我的浏览器最近出了问题，访问www.163.com,www.126.com时，页面被定向到：http://hk582.com/ 浏览器被劫持了，有没有解决办法？望各位赐教。
  我用HijackThis.exe扫描结果如下：
  Logfile of HijackThis v1.99.1
Scan saved at 23:45:46, on 2005-7-25
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
E:\RISING\RAV\Ravmond.exe
E:\RISING\RAV\RavStub.exe
e:\rising\rising\rfw\rfwsrv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\drivers\CDAC11BA.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\niSvcLoc.exe
E:\RISING\RAV\CCENTER.EXE
C:\WINNT\System32\snmp.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\inetsrv\inetinfo.exe
C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe
C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\ansyslmd.exe
C:\WINNT\Explorer.EXE
E:\rising\Rising\Rfw\rfwmain.exe
E:\RISING\RAV\RAVTIMER.EXE
E:\RISING\RAV\RAVMON.EXE
C:\Documents and Settings\Administrator\桌面\ipgw.exe
C:\WINNT\system32\ctfmon.exe
E:\RISING\RAV\Rav.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\HijackThis\HijackThis.exe

O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - E:\SnagIt 7\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - E:\FLASHGET\jccatch.dll
O2 - BHO: IEHlprObj Class - {EE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\INTERN~1\HMAPI.dll
O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\FLASHGET\fgiebar.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - E:\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [RfwMain] E:\rising\Rising\Rfw\rfwmain.exe
O4 - HKCU\..\Run: [IPGWAssis] C:\Documents and Settings\Administrator\桌面\ipgw.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O8 - Extra context menu item: 使用网际快车下载 - E:\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://E:\OFFICE~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 导出当前页到超星阅览器(&A) - e:\SSREADER36\ss_all.htm
O8 - Extra context menu item: 导出选中部分到超星阅览器(&S) - e:\SSREADER36\ss_select.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\qq2005珊瑚虫版\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\qq2005珊瑚虫版\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\qq2005珊瑚虫版\SendMMS.htm
O9 - Extra button: 卓越 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - e:\XDict\IEPlugin.dll
O9 - Extra button: 金山词霸 - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - e:\XDict\IEPlugin.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\FLASHGET\flashget.exe
O16 - DPF: {124C5F0D-DD02-4150-8F59-0F3E712F2BC8} (Test2 Control) - http://dlib.hpu.edu.cn/myocx.cab
O16 - DPF: {2FA64BED-F3CB-44DA-A730-9C1D8893B118} (Ahead IPVOD 视频广播控件) - http://218.196.242.125/ocx/vodOcx.CAB
O16 - DPF: {3359C0B1-2363-40B3-AFCA-1ABC799AC486} (SSReaderPlug Control) - http://reg.ssreader.com/ssreaderplug.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{C01085C5-BDFF-499B-923D-9488564CF593}: NameServer = 218.196.240.8,218.196.240.18
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: ANSYS FLEXlm license manager - Macrovision Corporation - C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINNT\System32\drivers\CDAC11BA.EXE
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - e:\MATLAB6p1\webserver\bin\win32\matlabserver.exe
O23 - Service: NILM License manager - Macrovision Corporation - E:\labview\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments - C:\WINNT\system32\niSvcLoc.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - e:\rising\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - E:\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - E:\RISING\RAV\Ravmond.exe

【回复“cacafa”的帖子】
您好,请您转入安全模式下修复以下项:

O2 - BHO: IEHlprObj Class - {EE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\INTERN~1\HMAPI.dll


O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll

O23 - Service: MATLAB Server (matlabserver) - Unknown owner - e:\MATLAB6p1\webserver\bin\win32\matlabserver.exe(此项如果楼主不明白的话请修复并在服务中禁用MATLAB Server)

删除文件:

C:\PROGRA~1\INTERN~1\HMAPI.dll

谢谢了 照楼上的方法可以祛除那可恶的网站了