提供一所有杀软都无法完全查杀的病毒包.KAV查出3个,NOD32无法查杀

显示全部楼层 · 发表于 2008-9-18 13:36:16

提供一堆目录所有杀软都无法完全查杀的病毒包.不过我怀疑是同一个病毒.
NOD32完全无法查杀.KAV.KIS只查杀出3个
AVG也查不出来

我的服务器已经挂了.

[ 本帖最后由 kingshui 于 2008-9-18 13:38 编辑 ]

显示全部楼层 · 发表于 2008-9-18 13:53:11

咖啡：
2008-9-18 13:50:38 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\1JLVE53HOO.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:38 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\2V4WYMQ.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:38 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\5L6AK.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:38 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\63DCC.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:38 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\7S4GALN.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:38 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\9YRVZTG4M1KS.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:38 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\9ZRRW64.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:38 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\A2GVGWY.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:38 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\abbbbd.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:38 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\AIDQ3TLK1DL4.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:38 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\AS804AE.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:38 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\DQO2O.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:38 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\EGXBOQLY3NE1.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:39 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\f.exe BackDoor-CKB (特洛伊)
2008-9-18 13:50:39 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\FL99G4CG.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:39 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\G0ZM8EN79KDN.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:39 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\G38UIDSEJ.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:39 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\IV4BAY.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:39 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\Jay\f.exe BackDoor-CKB (特洛伊)
2008-9-18 13:50:40 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\JVKN4ZO8.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:40 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\M42X4L842V0.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:40 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\M4A36LD.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:40 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\NDXB6OUD.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:40 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\NG6JT.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:40 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\NXHUGMY8.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:41 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\OHXAK8Y3.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:41 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\QD8HCQ.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:42 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\SVDA8VL0.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:42 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\WWJGZER0UE.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:42 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\X2N7ICD6Q75L.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:43 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\XVVES.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:43 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\YO97TE28S2JC.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:43 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\ZBFNI.exe Generic Dropper.aj (特洛伊)
2008-9-18 13:50:43 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\ZeHin\32599773.exe Generic PUP.x (可能有害的程序)
2008-9-18 13:50:43 已删除    E50951B2807449C\Administrator C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\Administrator\桌面\bindu\ZL4VFA8W5.exe Generic Dropper.aj (特洛伊)

显示全部楼层 · 发表于 2008-9-18 14:00:55

昨天还不行的.

现在能查出来我就要换杀软了.

显示全部楼层 · 发表于 2008-9-18 14:05:06

费尔30

显示全部楼层 · 发表于 2008-9-18 14:07:48

NOD到现在还没能杀出一个来.

显示全部楼层 · 发表于 2008-9-18 14:13:13

Starting the file scan:

Begin scan in 'E:\Download\Virus\bindu\bindu'
E:\Download\Virus\bindu\bindu\1JLVE53HOO.exe
[DETECTION] Is the TR/Antiav.LT Trojan
[NOTE]    The file was deleted!
E:\Download\Virus\bindu\bindu\2V4WYMQ.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4905f156.qua'!
E:\Download\Virus\bindu\bindu\5L6AK.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4907f14c.qua'!
E:\Download\Virus\bindu\bindu\63DCC.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4915f133.qua'!
E:\Download\Virus\bindu\bindu\7S4GALN.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4905f154.qua'!
E:\Download\Virus\bindu\bindu\9YRVZTG4M1KS.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4923f15a.qua'!
E:\Download\Virus\bindu\bindu\9ZRRW64.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4923f15b.qua'!
E:\Download\Virus\bindu\bindu\A2GVGWY.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4918f134.qua'!
E:\Download\Virus\bindu\bindu\abbbbd.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4933f164.qua'!
E:\Download\Virus\bindu\bindu\AIDQ3TLK1DL4.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4915f14b.qua'!
E:\Download\Virus\bindu\bindu\AS804AE.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4909f155.qua'!
E:\Download\Virus\bindu\bindu\DQO2O.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4920f154.qua'!
E:\Download\Virus\bindu\bindu\EGXBOQLY3NE1.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4929f14a.qua'!
E:\Download\Virus\bindu\bindu\f.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
E:\Download\Virus\bindu\bindu\FL99G4CG.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '490af150.qua'!
E:\Download\Virus\bindu\bindu\G0ZM8EN79KDN.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '492bf134.qua'!
E:\Download\Virus\bindu\bindu\G38UIDSEJ.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4909f137.qua'!
E:\Download\Virus\bindu\bindu\IV4BAY.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4905f15b.qua'!
E:\Download\Virus\bindu\bindu\JVKN4ZO8.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '491cf15b.qua'!
E:\Download\Virus\bindu\bindu\M42X4L842V0.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4903f139.qua'!
E:\Download\Virus\bindu\bindu\M4A36LD.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4912f139.qua'!
E:\Download\Virus\bindu\bindu\NDXB6OUD.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '48a032eb.qua'!
E:\Download\Virus\bindu\bindu\NG6JT.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4907f14d.qua'!
E:\Download\Virus\bindu\bindu\NXHUGMY8.exe
[DETECTION] Is the TR/Antiav.LT Trojan
[NOTE]    The file was deleted!
E:\Download\Virus\bindu\bindu\OHXAK8Y3.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4929f14f.qua'!
E:\Download\Virus\bindu\bindu\QD8HCQ.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4909f14b.qua'!
E:\Download\Virus\bindu\bindu\sethc.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.LB program
[NOTE]    The file was deleted!
E:\Download\Virus\bindu\bindu\SVDA8VL0.exe
[DETECTION] Is the TR/Antiav.LT Trojan
[NOTE]    The file was deleted!
E:\Download\Virus\bindu\bindu\WWJGZER0UE.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '491bf15f.qua'!
E:\Download\Virus\bindu\bindu\X2N7ICD6Q75L.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '491ff13a.qua'!
E:\Download\Virus\bindu\bindu\XVVES.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4927f15f.qua'!
E:\Download\Virus\bindu\bindu\YO97TE28S2JC.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '490af158.qua'!
E:\Download\Virus\bindu\bindu\ZBFNI.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4917f14b.qua'!
E:\Download\Virus\bindu\bindu\ZL4VFA8W5.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '488c32f7.qua'!
E:\Download\Virus\bindu\bindu\Jay\f.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
E:\Download\Virus\bindu\bindu\JoLin\32599773.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon.dvxw back-door program
[NOTE]    The file was deleted!

End of the scan: 2008年9月18日星期四  14:11
Used time: 00:19 Minute(s)

The scan has been done completely.

   5 Scanning directories
   63 Files were scanned
   7 viruses and/or unwanted programs were found
   29 Files were classified as suspicious:
   7 files were deleted
   0 files were repaired
   29 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   27 Files not concerned
   0 Archives were scanned
   0 Warnings
   36 Notes

显示全部楼层 · 发表于 2008-9-18 14:14:10

剩下的TO KL

显示全部楼层 · 发表于 2008-9-18 18:22:01

信息 2008-09-18  18:21:37 您此次查毒隔离了38个文件
信息 2008-09-18  18:21:37 您此次查毒共查出38个病毒以及危险代码
信息 2008-09-18  18:21:37 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件65个
信息 2008-09-18  18:21:37 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒

显示全部楼层 · 发表于 2008-9-18 19:22:55

北京江民新科技术有限公司

扫描引擎 11.00.800
病毒库日期 2008-09-18
更新日期 2008-09-18

扫描目标 D:\My Documents\桌面\bindu\

开始时间 2008-09-18 19:21:19

在 D:\My Documents\桌面\bindu\bindu\1JLVE53HOO.exe 中发现 Trojan/AntiAV.by 病毒, 已删除
在 D:\My Documents\桌面\bindu\bindu\f.exe 中发现 Backdoor/Agent.bshb 病毒, 已删除
在 D:\My Documents\桌面\bindu\bindu\NXHUGMY8.exe 中发现 Trojan/AntiAV.by 病毒, 已删除
在 D:\My Documents\桌面\bindu\bindu\SVDA8VL0.exe 中发现 Trojan/AntiAV.by 病毒, 已删除
在 D:\My Documents\桌面\bindu\bindu\ZeHin\32599773.exe 中发现 Backdoor/Huigezi.2008.sth 病毒, 已删除
在 D:\My Documents\桌面\bindu\bindu\Remote\Remote.exe 中发现 Backdoor/Huigezi.2008.sla 病毒, 已删除
在 D:\My Documents\桌面\bindu\bindu\Jay\f.exe 中发现 Backdoor/Agent.bshb 病毒, 已删除
正常结束。

扫描结果:
文件数 :63 病毒体 :7

显示全部楼层 · 发表于 2008-9-18 19:57:09

kav8.0 全杀病毒库2008-09-18-18：00：01

[病毒样本] 提供一所有杀软都无法完全查杀的病毒包.KAV查出3个,NOD32无法查杀

本帖子中包含更多资源

本帖子中包含更多资源

回复 1楼 kingshui 的帖子