9,506
社区成员
发帖
与我相关
我的任务
分享O10 - Broken Internet access because of LSP provider 'c:\windows\system32\gdiplus32.dll' missing不能访问网页
我的机子最近不能上网,但是网络是通的,用hijackthis扫描后发现O10 - Broken Internet access because of LSP provider 'c:\windows\system32\gdiplus32.dll' missing比较可疑。后用winsockfix修复可以正常访问网页。但随后重启系统又出现不能上网的情况。还有就是用ping命令时显示的是pinging ? with 32 bytes of data: 。用winsockfix可以暂时解决这个问题,但不是长久之计。千万别告诉我重装系统。
Logfile of HijackThis v1.99.0
Scan saved at 9:30:50, on 2006-10-11
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\HEROSOFT\HERO2001\SYSEXPLR.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\liuhui.CNOOC\桌面\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: (no name) - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - (no file)
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SysExplr] C:\HEROSOFT\HERO2001\SYSEXPLR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: 卓越 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - C:\WINDOWS\system32\IEPlugin.dll
O9 - Extra button: ZDNet - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - C:\WINDOWS\system32\IEPlugin.dll
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\gdiplus32.dll' missing
O16 - DPF: {2C724BE3-A87B-11D1-8027-00A0C903B2B1} (Tidestone First Impression 6.0 Chart) - http://10.68.42.205/opdc/TTFI6.OCX
O16 - DPF: {4927B5F1-CC4E-48DF-8167-C25634469E03} (WebViewer.jrscMapViewer) - http://cnoocdpweb/zhgl/DocLib12/深圳分公司/番禺30-1气田/gmViewerOcx.CAB
O16 - DPF: {615A6BA5-724A-4461-936E-57736C52795F} (joPjProject Class) - http://10.68.42.202:88/gis/web/ActiveX/JRSCGIS.CAB
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy Class) - http://218.85.138.27/vqqsdl1009.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = beijing.cnooc.corp
O17 - HKLM\Software\..\Telephony: DomainName = beijing.cnooc.corp
O17 - HKLM\System\CCS\Services\Tcpip\..\{E321FE44-D6E4-437D-B854-60EA9BA5D2EB}: Domain = cnooc
O17 - HKLM\System\CCS\Services\Tcpip\..\{E321FE44-D6E4-437D-B854-60EA9BA5D2EB}: NameServer = 10.68.100.211,10.68.100.212
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = beijing.cnooc.corp
O20 - AppInit_DLLs: APIHookDll.dll
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: SAVRoam - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
Logfile of HijackThis v1.99.0
Scan saved at 9:30:50, on 2006-10-11
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\HEROSOFT\HERO2001\SYSEXPLR.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\liuhui.CNOOC\桌面\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: (no name) - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - (no file)
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SysExplr] C:\HEROSOFT\HERO2001\SYSEXPLR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: 卓越 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - C:\WINDOWS\system32\IEPlugin.dll
O9 - Extra button: ZDNet - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - C:\WINDOWS\system32\IEPlugin.dll
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\gdiplus32.dll' missing
O16 - DPF: {2C724BE3-A87B-11D1-8027-00A0C903B2B1} (Tidestone First Impression 6.0 Chart) - http://10.68.42.205/opdc/TTFI6.OCX
O16 - DPF: {4927B5F1-CC4E-48DF-8167-C25634469E03} (WebViewer.jrscMapViewer) - http://cnoocdpweb/zhgl/DocLib12/深圳分公司/番禺30-1气田/gmViewerOcx.CAB
O16 - DPF: {615A6BA5-724A-4461-936E-57736C52795F} (joPjProject Class) - http://10.68.42.202:88/gis/web/ActiveX/JRSCGIS.CAB
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy Class) - http://218.85.138.27/vqqsdl1009.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = beijing.cnooc.corp
O17 - HKLM\Software\..\Telephony: DomainName = beijing.cnooc.corp
O17 - HKLM\System\CCS\Services\Tcpip\..\{E321FE44-D6E4-437D-B854-60EA9BA5D2EB}: Domain = cnooc
O17 - HKLM\System\CCS\Services\Tcpip\..\{E321FE44-D6E4-437D-B854-60EA9BA5D2EB}: NameServer = 10.68.100.211,10.68.100.212
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = beijing.cnooc.corp
O20 - AppInit_DLLs: APIHookDll.dll
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: SAVRoam - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
...全文
请发表友善的回复…
发表回复
ccw1979 2006-10-16
- 打赏
- 举报
谢谢大家。
空心兜兜 2006-10-13
- 打赏
- 举报
汗!
这个…………
这个…………
紫郢剑侠 2006-10-13
- 打赏
- 举报
O9 - Extra button: ZDNet - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - C:\WINDOWS\system32\IEPlugin.dll
这一项楼主认识吗?
O10项用LSPFix修复比较好
这一项楼主认识吗?
O10项用LSPFix修复比较好
ccw1979 2006-10-12
- 打赏
- 举报
APIHookDll.dll是装了木马克星后产生的,删除木马克星后就没有了。basfipm.exe的服务已经关闭。winsockfix修复也用过,还有重新添加internet协议(tcp/ip)都只能暂时解决问题,过段时间又不行了。希望大家能提供更多方法。
ccw1979 2006-10-12
- 打赏
- 举报
谢谢回复,我试试看。
scz123 2006-10-12
- 打赏
- 举报
如果是XP SP2,运行netsh winsock reset winsock.log来修复WINSOCK,去掉非法LSP
其它系统,可以下载一个WINSOCKFIX来修复
其它系统,可以下载一个WINSOCKFIX来修复
蒋晟 2006-10-12
- 打赏
- 举报
c:\windows\system32\gdiplus32.dll: Trojan /QQPassword stealer
BASFIPM.EXE - Broadcom ASF IP monitoring service
BASFIPM.EXE - Broadcom ASF IP monitoring service
icuc88 2006-10-11
- 打赏
- 举报
O20 - AppInit_DLLs: APIHookDll.dll
C:\WINDOWS\system32\basfipm.exe
C:\WINDOWS\system32\basfipm.exe
