打开一个文件夹，文件夹选项被隐藏了！无法删除隐藏的病毒！怎么弄啊？

恶意程序修改后无法显示系统隐藏文件手动处理方法
参考http://forum.ikaka.com/topic.asp?board=28&artid=7318038&page=5第71楼

不行啊！还是无法显示文件夹选项！！！！我中的是Worm@W32.Rontokbro.2!!!怎么杀啊？

用Autoruns保存一个日志发上来
日志保存方法:选择File->Save菜单项
保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮)

工具的下载、使用参考http://forum.ikaka.com/topic.asp?board=28&artid=7318038第14楼

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ CnsMin3721北京三七二一科技有限公司c:\windows\downloaded program files\cnsmin.dll

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components

+ Microsoft Outlook Express 6File not found: C:\Program Files\Outlook Express\setup50.exe

+ 通讯簿 6File not found: C:\Program Files\Outlook Express\setup50.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

+ cnshook.dll3721 CNS Module北京三七二一科技有限公司c:\windows\downloaded program files\cnshook.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ AutoCAD 数字签名图标覆盖处理程序AcSignIcon ModuleAutodeskc:\windows\system32\acsignicon.dll

+ Autodesk Drawing PreviewAcThumbnail ModuleAutodeskc:\program files\common files\autodesk shared\thumbnail\acthumbnail16.dll

+ Autodesk DWF PreviewAcThumbnail ModuleAutodeskc:\program files\common files\autodesk shared\thumbnail\acdwfthmbprxy16.dll

+ Desktop ExplorerNVIDIA nView Control Panel, Version 28.32 NVIDIA Corporationc:\windows\system32\nvshell.dll

+ Desktop Explorer MenuNVIDIA nView Control Panel, Version 28.32 NVIDIA Corporationc:\windows\system32\nvshell.dll

+ Display Panning CPL ExtensionFile not found: deskpan.dll

+ HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\windows\system32\hticons.dll

+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

+ WinRAR shell extensionc:\program files\winrar\rarext.dll

+ Yahoo!PhotoyPhtbYahoo! Chinac:\program files\yahoo!\assistant\assist\yphtb.dll

+ 粉碎文件Wiper 动态链接库c:\program files\yahoo!\assistant\assist\ywiper.dll

+ 用户(&P)...File not found: C:\Program Files\Outlook Express\wabfind.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ AntiFish Classyangling.dllYahoo.c:\program files\yahoo!\assistant\assist\yangling.dll

+ CnsHook Class3721 CNS Module北京三七二一科技有限公司c:\windows\downloaded program files\cnshook.dll

+ DragSearch BHODragSearchc:\program files\yahoo!\assistant\assist\ydragsearch.dll

+ DragSearch BHODragSearchc:\program files\yisou\yisoub.dll

+ ThunderIEHelper Classxunleibho BHOc:\windows\system32\xunleibho_v8.dll

+ Yahoo!PhotoyPhtbYahoo! Chinac:\program files\yahoo!\assistant\assist\yphtb.dll

+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar

+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll

+ 一搜YiSou ToolBar 3721c:\program files\yisou\yisou.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ Yahoo 1G电邮File not found: http://cn.mail.yahoo.com/promo/rd1

+ 浩方对战平台浩方对战平台上海浩方在线信息技术有限公司d:\program files\浩方对战平台\gameclient.exe

+ 清理上网记录File not found: http://assistant.3721.com/clean1.htm?fb=Cns

+ 情景聊天File not found: http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/

+ 手机短信File not found: http://sms.3721.com/ie/index.htm?pid=206671_1006

+ 修复浏览器File not found: http://assistant.3721.com/security1.htm?fb=Cns

+ 寻宝乐趣多File not found: http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138

+ 雅虎助手File not found: http://cn.zs.yahoo.com/?source=Cns

+ 易趣购物File not found: http://adfarm.mediaplex.com/ad/ck/4080-23171-9517-205?cn=song;icon;hp&mpro=http://www.ebay.com.cn

+ 易趣购物File not found: http://click2.ad4all.net/url2/urlmanage/url.asp?id=1

Task Scheduler

+ DDD_Install_Program.jobFile not found: C:\DOCUME~1\Kacarot\LOCALS~1\Temp\is-14K5Q.tmp\dudu.exe

HKLM\System\CurrentControlSet\Services

+ DiskeeperControls the Windows Diskeeper ServiceExecutive Software International, Inc.c:\program files\executive software\diskeeper\dkservice.exe

+ kavsvcKaspersky Anti-Virus ServiceKaspersky Labd:\program files\sd\kaspersky anti-virus personal\kavsvc.exe

+ NVSvcNVIDIA Driver Helper Service, Version 28.32NVIDIA Corporationc:\windows\system32\nvsvc32.exe

+ RsCCenterCCenterrisingc:\program files\rising\rav\ccenter.exe

+ RsRavMonRavMonBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravmond.exe

+ Smart Card Eventc:\program files\zsxz\urlservice.exe

HKLM\System\CurrentControlSet\Services

+ BaseTDIbasetdiRisingc:\windows\system32\drivers\basetdi.sys

+ basic2NTRksample driverConexantc:\windows\system32\drivers\hsf_bsc2.sys

+ d347busPnP BIOS Extension c:\windows\system32\drivers\d347bus.sys

+ d347prtSCSI miniport c:\windows\system32\drivers\d347prt.sys

+ eppkqppec:\windows\system32\drivers\eppkqppe.sys

+ ExpScanerExpScan.sysc:\program files\rising\rav\expscan.sys

+ FallbackFallback driverConexantc:\windows\system32\drivers\hsf_fall.sys

+ FsksFSKsNT driverConexantc:\windows\system32\drivers\hsf_fsks.sys

+ HookContTDI HOOK DriverRising tech Co. ltdc:\program files\rising\rav\hookcont.sys

+ HookRegc:\program files\rising\rav\hookreg.sys

+ HookSys瑞星c:\program files\rising\rav\hooksys.sys

+ hsf_msftWinACHSF driverConexantc:\windows\system32\drivers\hsf_msft.sys

+ K56K56NT driverConexantc:\windows\system32\drivers\hsf_k56k.sys

+ Kl1Kaspersky Anti-Hacker Only DriverKaspersky Labc:\windows\system32\drivers\kl1.sys

+ Klifspuper-ptorKaspersky Labsc:\windows\system32\drivers\klif.sys

+ KlmcKaspersky Anti-Virus Mail Checker ProxyKaspersky Labc:\windows\system32\drivers\klmc.sys

+ kmsinputc:\windows\system32\drivers\kmsinput.sys

+ npkcryptnProtect KeyCrypt DriverINCA Internet Co., Ltd.d:\program files\tencent\qq\npkcrypt.sys

+ nvNVIDIA Compatible Windows 2000 Miniport Driver, Version 28.32 NVIDIA Corporationc:\windows\system32\drivers\nv4_mini.sys

+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys

+ RksampleRksample WDM driverConexantc:\windows\system32\drivers\hsf_samp.sys

+ rtl8139Realtek RTL8139 NDIS 5.0 DriverRealtek Semiconductor Corporationc:\windows\system32\drivers\rtl8139.sys

+ SecdrvSafeDisc driverc:\windows\system32\drivers\secdrv.sys

+ SoftFaxFaxNT driverConexantc:\windows\system32\drivers\hsf_faxx.sys

+ SpeakerPhoneSpkpNT driverConexantc:\windows\system32\drivers\hsf_spkp.sys

+ TonesTonesNT driverConexantc:\windows\system32\drivers\hsf_tone.sys

+ TSPspuper-ptorKaspersky Labsc:\windows\system32\drivers\klif.sys

+ V124V124NT driverConexantc:\windows\system32\drivers\hsf_v124.sys

+ VIAPFDVIA PFD driverVIA Technologies. Inc.c:\windows\system32\drivers\viapfd.sys

+ VIAudioVIA AC'97 Enhanced Audio WDM Driver VIA Technologies, Inc.c:\windows\system32\drivers\viaudio.sys

+ Smart Card Eventc:\program files\zsxz\urlservice.exe

删除启动项
删除c:\program files\zsxz\urlservice.exe

怎么删除启动项

无法删除启动项，c:\program files\zsxz\urlservice.exe被删后还是一样的！

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoFolderOptions"=dword:00000000

把以上内容保存为一个reg.reg文件，双击导入试试

注意导入后需要注销或重启

启动项在哪里删除啊？