1   1  /  1  页   跳转

[求助] 我的IE也被改了,帮帮忙吧!

我的IE也被改了,帮帮忙吧!

我的IE被http://www.ku4000.cn/改了,怎么也改不回来,自己又比较笨,卡卡删了 等下又有了,郁闷死了!谁帮我一下啊!!

后来我用一个叫“黄山”的软件修复IE, 结果把我的瑞星杀毒软件就洗白了!!这世道太黑了!

用户系统信息:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)

附件附件:

文件名:SREngLOG.log
下载次数:177
文件类型:application/octet-stream
文件大小:
上传时间:2009-4-30 16:19:31
描述:log

最后编辑1+1=31 最后编辑于 2009-04-30 16:19:31
分享到:
gototop
 

回复:我的IE也被改了,帮帮忙吧!

用瑞星卡卡修复一下IE试试。
gototop
 

回复:我的IE也被改了,帮帮忙吧!

Sreng官方下载
SREng/智能扫描(记得勾选“检查进程的数字签名)
等扫描完成,保存日志(LOG格式)
PS:如主程序SREng**.exe无法运行,导致无法扫描日志
将主程序改名为我爱小狮子.bat
或我爱小狮子.scr
日志放入附件
(点击我这贴右下角的“引用”或最右下角的那个较大的“回复”然后就应该知道怎么发了。)
gototop
 

回复: 我的IE也被改了,帮帮忙吧!

我的好像也是中毒了,哪个高手帮我看一下?
请高手帮忙看下Hijackthis的分析
Logfile of HijackThis v1.99.1
Scan saved at 22:55:48, on 2005-8-20
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\KV2005\KVSrvXP.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\KV2005\KVMonXP_1.kxp
C:\WINNT\system32\internat.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\Program Files\Maxthon\Maxthon.exe
C:\Program Files\Tencent\QQ\QQexternal.exe
C:\WINNT\system32\taskmgr.exe
C:\Program Files\KV2005\TrojDie.kxp
C:\Program Files\KV2005\KRegEx.exe
C:\WINNT\system32\DllHost.exe
D:\HijackThis.exe
O1 - Hosts: 218.5.76.54 www.hung-ya.com
O1 - Hosts: 218.5.76.54 hung-ya.com
O1 - Hosts: 218.5.76.54 www.hung-ya.com
O1 - Hosts: 218.5.76.54 hung-ya.com
O1 - Hosts: 218.5.76.54 www.bbs.hungya.com
O1 - Hosts: 218.5.76.54 bbs.hungya.com
O1 - Hosts: 218.5.76.54 www.popoq.com
O1 - Hosts: 218.5.76.54 popoq.com
O1 - Hosts: 218.5.76.54 www.jokescn.com
O1 - Hosts: 218.5.76.54 jokescn.com
O1 - Hosts: 218.5.76.54 www.xdvod.com
O1 - Hosts: 218.5.76.54 xdvod.com
O1 - Hosts: 218.5.76.54 www.qq38.com
O1 - Hosts: 218.5.76.54 qq38.com
O1 - Hosts: 218.5.76.54 www.qq38.com
O1 - Hosts: 218.5.76.54 qq38.com
O1 - Hosts: 218.5.76.54 www.5929.com
O1 - Hosts: 218.5.76.54 5929.com
O1 - Hosts: 218.5.76.54 www.xunlei.com
O1 - Hosts: 218.5.76.54 xunlei.com
O1 - Hosts: 218.5.76.54 www.verycd.com
O1 - Hosts: 218.5.76.54 verycd.com
O1 - Hosts: 218.5.76.54 www.zhao118.com
O1 - Hosts: 218.5.76.54 zhao118.com
O1 - Hosts: 218.5.76.54 www.zhao118.com
O1 - Hosts: 218.5.76.54 zhao118.com
O1 - Hosts: 218.5.76.54 www.61th.com
O1 - Hosts: 218.5.76.54 61th.com
O1 - Hosts: 218.5.76.54 www.15pp.com
O1 - Hosts: 218.5.76.54 15pp.com
O1 - Hosts: 218.5.76.54 www.vod99.com
O1 - Hosts: 218.5.76.54 vod99.com
O1 - Hosts: 218.5.76.54 www.xdvod.com
O1 - Hosts: 218.5.76.54 xdvod.com
O1 - Hosts: 218.5.76.54 www.jialetu.com
O1 - Hosts: 218.5.76.54 5929.com
O1 - Hosts: 218.5.76.54 www.verycd.com
O1 - Hosts: 218.5.76.54 verycd.com
O1 - Hosts: 218.5.76.54 www.haowz.com
O1 - Hosts: 218.5.76.54 haowz.com
O1 - Hosts: 218.5.76.54 www.15pp.com
O1 - Hosts: 218.5.76.54 15pp.com
O1 - Hosts: 218.5.76.54 www.61th.com
O1 - Hosts: 218.5.76.54 61th.com
O1 - Hosts: 218.5.76.54 www.wg101.com
O1 - Hosts: 218.5.76.54 wg101.com
O1 - Hosts: 218.5.76.54 www.k234.com
O1 - Hosts: 218.5.76.54 k234.com
O1 - Hosts: 218.5.76.54 www.hao358.com
O1 - Hosts: 218.5.76.54 hao358.com
O1 - Hosts: 218.5.76.54 www.hao358.com
O1 - Hosts: 218.5.76.54 hao358.com
O1 - Hosts: 218.5.76.54 www.mtvdy.com
O1 - Hosts: 218.5.76.54 mtvdy.com
O1 - Hosts: 218.5.76.54 www.20so.com
O1 - Hosts: 218.5.76.54 20so.com
O1 - Hosts: 218.5.76.54 www.dd1000.com
O1 - Hosts: 218.5.76.54 dd1000.com
O1 - Hosts: 218.5.76.54 www.v1000.com
O1 - Hosts: 218.5.76.54 v1000.com
O1 - Hosts: 218.5.76.54 www.huise.com
O1 - Hosts: 218.5.76.54 huise.com
O1 - Hosts: 218.5.76.54 www.916918.com
O1 - Hosts: 218.5.76.54 916918.com
O1 - Hosts: 218.5.76.54 www.ye263.com
O1 - Hosts: 218.5.76.54 ye263.com
O1 - Hosts: 218.5.76.54 www.c-cb.com
O1 - Hosts: 218.5.76.54 c-cb.com
O1 - Hosts: 218.5.76.54 www.zhao123.com
O1 - Hosts: 218.5.76.54 zhao123.com
O1 - Hosts: 218.5.76.54 www.51115.com
O1 - Hosts: 218.5.76.54 51115.com
O1 - Hosts: 218.5.76.54 www.4399.com
O1 - Hosts: 218.5.76.54 4399.com
O1 - Hosts: 218.5.76.54 www.chinagames.net
O1 - Hosts: 218.5.76.54 chinagames.net
O1 - Hosts: 218.5.76.54 www.skycn.com
O1 - Hosts: 218.5.76.54 skycn.com
O1 - Hosts: 218.5.76.54 www.tiexue.net
O1 - Hosts: 218.5.76.54 tiexue.net
O1 - Hosts: 218.5.76.54 www.qq163.com
O1 - Hosts: 218.5.76.54 qq163.com
O1 - Hosts: 218.5.76.54 www.tt67.com
O1 - Hosts: 218.5.76.54 tt67.com
O1 - Hosts: 218.5.76.54 www.chinamp3.com
O1 - Hosts: 218.5.76.54 chinamp3.com
O1 - Hosts: 218.5.76.54 www.pg168.com
O1 - Hosts: 218.5.76.54 pg168.com
O1 - Hosts: 218.5.76.54 www.yymp3.com
O1 - Hosts: 218.5.76.54 yymp3.com
O1 - Hosts: 218.5.76.54 www.yy138.com
O1 - Hosts: 218.5.76.54 yy138.com
O1 - Hosts: 218.5.76.54 www.dj99.com
O1 - Hosts: 218.5.76.54 dj99.com
O1 - Hosts: 218.5.76.54 www.sogua.com
O1 - Hosts: 218.5.76.54 sogua.com
O1 - Hosts: 218.5.76.54 www.snsn.net
O1 - Hosts: 218.5.76.54 snsn.net
O1 - Hosts: 218.5.76.54 www.flash8.net
O1 - Hosts: 218.5.76.54 flash8.net
O1 - Hosts: 218.5.76.54 www.mop.com
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} -
C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} -
C:\Program Files\KV2005\KvShell_1.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} -
C:\PROGRA~1\FLASHGET\jccatch.dll
O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) -
{8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: 江民杀毒工具栏 - {B5A34A93-D538-43A7-8371-864CB6148D12} -
C:\Program Files\KV2005\KvShell_1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [DAEMON Tools-2052] "E:\D-Tools\daemon.exe"  -lang 2052
O4 - HKLM\..\Run: [KvMonXP] C:\Program Files\KV2005\KVMonXP_1.kxp /auto
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O8 - Extra context menu item: 使用网际快车下载 - C:\PROGRA~1\FLASHGET\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 -
C:\PROGRA~1\FLASHGET\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program
Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program
Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program
Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -
{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program
Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} -
C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} -
C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 -
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program
Files\Tencent\QQ\QQIEHelper.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\kvwspxp_1.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\kvwspxp_1.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\kvwspxp_1.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C0C1A5A-A8B3-421D-9AD6-128DC8C67267}:
NameServer = 220.189.127.108 220.189.127.107
O17 - HKLM\System\CS1\Services\Tcpip\..\{0C0C1A5A-A8B3-421D-9AD6-128DC8C67267}:
NameServer = 220.189.127.108 220.189.127.107
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS
Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: KVSrvXP - JiangMin New Tech Ltd. - C:\PROGRA~1\KV2005\KVSrvXP.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:\WINNT\system32\nvsvc32.exe
最后编辑鱼中水 最后编辑于 2009-04-30 16:17:39
gototop
 

回复: 我的IE也被改了,帮帮忙吧!



引用:
原帖由 1+1=31 于 2009-4-30 16:00:00 发表
我的IE被http://www.ku4000.cn/改了,怎么也改不回来,自己又比较笨,卡卡删了 等下又有了,郁闷死了!谁帮我一下啊!!

用户系统信息:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)[


我用了卡卡的  但是修复后 等下又出来!!网上下了个叫“黄山”的 修复了下,连我的瑞星杀毒软件都不出来了,,这世道太黑了

附件附件:

文件名:SREngLOG.log
下载次数:188
文件类型:application/octet-stream
文件大小:
上传时间:2009-4-30 16:17:34
描述:log

gototop
 

回复:我的IE也被改了,帮帮忙吧!

建议日志文件以附件形式发来
点击我这贴右下角的“引用”或最右下角的那个较大的“回复”然后就应该知道怎么发了。
gototop
 

回复:我的IE也被改了,帮帮忙吧!

日志都发出来了,第一次上这个论坛多发了!!在线等解答,谢谢了!
gototop
 

回复 5F 1+1=31 的帖子

先试试金山急救箱吧
gototop
 

回复:我的IE也被改了,帮帮忙吧!

那个急救箱用了也不行啊~~~重启了就出来了!!!
gototop
 

回复:我的IE也被改了,帮帮忙吧!

+我q
977144975
注明:病毒求助
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT