1   1  /  1  页   跳转

网页被劫持总是弹出网页

收藏
wsy3147
头像
快乐黄口狮
  • 帖子:145
  • 注册: 2006-08-08
  • 来自:
发表于: 2007-02-27 11:19 | 显示全部 短消息 资料
字号: 1楼

网页被劫持总是弹出网页

Logfile of HijackThis v1.99.1
Scan saved at 10:58:45, on 07-2-27
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\360SO\360MAIN.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\PROGRAM FILES\YAHOO!\ASSISTANT\YLIVE.EXE
C:\PROGRAM FILES\YAHOO!\ASSISTANT\YASSISTSE.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\TENCENT\ADPLUS\STUP.EXE
C:\PROGRAM FILES\REAL\ADX.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
D:\TDDOWNLOAD\HIJACKTHIS\HIJACKTHIS.EXE

R3 - URLSearchHook: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL
R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\PROGRAM FILES\TENCENT\ADPLUS\SSADDR.DLL
O2 - BHO: AssistHelper - {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASSIST.DLL
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\YAHOO!\ASSIST~1\ASSIST\YDRAGS~1.DLL
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPHTB.DLL
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSHOOK.DLL
O2 - BHO: ThunderBHO - {FE3ECAE5-0A37-4506-8A7D-3CC9A04D2CA8} - D:\THUNDER5.5.2.252\COMDLLS\XUNLEIBHO_006.DLL
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRAM FILES\CNNIC\CDN\WMHLPR.DLL
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\CDN\CDNFORIE.DLL
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YANGLING.DLL
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\PROGRAM FILES\TENCENT\ADPLUS\SSADDR.DLL
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\WINDOWS\SYSTEM\SSUP.DLL
O2 - BHO: BHOHelper Class - {67A90DD6-128D-43AB-B97C-565D2DD42A28} - C:\PROGRAM FILES\REAL\ATLOADER.DLL
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4A40-8DFD-58B0666ABEBD} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL
O4 - HKLM\..\Run: [360Main.exe] C:\PROGRA~1\360SO\360Main.exe
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [helper.dll] ; C:\WINDOWS\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\YAHOO!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse] "C:\PROGRAM FILES\YAHOO!\ASSISTANT\YASSISTSE.EXE"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HF_GameClient] ; d:\Program Files\浩方对战平台\gameclient.exe
O4 - HKLM\..\Run: [stup.exe] C:\PROGRA~1\TENCENT\ADPLUS\STUP.EXE
O4 - HKLM\..\Run: [adx.exe] C:\PROGRAM FILES\REAL\adx.exe
O4 - Startup: 腾讯QQ.lnk = D:\Program Files\Tencent\QQ\QQ.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL/203
O8 - Extra context menu item: 添加到雅虎订阅(&Y) - res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YRSS.DLL/YRSSMENUEXT
O8 - Extra context menu item: &使用迅雷下载 - D:\THUNDER5.5.2.252\PROGRAM\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\THUNDER5.5.2.252\PROGRAM\getallurl.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\PROGRAM FILES\TENCENT\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\PROGRAM FILES\TENCENT\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\PROGRAM FILES\TENCENT\QQ\SendMMS.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\PROGRAM FILES\TENCENT\QQ\AddToNetDisk.htm
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Thunder5.5.2.252\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Thunder5.5.2.252\Thunder.exe
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - D:\PROGRAM FILES\浩方对战平台\GAMECLIENT.EXE
O9 - Extra button: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\CDN\CDNFORIE.DLL
O9 - Extra 'Tools' menuitem: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\CDN\CDNFORIE.DLL
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - Extra button: 名品折扣 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816 (file missing)
O9 - Extra button: Yahoo 3.5G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - Extra button: 雅虎WIDGET - {6354ABE6-05F1-49ed-B850-E423120EC338} - http://cn.widget.yahoo.com/index.htm?source=Cns (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system\cdnns.dll
O11 - Options group: [!CNS]  中文上网
O11 - Options group: [CDNCLIENT]  中文上网
O11 - Options group: [TBH] 中文搜搜
O16 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} (MMCPlayer Class) - http://p3p.sogou.com/MMCShell.cab
O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} (金山毒霸在线产品升级) - http://www.duba.net/cab/KOSInit.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl-1.0.0.94_signed.cab
O16 - DPF: {E847C78C-C210-4195-8799-FBF3BF89797D} (金山毒霸在线产品升级) - http://www.duba.net/cab/KOSInit.cab
O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - D:\PROGRA~1\KUGOO3\INEXTEND\KUGOO3~1.OCX

最后编辑2007-02-27 12:16:25
分享到:
gototop
 
wsy3147
头像
快乐黄口狮
  • 帖子:145
  • 注册: 2006-08-08
  • 来自:
发表于: 2007-02-27 11:24 | 显示全部 短消息 资料
字号: 2楼

2007-02-27,11:01:53

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows 98 SE  -

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <360Main.exe><C:\PROGRA~1\360SO\360Main.exe>  [360so]
    <internat.exe><internat.exe>  [Microsoft Corporation]
    <helper.dll><; C:\WINDOWS\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  [$]
    <YLive.exe><C:\PROGRA~1\YAHOO!\ASSIST~1\YLive.exe>  [Yahoo! China]
    <yassistse><"C:\PROGRAM FILES\YAHOO!\ASSISTANT\YASSISTSE.EXE">  [Yahoo! China]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot>  [RealNetworks, Inc.]
    <HF_GameClient><; d:\Program Files\浩方对战平台\gameclient.exe>  [上海浩方在线信息技术有限公司]
    <stup.exe><C:\PROGRA~1\TENCENT\ADPLUS\STUP.EXE>  [Tencent]
    <adx.exe><C:\PROGRAM FILES\REAL\adx.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <yalertreg4_98><>  [N/A]

==================================
启动文件夹
[腾讯QQ]
  <C:\WINDOWS\Start Menu\Programs\启动\腾讯QQ.lnk --> D:\PROGRA~1\TENCENT\QQ\QQ.EXE [TENCENT]><H>

==================================
服务
N/A

==================================
驱动程序
N/A

==================================
浏览器加载项
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASSIST.DLL, Yahoo! China>
[DragSearch BHO]
  {62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\YAHOO!\ASSIST~1\ASSIST\YDRAGS~1.DLL, yahoo! china>
[Yahoo!Photo]
  {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPHTB.DLL, Yahoo! China>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSHOOK.DLL, 北京三七二一科技有限公司>
[Thunder Browser Helper]
  {FE3ECAE5-0A37-4506-8A7D-3CC9A04D2CA8} <D:\THUNDER5.5.2.252\COMDLLS\XUNLEIBHO_006.DLL, Thunder Networking Technologies,LTD>
[WMHlprObj Class]
  {F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRAM FILES\CNNIC\CDN\WMHLPR.DLL, CNNIC>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\CDN\CDNFORIE.DLL, CNNIC>
[AntiFish Class]
  {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YANGLING.DLL, yahoo! china>
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\PROGRAM FILES\TENCENT\ADPLUS\SSADDR.DLL, Tencent>
[]
  {669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINDOWS\SYSTEM\SSUP.DLL, TENCENT>
[BHOHelper Class]
  {67A90DD6-128D-43AB-B97C-565D2DD42A28} <C:\PROGRAM FILES\REAL\ATLOADER.DLL, Microsoft Corporation>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/, N/A>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\Thunder5.5.2.252\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\PROGRAM FILES\浩方对战平台\GAMECLIENT.EXE, 上海浩方在线信息技术有限公司>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\CDN\CDNFORIE.DLL, CNNIC>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <d:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[名品折扣]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[Yahoo 3.5G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[MMCPlayer Class]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\DOWNLOADED PROGRAM FILES\MMCSHELL.DLL, Sohu.com Inc.>
[金山毒霸在线产品升级]
  {52DF16E3-6C4F-4B22-8BAF-09263E463B48} <C:\WINDOWS\SYSTEM\KINGSOFT\KOS\KOSINIT.OCX, 金山软件股份有限公司>
[pCastPanel Class]
  {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} <C:\WINDOWS\DOWNLOADED PROGRAM FILES\PCASTCTL.DLL,  >
[金山毒霸在线产品升级]
  {E847C78C-C210-4195-8799-FBF3BF89797D} <C:\PROGRA~1\KOS\KOSINIT.OCX, 金山软件股份有限公司>
[ADXAutoLive]
  {E5212437-921F-44a3-8865-11C0B9BA4AF2} <C:\PROGRAM FILES\REAL\AUTOLIVE.DLL, Microsoft Corporation>
[雅虎搜索]
  <res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL/203, N/A>
[添加到雅虎订阅(&Y)]
  <res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YRSS.DLL/YRSSMENUEXT, N/A>
[&使用迅雷下载]
  <D:\THUNDER5.5.2.252\PROGRAM\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <D:\THUNDER5.5.2.252\PROGRAM\getallurl.htm, N/A>
[添加到QQ自定义面板]
  <D:\PROGRAM FILES\TENCENT\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\PROGRAM FILES\TENCENT\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\PROGRAM FILES\TENCENT\QQ\SendMMS.htm, N/A>
[上传到QQ网络硬盘]
  <D:\PROGRAM FILES\TENCENT\QQ\AddToNetDisk.htm, N/A>

==================================
gototop
 
wsy3147
头像
快乐黄口狮
  • 帖子:145
  • 注册: 2006-08-08
  • 来自:
发表于: 2007-02-27 11:26 | 显示全部 短消息 资料
字号: 3楼

正在运行的进程
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\PELX.DLL]  [Tencent, 4, 4, 2, 22]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 2, 5, 0, 5]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294936073][C:\WINDOWS\SYSTEM\MPREXE.EXE]  [Microsoft Corporation, 4.10.1998]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 2, 5, 0, 5]
    [C:\PROGRAM FILES\3721\SKE\CONTMENU.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YWIPER.DLL]  [Yahoo! China, 3, 0, 2, 1002]
    [C:\PROGRAM FILES\WINRAR\RAREXT.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL]  [yahoo! china, 3, 3, 1, 1092]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\REAL\ATLOADER.DLL]  [Microsoft Corporation, 5, 1, 2607, 119]
    [D:\THUNDER5.5.2.252\COMDLLS\XUNLEIBHO_006.DLL]  [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPHTB.DLL]  [Yahoo! China, 3, 0, 2, 1004]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YDRAGSEARCH.DLL]  [yahoo! china, 3, 0, 0, 1000]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASSIST.DLL]  [Yahoo! China, 3, 1, 6, 1021]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\JCVHN.DLL]  [Tencent, 4, 4, 2, 22]
    [C:\PROGRAM FILES\REAL\BHOMGR.DLL]  [Microsoft Corporation, 5, 1, 2607, 119]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\PELX.DLL]  [Tencent, 4, 4, 2, 22]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YCLICKON.DLL]  [YAHOO Corporation Limited, 3, 0, 3, 1004]
[PID: 4294859977][C:\WINDOWS\EXPLORER.EXE]  [Microsoft Corporation, 4.72.3110.1]
[PID: 4294888929][C:\PROGRAM FILES\360SO\360MAIN.EXE]  [360so, 1, 0, 2, 1002]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\PELX.DLL]  [Tencent, 4, 4, 2, 22]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 2, 5, 0, 5]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294888749][C:\WINDOWS\SYSTEM\INTERNAT.EXE]  [Microsoft Corporation, 4.10.2222]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YNOTIFIER.DLL]  [yahoo! china, 3, 0, 0, 1000]
    [C:\PROGRAM FILES\REAL\BHOMGR.DLL]  [Microsoft Corporation, 5, 1, 2607, 119]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\PELX.DLL]  [Tencent, 4, 4, 2, 22]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YALLIVEEX.DLL]  [Yahoo! China, 3, 0, 1, 1010]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YALIVE.DLL]  [yahoo! china, 3, 5, 6, 1107]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  [Yahoo! China, 3, 0, 5, 1023]
[PID: 4294899461][C:\PROGRAM FILES\YAHOO!\ASSISTANT\YLIVE.EXE]  [Yahoo! China, 3, 1, 9, 1025]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\SHELL\YMENUINFO.DLL]  [Yahoo! China, 3, 0, 1, 1001]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\SHELL\YASMENU.DLL]  [Yahoo! China, 3, 0, 1, 1002]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\SHELL\YIEANGEL.DLL]  [Yahoo! China, 3, 0, 2, 1002]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\SHELL\YASSECBLK.DLL]  [Yahoo! China, 3, 1, 6, 1022]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  [Yahoo! China, 3, 0, 5, 1023]
[PID: 4294894365][C:\PROGRAM FILES\YAHOO!\ASSISTANT\YASSISTSE.EXE]  [Yahoo! China, 3, 0, 4, 1005]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  [Yahoo! China, 3, 0, 5, 1023]
[PID: 4294870425][C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]  [RealNetworks, Inc., 0.1.0.1622]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\PELX.DLL]  [Tencent, 4, 4, 2, 22]
[PID: 4294880161][C:\PROGRAM FILES\TENCENT\ADPLUS\STUP.EXE]  [Tencent, 4, 4, 1, 15]
    [C:\WINDOWS\SYSTEM\CDNNS.DLL]  [CNNIC, 2, 0, 0, 0]
    [C:\PROGRAM FILES\REAL\AUTOLIVE.DLL]  [Microsoft Corporation, 5, 1, 2607, 119]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\REAL\ATLOADER.DLL]  [Microsoft Corporation, 5, 1, 2607, 119]
    [C:\PROGRAM FILES\REAL\URLCATCH.DLL]  [Microsoft Corporation, 5, 1, 2607, 119]
    [C:\PROGRAM FILES\REAL\BHOMGR.DLL]  [Microsoft Corporation, 5, 1, 2607, 119]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  [Yahoo! China, 3, 0, 5, 1023]
[PID: 4294794957][C:\PROGRAM FILES\REAL\ADX.EXE]  [Microsoft Corporation, 5, 1, 2607, 119]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSHINT.DLL]  [3721, 2, 5, 0, 2]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 2, 5, 0, 5]
    [C:\PROGRAM FILES\REAL\URLCATCH.DLL]  [Microsoft Corporation, 5, 1, 2607, 119]
    [C:\WINDOWS\SYSTEM\OLEACC.DLL]  [Microsoft Corporation, 4.2.2209.0]
    [C:\PROGRAM FILES\REAL\ATLOADER.DLL]  [Microsoft Corporation, 5, 1, 2607, 119]
    [C:\WINDOWS\SYSTEM\SSUP.DLL]  [TENCENT, 4, 4, 3, 30]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YANGLING.DLL]  [yahoo! china, 3, 0, 5, 1007]
    [D:\THUNDER5.5.2.252\COMDLLS\XUNLEIBHO_006.DLL]  [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YDRAGSEARCH.DLL]  [yahoo! china, 3, 0, 0, 1000]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASSIST.DLL]  [Yahoo! China, 3, 1, 6, 1021]
    [C:\WINDOWS\SYSTEM\CDNNS.DLL]  [CNNIC, 2, 0, 0, 0]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YCLICKON.DLL]  [YAHOO Corporation Limited, 3, 0, 3, 1004]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YMAILP.DLL]  [Yahoo! China, 3, 0, 2, 1008]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YSETTINGS.DLL]  [yahoo! china, 3, 0, 8, 1015]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASIESEC.DLL]  [Yahoo! China, 3, 0, 4, 1004]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASWIPER.DLL]  [Yahoo! China, 3, 0, 4, 1004]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YRSS.DLL]  [Yahoo! China, 3, 0, 2, 1003]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPHTB.DLL]  [Yahoo! China, 3, 0, 2, 1004]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASNOAD.DLL]  [yahoo! china, 3, 0, 1, 1003]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YZSNETPROTO.DLL]  [Yahoo! China, 3, 0, 1, 1002]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YSEARCH.DLL]  [Yahoo! China, 3, 1, 1, 1011]
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL]  [yahoo! china, 3, 3, 1, 1092]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\PELX.DLL]  [Tencent, 4, 4, 2, 22]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\JCVHN.DLL]  [Tencent, 4, 4, 2, 22]
    [C:\PROGRAM FILES\REAL\BHOMGR.DLL]  [Microsoft Corporation, 5, 1, 2607, 119]
[PID: 4294732457][C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMINEX.DLL]  [国风因特软件(北京)有限公司, 2, 5, 0, 2]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSIO.DLL]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMINIO.DLL]  [北京三七二一科技有限公司, 2, 5, 0, 3]
    [C:\PROGRAM FILES\REAL\BHOMGR.DLL]  [Microsoft Corporation, 5, 1, 2607, 119]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\PELX.DLL]  [Tencent, 4, 4, 2, 22]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 2, 5, 0, 5]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294634169][C:\WINDOWS\RUNDLL32.EXE]  [Microsoft Corporation, 4.10.1998]
[PID: 4294631773][C:\WINDOWS\SYSTEM\PSTORES.EXE]  [Microsoft Corporation, 5.00.1877.3]
    [C:\WINDOWS\SYSTEM\CDNNS.DLL]  [CNNIC, 2, 0, 0, 0]
    [C:\PROGRAM FILES\REAL\BHOMGR.DLL]  [Microsoft Corporation, 5, 1, 2607, 119]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\PELX.DLL]  [Tencent, 4, 4, 2, 22]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 2, 5, 0, 5]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294508845][D:\TDDOWNLOAD\SRENG2\SRENG.EXE]  [Smallfrogs Studio, 2.3.13.690]

==================================
文件关联
.TXT  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [C:\WINDOWS\winhlp32.exe %1]
.INI  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS  OK. [C:\WINDOWS\WScript.exe "%1" %*]
.JS  OK. [C:\WINDOWS\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MS.w95.spi.osp
    C:\WINDOWS\SYSTEM\mswsosp.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MS.w95.spi.tcp
    C:\WINDOWS\SYSTEM\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MS.w95.spi.udp
    C:\WINDOWS\SYSTEM\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MS.w95.spi.raw
    C:\WINDOWS\SYSTEM\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MS.w95.spi.rsvptcp
    C:\WINDOWS\SYSTEM\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider)
MS.w95.spi.rsvpudp
    C:\WINDOWS\SYSTEM\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
API HOOK
N/A

==================================


[/CODE]
gototop
 
wsy3147
头像
快乐黄口狮
  • 帖子:145
  • 注册: 2006-08-08
  • 来自:
发表于: 2007-02-27 12:25 | 显示全部 短消息 资料
字号: 4楼

自己顶
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT