IE首页被锁定为www.oooos.com,用超级兔子修改无效 bbs.ikaka.com

ojiejie28 - 2006-10-26 19:40:00

IE首页被锁定为www.oooos.com,用超级兔子检查没有发现木马,用超级兔子修改主页无效,请高手帮忙

ojiejie28 - 2006-10-26 19:54:00

是被该为www.ooooos.com打错了

红夜鬼1 - 2006-10-26 20:02:00

请下载SREng2（最新版），使用“智能扫描”，按下“扫描”按钮进行扫描，
扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完，分次粘完，请不要修改。

下载地址
http://free5.ys168.com/?ufwihgu168
http://www.kztechs.com/sreng/sreng2.zip

ojiejie28 - 2006-10-26 21:16:00

006-10-26,21:01:10

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
<Super Rabbit IEPro><C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD> [Super Rabbit Soft]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
<run><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<UpdateRun><C:\Program Files\Common Files\updat\Update.exe> []
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<AGRSMMSG><; AGRSMMSG.exe> [Agere Systems]
<Apoint><; C:\Program Files\Apoint2K\Apoint.exe> [Alps Electric Co., Ltd.]
<CdnCtr><; C:\Program Files\CNNIC\Cdn\cdnup.exe> []
<helper.dll><; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32> []
<igfxhkcmd><; C:\WINDOWS\system32\hkcmd.exe> [Intel Corporation]
<igfxpers><; C:\WINDOWS\system32\igfxpers.exe> [Intel Corporation]
<igfxtray><; C:\WINDOWS\system32\igfxtray.exe> [Intel Corporation]
<IntelWireless><; C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless> [Intel Corporation]
<IntelZeroConfig><; C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe> [Intel Corporation]
<MSPY2002><; C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC> []
<PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<ProxyThorn><; D:\Program Files\ProxyThorn\ProxyThorn.exe> []
<RichMedia><; C:\WINDOWS\system32\Rundll32.exe "C:\PROGRA~1\pcast\hbcast.dll",WaitWindows> []
<SoundMAX><; C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray> [Analog Devices, Inc.]
<SoundMAXPnP><; C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe> [Analog Devices, Inc.]
<spoolsv><; C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer> []
<vptray><; C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe> [Symantec Corporation]
<yassistse><; "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"> []
<YLive.exe><; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
<WinlogonNotify: IntelWireless><C:\Program Files\Intel\Wireless\Bin\LgNotify.dll> [Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
<WinlogonNotify: NavLogon><C:\WINDOWS\system32\NavLogon.dll> []

ojiejie28 - 2006-10-26 21:17:00

】 [D:\qq\QQBaseClassInDll.dll] <><1, 0, 0, 1>
[D:\qq\QQHelperDll.dll] <><1, 0, 0, 1>
[D:\qq\BasicCtrlDll.dll] <Tencent><5, 0, 200, 370>
[D:\qq\QQAPI.dll] <><1, 0, 0, 1>
[D:\qq\TIMProxy.dll] <tencent><0, 3, 2, 4>
[D:\qq\LoginCtrl.dll] <><1, 0, 0, 1>
[D:\qq\npkcntc.dll] <INCA Internet Co., Ltd.><2006, 6, 27, 1>
[D:\qq\npkpdb.dll] <INCA Internet Co., Ltd.><2003, 10, 1, 1>
[D:\qq\QQRes.dll] <tencent><1, 0, 0, 1>
[D:\qq\QQMainFrame.dll] <N/A><N/A>
[D:\qq\CQQApplication.dll] <N/A><N/A>
[D:\qq\NewSkin.dll] <><1, 0, 0, 1>
[D:\qq\HostingMgr.dll] <><1, 0, 0, 1>
[D:\qq\CameraDll.dll] <><1, 0, 0, 1>
[D:\qq\MailSummary.dll] <><1, 0, 0, 1>
[D:\qq\QQSpace.dll] <><1, 0, 0, 1>
[D:\qq\QQAllInOne.dll] <N/A><N/A>
[D:\qq\GroupLive.dll] <N/A><N/A>
[D:\qq\SCCore.dll] <TENCENT><2, 0, 0, 1>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[D:\qq\QQGroupMng.dll] <><1, 0, 0, 1>
[D:\qq\QQSysMsgMng.dll] <N/A><N/A>
[D:\qq\UserDefinedHead.dll] <><1, 0, 0, 1>
[D:\qq\QQPlugin.dll] <N/A><N/A>
[D:\qq\QQConfigPlugin.dll] <><1, 0, 0, 1>
[D:\qq\QRingMng.dll] <N/A><N/A>
[D:\qq\PhoneAPI.dll] <><1, 0, 0, 1>
[D:\qq\DialerAllinOne.dll] <tencent><1, 4, 0, 0>
[D:\qq\VPortal.dll] <><1, 0, 0, 4>
[D:\qq\QQPet.dll] <><1, 0, 0, 1>
[D:\qq\QQCustomFace.dll] <N/A><N/A>
[D:\qq\FlashAvatarDll.dll] <><1, 4, 0, 1>
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] <Adobe Systems, Inc.><9,0,16,0>
[D:\qq\QQSceneMng.dll] <N/A><N/A>
[D:\qq\QQAvatar.dll] <N/A><N/A>
[D:\qq\LongConnection.dll] <tencent><5, 0, 200, 160>
[D:\qq\BQQApplication.dll] <N/A><N/A>
[D:\qq\CommercesMng.dll] <><1, 0, 0, 1>
[D:\qq\PersonalDesktop.dll] <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
[D:\qq\QQAddr.dll] <深圳市腾讯计算机系统有限公司><5, 0, 101, 240>
[D:\qq\ImageOle.dll] <TODO: <Company name>><1.0.0.1>
[D:\qq\QQFileTransfer.dll] <Tencent><0, 3, 3, 5>
[D:\qq\GroupConnection.dll] <Tencent><0, 3, 3, 5>
[D:\qq\QQPhoneHelper.dll] <腾讯科技（深圳）有限公司><2, 0, 6, 60>
[D:\qq\QQMagicFace.dll] <><1, 0, 0, 1>
[D:\qq\ShareFiles.dll] <N/A><N/A>
[D:\qq\QQZip.dll] <tencent><0, 3, 2, 4>
[D:\qq\QQMsgFriendMng.dll] <N/A><N/A>
[D:\qq\OEMApplication.dll] <><1, 0, 0, 1>
[D:\qq\DShared.dll] <Tencent><1, 6, 0, 0>
[PID: 3148][D:\qq\TIMPlatform.exe] <tencent><0, 3, 1, 8>
[D:\qq\TIMProxy.dll] <tencent><0, 3, 2, 4>
[PID: 500][C:\Program Files\Internet Explorer\IEXPLORE.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll] <Xiang Feng Technology><2, 2, 0, 1612>
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] <Adobe Systems, Inc.><9,0,16,0>
[C:\WINDOWS\system32\rmoc3260.dll] <RealNetworks, Inc.><6.0.9.2058>
[C:\WINDOWS\system32\PNCRT.dll] <Real Networks, Inc><6.0.0.0>
[C:\Program Files\Common Files\Real\Common\pnrs3260.dll] <RealNetworks, Inc.><6.0.9.3809>
[C:\Program Files\Real\RealPlayer\rpplugins\embd3260.dll] <RealNetworks, Inc.><6.0.12.1059>
[C:\Program Files\Common Files\Real\Common\pngu3267.dll] <RealNetworks, Inc.><6.7.0.2453>
[C:\Program Files\Common Files\Real\Common\objb3201.dll] <RealNetworks, Inc.><0.1.0.6066>
[C:\Program Files\Real\RealPlayer\rpplugins\rpcl3260.dll] <RealNetworks, Inc.><6.0.9.2846>

ojiejie28 - 2006-10-26 21:18:00

[C:\Program Files\Real\RealPlayer\rpplugins\rput3260.dll] <RealNetworks, Inc.><6.0.9.2826>
[C:\Program Files\Common Files\Real\Common\pnen3260.dll] <RealNetworks, Inc.><10.0.0.663>
[C:\Program Files\Common Files\Real\Plugins\gen_Real.dll] <N/A><N/A>
[C:\Program Files\Common Files\Real\Plugins\vsrlocal.dll] <RealNetworks, Inc.><10.1.0.571>
[C:\Program Files\Common Files\Real\Plugins\zipf3260.dll] <RealNetworks, Inc.><6.0.8.2293>
[C:\Program Files\Common Files\Real\Plugins\vidsite.dll] <RealNetworks, Inc.><10.0.0.644>
[C:\Program Files\Common Files\Real\Plugins\clntxres.dll] <RealNetworks, Inc.><10.0.0.2576>
[C:\Program Files\Real\RealPlayer\lang\cdplay_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\dbcomp_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\embed_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\gemctl_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\pngui_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\pdgenxfer_cn.dll] <N/A><N/A>
[C:\Program Files\Real\RealPlayer\lang\rjctl_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rjeq_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rjres_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rjskin_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rjviz_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rjfade_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rjdlg_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rjmisc_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rjprog_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rpapp_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rpclsvc_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rpclutil_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rpdemand_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rpdsplyr_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rpgutil_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rpmnpane_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rpplylst_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\rpwebctl_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\tcdinfo_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\tclsvc_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\tdwnmgr_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\tmp3_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\twave_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\teasdk_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\tearm_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\tmdedit_cn.dll] <RealNetworks, Inc.><6.0.12.298>
[C:\Program Files\Real\RealPlayer\lang\mydevices_cn.dll] <RealNetworks, Inc.><6.0.12.299>
[C:\Program Files\Common Files\Real\Plugins\memfsys.dll] <RealNetworks, Inc.><10.0.0.631>
[C:\Program Files\Common Files\Real\Plugins\authmgr.dll] <RealNetworks, Inc.><10.0.0.1090>
[C:\Program Files\Common Files\Real\Codecs\hxltcolor.dll] <RealNetworks, Inc.><10.0.0.501>
[C:\Program Files\Common Files\Real\Plugins\ramfformat.dll] <RealNetworks, Inc.><10.0.0.1558>
[C:\Program Files\Real\RealPlayer\rpplugins\rpap3260.dll] <RealNetworks, Inc.><6.0.9.2768>
[C:\Program Files\Common Files\Real\Plugins\ramrender.dll] <RealNetworks, Inc.><10.0.0.1553>
[C:\Program Files\Common Files\Real\Plugins\httpfsys.dll] <RealNetworks, Inc.><10.0.0.2115>
[C:\Program Files\Common Files\Real\Plugins\smlfformat.dll] <RealNetworks, Inc.><10.0.0.1520>
[C:\Program Files\Common Files\Real\Plugins\smlrender.dll] <RealNetworks, Inc.><10.0.0.1127>
[C:\Program Files\Common Files\Real\Plugins\rmfformat.dll] <RealNetworks, Inc.><10.0.0.865>
[C:\Program Files\Common Files\Real\Plugins\rarender.dll] <RealNetworks, Inc.><10.0.0.648>
[C:\Program Files\Common Files\Real\Codecs\cook.dll] <RealNetworks, Inc.><10.0.0.1110>
[C:\Program Files\Common Files\Real\Plugins\rvrender.dll] <RealNetworks, Inc.><10.0.0.708>
[C:\Program Files\Common Files\Real\Codecs\RV40.DLL] <RealNetworks, Inc.><10.0.0.1128>
[C:\Program Files\Common Files\Real\Codecs\drvc.dll] <RealNetworks, Inc.><10.0.0.1128>
[PID: 472][C:\Program Files\WinRAR\WinRAR.exe] <N/A><N/A>
[PID: 3172][C:\DOCUME~1\User\LOCALS~1\Temp\Rar$EX00.109\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>

瑞星卡卡安全论坛