帮帮忙 感谢~~

喝牛奶的妖精

Version information:
BUILD.DAT    : 217           12749 Bytes   2006-12-5 17:00:00
AVSCAN.EXE   : 7.0.3.5      208936 Bytes   2007-3-12 14:45:24
AVSCAN.DLL   : 7.0.3.1       35880 Bytes   2006-12-5 09:00:22
LUKE.DLL     : 7.0.3.2      143400 Bytes  2006-10-31 09:07:46
LUKERES.DLL  : 7.0.2.0        9256 Bytes   2006-12-5 09:00:22
ANTIVIR0.VDF : 6.35.0.1    7371264 Bytes   2006-5-31 08:30:06
ANTIVIR1.VDF : 6.37.1.151  4303360 Bytes   2007-2-23 14:45:26
ANTIVIR2.VDF : 6.38.0.29    250880 Bytes    2007-3-9 14:45:26
ANTIVIR3.VDF : 6.38.0.39     26112 Bytes   2007-3-12 14:45:26
AVEWIN32.DLL : 7.3.1.41    2355712 Bytes   2007-3-12 14:45:27
AVPREF.DLL   : 7.0.2.0       23592 Bytes   2006-11-3 03:53:44
AVREP.DLL    : 6.38.0.6    1179688 Bytes   2007-3-12 14:45:26
AVRPBASE.DLL : 7.0.0.0     2162728 Bytes   2006-3-30 01:43:31
AVPACK32.DLL : 7.2.1.6      368680 Bytes   2007-3-12 14:45:27
AVREG.DLL    : 7.0.1.2       30760 Bytes   2007-3-12 14:45:24
NETNT.DLL    : No Information!
RCIMAGE.DLL  : 7.0.1.3     2097192 Bytes   2006-11-8 05:26:26
RCTEXT.DLL   : 7.0.12.1      77864 Bytes   2006-12-5 09:00:21
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
      [WARNING]   The file could not be opened!
C:\pagefile.sys
      [WARNING]   The file could not be opened!
C:\Program Files\KOS\Update\KOSInit.OCX
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '4649195f.qua'!
C:\WINDOWS\system32\bind_50010.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '46641add.qua'!
C:\WINDOWS\system32\Kingsoft\KOS\KOSInit.ocx
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '46491b0b.qua'!
Begin scan in 'D:\'
D:\System Volume Information\_restore{7C04E440-8BCF-40AF-9E20-7F0DE5853BFA}\RP6\A0001572.exe
      [DETECTION] Is the Trojan horse TR/QQ.Agent.A
      [INFO]      The file was moved to '46261afb.qua'!
D:\System Volume Information\_restore{7C04E440-8BCF-40AF-9E20-7F0DE5853BFA}\RP7\A0002007.exe
      [DETECTION] Contains signature of the application APPL/Tool.EvID4226.A
      [INFO]      The file was moved to '46261afd.qua'!
D:\QQGame\QQGame.exe
      [DETECTION] Is the Trojan horse TR/Spy.Agent.QK.2
      [INFO]      The file was moved to '463d1b23.qua'!
Begin scan in 'E:\'
Begin scan in 'F:\'

还有一个

Version information:
BUILD.DAT    : 217           12749 Bytes   2006-12-5 17:00:00
AVSCAN.EXE   : 7.0.3.5      208936 Bytes   2007-3-12 14:45:24
AVSCAN.DLL   : 7.0.3.1       35880 Bytes   2006-12-5 09:00:22
LUKE.DLL     : 7.0.3.2      143400 Bytes  2006-10-31 09:07:46
LUKERES.DLL  : 7.0.2.0        9256 Bytes   2006-12-5 09:00:22
ANTIVIR0.VDF : 6.35.0.1    7371264 Bytes   2006-5-31 08:30:06
ANTIVIR1.VDF : 6.37.1.151  4303360 Bytes   2007-2-23 14:45:26
ANTIVIR2.VDF : 6.38.0.29    250880 Bytes    2007-3-9 14:45:26
ANTIVIR3.VDF : 6.38.0.39     26112 Bytes   2007-3-12 14:45:26
AVEWIN32.DLL : 7.3.1.41    2355712 Bytes   2007-3-12 14:45:27
AVPREF.DLL   : 7.0.2.0       23592 Bytes   2006-11-3 03:53:44
AVREP.DLL    : 6.38.0.6    1179688 Bytes   2007-3-12 14:45:26
AVRPBASE.DLL : 7.0.0.0     2162728 Bytes   2006-3-30 01:43:31
AVPACK32.DLL : 7.2.1.6      368680 Bytes   2007-3-12 14:45:27
AVREG.DLL    : 7.0.1.2       30760 Bytes   2007-3-12 14:45:24
NETNT.DLL    : No Information!
RCIMAGE.DLL  : 7.0.1.3     2097192 Bytes   2006-11-8 05:26:26
RCTEXT.DLL   : 7.0.12.1      77864 Bytes   2006-12-5 09:00:21
Begin scan in 'C:\'
C:\hiberfil.sys
      [WARNING]   The file could not be opened!
C:\pagefile.sys
      [WARNING]   The file could not be opened!
C:\Documents and Settings\l\Local Settings\Temp\32\cdnunins.exe
      [DETECTION] Is the Trojan horse TR/Drop.Bastin.2
      [INFO]      The file was moved to '4664121e.qua'!
C:\Documents and Settings\l\Local Settings\Temp\34\cdnunins.exe
      [DETECTION] Is the Trojan horse TR/Drop.Bastin.2
      [INFO]      The file was moved to '4664121f.qua'!
C:\Documents and Settings\l\Local Settings\Temp\35\cdnunins.exe
      [DETECTION] Is the Trojan horse TR/Drop.Bastin.2
      [INFO]      The file was moved to '46641220.qua'!
C:\Documents and Settings\l\Local Settings\Temp\40\cdnunins.exe
      [DETECTION] Is the Trojan horse TR/Drop.Bastin.2
      [INFO]      The file was moved to '47f83b7d.qua'!
C:\Documents and Settings\l\Local Settings\Temp\41\cdnunins.exe
      [DETECTION] Is the Trojan horse TR/Drop.Bastin.2
      [INFO]      The file was moved to '46641221.qua'!
C:\Documents and Settings\l\Local Settings\Temp\47\cdnunins.exe
      [DETECTION] Is the Trojan horse TR/Drop.Bastin.2
      [INFO]      The file was moved to '47f83b7e.qua'!
C:\Documents and Settings\l\Local Settings\Temp\4B\cdnunins.exe
      [DETECTION] Is the Trojan horse TR/Drop.Bastin.2
      [INFO]      The file was moved to '46641222.qua'!
C:\Documents and Settings\l\Local Settings\Temp\7B\cdnunins.exe
      [DETECTION] Is the Trojan horse TR/Drop.Bastin.2
      [INFO]      The file was moved to '47f83b7f.qua'!
C:\Documents and Settings\l\Local Settings\Temporary Internet Files\Content.IE5\0TE301EF\KOSInit[1].cab
  [0] Archive type: CAB (Microsoft)
  --> KOSInit.ocx
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '46491243.qua'!
C:\Documents and Settings\l\Local Settings\Temporary Internet Files\Content.IE5\9TU3T3TY\1[1].htm
      [DETECTION] Contains signature of the VBS script virus VBS/Dldr.Agent.6171
      [INFO]      The file was moved to '462712d8.qua'!
C:\Documents and Settings\l\Local Settings\Temporary Internet Files\Content.IE5\OLO5AN4L\DuBaTool_WhBoy[1].BAT
      [DETECTION] The file name contains an executable file extension disguised as a harmless one HEUR-DBLEXT/Crypted
      [INFO]      The file was moved to '4638133a.qua'!
C:\Documents and Settings\l\Local Settings\Temporary Internet Files\Content.IE5\PWSBDHKX\end[1].js
      [DETECTION] Contains signature of the exploits EXP/IframeJS
      [INFO]      The file was moved to '465a135b.qua'!
C:\Documents and Settings\l\Local Settings\Temporary Internet Files\Content.IE5\QU7FVANT\barsetup[1]
      [DETECTION] Is the Trojan horse TR/Drop.QQHelp.FT.2
      [INFO]      The file was moved to '4668135c.qua'!
C:\Documents and Settings\l\Local Settings\Temporary Internet Files\Content.IE5\QU7FVANT\barsetup[2]
      [DETECTION] Is the Trojan horse TR/Drop.QQHelp.FT.2
      [INFO]      The file was moved to '4668135d.qua'!
C:\Documents and Settings\l\Local Settings\Temporary Internet Files\Content.IE5\QU7FVANT\barsetup[3]
      [DETECTION] Is the Trojan horse TR/Drop.QQHelp.FT.2
      [INFO]      The file was moved to '47f53d92.qua'!
C:\Documents and Settings\l\Local Settings\Temporary Internet Files\Content.IE5\YZYT07AP\barsetup[1]
      [DETECTION] Is the Trojan horse TR/Drop.QQHelp.FT.2
      [INFO]      The file was moved to '466813bb.qua'!
C:\Program Files\CNNIC\Cdn\cdnunins.exe
      [DETECTION] Is the Trojan horse TR/Drop.Bastin.2
      [INFO]      The file was moved to '46641552.qua'!
是第一次用红伞 什么都不懂 谁来帮帮我~~~
哪些是病毒啊~~如果不是病毒 怎么放到信任里面去啊

[ 本帖最后由 喝牛奶的妖精 于 2007-3-13 12:28 编辑 ]

evilcat

上来就看到了大名鼎鼎的CNNIC

绅博周幸

重复发帖，你的这些文件都是流氓，被红伞给查到了，建议杀掉，红伞这次没有误报

喝牛奶的妖精

不是我要发的啦 发的时候总是找不到服务器的说
谢谢咯
全部删掉就可以了阿？

绅博周幸

原帖由 喝牛奶的妖精 于 2007-3-13 12:33 发表
不是我要发的啦 发的时候总是找不到服务器的说
谢谢咯
全部删掉就可以了阿？

对付流氓还有讨价还价的余地吗，一个子：杀

喝牛奶的妖精

里面还有QQGame 啊 也要删掉么？

evilcat

去下个新版的QQGAME就好了，似乎旧的有点问题

喝牛奶的妖精

这样啊 那我试试看吧 非常感谢
呼~~没办法 我是一点都不懂呢
嗯！！~嗯！！~从现在开始要好好学习天天向上~~
嗬嗬

enpigie

这是一个流氓的世界

周杰伦

红伞没有误报，建议全部删除