瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 请教:很奇特的攻击ie浏览器的病毒,请看日志!!!

12   2  /  2  页   跳转

请教:很奇特的攻击ie浏览器的病毒,请看日志!!!

收藏
沁心生
头像
拙长孩提狮
  • 帖子:91
  • 注册: 2004-01-06
  • 来自:
发表于: 2006-12-15 09:18 | 显示全部 短消息 资料
字号: 11楼

[C:\PROGRA~1\3721\helper.dll]  [, 1, 1, 1, 1327]
    [C:\PROGRA~1\3721\scrblock.dll]  [3721, 1, 0, 1, 1000]
    [C:\PROGRA~1\3721\alrex.dll]  [, 1, 0, 1, 1001]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll]  [Yahoo! China, 3, 0, 2, 1003]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 7, 1023]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 4, 1]
    [C:\WINDOWS\downlo~1\CnsHint.dll]  [3721, 1, 0, 1, 2]
    [C:\PROGRA~1\3721\autolive.dll]  [, 1, 2, 0, 1330]
    [C:\PROGRA~1\3721\alLiveEx.dll]  [ , 1, 0, 3, 1006]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  [yahoo! china, 3,5,1,1102]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [Yahoo! China, 3, 0, 2, 1011]
    [C:\WINDOWS\downlo~1\cnsplus.dll]  [3721, 1, 0, 0, 2]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll]  [yahoo! china, 3, 2, 5, 1081]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ysearch.dll]  [Yahoo! China, 3, 1, 1, 1011]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasnoad.dll]  [yahoo! china, 3, 0, 3, 1005]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yzsNetProto.dll]  [Yahoo! China, 3, 0, 2, 1003]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll]  [Yahoo! China, 3, 0, 5, 1007]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrss.dll]  [Yahoo! China, 3, 0, 3, 1004]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yaswiper.dll]  [Yahoo! China, 3, 0, 3, 1003]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasiesec.dll]  [Yahoo! China, 3, 0, 4, 1004]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YSETTI~1.DLL]  [yahoo! china, 3, 0, 8, 1015]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ymailp.dll]  [Yahoo! China, 3, 0, 3, 1009]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll]  [YAHOO Corporation Limited, 3, 0, 2, 1003]
    [C:\WINDOWS\downlo~1\CnsHook.dll]  [北京三七二一科技有限公司, 1, 0, 4, 2]
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll]  [yahoo! china, 3, 0, 4, 1006]
    [d:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL]  [yahoo! china, 3, 0, 2, 1002]
    [C:\WINDOWS\SYSTEM32\stdup.dll]  [, 3, 2, 1, 5]
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll]  [Yahoo! China, 3, 1, 2, 1017]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 4028][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
gototop
 
沁心生
头像
拙长孩提狮
  • 帖子:91
  • 注册: 2004-01-06
  • 来自:
发表于: 2006-12-15 09:18 | 显示全部 短消息 资料
字号: 12楼

[C:\PROGRA~1\3721\helper.dll]  [, 1, 1, 1, 1327]
    [C:\PROGRA~1\3721\scrblock.dll]  [3721, 1, 0, 1, 1000]
    [C:\PROGRA~1\3721\alrex.dll]  [, 1, 0, 1, 1001]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll]  [Yahoo! China, 3, 0, 2, 1003]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 7, 1023]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 4, 1]
    [C:\WINDOWS\downlo~1\CnsHint.dll]  [3721, 1, 0, 1, 2]
    [C:\PROGRA~1\3721\autolive.dll]  [, 1, 2, 0, 1330]
    [C:\PROGRA~1\3721\alLiveEx.dll]  [ , 1, 0, 3, 1006]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  [yahoo! china, 3,5,1,1102]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [Yahoo! China, 3, 0, 2, 1011]
    [C:\WINDOWS\downlo~1\cnsplus.dll]  [3721, 1, 0, 0, 2]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll]  [yahoo! china, 3, 2, 5, 1081]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ysearch.dll]  [Yahoo! China, 3, 1, 1, 1011]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasnoad.dll]  [yahoo! china, 3, 0, 3, 1005]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yzsNetProto.dll]  [Yahoo! China, 3, 0, 2, 1003]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll]  [Yahoo! China, 3, 0, 5, 1007]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrss.dll]  [Yahoo! China, 3, 0, 3, 1004]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yaswiper.dll]  [Yahoo! China, 3, 0, 3, 1003]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasiesec.dll]  [Yahoo! China, 3, 0, 4, 1004]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YSETTI~1.DLL]  [yahoo! china, 3, 0, 8, 1015]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ymailp.dll]  [Yahoo! China, 3, 0, 3, 1009]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll]  [YAHOO Corporation Limited, 3, 0, 2, 1003]
    [C:\WINDOWS\downlo~1\CnsHook.dll]  [北京三七二一科技有限公司, 1, 0, 4, 2]
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll]  [yahoo! china, 3, 0, 4, 1006]
    [d:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL]  [yahoo! china, 3, 0, 2, 1002]
    [C:\WINDOWS\SYSTEM32\stdup.dll]  [, 3, 2, 1, 5]
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll]  [Yahoo! China, 3, 1, 2, 1017]
    [C:\WINDOWS\downlo~1\CnsMinIO.dll]  [北京三七二一科技有限公司, 1, 0, 3, 7]
    [C:\WINDOWS\downlo~1\cnsio.dll]  [北京三七二一科技有限公司, 1, 0, 2, 8]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll]  [Yahoo! China, 3, 1, 3, 1017]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrepair.dll]  [Yahoo! China, 3, 0, 9, 1012]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasfsks.dll]  [3721.com, 2, 1, 2, 88]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yoptimum.dll]  [Yahoo! China, 3, 0, 2, 1006]
    [c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll]  [Yahoo! China, 3, 0, 2, 1003]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yxpstyle.dll]  [Yahoo! China, 3, 0, 1, 1001]
[PID: 2352][C:\Documents and Settings\aa\桌面\sreng2\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
gototop
 
沁心生
头像
拙长孩提狮
  • 帖子:91
  • 注册: 2004-01-06
  • 来自:
发表于: 2006-12-15 09:19 | 显示全部 短消息 资料
字号: 13楼

[C:\PROGRA~1\3721\helper.dll]  [, 1, 1, 1, 1327]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 7, 1023]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 4, 1]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT