查看: 1998|回复: 4
收起左侧

[讨论] 非常恶毒的东西!红伞都搞不定了!

[复制链接]
abin5288
发表于 2007-8-13 19:38:04 | 显示全部楼层 |阅读模式
我在玩QQ游戏中突然网就断掉了!再连网络的话就一直连不上去,提示“错误692”!而且微点根本就启动不了,我试着启动我的金山快译也同样启动不了!红伞主界面的第一项变红了,伞也收起来了!用红伞检测出了2个病毒,我不懂是不是这两个病毒在作怪,可是红伞把这两个东西弄到隔离区重启电脑后一切都正常了!我把日志复制下来了,大家帮我看看,分析一下~另外这两个病毒还没有清除的之前,每次启动电脑都会在桌面自动生成一个文件,我已经把它打包并发到病毒样区去了大家帮我测试下是不是病毒~谢谢~(莫非是微点的墙不行?以前我装过微点配红伞也是出现了断网的情况,晕~~)
AntiVir PersonalEdition Premium
Report file date: 2007年8月13日  18:19
Scanning for 1017618 virus strains and unwanted programs.
Licensed to:      ? ?
Serial number:    1100617197-PEPWE-0001
Platform:         Windows XP
Windows version:  (Service Pack 2)  [5.1.2600]
Username:         Owner
Computer name:    FOUNDERT-550F36
Version information:
BUILD.DAT    : 287           15691 Bytes   2007-5-10 12:16:00
AVSCAN.EXE   : 7.0.4.15     282664 Bytes   2007-4-20 05:37:16
AVSCAN.DLL   : 7.0.4.4       33832 Bytes   2007-3-27 05:31:56
LUKE.DLL     : 7.0.4.11     143400 Bytes   2007-3-27 05:26:06
LUKERES.DLL  : 7.0.4.0       10280 Bytes   2007-3-19 05:19:00
ANTIVIR0.VDF : 6.35.0.1    7371264 Bytes   2006-5-31 07:08:58
ANTIVIR1.VDF : 6.39.0.129  7251968 Bytes   2007-7-10 09:53:20
ANTIVIR2.VDF : 6.39.0.226  1223680 Bytes   2007-8-10 09:53:22
ANTIVIR3.VDF : 6.39.0.234   122880 Bytes   2007-8-13 09:53:22
AVEWIN32.DLL : 7.4.0.60    2716160 Bytes   2007-8-13 09:53:22
AVWINLL.DLL  : 1.0.0.7       14376 Bytes   2007-2-26 03:36:28
AVPREF.DLL   : 7.0.2.1       24616 Bytes   2007-3-27 05:31:52
AVREP.DLL    : 7.0.0.1      155688 Bytes   2007-4-16 06:16:24
AVPACK32.DLL : 7.3.0.15     360488 Bytes   2007-8-13 09:53:22
AVREG.DLL    : 7.0.1.2       31784 Bytes   2007-3-15 02:05:10
AVEVTLOG.DLL : 7.0.0.18      86056 Bytes   2007-3-27 05:16:06
AVARKT.DLL   : 1.0.0.17     278568 Bytes    2007-5-2 04:32:28
NETNT.DLL    : 7.0.0.0        7720 Bytes    2007-3-8 04:09:44
RCIMAGE.DLL  : 7.0.1.15    2461736 Bytes   2007-3-13 04:07:54
RCTEXT.DLL   : 7.0.45.0      86056 Bytes   2007-3-19 06:02:46
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Premium\PROFILES\folder.avp
Logging..........................: low
Primary action...................: repair
Secondary action.................: quarantine
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: I:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: 2007年8月13日  18:19
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'avmailc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'avesvc.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'Domino.exe' - '1' Module(s) have been scanned
Scan process 'VMSnap3.exe' - '1' Module(s) have been scanned
Scan process 'MPMon.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MPSVC1.exe' - '1' Module(s) have been scanned
Scan process 'MPSVC2.exe' - '1' Module(s) have been scanned
Scan process 'MPSVC.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
31 processes with 31 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
      [NOTE]      No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
      [NOTE]      No virus was found!
Boot sector 'D:\'
      [NOTE]      No virus was found!
Boot sector 'E:\'
      [NOTE]      No virus was found!
Boot sector 'F:\'
      [NOTE]      No virus was found!
Boot sector 'G:\'
      [NOTE]      No virus was found!
Starting to scan the registry.
The registry was scanned ( '8' files ).

Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
      [WARNING]   The file could not be opened!
C:\WINDOWS\system32\drivers\PnpWmkDrv.sys
      [DETECTION] Contains signature of the rootkit RKIT/Agent.GZ
      [INFO]      The file was moved to '473030e3.qua'!
Begin scan in 'D:\' <软件>
D:\Temporary Internet Files\Content.IE5\MYDQZHQE\583516[1].rar
  [0] Archive type: RAR
  --> PLUGINS\0.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [INFO]      The file was moved to '46f33740.qua'!

End of the scan: 2007年8月13日  19:07
Used time: 48:14 min
The scan has been canceled!
   2598 Scanning directories
  97253 Files were scanned
      2 viruses and/or unwanted programs were found
      0 classified as suspicious:
      0 files were deleted
      0 files were repaired
      2 files were moved to quarantine
      0 files were renamed
      1 Files cannot be scanned
  97251 Files not concerned
    724 Archives were scanned
      1 Warnings
      0 Notes
      0 Hidden objects were found
ykz1991
发表于 2007-8-13 21:04:40 | 显示全部楼层
第一个是完美卸载驱动文件
第二个是缓存中的,清空缓存后就没什么危害了
断箭
发表于 2007-8-14 00:09:10 | 显示全部楼层
在安全模式杀杀看
Cypress
发表于 2007-8-14 00:56:50 | 显示全部楼层
跟我前几天中的毒很像,突然也是上不了网,把两个阻碍上网的dll删除以后就没事了,卡巴也没报,主动防御都没报,只是web和邮件保护都显示无法使用。后来卡巴扫描ie缓存倒报了。删了缓存也就没事了
周杰伦
发表于 2007-8-14 05:46:39 | 显示全部楼层
清空临时文件夹就可以了,根本没有什么危害的
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-12-25 22:43 , Processed in 0.126544 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表