帮我看看这些是什么,怎么解决
2007-8-12,21:00:57 ---------------------------------------------------------
2007-8-12,21:00:58 Keyfile contains a valid license. The Avira AntiVirPersonalEdition Classic will run as a fully functional version!
2007-8-12,21:00:58 AntiVir Guard version: 7.00.00.52,engine version 7.4.0.12,VDF version: 6.38.0.225
2007-8-12,21:01:00 Start Filter Device.
2007-8-12,21:01:00 Avira AntiVir PersonalEdition Classic has been started successfully!
2007-8-12,21:01:00 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386.?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT.BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO?.DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR.JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD?.MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF.PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR.SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP.TTF .URL
.VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
2007-8-12,21:11:30 Avira AntiVir PersonalEdition Classic service has been stopped!
2007-8-12,21:12:16 ---------------------------------------------------------
2007-8-12,21:12:17 Keyfile contains a valid license. The Avira AntiVirPersonalEdition Classic will run as a fully functional version!
2007-8-12,21:12:17 AntiVir Guard version: 7.00.00.52,engine version 7.4.0.12,VDF version: 6.38.0.225
2007-8-12,21:12:18 Start Filter Device.
2007-8-12,21:12:19 Avira AntiVir PersonalEdition Classic has been started successfully!
2007-8-12,21:12:19 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386.?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT.BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO?.DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR.JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD?.MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF.PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR.SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP.TTF .URL
.VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
2007-8-12,21:45:46 Avira AntiVir PersonalEdition Classic service has been stopped!
2007-8-12,21:45:55 ---------------------------------------------------------
2007-8-12,21:45:57 Keyfile contains a valid license. The Avira AntiVirPersonalEdition Classic will run as a fully functional version!
2007-8-12,21:45:57 AntiVir Guard version: 7.00.00.52,engine version 7.4.0.60,VDF version: 6.39.0.231
2007-8-12,21:45:59 Start Filter Device.
2007-8-12,21:45:59 Avira AntiVir PersonalEdition Classic has been started successfully!
2007-8-12,21:45:59 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386.?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT.BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO?.DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR.JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD?.MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF.PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR.SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP.TTF .URL
.VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
2007-8-12,21:47:10 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386.?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT.BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO?.DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR.JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD?.MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF.PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR.SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP.TTF .URL
.VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 HIGH
- Logfile report level 1
2007-8-12,21:48:10 Avira AntiVir PersonalEdition Classic service has been stopped!
2007-8-12,21:48:58 ---------------------------------------------------------
2007-8-12,21:49:03 Keyfile contains a valid license. The Avira AntiVirPersonalEdition Classic will run as a fully functional version!
2007-8-12,21:49:03 AntiVir Guard version: 7.00.00.52,engine version 7.4.0.60,VDF version: 6.39.0.231
2007-8-12,21:49:04 Start Filter Device.
2007-8-12,21:49:04 Avira AntiVir PersonalEdition Classic has been started successfully!
2007-8-12,21:49:04 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386.?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT.BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO?.DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR.JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD?.MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF.PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR.SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP.TTF .URL
.VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 HIGH
- Logfile report level 1
2007-8-12,21:51:37 Avira AntiVir PersonalEdition Classic service has been stopped!
2007-8-13,8:09:23 ---------------------------------------------------------
2007-8-13,8:09:26 Keyfile contains a valid license. The Avira AntiVirPersonalEdition Classic will run as a fully functional version!
2007-8-13,8:09:26 AntiVir Guard version: 7.00.00.52,engine version 7.4.0.60,VDF version: 6.39.0.231
2007-8-13,8:09:27 Start Filter Device.
2007-8-13,8:09:27 Avira AntiVir PersonalEdition Classic has been started successfully!
2007-8-13,8:09:27 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386.?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT.BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO?.DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR.JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD?.MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF.PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR.SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP.TTF .URL
.VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 HIGH
- Logfile report level 1
2007-8-13,10:25:34 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
E:\System Volume Information\_restore{336E47CD-836A-4665-A9BB-FEF3FF2AB6D9}\RP201\A0044467.ini
[INFO] The file will be moved to quarantine.
2007-8-13,10:16:06 [WARNING] Contains suspicious code HEUR/Malware!
C:\WINDOWS\Temp\NOD864.tmp
[INFO] No action will be taken on the file.
2007-8-13,10:44:37 [WARNING] Contains suspicious code HEUR/Malware!
C:\WINDOWS\Temp\NOD864.tmp
[INFO] The file will be moved to quarantine.
2007-8-13,10:54:45 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
E:\MSNShell\BIN\Cache\Weather.ini
[INFO] No action will be taken on the file.
2007-8-13,11:30:53 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386.?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT.BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO?.DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR.JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD?.MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF.PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR.SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP.TTF .URL
.VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 HIGH
- Logfile report level 1
2007-8-13,11:41:14 [WARNING] Is the Trojan horse TR/Genetik.DF!
C:\WINDOWS\Temp\NODC14.tmp
[INFO] No action will be taken on the file.
2007-8-13,11:55:26 [WARNING] Is the Trojan horse TR/Genetik.DF!
C:\WINDOWS\Temp\NODC14.tmp
[INFO] No action will be taken on the file.
2007-8-13,13:21:18 [WARNING] Contains suspicious code HEUR/Crypted!
E:\System Volume Information\_restore{336E47CD-836A-4665-A9BB-FEF3FF2AB6D9}\RP201\A0044468.exe
[INFO] The file will be moved to quarantine.
2007-8-13,16:56:27 Avira AntiVir PersonalEdition Classic service has been stopped!
2007-8-14,8:43:26 ---------------------------------------------------------
2007-8-14,8:43:28 Keyfile contains a valid license. The Avira AntiVirPersonalEdition Classic will run as a fully functional version!
2007-8-14,8:43:28 AntiVir Guard version: 7.00.00.52,engine version 7.4.0.60,VDF version: 6.39.0.231
2007-8-14,8:43:29 Start Filter Device.
2007-8-14,8:43:29 Avira AntiVir PersonalEdition Classic has been started successfully!
2007-8-14,8:43:29 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386.?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT.BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO?.DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR.JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD?.MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF.PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR.SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP.TTF .URL
.VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 HIGH
- Logfile report level 1
2007-8-14,8:47:19 Update process started!
2007-8-14,8:47:22 Current Engine Version: 7.4.0.60
2007-8-14,8:47:22 Current Pattern File: 6.39.0.235 from 2007-8-13, 15:04
2007-8-14,11:09:47 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\OMZOQKCF\gol[1].htm
[ERROR] Unable to move the file to the quarantine directory:
[ERROR] Move to quarantine: cannot read from the source file
2007-8-14,12:58:59 [WARNING] Contains suspicious code HEUR/Crypted!
C:\WINDOWS\Temp\NODE80.tmp
[INFO] No action will be taken on the file.
2007-8-14,12:59:25 [WARNING] Contains suspicious code HEUR/Crypted!
C:\WINDOWS\Temp\NODE80.tmp
[INFO] The file will be moved to quarantine.
2007-8-14,13:00:44 [WARNING] Contains suspicious code HEUR/Crypted!
C:\WINDOWS\Temp\NODE97.tmp
[INFO] The file will be moved to quarantine.
2007-8-14,13:57:39 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\4SIZNZU7\gol[1].htm
[ERROR] Unable to move the file to the quarantine directory:
[ERROR] Move to quarantine: cannot read from the source file
2007-8-14,14:12:43 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\4SIZNZU7\gol[1].htm
[ERROR] Unable to move the file to the quarantine directory:
[ERROR] Move to quarantine: cannot read from the source file
2007-8-14,14:27:45 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\4SIZNZU7\gol[1].htm
[ERROR] Unable to move the file to the quarantine directory:
[ERROR] Move to quarantine: cannot read from the source file
2007-8-14,14:28:48 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\4SIZNZU7\index[7].htm
[INFO] The file will be moved to quarantine.
2007-8-14,14:28:51 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\16I1HUCX\rrr[1].htm
[INFO] The file will be moved to quarantine.
2007-8-14,14:28:51 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\16I1HUCX\rrr[1].htm
[ERROR] Unable to move the file to the quarantine directory:
[ERROR] Move to quarantine: cannot read from the source file
2007-8-14,14:28:54 [WARNING] Contains signature of the Java script virus JS/Dldr.Agent.LA!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\IQYLX9WQ\sys614[1].js
[INFO] The file will be deleted.
2007-8-14,14:28:54 [WARNING] Contains signature of the Java script virus JS/Dldr.Agent.LA!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\IQYLX9WQ\sys614[1].js
[INFO] The file will be deleted.
2007-8-14,14:28:59 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\E7QJATY7\vip[2].htm
[INFO] The file will be moved to quarantine.
2007-8-14,14:29:05 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\6P0VMXA5\sys07[1].htm
[INFO] The file will be moved to quarantine.
2007-8-14,14:29:05 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\6P0VMXA5\sys07[1].htm
2007-8-14,14:29:13 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\OL096N45\s[1].htm
2007-8-14,14:29:12 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\OL096N45\popup[2].htm
2007-8-14,14:29:18 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\OL096N45\rrr[1].htm
2007-8-14,14:29:12 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\OL096N45\popup[2].htm
2007-8-14,14:29:21 [WARNING] Contains signature of the Java script virus JS/Dldr.Agent.LA!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\XZ2T7PU9\sys614[1].js
[INFO] The file will be deleted.
2007-8-14,14:29:21 [WARNING] Contains signature of the Java script virus JS/Dldr.Agent.LA!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\XZ2T7PU9\sys614[1].js
[INFO] The file will be deleted.
2007-8-14,14:30:46 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\BJT991PU\pop1[1].htm
2007-8-14,14:33:41 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Application Data\Mozilla\Firefox\Profiles\mqybrkfl.default\Cache\1DEF41D4d01
[INFO] The file will be moved to quarantine.
2007-8-14,14:51:46 [WARNING] Is the Trojan horse TR/Genetik.DF!
C:\WINDOWS\Temp\NOD13CE.tmp
[INFO] The file will be deleted.
2007-8-14,14:57:52 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\2N4EEFAO\gol[1].htm
[ERROR] Unable to move the file to the quarantine directory:
[ERROR] Move to quarantine: cannot read from the source file
2007-8-14,15:12:55 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\2N4EEFAO\gol[1].htm
2007-8-14,15:27:57 [WARNING] Contains suspicious code HEUR/Exploit.HTML!
C:\Documents and Settings\jiangtao\Local Settings\Temporary Internet Files\Content.IE5\2N4EEFAO\gol[1].htm
[ERROR] Unable to move the file to the quarantine directory:
[ERROR] Move to quarantine: cannot read from the source file
最后几个病毒,老出现。是公司局域网中的毒,能告诉我方法解决,它是什么病毒,谢谢 |
发表于 2007-8-14 15:55:16
发表于 2007-8-14 16:01:35
楼主
