这几个病毒提示说重新启动后删除,但是重新启动后却还在,怎么都杀不掉,安全模式也杀不掉

关闭系统还原...再杀

关了,还是 不行

该用户帖子内容已被屏蔽

引用:

【BFHG的贴子】这几个病毒提示说重新启动后删除,但是重新启动后却还在………………

重启后删除文件啊!!!谁叫你再杀毒的?

与系统还原无关
貌似还有引导区病毒哦
下载 System Repair Engineer，
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 运行SREng.exe
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来，不要修改
友情提示：
扫描前关闭所有手工打开的软件和窗口，扫描后将日志发上来。但请不要用附件形式贴。
注意在没有进一步提示前，勿要胡乱修复，否则系统可能变的情况更糟。
         
如果发现SREng.exe运行无反应或者不能运行或者扫描出错,你可以将SREng.exe重命名为SREng.com(SREng.scr\SREng.bat\SREng.pif)或者abc.exe运行.

【回复“BFHG”的帖子】
你那个boot.WYX是引导区病毒。应该在DOS下杀毒。

对 用瑞星光盘启动查杀


其他病毒用冰刃直接强制删除

2007-02-12,14:50:45

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件


启动项目


注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [(Verified)Microsoft Corporation]
(Super Rabbit IEPro)(; C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD) [Super Rabbit Soft]
(MsnMsgr)("C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background) [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(FlashPlayerUpdate)(C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe) [(Verified)Adobe Systems, Inc.]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() [N/A]
(run)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(runeip)(C:\Program Files\Rising\AntiSpyware\runiep.exe) [Beijing Rising Technology Co., Ltd.]
(RavTask)("C:\Program Files\Rising\Rav\RavTask.exe" -system) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [(Verified)Microsoft Corporation]
(Userinit)(C:\WINDOWS\system32\userinit.exe,) [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(logonui.exe) [(Verified)Microsoft Corporation]




--------------------------------------------------------------------------------



启动文件夹

[Microsoft Office]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --) C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation])(H)
[腾讯QQ珊瑚虫版]
(C:\Documents and Settings\BFHG\「开始」菜单\程序\启动\腾讯QQ珊瑚虫版.lnk --) C:\PROGRA~1\Tencent\QQ\CoralQQ.exe [珊瑚虫工作室])(H)

服务

[Human Interface Device Access / HidServ][Stopped/Disabled]
(C:\WINDOWS\System32\svchost.exe -k netsvcs--)%SystemRoot%\System32\hidserv.dll)(N/A)
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
("C:\Program Files\Rising\Rav\CCenter.exe")(Beijing Rising Technology Co., Ltd.)
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
("C:\Program Files\Rising\Rav\Ravmond.exe")(Beijing Rising Technology Co., Ltd.)



--------------------------------------------------------------------------------



驱动程序

[BaseTDI / BaseTDI][Running/Auto Start]
(\??\C:\WINDOWS\system32\drivers\basetdi.sys)(Beijing Rising Technology Co., Ltd.)
[ExpScaner / ExpScaner][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\ExpScan.sys)()
[hibcro24 / hibcro24][Stopped/Boot Start]
(\SystemRoot\system32\drivers\hibcro24.sys)(N/A)
[HookCont / HookCont][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\HOOKCONT.sys)(Rising)
[HookReg / HookReg][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\HookReg.sys)()
[HookSys / HookSys][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\HookSys.sys)(Rising)
[iillckb / iillckbk][Running/Boot Start]
(\SystemRoot\System32\DRIVERS\iillckbk.sys)(N/A)
[mefewa8 / mefewa82][Running/Boot Start]
(\SystemRoot\System32\DRIVERS\mefewa82.sys)(N/A)
[MEMSCAN / MEMSCAN][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\MEMSCAN.sys)(瑞星软件有限公司)
[npkcrypt / npkcrypt][Running/Auto Start]
(\??\C:\Program Files\Tencent\QQ\npkcrypt.sys)(INCA Internet Co., Ltd.)
[npkycryp / npkycryp][Stopped/Manual Start]
(\??\C:\Program Files\Tencent\QQ\npkycryp.sys)(N/A)
[PnpWmkDrv / PnpWmkDrv][Running/System Start]
(\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys)(N/A)
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
(system32\DRIVERS\ptilink.sys)(Parallel Technologies, Inc.)
[RsNTGDI / RsNTGDI][Running/Boot Start]
(\SystemRoot\system32\Drivers\RsNTGdi.sys)(Beijing Rising Technology Co., Ltd.)
[RSPPSYS / RSPPSYS][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\RSPPSYS.sys)(Rising)
[TL-WN321G 1.0 USB Wireless Adapter / RT73][Running/Manual Start]
(system32\DRIVERS\rt73.sys)(Ralink Technology, Corp.)
[Secdrv / Secdrv][Stopped/Manual Start]
(system32\DRIVERS\secdrv.sys)(N/A)
[SiS300i / SiS300i][Stopped/Manual Start]
(system32\DRIVERS\sis300ip.sys)(Silicon Integrated Systems Corporation)
[SiS630 / SiS630][Running/Manual Start]
(system32\DRIVERS\sis630p.sys)(Silicon Integrated Systems Corporation)
[Service for AC'97 Sample Driver (WDM) / SiS7018][Running/Manual Start]
(system32\drivers\ac97sis.sys)(Silicon Integrated Systems Corp.)
[SIS AGP Bus Filter / sisagp][Running/Boot Start]
(\SystemRoot\system32\DRIVERS\sisagp.sys)(Silicon Integrated Systems Corporation)
[SiS PCI Fast Ethernet Adapter Driver / SISNIC][Running/Manual Start]
(system32\DRIVERS\sisnic.sys)(SiS Corporation)
[tlekmz2 / tlekmz21][Running/Boot Start]
(\SystemRoot\System32\DRIVERS\tlekmz21.sys)(N/A)