我中了广外幽灵的新变种,中了搞的机子好慢啊,非常不方便,我已经杀了被感染的病毒好久了,但重启之后又有了,我进过了安全模式杀了,也一样,我慢慢发现有一个不是病毒的后缀名叫LOG的文件,叫做CHANGE,我看了一下,里面都是创建某些文件的路径,就是它了,但我想删除它又有某个程序在控制它,就算用KILLBOX删除,重启之后又有,我不知道那个生产这病毒的程序是什么,所以解决不了,那个CHANGE的LOG文件的路径都是:1.C:\System Volume Information\_restore{EB64E17A-F156-4AA0-8E97-B0E43410E362}\RPXX(XX是数字,我删除之后这数字就变)2.C:\!Submit3.C:\Documents and Settings里面的各个文件,不一定!
唉,我也知道够复杂的了,所以请各位高手帮帮忙,
CHANGE文件的内容(用记事本打开)
锿?  \ D e v i c e \ H a r d d i s k V o l u m e 1 \ S y s t e m V o l u m e I n f o r m a t i o n \ _ r e s t o r e { E B 6 4 E 1 7 A - F 1 5 6 - 4 A A 0 - 8 E 9 7 - B 0 E 4 3 4 1 0 E 3 6 2 } \ R P 6 6 \ c h a n g e . l o g D

锿?  >  \ D o c u m e n t s a n d S e t t i n g s \ A l l U s e r s \ A p p l i c a t i o n D a t a \ D e s k t o p M e d i a \ C a s t \ d m c l i e n t \ s e t u p s d . i n f "  A 0 0 4 6 3 0 2 . i n f S E T U P S D . I N F D
J

锿?  ?  \ D o c u m e n t s a n d S e t t i n g s \ A l l U s e r s \ A p p l i c a t i o n D a t a \ D e s k t o p M e d i a \ C a s t \ d m c l i e n t \ s e t u p p l _ 5 . i n f "  A 0 0 4 6 3 0 3 . i n f " S E T U P P ~ 1 . I N F J
J

锿?  @  \ D o c u m e n t s a n d S e t t i n g s \ A l l U s e r s \ A p p l i c a t i o n D a t a \ D e s k t o p M e d i a \ C a s t \ d m c l i e n t \ s e t u p d i _ 5 . i n f "  A 0 0 4 6 3 0 4 . i n f " S E T U P D ~ 2 . I N F J


锿? A  \ D o c u m e n t s a n d S e t t i n g s \ A l l U s e r s \ A p p l i c a t i o n D a t a \ D e s k t o p M e d i a \ C a s t \ d m c l i e n t \ _ s e t u p r t _ 5 . i n f 
J

锿?  B  \ D o c u m e n t s a n d S e t t i n g s \ A l l U s e r s \ A p p l i c a t i o n D a t a \ D e s k t o p M e d i a \ C a s t \ d m c l i e n t \ s e t u p r t _ 5 . i n f "  A 0 0 4 6 3 0 5 . i n f " S E T U P R ~ 1 . I N F J
?
锿獲  C  \ D o c u m e n t s a n d S e t t i n g s \ A l l U s e r s \ A p p l i c a t i o n D a t a \ D e s k t o p M e d i a \ C a s t \ d m c l i e n t \ _ s e t u p r t _ 5 . i n f  \ D o c u m e n t s a n d S e t t i n g s \ A l l U s e r s \ A p p l i c a t i o n D a t a \ D e s k t o p M e d i a \ C a s t \ d m c l i e n t \ s e t u p r t _ 5 . i n f " _ S E T U P ~ 1 . I N F ?
锿?  D *  \ W I N D O W S \ R a v . i n i "  A 0 0 4 6 3 0 6 . i n i  R A V . I N I
锿?  E 2  \ ! S u b m i t \ d e s k t o p . i n i "  A 0 0 4 6 3 0 7 . i n i D E S K T O P . I N I
锿?  F 0  \ ! S u b m i t \ n t u s e r . i n i "  A 0 0 4 6 3 0 8 . i n i  N T U S E R . I N I
锿? G f  \ D o c u m e n t s a n d S e t t i n g s \ u s e r \ R e c e n t \ c h a n g e . l n k
锿? H b  \ D o c u m e n t s a n d S e t t i n g s \ u s e r \ R e c e n t \ R P 6 6 . l n k
锿?  I 0  \ W I N D O W S \ R a v E x t . i n i "  A 0 0 4 6 3 0 9 . i n i  R A V E X T . I N I
锿?  J R  \ P r o g r a m F i l e s \ r i s i n g \ R a v \ R a v E x t . i n i "  A 0 0 4 6 3 1 0 . i n i  R A V E X T . I N I
锿?  K 4  \ W I N D O W S \ R s C o n f i g . i n i "  A 0 0 4 6 3 1 1 . i n i " R S C O N F I G . I N I
锿? L f  \ D o c u m e n t s a n d S e t t i n g s \ u s e r \ R e c e n t \ c h a n g e . l n k
锿? M f  \ D o c u m e n t s a n d S e t t i n g s \ u s e r \ R e c e n t \ c h a n g e . l n k
锿? N b  \ D o c u m e n t s a n d S e t t i n g s \ u s e r \ R e c e n t \ R P 6 6 . l n k
锿? O b  \ D o c u m e n t s a n d S e t t i n g s \ u s e r \ R e c e n t \ R P 6 6 . l n k
锿? P f  \ D o c u m e n t s a n d S e t t i n g s \ u s e r \ R e c e n t \ c h a n g e . l n k
锿? Q f  \ D o c u m e n t s a n d S e t t i n g s \ u s e r \ R e c e n t \ c h a n g e . l n k
锿? R b  \ D o c u m e n t s a n d S e t t i n g s \ u s e r \ R e c e n t \ R P 6 6 . l n k
锿? S b  \ D o c u m e n t s a n d S e t t i n g s \ u s e r \ R e c e n t \ R P 6 6 . l n k
CHANGE的内容会变的
而且想这样的CHANGE电脑里有2~3个,其中一个不能删除掉,在不能删除掉的那个CHANGE的文件夹里面还有几个A004XXXX(X为数字)的配置文本文件(就是很有个齿轮的那个)

看一看：
http://forum.ikaka.com/topic.asp?board=28&artid=6818050