这个日志是个电脑开票机，没上过网前几天刚作的98系统，因为我的贪玩下了一个游戏，结果机子速度变慢，开那一会儿就是不动，也会出现一个对话框说Internet 程序出错，请联系供应商，而且对话框关不了！！！！请电脑大师帮我看看！！！帮帮小弟！！！！！

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows 98 SE  -

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <internat.exe><internat.exe>  [Microsoft Corporation]
    <ScanRegistry><C:\WINDOWS\scanregw.exe /autorun>  [Microsoft Corporation]
    <TaskMonitor><C:\WINDOWS\taskmon.exe>  [Microsoft Corporation]
    <SystemTray><SysTray.Exe>  [Microsoft Corporation]
    <LoadPowerProfile><Rundll32.exe powrprof.dll,LoadCurrentPwrScheme>  [Microsoft Corporation]
    <C-Media Mixer><Mixer.exe /startup>  [C-Media Electronic Inc. (www.cmedia.com.tw)]
    <spoolsv><C:\WINDOWS\SYSTEM\spoolsv\spoolsv.exe -printer>  [广州傲讯信息科技有限公司]
    <Desktop><C:\WINDOWS\SYSTEM\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll>  []
    <YLive.exe><C:\PROGRA~1\YAHOO!\ASSIST~1\YLive.exe>  []
    <RavTimer><C:\Program Files\Rising\Rav\RavTimer.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
    <LoadPowerProfile><Rundll32.exe powrprof.dll,LoadCurrentPwrScheme>  [Microsoft Corporation]
    <SchedulingAgent><C:\WINDOWS\SYSTEM\mstask.exe>  [Microsoft Corporation]
    <RsCcenter><C:\Program Files\Rising\Rav\CCenter.exe>  [rising]
    <RavMond><C:\Program Files\Rising\Rav\RavMond.exe>  [rising]
    <RavMon><C:\Program Files\Rising\Rav\RavMon.exe -system>  [Rising realtime monitor Service]

==================================
启动文件夹
服务

==================================
浏览器加载项
[MonitorURL Class]
  {08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\DESKIPN.DLL, $>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[豪杰超级解霸V8]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\Herosoft\HeroV8\STHSDVD.EXE, N/A>
[豪杰超级解霸V8实时播放]
  <C:\Herosoft\HeroV8\MPURLGET.HTM, N/A>
[百度搜索]
  <res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL/BAIDUSEARCH.HTM, N/A>
[百度新闻搜索]
  <res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL/BAIDUNEWS.HTM, N/A>
[百度图片搜索]
  <res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL/BAIDUIMG.HTM, N/A>
[百度mp3搜索]
  <res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL/BAIDUMP3.HTM, N/A>
[百度Flash搜索]
  <res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL/FLASHSEARCH.HTM, N/A>
[百度信息快递搜索]
  <res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL/BAIDUIE.HTM, N/A>
[雅虎搜索]
  <res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL/246, N/A>

==================================
正在运行的进程
[PID: 4294965713][C:\WINDOWS\SYSTEM\MPREXE.EXE]  <Microsoft Corporation><4.10.1998>
[PID: 4294857533][C:\WINDOWS\SYSTEM\MSTASK.EXE]  <Microsoft Corporation><4.71.1959.1>
[PID: 4294840725][C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE]  <rising><17, 0, 0, 1>
    [C:\PROGRAM FILES\RISING\RAV\UNPACKER.DLL]  <rising><17, 0, 0, 17>
    [C:\PROGRAM FILES\RISING\RAV\SCANEXEC.DLL]  <N/A><17, 0, 0, 15>
    [C:\PROGRAM FILES\RISING\RAV\SCANSCT.DLL]  <rising><17, 0, 0, 13>
    [C:\PROGRAM FILES\RISING\RAV\SCANMAC.DLL]  <rising><17, 0, 0, 6>
    [C:\PROGRAM FILES\RISING\RAV\NVFILE.DLL]  <瑞星><17, 0, 0, 13>
    [C:\PROGRAM FILES\RISING\RAV\SCANEX.DLL]  <Rising><17, 0, 0, 17>
    [C:\PROGRAM FILES\RISING\RAV\UNEXE.DLL]  <Rising><17, 0, 0, 23>
    [C:\PROGRAM FILES\RISING\RAV\ENGINE.DLL]  <rising><17, 0, 0, 32>
    [C:\PROGRAM FILES\RISING\RAV\POSTTRT.DLL]  <Rising><17, 0, 0, 10>
    [C:\PROGRAM FILES\RISING\RAV\RSLOG.DLL]  < ><17, 0, 0, 31>
    [C:\PROGRAM FILES\RISING\RAV\RSGUILIB.DLL]  <Beijing Rising Technology Co., Ltd.><17, 0, 0, 30>
    [C:\PROGRAM FILES\RISING\RAV\MEMMON.DLL]  <北京瑞星><17, 3, 0, 8>
    [C:\PROGRAM FILES\RISING\RAV\HOOKWEB.DLL]  <rising><17, 0, 0, 3>
    [C:\PROGRAM FILES\RISING\RAV\REGMON.DLL]  < ><17, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\SPAMENG.DLL]  <N/A><17, 0, 0, 5>
    [C:\PROGRAM FILES\RISING\RAV\MAILMON.DLL]  < ><17, 0, 0, 6>
    [C:\PROGRAM FILES\RISING\RAV\VIRUSLIB.DLL]  <Rising><17, 0, 0, 25>
    [C:\PROGRAM FILES\RISING\RAV\LIBLOAD.DLL]  <Rising><17, 0, 0, 12>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><17, 0, 0, 15>
    [C:\PROGRAM FILES\RISING\RAV\SCANNER.DLL]  <Rising><17, 0, 0, 32>
    [C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL]  <rising><17, 0, 0, 24>
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL]  <Rising Corp.><17, 0, 0, 5>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL]  <rising><17, 0, 0, 3>
[PID: 4294867773][C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE]  <rising><17, 0, 0, 72>
    [C:\PROGRAM FILES\RISING\RAV\GUIDLL.DLL]  <rising><17, 0, 0, 6>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><17, 0, 0, 15>
    [C:\PROGRAM FILES\RISING\RAV\PNGDLL.DLL]  <Rising><17, 0, 0, 2>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL]  <rising><17, 0, 0, 3>
    [C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL]  <rising><17, 0, 0, 24>
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL]  <Rising Corp.><17, 0, 0, 5>
[PID: 4294880817][C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE]  <Rising realtime monitor Service><17, 0, 0, 102>
    [C:\PROGRAM FILES\RISING\RAV\RSGUILIB.DLL]  <Beijing Rising Technology Co., Ltd.><17, 0, 0, 30>
    [C:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL]  <$><17, 0, 0, 6>
    [C:\WINDOWS\SYSTEM\DHCPCSVC.DLL]  <N/A><N/A>
    [C:\WINDOWS\SYSTEM\MSICN\PLUGINS\BSE.DLL]  <广州傲讯信息科技有限公司><2, 0, 0, 1>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
    [C:\WINDOWS\SYSTEM\MSICN\MSIBM.DLL]  <广州傲讯信息科技有限公司><2, 0, 0, 1>
[PID: 4292887889][C:\WINDOWS\EXPLORER.EXE]  <Microsoft Corporation><4.72.3110.1>
    [C:\WINDOWS\SYSTEM\MSICN\MSIBM.DLL]  <广州傲讯信息科技有限公司><2, 0, 0, 1>
[PID: 4292922649][C:\WINDOWS\SYSTEM\INTERNAT.EXE]  <Microsoft Corporation><4.10.2222>
[PID: 4292931973][C:\WINDOWS\TASKMON.EXE]  <Microsoft Corporation><4.10.1998>
[PID: 4292930209][C:\WINDOWS\SYSTEM\SYSTRAY.EXE]  <Microsoft Corporation><4.10.2222>
    [C:\WINDOWS\SYSTEM32\CMNPROP.DLL]  <C-Media Corporation><5.00.2195.12>
[PID: 4293066837][C:\WINDOWS\MIXER.EXE]  <C-Media Electronic Inc. (www.cmedia.com.tw)><1.58>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL]  <rising><17, 0, 0, 3>
    [C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL]  <rising><17, 0, 0, 24>
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL]  <Rising Corp.><17, 0, 0, 5>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><17, 0, 0, 15>
[PID: 4293087789][C:\PROGRAM FILES\RISING\RAV\RAVTIMER.EXE]  <Beijing Rising Technology Co., Ltd.><17, 0, 0, 30>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
[PID: 4293039085][C:\WINDOWS\SYSTEM\WMIEXE.EXE]  <Microsoft Corporation><5.00.1755.1>
[PID: 4293023725][C:\WINDOWS\TEMP\101342.EXE]  <N/A><N/A>
[PID: 4293198873][E:\SRENG2\SRENG.EXE]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [C:\WINDOWS\winhlp32.exe %1]
.INI  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS  OK. [C:\WINDOWS\WScript.exe "%1" %*]
.JS  OK. [C:\WINDOWS\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

开票的机器好像是有一个备份呢。你利用那个备份恢复了就可以了。建议以后不要利用开票的机器来玩，一、以防数据被盗。二、以防数据被破坏。三、以防票务信息错乱，或丢失。到那时候就不是几张票的时了，税务局给你定个漏税的罪，到时就吃焖焖不香了。又是罚款又是拘留。

<C-Media Mixer><Mixer.exe /startup> [C-Media Electronic Inc. (www.cmedia.com.tw)]
<spoolsv><C:\WINDOWS\SYSTEM\spoolsv\spoolsv.exe -printer> [广州傲讯信息科技有限公司]
<Desktop><C:\WINDOWS\SYSTEM\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll> []
<YLive.exe><C:\PROGRA~1\YAHOO!\ASSIST~1\YLive.exe> []


我只认出4个。。

下载超级兔子,专业卸载。
http://www.pctutu.com/news.asp?id=92
安装好后，打开“winspeed”“专业卸载,卸载所有提示的垃圾软件，卸载是不要打开任何浏览窗口。卸载不了可以重启后再去卸载。

卸载完后，重启，再扫个日志粘上来。

98系统我不太熟悉

只是有点奇怪:怎么正在运行进程中清一色大写???你的瑞星开了为什么没有看到相关服务???

安全模式下:清理流氓软件、用下以下软件.不行再扫日志上来

ewido:http://forum.ikaka.com/topic.asp?board=67&artid=7756816

Ad-Aware SE:http://forum.ikaka.com/topic.asp?board=67&artid=7247932

进程
[PID: 4293023725][C:\WINDOWS\TEMP\101342.EXE] <N/A><N/A>（好像是灰鸽子变种或网络猪，建议杀木马）
[PID: 4293198873][E:\SRENG2\SRENG.EXE] <Smallfrogs Studio><2.0.21.505>
[PID: 4293066837][C:\WINDOWS\MIXER.EXE] <C-Media Electronic Inc. (www.cmedia.com.tw)><1.58>
[C:\WINDOWS\SYSTEM32\CMNPROP.DLL] <C-Media Corporation><5.00.2195.12>
[C:\WINDOWS\SYSTEM\MSICN\MSIBM.DLL] <广州傲讯信息科技有限公司><2, 0, 0, 1>
[C:\WINDOWS\SYSTEM\MSICN\MSIBM.DLL] <广州傲讯信息科技有限公司><2, 0, 0, 1>
[C:\WINDOWS\SYSTEM\MSICN\PLUGINS\BSE.DLL] <广州傲讯信息科技有限公司><2, 0, 0, 1>
启动
<C-Media Mixer><Mixer.exe /startup> [C-Media Electronic Inc. (www.cmedia.com.tw)]
<spoolsv><C:\WINDOWS\SYSTEM\spoolsv\spoolsv.exe -printer> [广州傲讯信息科技有限公司]
<Desktop><C:\WINDOWS\SYSTEM\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll> []
<YLive.exe><C:\PROGRA~1\YAHOO!\ASSIST~1\YLive.exe> []