tiny脚本tiny一键免流无root被限速了怎么办？一打开，网速就掉到几十k，用自己流量却

你的位置：网站首页 >> 频道首页 >>网络 >>tiny脚本tiny一键免流无root被限速了怎么办？一打开，网速就掉到几十k，用自己流量却

tiny脚本tiny一键免流无root被限速了怎么办？一打开，网速就掉到几十k，用自己流量却

来源：蜘蛛抓取(WebSpider) 时间：2017-06-04 00:09 标签： tinyproxy免流教程

1, You can UPLOAD any files, but there is 20Mb limit per file. 2,
VirSCAN supports Rar/Zip decompression, but it must be less than 20 files. 3, VirSCAN can scan compressed files with password 'infected' or 'virus'.
Portuguese Brazil
Русский
укра?нська
Nederlands
Espa?ol (Latin America)
Server load
File information
File Name :
(File not down)
File Size :3320374 byte
File Type :application/zip
文件行为分析
Scanner results
Scanner results:<font color="#%Scanner(s) (1/32)found malware!
Time: <font color="#16-08-16 22:08:55 (CST)
Engine Ver
Scan result
AVL SDK 3.0
Found nothing
9.0.0.4324
9.0.0.4324
Found nothing
Found nothing
Found nothing
4.1.3.52192
Found nothing
Found nothing
bitdefender
Found nothing
Found nothing
5.0.2.3300
Found nothing
23.345, 23.345
Found nothing
6.5.1.5418
Found nothing
Found nothing
V1.32.31.0
Found nothing
Found nothing
Found nothing
Found nothing
Found nothing
Found nothing
Found nothing
9.500-1005
Found nothing
Found nothing
Found nothing
Found nothing
25.76.04.01
25.76.04.01
Found nothing
Found nothing
Found nothing
Found nothing
Found nothing
17.47.17308
1.0.2.2108
Found nothing
Found nothing
virusbuster
15.0.985.0
Found nothing
■Heuristic/Suspicious ■Exact
NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
Copy to clipboard
许可名称信息
android.permission.INTERNET连接网络（2G或3G）
android.permission.WRITE_EXTERNAL_STORAGE写外部存储器（如：SD卡）
安全评分 :
包名:com.junshao
最低运行环境:Android 2.2.x
行为描述:检测自身是否被调试
详情信息:N/A
行为描述:修改注册表_BHO
详情信息:\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FE6A61D-D178-480D-E2B35276}\
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FE6A61D-D178-480D-E2B35276}\NoExplorer
行为描述:获取TickCount值
详情信息:TickCount = 5394081, SleepMilliseconds = 50.
TickCount = 5394221, SleepMilliseconds = 50.
TickCount = 5394237, SleepMilliseconds = 50.
TickCount = 5394253, SleepMilliseconds = 50.
TickCount = 5394300, SleepMilliseconds = 50.
TickCount = 5394315, SleepMilliseconds = 50.
TickCount = 5394331, SleepMilliseconds = 50.
TickCount = 5394346, SleepMilliseconds = 50.
TickCount = 5394378, SleepMilliseconds = 50.
TickCount = 5394393, SleepMilliseconds = 50.
TickCount = 5394425, SleepMilliseconds = 50.
TickCount = 5394440, SleepMilliseconds = 50.
TickCount = 5394471, SleepMilliseconds = 50.
TickCount = 5394487, SleepMilliseconds = 50.
TickCount = 5394503, SleepMilliseconds = 50.
行为描述:屏蔽窗口关闭消息
详情信息:hWnd = 0x0012035e, Text = 广告拜拜 V.1269 安装 , ClassName = #32770.
行为描述:修改注册表_系统防火墙可信进程列表
详情信息:\REGISTRY\MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\AdByeBye\GeYaVideo.exe
行为描述:设置特殊文件夹属性
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述:隐藏窗口创建进程
详情信息:ImagePath = , CmdLine = &C:\Program Files\AdByeBye\bat/nbadclear.bat&
行为描述:创建进程
详情信息:ImagePath = C:\WINDOWS\system32\cmd.exe, CmdLine = cmd /c &&C:\Program Files\AdByeBye\bat/nbadclear.bat& &
行为描述:创建新文件进程
详情信息:ImagePath = C:\Program Files\AdByeBye\GeYaVideo.exe, CmdLine = &C:\Program Files\AdByeBye\GeYaVideo.exe& /install /src=
ImagePath = C:\Program Files\AdByeBye\GeYaVideo.exe, CmdLine = &C:\Program Files\AdByeBye\GeYaVideo.exe& /setautorun
行为描述:枚举进程
详情信息:N/A
行为描述:创建本地线程
详情信息:TargetProcess: adbyebye_setup.exe, InheritedFromPID = 1944, ProcessID = 1628, ThreadID = 2176, StartAddress = 7C947EBB, Parameter =
TargetProcess: adbyebye_setup.exe, InheritedFromPID = 1944, ProcessID = 1628, ThreadID = 2180, StartAddress = 7C930230, Parameter =
TargetProcess: adbyebye_setup.exe, InheritedFromPID = 1944, ProcessID = 1628, ThreadID = 2268, StartAddress = 0040507D, Parameter = 000A038E
TargetProcess: iexplore.exe, InheritedFromPID = 2196, ProcessID = 2252, ThreadID = 2504, StartAddress = 02FEB223, Parameter = 0308CAE0
TargetProcess: iexplore.exe, InheritedFromPID = 2196, ProcessID = 2252, ThreadID = 2508, StartAddress = 02FD8AA0, Parameter = 0308FFF8
TargetProcess: GeYaVideo.exe, InheritedFromPID = 1628, ProcessID = 2420, ThreadID = 2532, StartAddress = 0057BF4C, Parameter = 00E7E910
TargetProcess: iexplore.exe, InheritedFromPID = 2196, ProcessID = 2252, ThreadID = 2540, StartAddress = 77E56C7D, Parameter = 001D8B58
TargetProcess: iexplore.exe, InheritedFromPID = 2196, ProcessID = 2252, ThreadID = 2560, StartAddress = 0138507F, Parameter =
TargetProcess: iexplore.exe, InheritedFromPID = 2196, ProcessID = 2252, ThreadID = 2608, StartAddress = 7C930230, Parameter =
TargetProcess: GeYaVideo.exe, InheritedFromPID = 1628, ProcessID = 2420, ThreadID = 2644, StartAddress = 77DC845A, Parameter =
TargetProcess: GeYaVideo.exe, InheritedFromPID = 1628, ProcessID = 2420, ThreadID = 2652, StartAddress = 7C947EBB, Parameter =
TargetProcess: GeYaVideo.exe, InheritedFromPID = 1628, ProcessID = 2420, ThreadID = 2656, StartAddress = 7C930230, Parameter =
TargetProcess: GeYaVideo.exe, InheritedFromPID = 1628, ProcessID = 2420, ThreadID = 2660, StartAddress = , Parameter = 001ABDD0
行为描述:创建文件
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsh4C.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\nsm4D.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\FindProcDLL.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\ioSpecial.ini
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\modern-wizard.bmp
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\InstallOptions.dll
C:\Program Files\AdByeBye\GeYa64.exe
C:\Program Files\AdByeBye\GeYaData.dll_bak
C:\Program Files\AdByeBye\GeYaData64.dll_bak
C:\Program Files\AdByeBye\GeYaEngine.dll_bak
C:\Program Files\AdByeBye\GeYaEngine64.dll_bak
C:\Program Files\AdByeBye\GeYaVideo.exe
C:\Program Files\AdByeBye\abp.dat
C:\Program Files\AdByeBye\abp.data
行为描述:创建可执行文件
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\FindProcDLL.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\InstallOptions.dll
C:\Program Files\AdByeBye\GeYa64.exe
C:\Program Files\AdByeBye\GeYaData.dll_bak
C:\Program Files\AdByeBye\GeYaData64.dll_bak
C:\Program Files\AdByeBye\GeYaEngine.dll_bak
C:\Program Files\AdByeBye\GeYaEngine64.dll_bak
C:\Program Files\AdByeBye\GeYaVideo.exe
C:\Program Files\AdByeBye\adbyebye.dll_bak
C:\Program Files\AdByeBye\adbyebye64.dll_bak
C:\Program Files\AdByeBye\vip.dll_bak
行为描述:覆盖已有文件
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsm4D.tmp
行为描述:查找文件
详情信息:FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsr4E.tmp
FileName = C:\Program Files\AdByeBye
FileName = C:\Program Files
FileName = C:\Program Files\AdByeBye\GeYaData.dll
FileName = C:\Program Files\AdByeBye\GeYaEngine.dll
FileName = C:\Program Files\AdByeBye\vip.dll
FileName = C:\Program Files\AdByeBye\adbyebye.dll
FileName = C:\Program Files\AdByeBye\GeYaData64.dll
FileName = C:\Program Files\AdByeBye\GeYaEngine64.dll
行为描述:删除文件
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsh4C.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\nsm4D.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\wpad[1].dat
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\stat[1].php
行为描述:修改BAT脚本文件
详情信息:C:\Program Files\AdByeBye\bat\autoadclear.bat ---& Offset = 0
C:\Program Files\AdByeBye\bat\nbadclear.bat ---& Offset = 0
行为描述:重命名文件
详情信息:C:\Program Files\AdByeBye\GeYaData.dll_bak ---& C:\Program Files\AdByeBye\GeYaData.dll
C:\Program Files\AdByeBye\GeYaEngine.dll_bak ---& C:\Program Files\AdByeBye\GeYaEngine.dll
C:\Program Files\AdByeBye\vip.dll_bak ---& C:\Program Files\AdByeBye\vip.dll
C:\Program Files\AdByeBye\adbyebye.dll_bak ---& C:\Program Files\AdByeBye\adbyebye.dll
C:\Program Files\AdByeBye\GeYaData64.dll_bak ---& C:\Program Files\AdByeBye\GeYaData64.dll
C:\Program Files\AdByeBye\GeYaEngine64.dll_bak ---& C:\Program Files\AdByeBye\GeYaEngine64.dll
C:\Program Files\AdByeBye\adbyebye64.dll_bak ---& C:\Program Files\AdByeBye\adbyebye64.dll
行为描述:设置特殊文件夹属性
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述:修改文件内容
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsm4D.tmp ---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\nsm4D.tmp ---& Offset = 32768
C:\Documents and Settings\Administrator\Local Settings\Temp\nsm4D.tmp ---& Offset = 65536
C:\Documents and Settings\Administrator\Local Settings\Temp\nsm4D.tmp ---& Offset = 77916
C:\Documents and Settings\Administrator\Local Settings\Temp\nsm4D.tmp ---& Offset = 110684
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\FindProcDLL.dll ---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\ioSpecial.ini ---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\ioSpecial.ini ---& Offset = 36
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\modern-wizard.bmp ---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\modern-wizard.bmp ---& Offset = 16384
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\modern-wizard.bmp ---& Offset = 32768
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\modern-wizard.bmp ---& Offset = 49152
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\modern-wizard.bmp ---& Offset = 65536
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\ioSpecial.ini ---& Offset = 124
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\ioSpecial.ini ---& Offset = 33
行为描述:联网打开网址
详情信息:InternetOpenUrlA: http://**.133.40.**:128/wpad.dat, hInternet = 0x00cc0010, Flags = 0x
行为描述:连接指定站点
详情信息:InternetConnectA: ServerName = **.133.40.**, PORT = 128, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x
InternetConnectA: ServerName = ur****om, PORT = 443, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x
InternetConnectA: ServerName = s.****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x
行为描述:打开HTTP连接
详情信息:InternetOpenA: UserAgent: Mozilla/4.0 ( MSIE 8.0; Win32; Trident/4.0), hSession = 0x00cc0010
InternetOpenA: UserAgent: VCSoapClient, hSession = 0x00cc0010
InternetOpenA: UserAgent: Mozilla/4.0 ( MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489), hSession = 0x00cc0004
行为描述:建立到一个指定的套接字连接
详情信息:URL: wpad, IP: **.133.40.**:128, SOCKET = 0x0000056c
URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x0000057c
URL: s.****om, IP: **.133.40.**:80, SOCKET = 0x
URL: ur****om, IP: **.133.40.**:443, SOCKET = 0x0000063c
URL: w****., IP: **.133.40.**:80, SOCKET = 0x000002ac
URL: wpad, IP: **.133.40.**:128, SOCKET = 0x
URL: s.****om, IP: **.133.40.**:80, SOCKET = 0x
行为描述:读取网络文件
详情信息:hFile = 0x00cc0018, BytesToRead =4010, BytesRead = 4010.
hFile = 0x00cc000c, BytesToRead =2048, BytesRead = 2048.
行为描述:发送HTTP包
详情信息:GET /wpad.dat HTTP/1.1
Accept: */*
User-Agent: Mozilla/4.0 ( MSIE 8.0; Win32; Trident/4.0)
Host: **.133.40.**:128
GET / HTTP/1.1
Accept: */*
Accept-Language: zh-cn
User-Agent: Mozilla/4.0 ( MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489)
Accept-Encoding: gzip, deflate
Host: ww****om
Connection: Keep-Alive
GET /stat.php?act=i&src=adbyebye_new&mid=affdfe631bac&ver=.1269 HTTP/1.1
Host: s.****om
Accept: */*
GET /wpad.dat HTTP/1.1
Accept: */*
Host: **.133.40.**
Connection: Keep-Alive
GET /stat.php?act=i&src=adbyebye_new&mid=affdfe631bac&ver=.1269 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 ( MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489)
Host: s.****om
Connection: Keep-Alive
行为描述:打开HTTP请求
详情信息:HttpOpenRequestA: **.133.40.**:128/wpad.dat, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: GET, Referer: , Flags = 0x
HttpOpenRequestA: ur****om:443/urs.asmx?msurs-client-key=2cvudxwz91ukndhw7nlrvw%3d%3d&msurs-patented-lock=vlxzdbxvewe%3d, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: POST, Referer: , Flags = 0x
HttpOpenRequestA: s.****om:80/stat.php?act=i&src=adbyebye_new&mid=affdfe631bac&ver=.1269, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x
行为描述:按名称获取主机地址
详情信息:GetAddrInfoW: computer
GetAddrInfoW: wpad
GetAddrInfoW: ww****om
gethostbyname: s.****om
GetAddrInfoW: ur****om
gethostbyname: w****.
GetAddrInfoW: s.****om
注册表行为
行为描述:删除注册表键
详情信息:\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-00-ABCDEFFEDCBA}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-00-ABCDEFFEDCBA}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-00-ABCDEFFEDCBB}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-00-ABCDEFFEDCBB}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-00-ABCDEFFEDCBC}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-00-ABCDEFFEDCBC}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC--FFFF-ABCDEFFEDCBA}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC--FFFF-ABCDEFFEDCBA}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{8AD9C840-044E-11D1-B3E9-}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{8AD9C840-044E-11D1-B3E9-}\
\REGISTRY\USER\S-*_CLASSES\JavaPlugin.1000\CLSID\
\REGISTRY\USER\S-*_CLASSES\JavaPlugin.1000\
行为描述:删除注册表键值
详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
\REGISTRY\MACHINE\SOFTWARE\Microsoft\ESENT\Process\GeYaVideo\DEBUG\Trace Level
行为描述:修改注册表_BHO
详情信息:\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FE6A61D-D178-480D-E2B35276}\
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FE6A61D-D178-480D-E2B35276}\NoExplorer
行为描述:修改注册表
详情信息:\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A70C5EF--A0DB-B}\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A70C5EF--A0DB-B}\InprocServer32\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A70C5EF--A0DB-B}\InprocServer32\ThreadingModel
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A70C5EF--A0DB-B}\TypeLib\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A70C5EF--A0DB-B}\Version\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{7FE6A61D-D178-480D-E2B35276}\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{7FE6A61D-D178-480D-E2B35276}\InprocServer32\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{7FE6A61D-D178-480D-E2B35276}\TypeLib\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{7FE6A61D-D178-480D-E2B35276}\Version\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{9-412F-939D-D286FF3AFBC5}\1.0\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{9-412F-939D-D286FF3AFBC5}\1.0\FLAGS\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{9-412F-939D-D286FF3AFBC5}\1.0\0\win32\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{9-412F-939D-D286FF3AFBC5}\1.0\HELPDIR\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{90229EBD-37EE-45E7-B81B-BD}\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{90229EBD-37EE-45E7-B81B-BD}\ProxyStubClsid\
行为描述:修改注册表_系统防火墙可信进程列表
详情信息:\REGISTRY\MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\AdByeBye\GeYaVideo.exe
行为描述:检测自身是否被调试
详情信息:N/A
行为描述:创建互斥体
详情信息:CTF.LBES.MutexDefaultS-*
<part.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.MMC
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
CritOpMutex
SmartScreen_UrsCacheMutex_2CEDBFBC-DBA8-43AA-B1FD-CC8EHigh_S-*
SmartScreen_ClientId_Mutex
行为描述:隐藏指定窗口
详情信息:[Window,Class] = [,Button]
[Window,Class] = [ GY STUDIO,Static]
[Window,Class] = [ GY STUDIO ,Static]
[Window,Class] = [,Static]
[Window,Class] = [,ComboLBox]
[Window,Class] = [,Auto-Suggest Dropdown]
[Window,Class] = [显示细节(&D),Button]
[Window,Class] = [缩放级别,ToolbarWindow32]
[Window,Class] = [,msctls_progress32]
[Window,Class] = [,SysLink]
[Window,Class] = [文件大小未知,Static]
[Window,Class] = [打开此类文件前总是询问(&W),Button]
[Window,Class] = [发行者:,Static]
行为描述:查找指定窗口
详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [OleMainThreadWndClass,]
NtUserFindWindowEx: [Class,Window] = [#32770,]
NtUserFindWindowEx: [Class,Window] = [ipc_wnd_{4EE76351-A0EB-4D10-B600-B2DE3379D0AD},]
NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
行为描述:打开事件
详情信息:HookSwitchHookEnabledEvent
_fCanRegisterWithShellService
CTF.ThreadMIConnectionEvent..00042
CTF.ThreadMarshalInterfaceEvent..00042
MSCTF.SendReceiveConection.Event.ELH.IC
MSCTF.SendReceive.Event.ELH.IC
Global\crypt32LogoffEvent
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Isolation Signal Registry Event (094BC1A1-63BC-11E6-91BE-7B****28, 0)
CTF.ThreadMIConnectionEvent..00044
CTF.ThreadMarshalInterfaceEvent..00044
CTF.ThreadMIConnectionEvent..00045
CTF.ThreadMarshalInterfaceEvent..00045
Global\SvcctrlStartEvent_A3752DX
\INSTALLATION_SECURITY_HOLD
行为描述:获取TickCount值
详情信息:TickCount = 5394081, SleepMilliseconds = 50.
TickCount = 5394221, SleepMilliseconds = 50.
TickCount = 5394237, SleepMilliseconds = 50.
TickCount = 5394253, SleepMilliseconds = 50.
TickCount = 5394300, SleepMilliseconds = 50.
TickCount = 5394315, SleepMilliseconds = 50.
TickCount = 5394331, SleepMilliseconds = 50.
TickCount = 5394346, SleepMilliseconds = 50.
TickCount = 5394378, SleepMilliseconds = 50.
TickCount = 5394393, SleepMilliseconds = 50.
TickCount = 5394425, SleepMilliseconds = 50.
TickCount = 5394440, SleepMilliseconds = 50.
TickCount = 5394471, SleepMilliseconds = 50.
TickCount = 5394487, SleepMilliseconds = 50.
TickCount = 5394503, SleepMilliseconds = 50.
行为描述:调整进程token权限
详情信息:SE_LOAD_DRIVER_PRIVILEGE
行为描述:屏蔽窗口关闭消息
详情信息:hWnd = 0x0012035e, Text = 广告拜拜 V.1269 安装 , ClassName = #32770.
行为描述:窗口信息
详情信息:Pid = 1628, Hwnd=0x1902fe, Text = 下一步(&N) &, ClassName = Button.
Pid = 1628, Hwnd=0x1102c8, Text = 取消(&C), ClassName = Button.
Pid = 1628, Hwnd=0x1702d8, Text =
GY STUDIO , ClassName = Static.
Pid = 1628, Hwnd=0x9039c, Text =
GY STUDIO, ClassName = Static.
Pid = 1628, Hwnd=0xb0398, Text = 欢迎使用&广告拜拜 V.1269&安装向导, ClassName = Static.
Pid = 1628, Hwnd=0x110342, Text = 一键去掉视频片头广告，还您一个清静惬意的观赏环境！
采用最先进的智能拦截技术，系统资源占用低，启动速度极快。
, ClassName = Static.
Pid = 1628, Hwnd=0x12035e, Text = 广告拜拜 V.1269 安装, ClassName = #32770.
Pid = 1628, Hwnd=0xc032a, Text = & 上一步(&B), ClassName = Button.
Pid = 1628, Hwnd=0x603ac, Text = 选择组件, ClassName = Static.
Pid = 1628, Hwnd=0xc03a0, Text = 选择你想要安装&广告拜拜 V.1269&的功能组件。, ClassName = Static.
Pid = 1628, Hwnd=0x120342, Text = 自定义, ClassName = ComboBox.
Pid = 1628, Hwnd=0xf039e, Text = 选定安装的组件: , ClassName = Static.
Pid = 1628, Hwnd=0x10032e, Text = 所需空间: 7.3MB, ClassName = Static.
Pid = 1628, Hwnd=0xe02aa, Text = 勾选你想要安装的组件，并解除勾选你不希望安装的组件。单击 [下一步(N)] 继续。, ClassName = Static.
Pid = 1628, Hwnd=0xc03c8, Text = 描述, ClassName = Button(GroupBox).
行为描述:可执行文件签名信息
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\FindProcDLL.dll(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\InstallOptions.dll(签名验证: 未通过)
C:\Program Files\AdByeBye\GeYa64.exe(签名验证: 未通过)
C:\Program Files\AdByeBye\GeYaData.dll_bak(签名验证: 未通过)
C:\Program Files\AdByeBye\GeYaData64.dll_bak(签名验证: 未通过)
C:\Program Files\AdByeBye\GeYaEngine.dll_bak(签名验证: 未通过)
C:\Program Files\AdByeBye\GeYaEngine64.dll_bak(签名验证: 未通过)
C:\Program Files\AdByeBye\GeYaVideo.exe(签名验证: 未通过)
C:\Program Files\AdByeBye\adbyebye.dll_bak(签名验证: 未通过)
C:\Program Files\AdByeBye\adbyebye64.dll_bak(签名验证: 未通过)
C:\Program Files\AdByeBye\vip.dll_bak(签名验证: 未通过)
行为描述:创建事件对象
详情信息:EventName = MSCTF.SendReceive.Event.MMC.IC
EventName = MSCTF.SendReceiveConection.Event.MMC.IC
EventName = DINPUTWINMM
EventName = Global\userenv:
User Profile setup event
EventName = Global\crypt32LogoffEvent
EventName = Local\8cc_29
行为描述:可执行文件MD5
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\FindProcDLL.dll ---& 67afacada
C:\Documents and Settings\Administrator\Local Settings\Temp\nsr4E.tmp\InstallOptions.dll ---& 0dc0cc7a6d9db685bf05a7e5f3ea4781
C:\Program Files\AdByeBye\GeYa64.exe ---& 7c114a48
C:\Program Files\AdByeBye\GeYaData.dll_bak ---& b28a936e69c63efbb672ba
C:\Program Files\AdByeBye\GeYaData64.dll_bak ---& 62b79adc62a6adaf9eac
C:\Program Files\AdByeBye\GeYaEngine.dll_bak ---& c86fa639eeb80f4959daa6dd7c6f4175
C:\Program Files\AdByeBye\GeYaEngine64.dll_bak ---& 184a77e4ce5a955bbea22d77fd915686
C:\Program Files\AdByeBye\GeYaVideo.exe ---& 75c7b43eea6
C:\Program Files\AdByeBye\adbyebye.dll_bak ---& 1213cdebcfe9ec3bab0e9
C:\Program Files\AdByeBye\adbyebye64.dll_bak ---& c637abc025bc30d2ce109
C:\Program Files\AdByeBye\vip.dll_bak ---& daf9f682d8a7f
行为描述:打开互斥体
详情信息:ShimCacheMutex
Local\!IETld!Mutex
ConnHashTable&2196&_HashTable_Mutex
Local\_!MSFTHISTORY!_
Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Local\c:!documents and settings!administrator!cookies!
Local\c:!documents and settings!administrator!local settings!history!history.ie5!
Local\WininetStartupMutex
Local\WininetConnectionMutex
Local\WininetProxyRegistryMutex
行为描述:加载新释放的文件
详情信息:Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsr4E.tmp\FindProcDLL.dll.
Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsr4E.tmp\InstallOptions.dll.
Image: C:\Program Files\AdByeBye\adbyebye.dll.
Image: C:\Program Files\AdByeBye\GeYaData.dll.
Activities
活动名类型
.candroid.intent.action.MAIN
.candroid.intent.category.LAUNCHER
函数名称信息
getRuntime获取命令行环境
java/lang/R->exec执行字符串命令
许可名称信息
android.permission.INTERNET连接网络（2G或3G）
android.permission.WRITE_EXTERNAL_STORAGE写外部存储器（如：SD卡）
META-INF/MANIFEST.MF
0x627c2036
META-INF/CERT.SF
0x3514eab0
META-INF/CERT.RSA
0xbab3a2e1
AndroidManifest.xml
0xbe816aa4
assets/ijm-x86.so
0x510a14b5
assets/libckey.so
assets/libckeygenerator.so
assets/libdalvik_patch.so
0xc50d1b72
assets/libfilescanner.so
0xbf1f6c56
assets/libh.so
0x9d8c0108
classes.dex
res/drawable-hdpi-v4/bg_image03.jpg
0x47f8ce4a
res/drawable-hdpi-v4/ic_launcher.png
0x75d86369
res/drawable-hdpi-v4/mh.xml
0x9d9d5353
res/drawable-mdpi-v4/bg_image03.jpg
0x47f8ce4a
res/drawable-mdpi-v4/ic_launcher.png
0x75d86369
res/drawable/image_1.png
0xb801963e
res/drawable/image_2.png
0x50b1c3d4
res/drawable/image_3.png
0x31e03c7e
res/drawable/image_4.png
res/drawable/image_5.png
0x31e03c7e
res/drawable/image_6.png
0xb9cbada7
res/layout/main.xml
0x2dccc828
resources.arsc
File upload
Please not close this windows,
If you do not have to upload response time, make sure you upload files less than 20M
You can view the results of the last scan or rescan

tiny脚本tiny一键免流无root被限速了怎么办？一打开，网速就掉到几十k，用自己流量却

我要回帖

更多关于 tinyproxy免流教程的文章

随机推荐

tiny脚本tiny一键免流无root被限速了怎么办？一打开，网速就掉到几十k，用自己流量却

我要回帖

更多关于 tinyproxy免流教程 的文章

随机推荐

更多关于 tinyproxy免流教程的文章