卡饭混了几个月了今天帮朋友杀了100多个毒

显示全部楼层 · 发表于 2007-7-22 23:04:27

他把我叫过去的时候优化大师被干掉了 sreng也不可以运行 360安全卫士也运行不起来。晕这样的电脑第一次看到，马上下载小红伞，刚刚安装完还没有更新就扫描出来99个了重新开机后。病毒还没有完全杀玩，机子卡的差点死机。然后又去下载超级兔子和冰刃，还好这两个东西没有被干掉。运行超级兔子又干掉几个流氓和病毒

（小红伞居然没有扫描出来被兔子扫描出来了）然后用冰刃结束掉不断生成的进程。 360终于可以用了。然后360安全卫士一扫描又有30多个病毒

吓死人了！！小红伞这时候倒是安静了。然后更新在扫描C盘。开到高启发又扫描出来40多个病毒，。这个时候我看下sreng可不可以用，打开了然后清理下启动项（启动项是在太多垃圾了），真不知道他怎么玩的。电脑买回来才一个月，居然中了这么多病毒

，最后终于安静了。重量这么多病毒杀完后机子居然没有崩溃！！

后来怕不保险帮他安装上了微点！！！！

显示全部楼层 · 发表于 2007-7-22 23:06:50

Start of the scan: 2007年7月22日  13:13
The scan of running processes will be started
Scan process 'avscan.exe' - '0' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'antivir_workstation_win7u_en_h.exe' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'inetinfo.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
37 processes with 37 modules were scanned

Starting the file scan:
Begin scan in 'C:\WINDOWS\system32'
C:\WINDOWS\system32\dh2104.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
   [WARNING] The file could not be deleted!
C:\WINDOWS\system32\nwiztlbb.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
   [WARNING] The file could not be deleted!
C:\WINDOWS\system32\imcnis.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4705e819.qua'!
C:\WINDOWS\system32\mppds.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4712e81d.qua'!
C:\WINDOWS\system32\upxdnd.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '471ae81e.qua'!
C:\WINDOWS\system32\jwpsyg.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4712e829.qua'!
C:\WINDOWS\system32\msccrt.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4705e829.qua'!
C:\WINDOWS\system32\TIMHost.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
   [WARNING] The file could not be deleted!
C:\WINDOWS\system32\cmdbcs.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4706e824.qua'!
C:\WINDOWS\system32\TQROLIJG.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '46f4e809.qua'!
C:\WINDOWS\system32\nwizqjsj.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '470be832.qua'!
C:\WINDOWS\system32\yyituv.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '470be835.qua'!
C:\WINDOWS\system32\WinForm.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4710e826.qua'!
C:\WINDOWS\system32\AVPSrv.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '46f2e813.qua'!
C:\WINDOWS\system32\MsIMMs32.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '46ebe830.qua'!
C:\WINDOWS\system32\yvxgsr.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '471ae834.qua'!
C:\WINDOWS\system32\nwizzhuxians.exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '441e1cda.qua'!
C:\WINDOWS\system32\mosou.exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4715e82d.qua'!
C:\WINDOWS\system32\netsrvcs.dll
   [DETECTION] Is the Trojan horse TR/Agent.22016.B
   [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
   [WARNING] The file could not be deleted!
C:\WINDOWS\system32\vdobbh.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4711e823.qua'!
C:\WINDOWS\system32\quwfan.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4719e834.qua'!
C:\WINDOWS\system32\kdqlsj.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4713e823.qua'!
C:\WINDOWS\system32\nwizzhuxians.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '470be837.qua'!
C:\WINDOWS\system32\nwizAsktao.exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '441e1cd4.qua'!
C:\WINDOWS\system32\Kvsc3.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4715e836.qua'!
C:\WINDOWS\system32\nwizqjsj.exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '470be838.qua'!
C:\WINDOWS\system32\maxovs.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '471ae822.qua'!
C:\WINDOWS\system32\xcnhme.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4710e824.qua'!
C:\WINDOWS\system32\fpnrhc.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4710e831.qua'!
C:\WINDOWS\system32\LYMANGR.DLL
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
   [WARNING] The file could not be deleted!
C:\WINDOWS\system32\MSDEG32.DLL
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '46e6e815.qua'!
C:\WINDOWS\system32\nwizAsktao.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '470be839.qua'!
C:\WINDOWS\system32\olbgmo.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4704e82f.qua'!
C:\WINDOWS\system32\hahrsv.dll

显示全部楼层 · 发表于 2007-7-22 23:07:35

DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '470ae824.qua'!
C:\WINDOWS\system32\gqsmgj.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4715e834.qua'!
C:\WINDOWS\system32\qdcrxe.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4705e827.qua'!
C:\WINDOWS\system32\tcnkqr.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4710e827.qua'!
C:\WINDOWS\system32\tywvyq.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4719e83d.qua'!
C:\WINDOWS\system32\atdqtk.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4706e838.qua'!
C:\WINDOWS\system32\qcdzjp.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4706e827.qua'!
C:\WINDOWS\system32\vdponp.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '44071cc6.qua'!
C:\WINDOWS\system32\aulbqk.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '470ee83a.qua'!
C:\WINDOWS\system32\ajiong.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '470be82f.qua'!
C:\WINDOWS\system32\nrrqon.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4714e837.qua'!
C:\WINDOWS\system32\bwgvwi.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4709e83d.qua'!
C:\WINDOWS\system32\yxqasl.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4713e83e.qua'!
C:\WINDOWS\system32\lhijlc.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '470be82e.qua'!
C:\WINDOWS\system32\windhcp.ocx
   [DETECTION] Is the Trojan horse TR/Agent.22016.B
   [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
   [WARNING] The file could not be deleted!
C:\WINDOWS\system32\ieorso.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4711e82c.qua'!
C:\WINDOWS\system32\vrblze.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4704e839.qua'!
C:\WINDOWS\system32\nhbgks.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4704e830.qua'!
C:\WINDOWS\system32\rubduf.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4704e83d.qua'!
C:\WINDOWS\system32\mussuz.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4715e83d.qua'!
C:\WINDOWS\system32\ipgfxb.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4709e838.qua'!
C:\WINDOWS\system32\jdusux.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4717e82d.qua'!
C:\WINDOWS\system32\iqnnir.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4710e83a.qua'!
C:\WINDOWS\system32\ZWXUROPM.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '46fae821.qua'!
C:\WINDOWS\system32\equidr.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4717e83b.qua'!
C:\WINDOWS\system32\qhbpri.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
   [WARNING] The file could not be deleted!
C:\WINDOWS\system32\wgcpri.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
   [WARNING] The file could not be deleted!
C:\WINDOWS\system32\DEBYVWTQ.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '46e4e810.qua'!
C:\WINDOWS\system32\game123qso.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
   [WARNING] The file could not be deleted!
C:\WINDOWS\system32\imkafn.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '470de838.qua'!
C:\WINDOWS\system32\xycpri.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
   [WARNING] The file could not be deleted!
C:\WINDOWS\system32\XUVSPMNK.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '46f8e821.qua'!
C:\WINDOWS\system32\wdapri.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
   [WARNING] The file could not be deleted!
C:\WINDOWS\system32\LMJGHEBY.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '46ece819.qua'!
C:\WINDOWS\system32\VSPQNKHI.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '46f2e81f.qua'!
C:\WINDOWS\system32\qjgjin.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4709e837.qua'!
C:\WINDOWS\system32\qyuwfi.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4717e846.qua'!
C:\WINDOWS\system32\vvfirk.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4708e843.qua'!
C:\WINDOWS\system32\klbuot.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '44111cd6.qua'!
C:\WINDOWS\system32\XURSPMNK.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '46f4e823.qua'!
C:\WINDOWS\system32\XYVSTQNK.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '46f8e827.qua'!
C:\WINDOWS\system32\XUROPMJK.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
   [WARNING] The file could not be deleted!
C:\WINDOWS\system32\bpeurf.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4707e83e.qua'!
C:\WINDOWS\system32\yywpte.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4719e848.qua'!
C:\WINDOWS\system32\tppsqt.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4712e83f.qua'!
C:\WINDOWS\system32\FCDAXUVS.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '46e6e812.qua'!
C:\WINDOWS\system32\NKHEFCZA.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '46eae81a.qua'!
C:\WINDOWS\system32\BYVWTQNO.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '46f8e829.qua'!
C:\WINDOWS\system32\nchbnb.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
   [WARNING] The file could not be deleted!
C:\WINDOWS\system32\gxqnsz.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4713e848.qua'!
C:\WINDOWS\system32\ymptvb.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4712e83d.qua'!
C:\WINDOWS\system32\yidgsx.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4706e83a.qua'!
C:\WINDOWS\system32\drivers\scvhost.exe
   [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
   [INFO]    The file was moved to '4718e835.qua'!

End of the scan: 2007年7月22日  13:15
Used time: 01:46 min
The scan has been done completely.
195 Scanning directories
6402 Files were scanned
   99 viruses and/or unwanted programs were found
   95 classified as suspicious:
   0 files were deleted
   0 files were repaired
   86 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
6208 Files not concerned
   5 Archives were scanned
   13 Warnings
   0 Notes
   0 Hidden objects were found

显示全部楼层 · 发表于 2007-7-22 23:08:20

Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
   [WARNING] The file could not be opened!
C:\WINDOWS\system32\tgsa.ttc
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4715f850.qua'!
C:\WINDOWS\system32\fgfwy.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4708f852.qua'!
C:\WINDOWS\system32\whfsl.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4708f855.qua'!
C:\WINDOWS\system32\wjtrm.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4716f857.qua'!
C:\WINDOWS\system32\waxzd.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '471af850.qua'!
C:\WINDOWS\system32\zkftx.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4708f85f.qua'!
C:\WINDOWS\system32\FindFile.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4710f85d.qua'!
C:\WINDOWS\system32\FindFiles.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '46b6dbea.qua'!
C:\WINDOWS\system32\hmhfx.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '470af862.qua'!
C:\WINDOWS\system32\RAV00AE.DAT
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.3284
   [INFO]    A backup was created as '46f8f836.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\tfds.crr
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aap.1
   [INFO]    A backup was created as '4706f85b.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\TLBBMANGR.DLL
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.NN.289
   [INFO]    A backup was created as '46e4f841.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\TLBB.DLL
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.NN.306
   [INFO]    A backup was created as '46e4f842.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\RAV008C.DAT
   [DETECTION] Is the Trojan horse TR/Dldr.Small.dtd.1
   [INFO]    A backup was created as '46f8f837.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\wreql.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aap.1
   [INFO]    A backup was created as '4707f868.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\SysPro.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aap.1
   [INFO]    A backup was created as '4715f870.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\SysProFile.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aap.1
   [INFO]    A backup was created as '46b3dbc5.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\SysProFiles.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aap.1
   [INFO]    A backup was created as '4715f872.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\wkjhm.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aap.1
   [INFO]    A backup was created as '470cf862.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\huyix.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aap.1
   [INFO]    A backup was created as '471bf86d.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\wojhj.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aap.1
   [INFO]    A backup was created as '470cf867.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\zhgnx.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aap.1
   [INFO]    A backup was created as '4709f860.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\msupdate.dll
   [DETECTION] Is the Trojan horse TR/Agent.ary.7
   [INFO]    A backup was created as '4717f86c.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\moyu103.dll
   [DETECTION] Is the Trojan horse TR/Agent.AAOC.1
   [INFO]    A backup was created as '471bf868.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system32\1.1
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '46d3f855.qua'!
C:\WINDOWS\system\2.exe
   [DETECTION] Is the Trojan horse TR/PSW.Nilage.bkl
   [INFO]    A backup was created as '4707f842.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system\7.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.LB.3
   [INFO]    A backup was created as '4707f843.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\system\internat.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Zhidao
   [INFO]    A backup was created as '4716f883.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\Temp\LYLOADHR.EXE
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.NN.263
   [INFO]    A backup was created as '46eef895.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\Temp\TLBBMANGR.DLL
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.NN.289
   [INFO]    A backup was created as '46e4f889.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\Temp\TLBB.DLL
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.NN.306
   [INFO]    A backup was created as '4742db3e.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\WINDOWS\Temp\LYLOADMR.EXE
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '46eef897.qua'!
C:\Documents and Settings\All Users\「开始」菜单\程序\辅助工具\Windows优化大师.EXE
  [0] Archive type: ZIP SFX (self extracting)
  --> Wom.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.XN.44 Backdoor server programs
   [INFO]    A backup was created as '4710f8ce.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\Program Files\Common Files\Microsoft Shared\MSInfo\NewInfo.bmt
   [DETECTION] Is the Trojan horse TR/PSW.Delf.QC.50
   [INFO]    A backup was created as '4719f8d3.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\Program Files\Internet Explorer\IEXPLORE32.New
   [DETECTION] Is the Trojan horse TR/Hijack.AC
   [INFO]    A backup was created as '46faf8bb.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\Program Files\Internet Explorer\IEXPLORE32.ime
   [DETECTION] Is the Trojan horse TR/Hijack.AB
   [INFO]    A backup was created as '475cdb08.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\Program Files\Internet Explorer\IEXPLORE.jmp
   [DETECTION] Is the Trojan horse TR/Copiet.B.1
   [INFO]    A backup was created as '46faf8bd.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\Program Files\Internet Explorer\IEXPLORE.New
   [DETECTION] Is the Trojan horse TR/PSW.Agent.NDG.1
   [INFO]    A backup was created as '46faf8bc.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\Program Files\Internet Explorer\IEXPLORE32.jmp
   [DETECTION] Is the Trojan horse TR/Copiet.B.1
   [INFO]    A backup was created as '475cdb09.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\Program Files\Internet Explorer\PLUGINS\System64110.sys
   [DETECTION] Is the Trojan horse TR/Drop.Age.32873.C
   [INFO]    A backup was created as '4715f8f0.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!
C:\Program Files\Tencent\QQ\q.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '4706f8b5.qua'!
C:\Program Files\Tencent\QQ\TIMPlatfrom.exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
   [INFO]    A backup was created as '46eff8d0.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!

End of the scan: 2007年7月22日  14:26
Used time: 03:23 min
The scan has been done completely.
1869 Scanning directories
  32382 Files were scanned
   42 viruses and/or unwanted programs were found
   12 classified as suspicious:
   30 files were deleted
   0 files were repaired
   42 files were moved to quarantine
   0 files were renamed
   1 Files cannot be scanned
  32328 Files not concerned
158 Archives were scanned
   1 Warnings
   1 Notes
   0 Hidden objects were found

显示全部楼层 · 发表于 2007-7-22 23:13:47

厚积薄发。。

显示全部楼层 · 发表于 2007-7-22 23:24:45

我觉得用超级兔子和360这两个东西扫描的步骤根本没有必要！
用红伞扫，然后用SRE清理启动项就够了！！

显示全部楼层 · 发表于 2007-7-22 23:30:03

不知道有误报吗...~~？

显示全部楼层 · 发表于 2007-7-22 23:36:21

这种事和在卡饭混了几个月有什么关系

显示全部楼层 · 发表于 2007-7-23 00:12:53

N多都是启发报的。。。误报肯定不少。。。

显示全部楼层 · 发表于 2007-7-23 07:50:50

这种时侯,宁肯误杀一万,不能漏掉一个.

------当战地记者的感言

卡饭混了几个月了今天帮朋友杀了100多个毒

下面是扫描报告

这些都是没有更新小红伞扫描出来的

更新后扫描出来的东西

卡饭混了几个月了 今天帮朋友杀了100多个毒

下面是扫描报告

这些都是没有更新小红伞扫描出来的

更新后扫描出来的东西

卡饭混了几个月了今天帮朋友杀了100多个毒