请高手看我的HijackThis_zww汉化版扫描日志 V1.99.1
保存于      15:14:45, 日期 05-8-24
操作系统：  Windows 98 SE (Win9x 4.10.2222A)
浏览器：    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：         
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE
C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\RISING\RAV\RAVTIMER.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\HIJACKTHIS1991汉化版\HIJACKTHIS1991ZWW.EXE

O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - IE工具栏增项: MSN 工具栏 - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN TOOLBAR\01.01.2607.0\ZH-CN\MSNTB.DLL
O4 - 启动项HKLM\\Run: [internat.exe] internat.exe
O4 - 启动项HKLM\\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - 启动项HKLM\\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - 启动项HKLM\\Run: [SystemTray] SysTray.Exe
O4 - 启动项HKLM\\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - 启动项HKLM\\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - 启动项HKLM\\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - 启动项HKLM\\Run: [Alitalk] C:\PROGRA~1\阿里巴巴\贸易通\AliTalk.EXE -hideframe
O4 - 启动项HKLM\\Run: [Install Alitalk] C:\WINDOWS\temp\alitalk\alitalk.exe -hideframe
O4 - 启动项HKLM\\Run: [LoadQM] loadqm.exe
O4 - 启动项HKLM\\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.02.3000.1001\zh-cn\msnappau.exe"
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - 启动项HKLM\\RunServices: [SchedulingAgent] mstask.exe
O4 - 启动项HKLM\\RunServices: [RsCcenter] C:\PROGRA~1\RISING\RAV\CCENTER.EXE
O4 - 启动项HKLM\\RunServices: [RavMond] C:\PROGRA~1\RISING\RAV\RAVMOND.EXE
O4 - 启动项HKLM\\RunServices: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - IE右键菜单中的新增项目: 使用Kugoo下载 - C:\PROGRAM FILES\KUGOO2\KugooDownX.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\PROGRAM FILES\TENCENT\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\PROGRAM FILES\TENCENT\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\PROGRAM FILES\TENCENT\QQ\SendMMS.htm
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab

日志有问提吗？

没人帮我吗？555，跪求你们个位GG，JJ，MM，XD了。

HijackThis_zww汉化版扫描日志 V1.99.1
保存于      15:37:57, 日期 05-8-24
操作系统：  Windows 98 SE (Win9x 4.10.2222A)
浏览器：    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：         
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE
C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\RISING\RAV\RAVTIMER.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\HIJACKTHIS1991汉化版\HIJACKTHIS1991ZWW.EXE

O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - IE工具栏增项: MSN 工具栏 - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN TOOLBAR\01.01.2607.0\ZH-CN\MSNTB.DLL
O4 - 启动项HKLM\\Run: [internat.exe] internat.exe
O4 - 启动项HKLM\\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - 启动项HKLM\\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - 启动项HKLM\\Run: [SystemTray] SysTray.Exe
O4 - 启动项HKLM\\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - 启动项HKLM\\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - 启动项HKLM\\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - 启动项HKLM\\Run: [Alitalk] C:\PROGRA~1\阿里巴巴\贸易通\AliTalk.EXE -hideframe
O4 - 启动项HKLM\\Run: [Install Alitalk] C:\WINDOWS\temp\alitalk\alitalk.exe -hideframe
O4 - 启动项HKLM\\Run: [LoadQM] loadqm.exe
O4 - 启动项HKLM\\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.02.3000.1001\zh-cn\msnappau.exe"
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - 启动项HKLM\\RunServices: [SchedulingAgent] mstask.exe
O4 - 启动项HKLM\\RunServices: [RsCcenter] C:\PROGRA~1\RISING\RAV\CCENTER.EXE
O4 - 启动项HKLM\\RunServices: [RavMond] C:\PROGRA~1\RISING\RAV\RAVMOND.EXE
O4 - 启动项HKLM\\RunServices: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - IE右键菜单中的新增项目: 使用Kugoo下载 - C:\PROGRAM FILES\KUGOO2\KugooDownX.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\PROGRAM FILES\TENCENT\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\PROGRAM FILES\TENCENT\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\PROGRAM FILES\TENCENT\QQ\SendMMS.htm
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab

启动项报告：      05-8-24, 15:40:13
启动项扫描器版本： 1.52.2
开始于：      C:\PROGRAM FILES\HIJACKTHIS1991汉化版\HIJACKTHIS1991ZWW.EXE
系统检测：    Windows 98 SE (Win9x 4.10.2222A)
系统检测：    Internet Explorer v6.00 SP1 (6.00.2800.1106)
* 使用默认选项             
==================================================

当前运行的进程：         

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE
C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\RISING\RAV\RAVTIMER.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\HIJACKTHIS1991汉化版\HIJACKTHIS1991ZWW.EXE

--------------------------------------------------

文件夹中的启动项                 

Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\启动]
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

--------------------------------------------------

注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

internat.exe = internat.exe
ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
TaskMonitor = C:\WINDOWS\taskmon.exe
SystemTray = SysTray.Exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
RavTimer = C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
RavMon = C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
Alitalk = C:\PROGRA~1\阿里巴巴\贸易通\AliTalk.EXE -hideframe
Install Alitalk = C:\WINDOWS\temp\alitalk\alitalk.exe -hideframe
LoadQM = loadqm.exe
msnappau = "c:\program files\MSN Apps\Updater\01.02.3000.1001\zh-cn\msnappau.exe"
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot

--------------------------------------------------

注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
RsCcenter = C:\PROGRA~1\RISING\RAV\CCENTER.EXE
RavMond = C:\PROGRA~1\RISING\RAV\RAVMOND.EXE
RavMon = C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM

--------------------------------------------------

注册表中的启动项:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

--------------------------------------------------

文件打开方式关联 for    .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(黙认) =  C:\WINDOWS\NOTEPAD.EXE %1

--------------------------------------------------

外壳扩展和屏幕保护程序的键值  从            C:\WINDOWS\SYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE=
drivers=mmsystem.dll power.drv

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 22/8/2005, 9:46:42)

[Rename]

--------------------------------------------------

C:\AUTOEXEC.BAT listing:

PATH="%PATH%";"C:\Program Files\Microsoft SQL Server\80\Tools\BINN"

--------------------------------------------------


列举“计划任务”服务:                   

启用 Application Start.job

--------------------------------------------------

列举下载的程序文件：                       

[Update Class]
InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38501.9281481481

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[MsnMessengerSetupDownloadControl Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNMESSENGERSETUPDOWNLOADER.OCX
CODEBASE = http://messenger.msn.com/download/msnmessengersetupdownloader.cab

--------------------------------------------------

列举 ShellServiceObjectDelayLoad 项目：           

WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL

--------------------------------------------------
报告完毕，共 4,846 字节         
报告生成用时：0.089秒     

Command line options:
  /verbose  - to add additional info on each section
  /complete - to include empty sections and unsuspicious data
  /full    - to include several rarely-important sections
  /force9x  - to include Win9x-only startups even if running on WinNT
  /forcent  - to include WinNT-only startups even if running on Win9x
  /forceall - to include all Win9x and WinNT startups, regardless of platform
  /history  - to list version history only

98好啊，98天就能再连习一下装系统，而每次都会有不同的感受和启发！！

看来你就是偶找的强人啊！