俺中了一个病毒，用瑞星删除虽然成功，但电脑重启后还是有，感染病毒的文件名称是：C:WINDOWS/SYSTEM32/2FA6FD00.EXE，病毒名称为：Trojan.DL.Mnless.eu,症状是上网上不断弹出无聊的网页，上面显示什么如何阴茎增大，如何性福等等等，偶实在是水平低，不知该如何查杀，感谢大虾帮助。

应该是被别的东西保护起来了，应该先全面杀毒一次。

偶全面杀毒后，重启电脑还是有

请下载SREng2（最新版） ，使用“智能扫描”，按下“扫描”按钮进行扫描，
扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完，分次粘完，请不要修改。

下载地址
http://www.kztechs.com/sreng/download.html

安全模式下杀毒

哈哈....
那些弹出的网站真有诱惑力
呵呵
楼主快点发日志吧

感谢鸟儿天上飞的帮助，谢谢。偶正在下载

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <run>< >  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <C:\Documents and Settings\dahai\桌面\awp.e><>  [N/A]
    <RavTask><"D:\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <Userinit><userinit.exe,>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\System32\ravss.scr>  [Rising Corp.]

启动文件夹
N/A

==================================
服务
[69E2D0DC / 69E2D0DC][Stopped/Auto Start]
  <C:\WINDOWS\System32\69E2D0DC.EXE -service><N/A>
[99695634 / 99695634][Stopped/Auto Start]
  <C:\WINDOWS\System32\99695634.EXE -service><Microsoft Corporation>
[Background Intelligent Transfer Service / BITS][Stopped/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\wiasoervc.dll><N/A>
[CoolWare / CoolWare][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\struts.dll><>
[edfscv / edfscv][Stopped/Auto Start]
  <C:\WINDOWS\System32\fgdfsdf.exe -service><N/A>
[error monitor / EmonSrv][Stopped/Auto Start]
  <C:\WINDOWS\System32\lfrmewrk.exe><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Windows hrss RunThem / hrss][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\cmnn\mwxx.dll>< >
[IMAPI CD-Burning COM Service / ImapiService][Stopped/Manual Start]
  <C:\WINDOWS\System32\imapi.exe><Microsoft Corporation>
[kkdj3sdf3 / kkdj3sdf3][Stopped/Auto Start]
  <C:\WINDOWS\System32\kkdj3sdf3.exe -j><Microsoft Corporation>
[kkduusfsd / kkduusfsd][Stopped/Auto Start]
  <C:\WINDOWS\System32\kkduusfsd.exe -service><N/A>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <d:\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <d:\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"D:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"D:\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Service Transaction Provisioning / Transaction_Service][Stopped/Auto Start]
  <C:\WINDOWS\System32\explorer.exe><N/A>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\mspmsnsv.dll><Microsoft Corporation>

驱动程序
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[basic2 / basic2][Running/Manual Start]
  <System32\DRIVERS\HSF_BSC2.sys><Conexant>
[cdxidd8 / cdxidd88][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\cdxidd88.sys><N/A>
[C-Media WDM Audio Interface / cmuda][Running/Manual Start]
  <system32\drivers\cmuda.sys><C-Media Inc>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\D:\RISING\RAV\ExpScan.sys><>
[fakkxg9 / fakkxg96][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\fakkxg96.sys><N/A>
[Fallback / Fallback][Running/Auto Start]
  <System32\DRIVERS\HSF_FALL.sys><Conexant>
[Fsks / Fsks][Running/Auto Start]
  <System32\DRIVERS\HSF_FSKS.sys><Conexant>
[gcxtli5 / gcxtli59][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\gcxtli59.sys><N/A>
[geeecfbi / geeecfbi][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\geeecfbi.sys><N/A>
[goqxiz2 / goqxiz26][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\goqxiz26.sys><N/A>
[gotesf3 / gotesf37][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\gotesf37.sys><N/A>
[HOOKAPI / HOOKAPI][Stopped/Auto Start]
  <\??\E:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS><N/A>
[HookCont / HookCont][Running/Auto Start]
  <\??\D:\RISING\RAV\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\D:\RISING\RAV\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\D:\RISING\RAV\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\D:\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[hrnipt6 / hrnipt60][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\hrnipt60.sys><N/A>
[hsf_msft / hsf_msft][Running/Manual Start]
  <System32\DRIVERS\HSF_MSFT.sys><Conexant>
[iiujqe7 / iiujqe72][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\iiujqe72.sys><N/A>
[iylxfk8 / iylxfk87][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\iylxfk87.sys><N/A>
[K56 / K56][Running/Auto Start]
  <System32\DRIVERS\HSF_K56K.sys><Conexant>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\D:\RISING\RAV\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\d:\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[netshels / netshels][Stopped/Boot Start]
  <\SystemRoot\system32\\drivers\\netshels.sys><Microsoft Corporation>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <System32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\Program Files\Tencent\QQ\npkycryp.sys><N/A>
[Efficient Networks Enternet P.P.P.o.E LAN  Miniport Driver / NTSPPPOE][Stopped/Manual Start]
  <System32\DRIVERS\ntspppoe.sys><Efficient Networks, Inc.>
[okrkfk9 / okrkfk99][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\okrkfk99.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[qndsrc7 / qndsrc74][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\qndsrc74.sys><N/A>
[RAWESR / RAWESR][Stopped/Manual Start]
  <\??\C:\PROGRA~1\EFFICI~1\ENTERN~1\app\RAWESR.SYS><Microsoft Corporation (Sample)>
[Rksample / Rksample][Running/Manual Start]
  <System32\DRIVERS\HSF_SAMP.sys><Conexant>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\D:\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\System32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\D:\RISING\RAV\RSPPSYS.sys><Rising>
[rsqblg1 / rsqblg13][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\rsqblg13.sys><N/A>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[SiS AGP Filter / sisagp][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\SISAGPX.sys><Silicon Integrated Systems Corporation>
[SoftFax / SoftFax][Running/Auto Start]
  <System32\DRIVERS\HSF_FAXX.sys><Conexant>
[tcaqlh9 / tcaqlh94][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\tcaqlh94.sys><N/A>
[Tones / Tones][Running/Auto Start]
  <System32\DRIVERS\HSF_TONE.sys><Conexant>
[uhnuyj7 / uhnuyj77][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\uhnuyj77.sys><N/A>
[V124 / V124][Running/Auto Start]
  <System32\DRIVERS\HSF_V124.sys><Conexant>
[welfsu8 / welfsu87][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\welfsu87.sys><N/A>
[WrKPoET2000 / WrKPoET2000][Stopped/Manual Start]
  <\??\C:\Program Files\WinPoET Broadband Connection\WrKPoET2000.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[ywkoqp6 / ywkoqp68][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ywkoqp68.sys><N/A>
[zaucyc6 / zaucyc68][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\zaucyc68.sys><N/A>
[VIMICRO USB PC Camera / ZSMC302][Stopped/Manual Start]
  <System32\Drivers\usbVM31b.sys><VM>
[RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
  <\SystemRoot\System32\drivers\RsBoot.sys><Beijing Rising>