.CDLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezfAdPopup.CDLogc - No Action Required
HKEY_CLASSES_ROOT\MewBomoMediaPop.PopBomo.1 - No Action Required
HKEY_CLASSES_ROOT\MewBomoMediaPop.PopBomo - No Action Required
HKEY_CLASSES_ROOT\NezhAdPopup.CFLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezhAdPopup.CFLogc - No Action Required
HKEY_CLASSES_ROOT\NeziAdPopup.CGLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NeziAdPopup.CGLogc - No Action Required
HKEY_CLASSES_ROOT\NezjAdPopup.CHLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezjAdPopup.CHLogc - No Action Required
HKEY_CLASSES_ROOT\NezkAdPopup.CILogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezkAdPopup.CILogc - No Action Required
HKEY_CLASSES_ROOT\NevzPuopupzAd.AMLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NevzPuopupzAd.AMLogc - No Action Required
HKEY_CLASSES_ROOT\NezlAdPopup.CJLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezlAdPopup.CJLogc - No Action Required
HKEY_CLASSES_ROOT\NezmAdPopup.CKLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezmAdPopup.CKLogc - No Action Required
HKEY_CLASSES_ROOT\NeznAdPopup.CLLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NeznAdPopup.CLLogc - No Action Required
HKEY_CLASSES_ROOT\NezoAdPopup.CMLogc - No Action Required
HKEY_CLASSES_ROOT\NezrAdPopup.CPLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezrAdPopup.CPLogc - No Action Required
HKEY_CLASSES_ROOT\NezqAdPopup.COLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezqAdPopup.COLogc - No Action Required
HKEY_CLASSES_ROOT\NezpAdPopup.CNLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezpAdPopup.CNLogc - No Action Required
HKEY_CLASSES_ROOT\NeztAdPopup.CRLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NeztAdPopup.CRLogc - No Action Required
HKEY_CLASSES_ROOT\NezsAdPopup.CQLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezsAdPopup.CQLogc - No Action Required
HKEY_CLASSES_ROOT\NewBoooMediumPop.PopBono.1 - No Action Required
HKEY_CLASSES_ROOT\NewBoooMediumPop.PopBooo - No Action Required
HKEY_CLASSES_ROOT\NezvAdPopup.CTLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezvAdPopup.CTLogc - No Action Required
HKEY_CLASSES_ROOT\NewBonoMediumPop.PopBono.1 - No Action Required
HKEY_CLASSES_ROOT\NewBonoMediumPop.PopBono - No Action Required
HKEY_CLASSES_ROOT\NezuAdPopup.CSLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NezuAdPopup.CSLogc - No Action Required
HKEY_CLASSES_ROOT\NewBopoMediumPop.PopBopo.1 - No Action Required
HKEY_CLASSES_ROOT\NewBopoMediumPop.PopBopo - No Action Required
HKEY_CLASSES_ROOT\NexpAdPopup.DPLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NexpAdPopup.DPLogc - No Action Required
HKEY_CLASSES_ROOT\NexvAdPopup.DVLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NexvAdPopup.DVLogc - No Action Required
HKEY_CLASSES_ROOT\NexwAdPopup.DWLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NexwAdPopup.DWLogc - No Action Required
HKEY_CLASSES_ROOT\NewCoroMediumPop.PopCoro.1 - No Action Required
HKEY_CLASSES_ROOT\NewCoroMediumPop.PopCoro - No Action Required
HKEY_CLASSES_ROOT\NewbAdPopup.WBLogc.1 - No Action Required
HKEY_CLASSES_ROOT\NewbAdPopup.WBLogc - No Action Required
HKEY_CLASSES_ROOT\NewCosoMediumPop.PopCoso.1 - No Action Required
HKEY_CLASSES_ROOT\NewCosoMediumPop.PopCoso - No Action Required
HKEY_CLASSES_ROOT\NexyAdPopup.AYLogic.1 - No Action Required
HKEY_CLASSES_ROOT\NexyAdPopup.AYLogic - No Action Required
HKEY_LOCAL_MACHINE\NewCosoMediumPop.PopCoso.1 - No Action Required
HKEY_LOCAL_MACHINE\NewCosoMediumPop.PopCoso - No Action Required
HKEY_LOCAL_MACHINE\NexyAdPopup.AYLogic.1 - No Action Required
HKEY_LOCAL_MACHINE\NexyAdPopup.AYLogic - No Action Required
HKEY_CLASSES_ROOT\TypeLib\{DE2267BD-B163-407F-9E8D-6ADEC771E7AB} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\->CPushSetup - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11F09AFD-75AD-4E51-AB43-E09E9351CE16} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ContentMatch - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\cpush - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\newpush - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Sohu R&D - No Action Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11F09AFD-75AD-4E51-AB43-E09E9351CE16} - No Action Required
HKEY_USERS\S-1-5-21-590869728-3239259236-68230568-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11F09AFD-75AD-4E51-AB43-E09E9351CE16} - No Action Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11F09AFD-75AD-4E51-AB43-E09E9351CE16} - No Action Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11F09AFD-75AD-4E51-AB43-E09E9351CE16} - No Action Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56284D90-84AA-4339-8A8E-F503F653DEDF} - No Action Required
HKEY_USERS\S-1-5-21-590869728-3239259236-68230568-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56284D90-84AA-4339-8A8E-F503F653DEDF} - No Action Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56284D90-84AA-4339-8A8E-F503F653DEDF} - No Action Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56284D90-84AA-4339-8A8E-F503F653DEDF} - No Action Required
HKEY_USERS\S-1-5-19\Software\cpush - No Action Required
HKEY_USERS\S-1-5-21-590869728-3239259236-68230568-1001\Software\cpush - No Action Required
HKEY_USERS\S-1-5-20\Software\cpush - No Action Required
HKEY_USERS\.DEFAULT\Software\cpush - No Action Required
HKEY_USERS\S-1-5-19\Software\newpush - No Action Required
HKEY_USERS\S-1-5-21-590869728-3239259236-68230568-1001\Software\newpush - No Action Required
HKEY_USERS\S-1-5-20\Software\newpush - No Action Required
HKEY_USERS\.DEFAULT\Software\newpush - No Action Required
HKEY_USERS\S-1-5-19\Software\Sysisoft - No Action Required
HKEY_USERS\S-1-5-21-590869728-3239259236-68230568-1001\Software\Sysisoft - No Action Required
HKEY_USERS\S-1-5-20\Software\Sysisoft - No Action Required
HKEY_USERS\.DEFAULT\Software\Sysisoft - No Action Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11F09AFE-75AD-4E52-AB43-E09E9351CE17} - No Action Required
HKEY_USERS\S-1-5-21-590869728-3239259236-68230568-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11F09AFE-75AD-4E52-AB43-E09E9351CE17} - No Action Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11F09AFE-75AD-4E52-AB43-E09E9351CE17} - No Action Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11F09AFE-75AD-4E52-AB43-E09E9351CE17} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{11F09AFE-75AD-4E52-AB43-E09E9351CE17} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{11F09AFE-75AD-4E52-AB43-E09E9351CE17} - No Action Required
HKEY_CLASSES_ROOT\AppID\ComBHO.DLL - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ComBHO.DLL - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\TP.DLL - No Action Required
HKEY_CLASSES_ROOT\AppID\TP.DLL - No Action Required
HKEY_CLASSES_ROOT\AppID\{6A3830C8-62AA-4ED0-91F1-8E6D831EF09C} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{6A3830C8-62AA-4ED0-91F1-8E6D831EF09C} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45C43BA8-14A8-4FD2-989B-1A099132B191} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{45C43BA8-14A8-4FD2-989B-1A099132B191} - No Action Required
HKEY_CLASSES_ROOT\Interface\{DD4CE874-6EBD-439A-8FCC-98015CA150D5} - No Action Required
HKEY_CLASSES_ROOT\TypeLib\{AFBDD344-160B-4460-88AB-74CB9B9DA824} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{45C43BA8-14A8-4FD2-989B-1A099132B191} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A0A0705-75BD-4B3B-8D1D-AF4FEF13C72B} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{8A0A0705-75BD-4B3B-8D1D-AF4FEF13C72B} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\{8A0A0705-75BD-4B3B-8D1D-AF4FEF13C72B} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{8A0A0705-75BD-4B3B-8D1D-AF4FEF13C72B} - No Action Required
HKEY_CLASSES_ROOT\AppID\{21C48E27-8FB4-41A6-BFDC-32CFAB79B2CD} - No Action Required
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{21C48E27-8FB4-41A6-BFDC-32CFAB79B2CD} - No Action Required
HKEY_CLASSES_ROOT\Interface\{CAB9E0E6-4C76-425B-BA4F-15EDAD619144} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CAB9E0E6-4C76-425B-BA4F-15EDAD619144} - No Action Required
HKEY_CLASSES_ROOT\OnlineClick.BHOMain.1 - No Action Required
HKEY_CLASSES_ROOT\OnlineClick.BHOMain - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OnlineClick.BHOMain.1 - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OnlineClick.BHOMain - No Action Required
HKEY_CLASSES_ROOT\ComBHO.ComHits.1 - No Action Required
HKEY_CLASSES_ROOT\ComBHO.ComHits - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ComBHO.ComHits.1 - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ComBHO.ComHits - No Action Required
HKEY_CLASSES_ROOT\TypeLib\{06AE0757-F2D4-4C24-82CB-92E7282DC8BC} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{06AE0757-F2D4-4C24-82CB-92E7282DC8BC} - No Action Required
19 Files
c:\users\eric\appdata\local\virtualstore\windows\syswow64\drivers\etc\hostsi - No Action Required
c:\windows\syswow64\drivers\etc\hostsi - No Action Required
c:\users\eric\appdata\local\temp\6a25f1805f8e0a116a371f32f8cd1838.ico - No Action Required
c:\users\eric\appdata\local\temp\7296aac258657abae873503bd5ca4cbf.dat - No Action Required
c:\users\eric\appdata\local\temp\85yrfv0x.png - No Action Required
c:\users\eric\appdata\local\temp\8b75d92fb020bd6fcc225d458c8feca9.ico - No Action Required
c:\users\eric\appdata\local\temp\d33196a2c5e1b05fbc6c0b06fa81c96a.ico - No Action Required
c:\users\eric\appdata\local\temp\dd0e59a4c846422426a4c99c3c53969f.tmp - No Action Required
c:\users\eric\appdata\local\virtualstore\windows\515843.txt - No Action Required
c:\windows\515843.txt - No Action Required
c:\users\eric\appdata\local\virtualstore\windows\515859.txt - No Action Required
c:\windows\515859.txt - No Action Required
c:\users\eric\appdata\local\virtualstore\windows\515875.txt - No Action Required
c:\windows\515875.txt - No Action Required
c:\users\eric\appdata\local\virtualstore\windows\516437.txt - No Action Required
c:\windows\516437.txt - No Action Required
c:\users\eric\appdata\local\virtualstore\windows\516468.txt - No Action Required
c:\windows\516468.txt - No Action Required
c:\users\eric\desktop\新建文件夹 (4)\ad30443.exe - Deleted
2 Processes
C:\Users\eric\AppData\Local\virtualstore\program files (x86)\internet explorer\iexplore.exe - No Action Required
C:\Program Files (x86)\Internet Explorer\iexplore.exe - No Action Required
2 Host File Entries
64.120.220.212 - No Action Required
209.205.76.81 - No Action Required
2 Browser Caches





Unresolved Threats:
No unresolved risks[/mw_shl_code]
回复

举报

欧阳宣
头像被屏蔽
发表于 2015-7-29 16:59:35 | 显示全部楼层
McAfee
BackDoor-FEH
回复

举报

skyboybone
发表于 2015-7-29 17:02:02 | 显示全部楼层
本帖最后由 skyboybone 于 2015-7-29 17:04 编辑

金山杀了里面的一个东西

[2015-07-29 17:02:18]
威胁:c:\users\john\desktop\ad30443.exe/<a:nsis>/ad30443/<a:nsis>/$commonfiles\pushware\cpush.dll
类型:win32.troj.sogou.v.(kcloud)
处理方式:未处理

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

llcy
发表于 2015-7-29 17:36:12 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Sailer.X 该用户已被删除
发表于 2015-7-29 18:16:18 | 显示全部楼层
GD:Dropped:Adware.Sogou.Gen
回复

举报

Flying_Bird
发表于 2015-7-29 21:18:20 | 显示全部楼层
Win32/Adware.Cinmus application

ESS killed
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-22 01:48 , Processed in 0.126577 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表