症状:运行速度变慢、程序经常无响应或出错
扫描日志如下:
Logfile of HijackThis v1.99.1
Scan saved at 0:24:07, on 06-7-1
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\MSPPS.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\PROGRAM FILES\YAHOO!\ASSISTANT\YASSISTSE.EXE
C:\PROGRAM FILES\YAHOO!\ASSISTANT\YLIVE.EXE
C:\PROGRAM FILES\DUDU\DDDCLIENT\DUDUACC.EXE
C:\PROGRAM FILES\DUDU\DDDCLIENT\DUDUPROS.EXE
C:\PROGRAM FILES\DUDU\DDDCLIENT\REP.EXE
C:\PROGRAM FILES\WINRAR\WINRAR.EXE
C:\WINDOWS\TEMP\RAR$EX00.607\HIJACKTHIS.EXE
R3 - URLSearchHook: 虎翼DIY吧! - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - C:\WINDOWS\SYSTEM\DIYBAR2\DIYBAR2.DLL
O2 - BHO: DuDu.com - {6BDE1669-B490-48E3-B668-456314F2D6C3} - C:\PROGRAM FILES\DUDU\DDDCLIENT\DDDIEMON.DLL
O2 - BHO: CPub
Object - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} - C:\PROGRAM FILES\P4P\SODAIE.DLL (file missing)
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\YAHOO!\ASSIST~1\ASSIST\YDRAGS~1.DLL
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\SYSTEM\XUNLEIBHO_V13.DLL
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPHTB.DLL
O2 - BHO: Link Filter - {4022F902-ABC7-4C79-924F-BB26F1D355A2} - C:\WINDOWS\SYSTEM\DIYBAR2\DIYBAR2.DLL
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YANGLING.DLL
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL
O3 - Toolbar: 虎翼DIY吧! - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - C:\WINDOWS\SYSTEM\DIYBAR2\DIYBAR2.DLL
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [mspps.exe] C:\WINDOWS\SYSTEM\mspps.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [yassistse] "C:\PROGRAM FILES\YAHOO!\ASSISTANT\YASSISTSE.EXE"
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\YAHOO!\ASSIST~1\YLive.exe
O4 - Startup: DuDu下载加速器.lnk = C:\Program Files\DuDu\DddClient\DuDuAcc.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用迅雷下载 - E:\SOFT\NET\THUNDER\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - E:\SOFT\NET\THUNDER\getallurl.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\五笔\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\五笔\AddEmotion.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\五笔\AddToNetDisk.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\五笔\SendMMS.htm
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL/246
O8 - Extra context menu item: 添加到雅虎订阅(&Y) - res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YRSS.DLL/YRSSMENUEXT
O8 - Extra context menu item: &使用DuDu 加速器下载 - res://C:\PROGRAM FILES\DUDU\DDDCLIENT\dddmext.dll/202
O8 - Extra context menu item: &使用DuDu 加速器下载全部链接 - res://C:\Program Files\DuDu\DddClient\dddmext.dll/203
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/?source=Cns (file missing)
O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - Extra button: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm?pid=20057_1006 (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\五笔\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\五笔\QQ.EXE
O9 - Extra button: (no name) - {3F686D91-4AFA-4ed1-B43F-F1DB46ED480C} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: Link Filter - {3F686D91-4AFA-4ed1-B43F-F1DB46ED480C} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra button: 免费精彩视频超流畅在线观看 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - Extra 'Tools' menuitem: 播霸电视 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} (LiveMediaOcx Control) - http://dl_dir.qq.com/qqtv/QQLiveOcxSetup.exe
O16 - DPF: {28E0FA88-ABA8-4937-A247-3031F1A11165} (Installer Class) - http://pi.51.net/download/diybar2.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.85_20060518.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl
Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} (PowerPlayer Control) - http://download.ppstream.com/bin/powerplayer.cab
O16 - DPF: {8135EF31-FE8C-4C6E-A18A-F59944C3A488} (Spocx Class) - http://ddddl.dudu.com/ddd/update/plugin/dddspocx.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan
Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O21 - SSODL: DLMon - {590498A3-4131-4D8F-BA4B-36791A0803B1} - C:\WINDOWS\SYSTEM\DLMain.dll (file missing)
