【回复“鸟儿天上飞”的帖子】好的

【回复“sailordf”的帖子】C盘没发现病毒，其他盘有必要再杀吗，

那用这个试一下http://forum.ikaka.com/topic.asp?board=28&artid=8235241

怎么没人理我啊，电脑的进程快到60个了

双击sreng，删除启动项目
<myMh2><C:\DOCUME~1\sailor\LOCALS~1\Temp\mh2\iexpl0re.EXE> [N/A]
<myZt2><C:\DOCUME~1\sailor\LOCALS~1\Temp\Zt2\SVCH0ST.EXE> [N/A]
<load><C:\PROGRA~1\svhost32.exe> [N/A]
mhs2><C:\DOCUME~1\sailor\LOCALS~1\Temp\nwHfDA.exe> [N/A]
<rxzs><C:\DOCUME~1\sailor\LOCALS~1\Temp\uZcNbz.exe> [N/A]
<wlzs><C:\DOCUME~1\sailor\LOCALS~1\Temp\dpqIyl.exe> [N/A]
<CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe> [CNNIC]
<zts2><C:\DOCUME~1\sailor\LOCALS~1\Temp\KlPLSq.exe> [N/A]
<{729B6C61-BDC5-4C09-A1DE-A296BA0B89EC}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp> [N/A]


重启后删除  使用KILLBOX删除以下文件：
C:\DOCUME~1\sailor\LOCALS~1\Temp\Mhgx.dll
C:\DOCUME~1\sailor\LOCALS~1\Temp\Ztgx.dll
C:\WINDOWS\system32\windhcp.ocx
C:\WINDOWS\system32\dllwm.dll
C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp
C:\DOCUME~1\sailor\LOCALS~1\Temp\MjjiIs.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\xnhuQD.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\esMOrT.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\wlzs.dll
C:\DOCUME~1\sailor\LOCALS~1\Temp\KatWIR.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\xvYMql.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\XtKJLD.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\mh2\iexpl0re.EXE
C:\DOCUME~1\sailor\LOCALS~1\Temp\Zt2\SVCH0ST.EXE
C:\DOCUME~1\sailor\LOCALS~1\Temp\Ztgx.dll
C:\DOCUME~1\sailor\LOCALS~1\Temp\vJXWOj.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\nfrBxX.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\UVlppo.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\EhgfUx.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\ApUHYG.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\xoZnxx.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\mhs2.dll
C:\DOCUME~1\sailor\LOCALS~1\Temp\zts2.dll
C:\DOCUME~1\sailor\LOCALS~1\Temp\xoZnxx.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\rxzs.dll
[C:\DOCUME~1\sailor\LOCALS~1\Temp\PYRYAD.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\HNmDWh.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\CMxPUP.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\XUnHLt.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\shWZct.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\KlPLSq.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\nwHfDA.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\uZcNbz.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\dpqIyl.exe
C:\Program Files\svhost32.exe
C:\DOCUME~1\sailor\LOCALS~1\Temp\g.dll


删除完毕之后，清理系统临时文件。

不仅如此，个人感觉你的服务项和驱动项有一些没有能扫描到的。
你按照上面的方法，清理之后，重新扫描日志发上来。

好的，我试一试

引用:

【skyshine的贴子】双击sreng，删除启动项目 <myMh2><C:\DOCUME~1\sailor\LOCALS~1\Temp\mh2\iexpl0re.EXE> [N/A] <myZt2><C:\DOCUME~1\sailor\LOCALS~1\Temp\Zt2\SVCH0ST.EXE> [N/A] <load><C:\PROGRA~1\svhost32.exe> [N/A] mhs2><C:\DOCUME~1\sailor\LOCALS~1\Temp\nwHfDA.exe> [N/A] <rxzs><C:\DOCUME~1\sailor\LOCALS~1\Temp\uZcNbz.exe> [N/A] <wlzs><C:\DOCUME~1\sailor\LOCALS~1\Temp\dpqIyl.exe> [N/A] <CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe> [CNNIC] <zts2><C:\DOCUME~1\sailor\LOCALS~1\Temp\KlPLSq.exe> [N/A] <{729B6C61-BDC5-4C09-A1DE-A296BA0B89EC}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp> [N/A] 重启后删除  使用KILLBOX删除以下文件： C:\DOCUME~1\sailor\LOCALS~1\Temp\Mhgx.dll C:\DOCUME~1\sailor\LOCALS~1\Temp\Ztgx.dll C:\WINDOWS\system32\windhcp.ocx C:\WINDOWS\system32\dllwm.dll C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp C:\DOCUME~1\sailor\LOCALS~1\Temp\MjjiIs.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\xnhuQD.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\esMOrT.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\wlzs.dll C:\DOCUME~1\sailor\LOCALS~1\Temp\KatWIR.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\xvYMql.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\XtKJLD.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\mh2\iexpl0re.EXE C:\DOCUME~1\sailor\LOCALS~1\Temp\Zt2\SVCH0ST.EXE C:\DOCUME~1\sailor\LOCALS~1\Temp\Ztgx.dll C:\DOCUME~1\sailor\LOCALS~1\Temp\vJXWOj.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\nfrBxX.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\UVlppo.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\EhgfUx.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\ApUHYG.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\xoZnxx.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\mhs2.dll C:\DOCUME~1\sailor\LOCALS~1\Temp\zts2.dll C:\DOCUME~1\sailor\LOCALS~1\Temp\xoZnxx.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\rxzs.dll [C:\DOCUME~1\sailor\LOCALS~1\Temp\PYRYAD.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\HNmDWh.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\CMxPUP.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\XUnHLt.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\shWZct.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\KlPLSq.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\nwHfDA.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\uZcNbz.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\dpqIyl.exe C:\Program Files\svhost32.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\g.dll 删除完毕之后，清理系统临时文件。 不仅如此，个人感觉你的服务项和驱动项有一些没有能扫描到的。 你按照上面的方法，清理之后，重新扫描日志发上来。 ………………

呵呵 没用的 他都说了 他重新做过系统 这是后感染的说明他别的盘有被感染的文件
看他的情况应该 微金 和熊猫的门大 删了C 没用

引用:

【鸟儿天上飞的贴子】 引用: 【skyshine的贴子】双击sreng，删除启动项目 <myMh2><C:\DOCUME~1\sailor\LOCALS~1\Temp\mh2\iexpl0re.EXE> [N/A] <myZt2><C:\DOCUME~1\sailor\LOCALS~1\Temp\Zt2\SVCH0ST.EXE> [N/A] <load><C:\PROGRA~1\svhost32.exe> [N/A] mhs2><C:\DOCUME~1\sailor\LOCALS~1\Temp\nwHfDA.exe> [N/A] <rxzs><C:\DOCUME~1\sailor\LOCALS~1\Temp\uZcNbz.exe> [N/A] <wlzs><C:\DOCUME~1\sailor\LOCALS~1\Temp\dpqIyl.exe> [N/A] <CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe> [CNNIC] <zts2><C:\DOCUME~1\sailor\LOCALS~1\Temp\KlPLSq.exe> [N/A] <{729B6C61-BDC5-4C09-A1DE-A296BA0B89EC}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp> [N/A] 重启后删除  使用KILLBOX删除以下文件： C:\DOCUME~1\sailor\LOCALS~1\Temp\Mhgx.dll C:\DOCUME~1\sailor\LOCALS~1\Temp\Ztgx.dll C:\WINDOWS\system32\windhcp.ocx C:\WINDOWS\system32\dllwm.dll C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp C:\DOCUME~1\sailor\LOCALS~1\Temp\MjjiIs.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\xnhuQD.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\esMOrT.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\wlzs.dll C:\DOCUME~1\sailor\LOCALS~1\Temp\KatWIR.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\xvYMql.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\XtKJLD.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\mh2\iexpl0re.EXE C:\DOCUME~1\sailor\LOCALS~1\Temp\Zt2\SVCH0ST.EXE C:\DOCUME~1\sailor\LOCALS~1\Temp\Ztgx.dll C:\DOCUME~1\sailor\LOCALS~1\Temp\vJXWOj.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\nfrBxX.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\UVlppo.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\EhgfUx.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\ApUHYG.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\xoZnxx.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\mhs2.dll C:\DOCUME~1\sailor\LOCALS~1\Temp\zts2.dll C:\DOCUME~1\sailor\LOCALS~1\Temp\xoZnxx.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\rxzs.dll [C:\DOCUME~1\sailor\LOCALS~1\Temp\PYRYAD.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\HNmDWh.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\CMxPUP.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\XUnHLt.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\shWZct.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\KlPLSq.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\nwHfDA.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\uZcNbz.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\dpqIyl.exe C:\Program Files\svhost32.exe C:\DOCUME~1\sailor\LOCALS~1\Temp\g.dll 删除完毕之后，清理系统临时文件。 不仅如此，个人感觉你的服务项和驱动项有一些没有能扫描到的。 你按照上面的方法，清理之后，重新扫描日志发上来。 ……………… 呵呵 没用的 他都说了 他重新做过系统 这是后感染的说明他别的盘有被感染的文件 看他的情况应该 微金 和熊猫的门大 删了C 没用 ………………

我不否认这些文件是威金造成的。
我之前说过了，他的系统中有些日志没有能扫描上来：
比如服务和驱动项。
这些操作，只是能帮助他解决目前的问题，要根本的解决，有一款杀软是必不可少的！
虽然这是瑞星论坛，可是我个人觉得，还是推荐他试下卡巴斯基！

至于威金专杀：我推荐农夫的“VKING杀虫剂”。可以去置顶的工具中查看。

不行啊，我删除一个，出来两个，我刚把系统还原了，还是这样，1分钟之内全部上来了，又开始了，我觉得不是C盘这些文件的问题，想想其他办法！！

VIKING杀虫剂我刚下载了，扫描不到，我的系统整个硬盘都格式化过，但是里面有一些重要的文件，我拷贝到移动硬盘里面了，后来又拷贝到电脑硬盘里面，这些文件我不能丢的，但是现在......我真的要哭了