我在玩QQ游戏中突然网就断掉了!再连网络的话就一直连不上去,提示“错误692”!而且微点根本就启动不了,我试着启动我的金山快译也同样启动不了!红伞主界面的第一项变红了,伞也收起来了!用红伞检测出了2个病毒,我不懂是不是这两个病毒在作怪,可是红伞把这两个东西弄到隔离区重启电脑后一切都正常了!我把日志复制下来了,大家帮我看看,分析一下~另外这两个病毒还没有清除的之前,每次启动电脑都会在桌面自动生成一个文件,我已经把它打包并发到病毒样区去了大家帮我测试下是不是病毒~谢谢~(莫非是微点的墙不行?以前我装过微点配红伞也是出现了断网的情况,晕~~)
AntiVir PersonalEdition Premium
Report file date: 2007年8月13日 18:19
Scanning for 1017618 virus strains and unwanted programs.
Licensed to: ? ?
Serial number: 1100617197-PEPWE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Owner
Computer name: FOUNDERT-550F36
Version information:
BUILD.DAT : 287 15691 Bytes 2007-5-10 12:16:00
AVSCAN.EXE : 7.0.4.15 282664 Bytes 2007-4-20 05:37:16
AVSCAN.DLL : 7.0.4.4 33832 Bytes 2007-3-27 05:31:56
LUKE.DLL : 7.0.4.11 143400 Bytes 2007-3-27 05:26:06
LUKERES.DLL : 7.0.4.0 10280 Bytes 2007-3-19 05:19:00
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 2006-5-31 07:08:58
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 2007-7-10 09:53:20
ANTIVIR2.VDF : 6.39.0.226 1223680 Bytes 2007-8-10 09:53:22
ANTIVIR3.VDF : 6.39.0.234 122880 Bytes 2007-8-13 09:53:22
AVEWIN32.DLL : 7.4.0.60 2716160 Bytes 2007-8-13 09:53:22
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-2-26 03:36:28
AVPREF.DLL : 7.0.2.1 24616 Bytes 2007-3-27 05:31:52
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-4-16 06:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 2007-8-13 09:53:22
AVREG.DLL : 7.0.1.2 31784 Bytes 2007-3-15 02:05:10
AVEVTLOG.DLL : 7.0.0.18 86056 Bytes 2007-3-27 05:16:06
AVARKT.DLL : 1.0.0.17 278568 Bytes 2007-5-2 04:32:28
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-3-8 04:09:44
RCIMAGE.DLL : 7.0.1.15 2461736 Bytes 2007-3-13 04:07:54
RCTEXT.DLL : 7.0.45.0 86056 Bytes 2007-3-19 06:02:46
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Premium\PROFILES\folder.avp
Logging..........................: low
Primary action...................: repair
Secondary action.................: quarantine
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: I:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: 2007年8月13日 18:19
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'avmailc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'avesvc.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'Domino.exe' - '1' Module(s) have been scanned
Scan process 'VMSnap3.exe' - '1' Module(s) have been scanned
Scan process 'MPMon.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MPSVC1.exe' - '1' Module(s) have been scanned
Scan process 'MPSVC2.exe' - '1' Module(s) have been scanned
Scan process 'MPSVC.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
31 processes with 31 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'F:\'
[NOTE] No virus was found!
Boot sector 'G:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '8' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\PnpWmkDrv.sys
[DETECTION] Contains signature of the rootkit RKIT/Agent.GZ
[INFO] The file was moved to '473030e3.qua'!
Begin scan in 'D:\' <软件>
D:\Temporary Internet Files\Content.IE5\MYDQZHQE\583516[1].rar
[0] Archive type: RAR
--> PLUGINS\0.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
[INFO] The file was moved to '46f33740.qua'!
End of the scan: 2007年8月13日 19:07
Used time: 48:14 min
The scan has been canceled!
2598 Scanning directories
97253 Files were scanned
2 viruses and/or unwanted programs were found
0 classified as suspicious:
0 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
97251 Files not concerned
724 Archives were scanned
1 Warnings
0 Notes
0 Hidden objects were found |