就这么简单吗？
然后怎样做呢？查毒每次都有病毒提示，就是很顽固，版主帮忙啊

就这么简单吗？
然后怎样做呢？查毒每次都有病毒提示，就是很顽固，版主帮忙啊

下班了
明天传

ok

抱歉，我很菜，能说详细点吗？谢谢

抱歉，我很菜，能说详细点吗？谢谢

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\byxxy]
<WinlogonNotify: byxxy><C:\WINDOWS\System32\byxxy.dll> []

此处无法删除，提示正在运行程序。
删除注册表键值也没办法？用sreng2删除不了
？//

再发新的日志，清查看，帮忙啊！谢谢

2006-09-08,11:51:51

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional  (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [Microsoft Corporation]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <!ewido><"D:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized>  [Anti-Malware Development a.s.]
    <AGRSMMSG><; AGRSMMSG.exe>  [Agere Systems]
    <AsShell><; "C:\PROGRA~1\3721\assist\AsShell.exe">  []
    <ATIModeChange><; Ati2mdxx.exe>  [ATI Technologies, Inc.]
    <BIE><; Rundll32.exe C:\WINDOWS\DOWNLO~1\BDSrHook.dll,Rundll32>  []
    <IMEKRMIG6.1><; C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>  [Microsoft Corporation]
    <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <kpcdst><; D:\Program Files\media\kingplayer2003\cdsprite.exe>  [金山软件股份有限公司]
    <MSPY2002><; C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC>  []
    <NPDTray><; C:\PROGRA~1\ThinkPad\UTILIT~1\NPDTray.exe>  []
    <PHIME2002A><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <QCTRAY><; C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE>  []
    <QCWLICON><; C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE>  []
    <rfw><; C:\Program Files\rising\Rfw\Rfw.exe>  [Beijing Rising Technology Corporation Limited]
    <RfwMain><; "D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <StatusClient><; C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto>  [Hewlett-Packard]
    <stup.exe><; C:\PROGRA~1\TENCENT\Adplus\stup.exe>  []
    <SynTPEnh><; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [Synaptics, Inc.]
    <SynTPLpr><; C:\Program Files\Synaptics\SynTP\SynTPLpr.exe>  [Synaptics, Inc.]
    <Thunder><; "D:\迅雷\Thunder.exe" /s>  [Thunder Networking Technologies,LTD]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot>  [RealNetworks, Inc.]
    <TomcatStartup><; C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe>  [Hewlett-Packard]
    <TP4EX><; tp4ex.exe>  [IBM Corporation]
    <TPHOTKEY><; C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe>  []
    <TPTRAY><; C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY.EXE>  []
    <WangWang><; D:\新华字典\淘宝旺旺\WangWang.exe>  [浙江淘宝网络有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><EXPLORER.EXE>  [Microsoft Corporation]
    <Userinit><userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\byxxy]
    <WinlogonNotify: byxxy><C:\WINDOWS\System32\byxxy.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\policies]
    <WinlogonNotify: policies><C:\WINDOWS\system32\jt4s07h7e.dll>  []

启动文件夹
服务
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\System32\Ati2evxx.exe><N/A>
[ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard]
  <D:\Program Files\ewido anti-spyware 4.0\guard.exe><Anti-Malware Development a.s.>
[IBM PM Service / IBMPMSVC]
  <C:\WINDOWS\System32\ibmpmsvc.exe><N/A>
[IMAPI CD-Burning COM Service / ImapiService]
  <C:\WINDOWS\System32\imapi.exe><Microsoft Corporation>
[Network Monitor / Network Monitor]
  <C:\Program Files\Network Monitor\netmon.exe service><N/A>
[QCONSVC / QCONSVC]
  <System32\QCONSVC.EXE><N/A>
[Rising Proxy  Service / RfwProxySrv]
  <d:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <d:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"D:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>