我前一段时间中过这个病毒,当时我的电脑,网上邻居,我的文档,回收站,IE 都打不开
用了几中方法都不见效果,最后重装了系统
但是我今天查毒的时候电脑上又有了这个病毒,请教大家我该怎么办啊?
病毒名称是Rootkit.Vanti.gen,隐藏在c:/windows/system32里，相应文件是bzlw9.dll/byumn8ce.dll，无法删除，用正版瑞星也杀不掉，每次提示重新启动计算机后删除，但是重新启动后，又跳出同样的提示，请问大侠又没有好的解决方案，谢谢了

【回复“yj0300”的帖子】
http://forum.ikaka.com/topic.asp?board=28&artid=6979213
下载System Repair Engineer 2.0.12.350
导出全部日志

请问怎么杀毒啊,真的很郁闷了~

1楼的,我用了你说的方法不行 啊

我的也是啊,怎么办啊?\

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IMEKRMIG6.1><C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <MSPY2002><C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <SoundMan><SOUNDMAN.EXE>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <KTPWare><C:\Program Files\Elantech\ktp.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Broadcom Wireless Manager UI><C:\WINDOWS\System32\WLTRAY>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IntelWireless><C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <EOUApp><C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IgfxTray><C:\WINDOWS\System32\igfxtray.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <HotKeysCmds><C:\WINDOWS\System32\hkcmd.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <MINI_BFYY><C:\安装程序\DVD播放器\暴风\Storm Downloader\StormDownloader.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <RavScanBD><"C:\Program Files\Rising\Rav\ScanBD.exe" /INST>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINDOWS\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><KB8539572.LOG>

==================================
启动文件夹
服务
[EvtEng / EvtEng]
  <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[OwnershipProtocol / OwnershipProtocol]
  <C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe><Intel Corporation>
[RegSrvc / RegSrvc]
  <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Spectrum24 Event Monitor / S24EventMonitor]
  <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation >
[Network Management Center Task / W32Tasks]
  <C:\WINDOWS\system32\taskman32.exe><N/A>
[Broadcom Wireless LAN Tray Service / wltrysvc]
  <C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe><N/A>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\System32\xunleibho_v4.dll, >
[CNNIC_IDN]
  {35980F6E-A137-4E50-953D-813BB8556899} <C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll, >
[CNNIC_IDN]
  {35980F6E-A137-4E50-953D-813BB8556899} <C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll, >
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[易趣购物]
  {DE607145-AC19-425e-862A-2D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[易趣购物]
  {EE60714F-AC17-427e-861A-FD60CBDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=86, N/A>
[烈火数码影院]
  {FB07CB4A-0D35-4997-99BD-EF75413A030B} <C:\安装程序\DVD播放器\BlazeDVD 2005\BlazeDVD.exe, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\MSMSGS.EXE, Microsoft Corporation>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[&使用暴风下载器下载]
  <C:\安装程序\DVD播放器\暴风\Storm Downloader\geturl.htm, N/A>
[&使用迅雷下载]
  <C:\安装程序\迅雷\Thunder\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\安装程序\迅雷\Thunder\getallurl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\安装程序\qq\腾迅QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\安装程序\qq\腾迅QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\安装程序\qq\腾迅QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\安装程序\qq\腾迅QQ\SendMMS.htm, N/A>

请高人看看,怎么了,那里有问题啊

我的也是啊,请问那位高手帮帮忙吧

引用:

【yj0300的贴子】请高人看看,怎么了,那里有问题啊 ...........................

晕倒
日志不全啊

导出全部日志