发表于: 2006-04-14 11:54 | 显示全部 短消息 资料
字号: 1楼

救命啊 ̄ ̄大侠们 http://www.9991.com/

主页老是自动被改成:http://www.9991.com/
还老是跳出乱七八糟的网址,救救我啊,苦了N天了
Logfile of HijackThis v1.99.1
Scan saved at 11:49:04, on 2006-4-14
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
E:\WINNT\System32\smss.exe
E:\WINNT\system32\csrss.exe
E:\WINNT\system32\winlogon.exe
E:\WINNT\system32\services.exe
E:\WINNT\system32\lsass.exe
E:\WINNT\system32\svchost.exe
E:\WINNT\system32\spoolsv.exe
E:\WINNT\system32\msdtc.exe
E:\WINNT\system32\svchost.exe
E:\WINNT\System32\llssrv.exe
E:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe
D:\oracle\ora92\bin\omtsreco.exe
E:\WINNT\Explorer.EXE
D:\oracle\ora92\bin\agntsrvc.exe
D:\oracle\ora92\Apache\Apache\apache.exe
E:\WINNT\system32\cmd.exe
D:\oracle\ora92\bin\dbsnmp.exe
D:\oracle\ora92\BIN\TNSLSNR.exe
E:\Program Files\D-Tools\daemon.exe
E:\WINNT\system32\qcssbl9.exe
E:\Program Files\Java\j2re1.4.2_07\bin\jusched.exe
d:\oracle\ora92\bin\ORACLE.EXE
E:\WINNT\system32\ctfmon.exe
E:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
d:\oracle\ora92\bin\ORACLE.EXE
E:\WINNT\system32\regsvc.exe
E:\WINNT\system32\MSTask.exe
E:\WINNT\SYSTEM32\RUNDLL32.EXE
E:\tibco\administrator\domain\cg_center\bin\tibcoadmin_cg_center.exe
E:\tibco\tra\domain\cg_center\hawkagent_cg_center.exe
E:\WINNT\System32\WBEM\WinMgmt.exe
E:\WINNT\system32\svchost.exe
E:\WINNT\system32\Dfssvc.exe
E:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
E:\WINNT\system32\svchost.exe
D:\oracle\ora92\Apache\Apache\apache.exe
D:\oracle\ora92\jdk\bin\java.exe
D:\oracle\ora92\jdk\bin\java.exe
d:\oracle\ora92\bin\isqlplus
E:\tibco\tibrv\bin\rvd.exe
E:\tibco\tibrv\bin\rvd.exe
E:\tibco\hawk\bin\tibhawkhma.exe
D:\cxg\software\Tencent\QQ\QQ.exe
D:\cxg\software\Tencent\QQ\TIMPlatform.exe
E:\WINNT\System32\svchost.exe
E:\WINNT\system32\mdm.exe
E:\WINNT\system32\conime.exe
E:\Program Files\sfx software\svchost.exe
E:\WINNT\system32\conime.exe
D:\cxg\software\RemoteLogin\mstsc.exe
E:\Program Files\MSN Messenger\msnmsgr.exe
E:\Program Files\WinRAR\WinRAR.exe
E:\DOCUME~1\ADMINI~1.SER\LOCALS~1\Temp\Rar$EX00.875\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - E:\PROGRA~1\FLASHGET\jccatch.dll
O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINNT\system32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [IMSCMig] E:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [qcsszjcz] E:\WINNT\system32\qcssbl9.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\j2re1.4.2_07\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "E:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk = D:\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: 服务管理器.lnk = E:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &RSDN Search - res://E:\Program Files\ScanToolbar\ScanBar.dll/GoRSDN.dll.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\cxg\software\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\cxg\software\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\cxg\software\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\cxg\software\Tencent\QQ\SendMMS.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\WINNT\system32\msjava.dll
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FLASHGET\flashget.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{948BE3F9-B740-435F-B31A-E16D31D379AD}: NameServer = 202.101.172.35,218.75.69.132
O20 - AppInit_DLLs: KB2357801.LOG
O21 - SSODL: DLMon - {590498A3-4131-4D8F-BA4B-36791A0803B1} - E:\WINNT\system32\DLMain.dll
O23 - Service: Adobe LM Service - Unknown owner - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - E:\WINNT\System32\dmadmin.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - D:\oracle\ora92\bin\omtsreco.exe
O23 - Service: OracleOracleAgent - Oracle Corporation - D:\oracle\ora92\bin\agntsrvc.exe
O23 - Service: OracleOracleClientCache - Unknown owner - D:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: OracleOracleHTTPServer - Unknown owner - D:\oracle\ora92\Apache\Apache\apache.exe" --ntservice (file missing)
O23 - Service: OracleOraclePagingServer - Unknown owner - D:\oracle\ora92/bin/pagntsrv.exe
O23 - Service: OracleOracleSNMPPeerEncapsulator - Unknown owner - D:\oracle\ora92\BIN\ENCSVC.EXE
O23 - Service: OracleOracleSNMPPeerMasterAgent - Unknown owner - D:\oracle\ora92\BIN\AGNTSVC.EXE
O23 - Service: OracleOracleTNSListener - Unknown owner - D:\oracle\ora92\BIN\TNSLSNR.exe
O23 - Service: OracleServiceXIAOTEST - Oracle Corporation - d:\oracle\ora92\bin\ORACLE.EXE
O23 - Service: OracleServiceXIAOXIAO - Oracle Corporation - d:\oracle\ora92\bin\ORACLE.EXE
O23 - Service: TIB/Rendezvous Communications Daemon (rvd) - Unknown owner - E:\tibco\tibrv\bin\rvntsctl.exe
O23 - Service: TIBCO Administrator 5.3 (cg_center) (TIBCOAdmin-cg_center) - Unknown owner - E:/tibco/administrator/domain/cg_center/bin/tibcoadmin_cg_center.exe
O23 - Service: TIBCO Hawk Agent (cg_center) (TIBHawkAgent-cg_center-server) - Unknown owner - E:/tibco/tra/domain/cg_center/hawkagent_cg_center.exe
O23 - Service: Apache Tomcat (Tomcat5) - Unknown owner - D:\cxg\software\eclipse\Tomcat 5.0\bin\tomcat5.exe" //RS//Tomcat5 (file missing)

最后编辑2006-04-14 12:36:14