我用hijackthis1.99.0查的结果如下,请您帮忙给分析 一下:
HijackThis_815汉化版扫描日志 V1.99.1
保存于 20:12:50, 日期 05-11-12
操作系统: Windows 98 SE (Win9x 4.10.2222A)
浏览器: Internet Explorer v6.00 SP1 (6.00.2800.1106)
当前运行的进程:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
D:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE
D:\PROGRAM FILES\RISING\RAV\RAVMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\SRVSET.EXE
D:\PROGRAM FILES\RISING\RAV\RAVTIMER.EXE
C:\WINDOWS\CWD3DSND.EXE
C:\PROGRAM FILES\UFDISK\UFDISK FORMAT TOOL\IFORMAT.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\PROGRAM FILES\SKYNET\FIREWALL\PFW.EXE
C:\PROGRAM FILES\EFFICIENT NETWORKS\ENTERNET 300\APP\ENTERNET.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\TEMP\RAR$EX00.154\HIJACKTHIS1991ZWW.EXE
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRAM FILES\FLASHGET\JCCATCH.DLL
O2 - BHO: WebMiscItem Class - {3CD4296F-6CC3-11D9-B888-000C299AA719} - C:\WINDOWS\SYSTEM\WEBMISC.DLL
O2 - BHO: (no name) - {6BDE1669-B490-48E3-B668-456314F2D6C3} - (no file)
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\YAHOO!\ASSIST~1\ASSIST\YDRAGS~1.DLL (file missing)
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPHTB.DLL (file missing)
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FGIEBAR.DLL
O3 - IE工具栏增项: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - 启动项HKLM\\Run: [internat.exe] ;internat.exe
O4 - 启动项HKLM\\Run: [ScanRegistry] ;C:\WINDOWS\scanregw.exe /autorun
O4 - 启动项HKLM\\Run: [TaskMonitor] ;C:\WINDOWS\taskmon.exe
O4 - 启动项HKLM\\Run: [SystemTray] ;SysTray.Exe
O4 - 启动项HKLM\\Run: [3DLabsHelperDemon] ;3dldemon.exe nowakeup
O4 - 启动项HKLM\\Run: [mdac_runonce] ;C:\WINDOWS\SYSTEM\runonce.exe
O4 - 启动项HKLM\\Run: [远程自动管理] ;c:\Cwysoft\exec\watchsvr.exe
O4 - 启动项HKLM\\Run: [srvset] srvset.exe
O4 - 启动项HKLM\\Run: [LoadPowerProfile] ;Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - 启动项HKLM\\Run: [IrMon] ;IrMon.exe
O4 - 启动项HKLM\\Run: [Dit] ;Dit.exe
O4 - 启动项HKLM\\Run: [RavTimer] D:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - 启动项HKLM\\Run: [RavMon] D:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - 启动项HKLM\\Run: [MoveSearch] ;C:\PROGRAM FILES\WSEARCH\SEARCH.EXE
O4 - 启动项HKLM\\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CNSMIN.DLL,Rundll32
O4 - 启动项HKLM\\Run: [OFFICE] C:\WINDOWS\SYSTEM\order.exe
O4 - 启动项HKLM\\Run: [yassistse] "C:\PROGRAM FILES\YAHOO!\ASSISTANT\YASSISTSE.EXE"
O4 - 启动项HKLM\\RunServices: [SchedulingAgent] mstask.exe
O4 - 启动项HKLM\\RunServices: [RsCcenter] D:\PROGRA~1\RISING\RAV\CCENTER.EXE
O4 - 启动项HKLM\\RunServices: [RavMond] D:\PROGRA~1\RISING\RAV\RAVMOND.EXE
O4 - 启动项HKLM\\RunServices: [RavMon] D:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Crystal 3D Audio Control.lnk = C:\WINDOWS\CWD3DSND.EXE
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: iFormat.lnk = C:\Program Files\UFDisk\UFDisk Format Tool\iFormat.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\PROGRAM FILES\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\PROGRAM FILES\FLASHGET\jc_all.htm
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O11 - Options group: [!CNS] 网络实名
O16 - DPF: Win32 Classes -
file://C:\WINDOWS\Java\classes\win32ie4.cab
O16 - DPF: {EF9F1C48-1A63-495A-9317-B7B71B34A9CF} (Msp Class) - http://ddddl.dudu.com/ddd/update/plugin/dudumsp.cab
O18 - 列举现有的协议: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINDOWS\SYSTEM\MBPROT.DLL