[b]1.建议使用XDelBox删除以下文件[/b]：([url=http://www.dodudou.com/down/index.php]XDelBox1.7下载[/url]) 使用说明：删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择从剪贴板导入，导入后在要删除文件上点击右键，选择立刻重启删除，电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质（包括U盘，MP3，手机存储卡等）。 c:\windows\system32\sw64o.dll c:\windows\system32\hbmhly.exe c:\windows\system32\cscript.dll c:\windows\system32\drivers\5wmmf.sys c:\docume~1\ycb\locals~1\temp\_tmp.bat c:\docume~1\ycb\locals~1\temp\_tmp.bat c:\windows\system32\drivers\s9cmf3fzq.sys c:\windows\system32\procobsrv.sys c:\windows\system32\drivers\pipjsa64.sys c:\windows\system32\drivers\hbkernel.sys c:\windows\system32\drvfltip.sys c:\windows\system32\drivers\d346prt.sys c:\windows\system32\drivers\d346bus.sys c:\windows\system32\drivers\cegcez59.sys [b]2.删除重启后使用SREng修复下面各项：[/b] 启动项目－－注册表之如下项删除： [HBmhly] <"C:\WINDOWS\system32\HBmhly.exe" -r> [color=red]注意该项[AppInit_DLLs]修改：[/color]把修改为<>即清空 [IFEO[KPFW32X.exe]] [IFEO[KPfwSvc.exe]] [IFEO[KRegEx.exe]] [IFEO[KRepair.com]] [IFEO[KsLoader.exe]] [IFEO[KVCenter.kxp]] [IFEO[KvDetect.exe]] [IFEO[KvfwMcl.exe]] [IFEO[KVMonXP.exe]] [IFEO[KVMonXP.kxp]] [IFEO[KVMonXP_1.kxp]] [IFEO[kvol.exe]] [IFEO[kvolself.exe]] [IFEO[KvReport.kxp]] [IFEO[KVScan.kxp]] [IFEO[kvsrvxp.exe]] [IFEO[KVStub.kxp]] [IFEO[kvupload.exe]] [IFEO[KVWSC.exe]] [IFEO[KvXP.kxp]] [IFEO[KvXP_1.kxp]] [IFEO[KWatch.exe]] [IFEO[KWatch9x.exe]] [IFEO[KWatchX.exe]] [IFEO[loaddll.exe]] [IFEO[MagicSet.exe]] [IFEO[McAgent.exe]] [IFEO[mcconsol.exe]] [IFEO[mctskshd.exe]] [IFEO[mcupdmgr.exe]] [IFEO[mmc.exe]] [IFEO[mmqczj.exe]] [IFEO[mmsk.exe]] [IFEO[msconfig.exe]] [IFEO[Navapsvc.exe]] [IFEO[Navapw32.exe]] [IFEO[NAVSetup.exe]] [IFEO[nod32.exe]] [IFEO[nod32krn.exe]] [IFEO[nod32kui.exe]] [IFEO[NPFMntor.exe]] [IFEO[OllyDBG.EXE]] [IFEO[OllyICE.EXE]] [IFEO[PFW.exe]] [IFEO[PFWLiveUpdate.exe]] [IFEO[PFWLveUpdate.exe]] [IFEO[procexp.exe]] [IFEO[QHSET.exe]] [IFEO[QQKav.exe]] [IFEO[QQSC.exe]] [IFEO[RavXP.exe]] [IFEO[RawCopy.exe]] [IFEO[regmon.exe]] [IFEO[RegTool.exe]] [IFEO[rfwProxy.exe]] [IFEO[rfwstub.exe]] [IFEO[RsAqent.exe]] [IFEO[rtvscan.exe]] [IFEO[safelive.exe]] [IFEO[scan32.exe]] [IFEO[shcfg32.exe]] [IFEO[spiderml.exe]] [IFEO[spidernt.exe]] [IFEO[spiderui.exe]] [IFEO[spml_set.exe]] [IFEO[SREng.exe]] [IFEO[symlcsvc.exe]] [IFEO[SysSafe.exe]] [IFEO[taskmgr.exe]] [IFEO[TrojanDetector.exe]] [IFEO[Trojanwall.exe]] [IFEO[TrojDie.kxp]] [IFEO[UIHost.exe]] [IFEO[UmxAgent.exe]] [IFEO[UmxAttachment.exe]] [IFEO[UmxCfg.exe]] [IFEO[UmxFwHlp.exe]] [IFEO[UmxPol.exe]] [IFEO[UpLive.exe]] [IFEO[UpLive.EXE.exe]] [IFEO[vsstat.exe]] [IFEO[webscanx.exe]] [IFEO[WoptiClean.exe]] [IFEO[zxsweep.exe]] [IFEO[GuardField.exe]] [IFEO[HijackThis.exe]] [IFEO[IceSword.exe]] [IFEO[iparmo.exe]] [IFEO[Iparmor.exe]] [IFEO[isPwdSvc.exe]] [IFEO[kabaload.exe]] [IFEO[KaScrScn.SCR]] [IFEO[KASMain.exe]] [IFEO[KASTask.exe]] [IFEO[KAV32.exe]] [IFEO[KAVDX.exe]] [IFEO[KAVPF.exe]] [IFEO[KAVPFW.exe]] [IFEO[KAVSetup.exe]] [IFEO[KAVStart.exe]] [IFEO[kavsvc.exe]] [IFEO[KISLnchr.exe]] [IFEO[KMailMon.exe]] [IFEO[KMFilter.exe]] [IFEO[KPFW32.exe]] [IFEO[AppSvc32.exe]] [IFEO[autoruns.exe]] [IFEO[avconsol.exe]] [IFEO[avgrssvc.exe]] [IFEO[AvMonitor.exe]] [IFEO[avp.com]] [IFEO[avp.exe]] [IFEO[ccEvtMgr.exe]] [IFEO[ccSetApp.exe]] [IFEO[ccSetMgr.exe]] [IFEO[ccSvcHst.exe]] [IFEO[DefWatch.exe]] [IFEO[DrvAnti.exe]] [IFEO[drwadins.exe]] [IFEO[drwebscd.exe]] [IFEO[drwebupw.exe]] [IFEO[EGHOST.exe]] [IFEO[filemon.exe]] [IFEO[FTCleanerShell.exe]] [IFEO[FWMon.exe]] [IFEO[FYFireWall.exe]] [IFEO[GFRing3.exe]] [IFEO[GFUpd.exe]] [IFEO[360rpt.exe]] [IFEO[360Safe.exe]] [IFEO[360tray.exe]] [IFEO[adam.exe]] [IFEO[AgentSvr.exe]] [IFEO[AntiArp.exe]] 启动项目－－服务－－驱动程序之如下项禁用： [5wmmf / 5wmmf] [aazwt / aazwt] [yvwtq / yvwtq] [s9cmf3fz / s9cmf3fzq] [Process creation detector. / ProcObsrv] [pipjsa6 / pipjsa64] [HBKernel Driver / HBKernel] [DrvFltIp / DrvFltIp] <\??\C:\WINDOWS\system32\DrvFltIp.sys> [d346prt / d346prt] [d346bus / d346bus] [cegcez5 / cegcez59] ---- Original Message ---- From: i2187@sina.com To: bdsb_bdsb@sina.com Subject: 瑞星提问 Date: 2008-8-5 11:45:04 http://zhidao.ikaka.com/Aspx/submissions/sub_bcwt.aspx?questionId=16555