这是我扫描到的日记：
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      16:47:02, 日期 05-8-27
操作系统：  Windows 98 SE (Win9x 4.10.2222A)
浏览器：    Internet Explorer v5.00 (5.00.2614.3500)

当前运行的进程：         
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\INTERNET EXPLORER\SVCHOST.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\WINOA386.MOD
E:\HIJACKTHIS1991ZWW.EXE

O1 - Hosts: 70.85.135.246 1106.net
O1 - Hosts: 70.85.135.246 www.1106.net
O1 - Hosts: 70.85.135.246 zs998.com
O1 - Hosts: 70.85.135.246 www.zs998.com
O1 - Hosts: 70.85.135.246 88263.com
O1 - Hosts: 70.85.135.246 www.88263.com
O1 - Hosts: 70.85.135.246 bj68.com
O1 - Hosts: 70.85.135.246 www.bj68.com
O1 - Hosts: 70.85.135.246 lhc315.com
O1 - Hosts: 70.85.135.246 www.lhc315.com
O1 - Hosts: 70.85.135.246 3626.net
O1 - Hosts: 70.85.135.246 www.3626.net
O1 - Hosts: 70.85.135.246 8678.org
O1 - Hosts: 70.85.135.246 www.8678.org70.85.135.246 yy7.net
O1 - Hosts: 70.85.135.246 www.yy7.net
O1 - Hosts: 70.85.135.246 ok555.net
O1 - Hosts: 70.85.135.246 www.ok555.net
O1 - Hosts: 70.85.135.246 55776.com
O1 - Hosts: 70.85.135.246 www.55776.com
O1 - Hosts: 70.85.135.246 hk6869.com
O1 - Hosts: 70.85.135.246 www.hk6869.com
O1 - Hosts: 70.85.135.246 xg98.net
O1 - Hosts: 70.85.135.246 www.xg98.net
O1 - Hosts: 70.85.135.246 6hw.com
O1 - Hosts: 70.85.135.246 www.6hw.com
O1 - Hosts: 70.85.135.246 kk6688.com
O1 - Hosts: 70.85.135.246 www.kk6688.com
O1 - Hosts: 70.85.135.246 3721vv.com
O1 - Hosts: 70.85.135.246 www.3721vv.com
O1 - Hosts: 70.85.135.246 kk65.com
O1 - Hosts: 70.85.135.246 www.kk65.com
O1 - Hosts: 70.85.135.246 44422.com
O1 - Hosts: 70.85.135.246 www.44422.com
O1 - Hosts: 70.85.135.246 3721aa.net
O1 - Hosts: 70.85.135.246 www.3721aa.net
O1 - Hosts: 70.85.135.246 3721aa.com
O1 - Hosts: 70.85.135.246 www.3721aa.com
O1 - Hosts: 70.85.135.246 15816.net
O1 - Hosts: 70.85.135.246 www.15816.net
O1 - Hosts: 70.85.135.246 kk79.com
O1 - Hosts: 70.85.135.246 www.kk79.com
O1 - Hosts: 70.85.135.246 226229.com
O1 - Hosts: 70.85.135.246 www.226229.com
O1 - Hosts: 70.85.135.246 33778.com
O1 - Hosts: 70.85.135.246 www.33778.com
O1 - Hosts: 70.85.135.246 776677.com
O1 - Hosts: 70.85.135.246 www.776677.com
O1 - Hosts: 70.85.135.246 k3218.com
O1 - Hosts: 70.85.135.246 www.k3218.com
O1 - Hosts: 70.85.135.246 kkkyyy.com
O1 - Hosts: 70.85.135.246 www.kkkyyy.com
O1 - Hosts: 70.85.135.246 345ok.com
O1 - Hosts: 70.85.135.246 www.345ok.com
O1 - Hosts: 70.85.135.246 vv8888.com
O1 - Hosts: 70.85.135.246 www.vv8888.com
O1 - Hosts: 70.85.135.246 my2850.com
O1 - Hosts: 70.85.135.246 www.my2850.com
O1 - Hosts: 70.85.135.246 mk2850.com
O1 - Hosts: 70.85.135.246 www.mk2850.com
O1 - Hosts: 70.85.135.246 mark01234.com
O1 - Hosts: 70.85.135.246 www.mark01234.com
O1 - Hosts: 70.85.135.246 mark01238.com
O1 - Hosts: 70.85.135.246 www.mark01238.com
O1 - Hosts: 70.85.135.246 060888.com
O1 - Hosts: 70.85.135.246 www.060888.com
O1 - Hosts: 70.85.135.246 23566.com
O1 - Hosts: 70.85.135.246 www.23566.com
O1 - Hosts: 70.85.135.246 68008.com
O1 - Hosts: 70.85.135.246 www.68008.com
O1 - Hosts: 70.85.135.246 kk88568.com
O1 - Hosts: 70.85.135.246 www.kk88568.com
O1 - Hosts: 70.85.135.246 hk90333.com
O1 - Hosts: 70.85.135.246 www.hk90333.com
O1 - Hosts: 70.85.135.246 th9999.com
O1 - Hosts: 70.85.135.246 www.th9999.com
O1 - Hosts: 70.85.135.246 kk8858.com
O1 - Hosts: 70.85.135.246 www.kk8858.com
O1 - Hosts: 70.85.135.246 hk678.com
O1 - Hosts: 70.85.135.246 www.hk678.com
O1 - Hosts: 70.85.135.246 six678.com
O1 - Hosts: 70.85.135.246 www.six678.com
O1 - Hosts: 70.85.135.246 k7777.net
O1 - Hosts: 70.85.135.246 www.k7777.net
O1 - Hosts: 70.85.135.246 k7777.com
O1 - Hosts: 70.85.135.246 www.k7777.com
O1 - Hosts: 70.85.135.246 lhc9.com
O1 - Hosts: 70.85.135.246 www.lhc9.com
O1 - Hosts: 70.85.135.246 jg94.com
O1 - Hosts: 70.85.135.246 www.jg94.com
O1 - Hosts: 70.85.135.246 zdr8.com
O1 - Hosts: 70.85.135.246 www.zdr8.com
O1 - Hosts: 70.85.135.246 my118.com
O1 - Hosts: 70.85.135.246 www.my118.com
O1 - Hosts: 70.85.135.246 6667888.com
O1 - Hosts: 70.85.135.246 www.6667888.com
O1 - Hosts: 70.85.135.246 v8899.com
O1 - Hosts: 70.85.135.246 www.v8899.com
O1 - Hosts: 70.85.135.246 1888six.com
O1 - Hosts: 70.85.135.246 www.1888six.com
O1 - Hosts: 70.85.135.246 55185.com
O1 - Hosts: 70.85.135.246 www.55185.com
O2 - BHO: apronA Class - {557B9038-FC87-453C-8B08-32D85F46EAC4} - C:\WINDOWS\REALL.DLL
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - IE工具栏增项: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\PROGRA~1\KINGSOFT\FASTAIT\IEBAND.DLL
O4 - 启动项HKLM\\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - 启动项HKLM\\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - 启动项HKLM\\Run: [internat.exe] internat.exe
O4 - 启动项HKLM\\Run: [SystemTray] SysTray.Exe
O4 - 启动项HKLM\\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [IgfxTray] C:\WINDOWS\SYSTEM\igfxtray.exe
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [helper.exe] helper.exe
O4 - 启动项HKLM\\Run: [] regedit -s C:\$NtUninstallQ5926809$\spcustom.dll
O4 - 启动项HKLM\\Run: [3721] C:\$NtUninstallQ5926809$\a3721.bat
O4 - 启动项HKLM\\Run: [cncrack] http://686858.com
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\PROGRAM FILES\TENCENT\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\PROGRAM FILES\TENCENT\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\PROGRAM FILES\TENCENT\QQ\SendMMS.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - D:\下载\THUNDER\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - D:\下载\THUNDER\getAllurl.htm
O8 - IE右键菜单中的新增项目: 用比特精灵下载(&B) - C:\PROGRAM FILES\BITSPIRIT\bsurl.htm
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: 易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.0.10,202.101.107.54

【回复“星梦小子”的帖子】
重新启动到安全模式（进入安全模式的方法:重新启动电脑, 开机自动检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式(Safe Mode)进入Windows。）

请关闭所有IE界面，重新使用HijackThis扫描一次，选中下面建议修复的项目，让HijackThis修复，修复前请允许HijackThis保留备份。（如果楼主知道是安全的可以不必勾选）
所有01项
O2 - BHO: apronA Class - {557B9038-FC87-453C-8B08-32D85F46EAC4} - C:\WINDOWS\REALL.DLL
O4 - 启动项HKLM\\Run: [] regedit -s C:\$NtUninstallQ5926809$\spcustom.dll
O4 - 启动项HKLM\\Run: [3721] C:\$NtUninstallQ5926809$\a3721.bat
O4 - 启动项HKLM\\Run: [cncrack] http://686858.com
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=

然后打开我的电脑→再点工具→打开文件夹选项→查看→把隐藏受保护的系统文件（推荐）和隐藏已知文件类型的扩展名的勾去掉→再显示所有文件→找到以下文件并删除：
C:\WINDOWS\REALL.DLL

删除文件夹C:\$NtUninstallQ5926809$

安全模式下删除
C:\WINDOWS\REALL.DLL
系统提示删除文件出错，文件正被Windows使用

【回复“星梦小子”的帖子】
请使用KillBox来删除。
KillBox 的下载地址：http://forum.ikaka.com/topic.asp?board=67&artid=5188931

详细介绍请看这一帖——原创之转帖--介绍 KillBox@Qoo 的使用
http://forum.ikaka.com/topic.asp?board=28&artid=5454397