Logfile of HijackThis v1.99.1
Scan saved at 10:44:16, on 2005-7-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\soundman.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\木马克星\Iparmor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\system32\wuauclt.exe
D:\TT\TTraveler.exe
d:\QQ2005\TIMPlatform.exe
D:\反浏览器劫持\HijackThis.exe
O2 - BHO: QQBrowserHelper
Object Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - d:\QQ2005\QQIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\FLASHGET\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\FLASHGET\fgiebar.dll
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [YDTMain.exe] C:\PROGRA~1\YDT\YDTMain.exe
O4 - HKLM\..\Run: [iparmor] D:\木马克星\Iparmor.exe mini
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 使用网际快车下载 - D:\FLASHGET\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\FLASHGET\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\QQ2005\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\QQ2005\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\QQ2005\SendMMS.htm
O8 - Extra context menu item: 豪杰超级解霸V8实时播放 - C:\Herosoft\HeroV8\MPURLGET.HTM
O9 - Extra button: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Herosoft\HeroV8\STHSDVD.EXE
O9 - Extra 'Tools' menuitem: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Herosoft\HeroV8\STHSDVD.EXE
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\QQ2005\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\QQ2005\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\FLASHGET\flashget.exe
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\QQ2005\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\QQ2005\QQIEHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E2CC453-2CFB-47B5-8FD9-596A6E6F60F2}: NameServer = 211.98.2.4,211.98.4.1
O20 - AppInit_DLLs: APIHookDll.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Unknown owner - C:\Program Files\rising\rav\CCenter.exe (file missing)
O23 - Service: Rising Realtime Monitor Service (RsRavMon) - Unknown owner - C:\Program Files\rising\rav\RavMonD.exe (file missing)
这是我用HijackThis修复O1 - Hosts: 202.103.64.204 auto.search.msn.com和
O2 - BHO: IEHlprObj Class - {EE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\INTERN~1\HMAPI.dll。
后第二天,重新开机,机子不能上网所扫描的。请大侠们看看。帮我分析一下。
今天还是重装XP才上的网。不知道为什么会这样,难到说这个软件还有可以在自身被删除后关闭上网的程序?
这可是大问题呀,我想谁也不想被 浏览器劫持 这个软件给缠上,但更不想删除之后就不能上网。希望大侠们能找到原因所在。谢谢!!
