- 浏览: 357337 次
文章分类
- 全部博客 (401)
- hibernate 入门 (24)
- it生活 (3)
- MapReduce 算法设计 (1)
- Android (13)
- java (6)
- web (4)
- 技术文章 (9)
- javascript (1)
- html5 (1)
- 数据库 (3)
- jquary (1)
- 1.网站首页原创Java技术区(对首页文章的要求: 原创、高质量、经过认真思考并精心写作。BlogJava管理团队会对首页的文章进行管理。) (0)
- 2.Java新手区 (0)
- 4.其他技术区 (0)
- 6.转载区(Java技术文章转载, 请注明原文出处) (0)
- 5.提问区(Java方面的技术提问) (0)
- servlet (1)
- IT 生活 (2)
- Struts2 (2)
- Struts 2 教程 (2)
- jQuery (1)
- DOM (1)
- ibatis,hibernate (1)
- 数据分析师 (1)
最新评论
-
NIIT_zhu:
我现在要做一个 基于exchange 2010的webmail ...
Exchange 2003 升级到Exchange 2010 之申请证书并分配服务! -
yinren13:
实在不行试试简单易用的turbomeeting,连接速度很快的 ...
QQ远程协助没动静?QQ版本有讲究 -
jicu7766240:
写得很好。赞一个!2年开发的我深有感触。这些我觉得说得很对。要 ...
老程序员的忠告:不要做浮躁的软件工程师 -
haohao-xuexi02:
好像很多人都买起却看不起书。。找各种理由不看。。我的书也这样 ...
老程序员的忠告:不要做浮躁的软件工程师 -
Judy123456:
希望可以提供源代码噢,我最近正好在学这个底部菜单,非常希望楼 ...
Android仿微信底部菜单
360卫士 是 木马?
换了台电脑使用,装上了QQ电脑管家。使用过程中QQ电脑管家弹出如下提示:
用FileInfo提取这个被QQ电脑管家报为木马的文件的信息:
文件说明符 : C:\Program Files\Common Files\2.1.exe
属性 : A---
数字签名:360.cn
PE文件:是
语言 : 中文(简体,中国)
文件版本 : 7, 5, 0, 1231
说明 : 360安全卫士 主程序
版权 : (C) 360.cn Inc. All Rights Reserved.
产品版本 : 7, 5, 0, 1231
产品名称 : 360安全卫士
公司名称 : 360.cn
内部名称 : 360Safe
源文件名 : 360Safe.EXE
创建时间 : 2012-2-20 21:44:5
修改时间 : 2012-1-2 11:6:22
大小 : 882008 字节 861.344 KB
MD5 : 85f3403cbc0a73cc43241e644b11c6fa
SHA1: F0185B542712B5BED0F975C8D11665E18FBD358D
CRC32: 3ad81b86
原来是360卫士……
难道上误报?上传 https://www.virustotal.com/ 使用多引擎扫描结果如下:
SHA256: | 8ed8cbdc05804d8fcc61674ed93eb3ad55fd6cfe675a8d724298e9eff1cae274 |
SHA1: | f0185b542712b5bed0f975c8d11665e18fbd358d |
MD5: | 85f3403cbc0a73cc43241e644b11c6fa |
File size: | 861.3 KB ( 882008 bytes ) |
File name: | 2.1.exe |
File type: | Win32 EXE |
Detection ratio: | 33 / 42 |
Analysis date: | 2012-05-02 05:07:36 UTC ( 0 分钟 ago ) |
details
AhnLab-V3 | Trojan/Win32.Scar | 20120501 |
AntiVir | TR/Crypt.XPACK.Gen3 | 20120502 |
Antiy-AVL | Trojan/Win32.Scar.gen | 20120502 |
Avast | Win32:Sentry [Trj] | 20120502 |
AVG | Clicker.AUYR | 20120501 |
BitDefender | Trojan.Clicker.NAA | 20120502 |
ByteHero | - | 20120430 |
CAT-QuickHeal | - | 20120501 |
ClamAV | - | 20120501 |
Commtouch | - | 20120502 |
Comodo | UnclassifiedMalware | 20120501 |
DrWeb | Trojan.MulDrop2.62632 | 20120502 |
Emsisoft | Trojan-Clicker.Win32.Cookster!IK | 20120502 |
eSafe | Win32.TRCrypt.XPACK | 20120430 |
eTrust-Vet | Win32/Cookster.E | 20120501 |
F-Prot | - | 20120501 |
F-Secure | Trojan.Clicker.NAA | 20120502 |
Fortinet | W32/Scar.EID!tr | 20120502 |
GData | Trojan.Clicker.NAA | 20120502 |
Ikarus | Trojan-Clicker.Win32.Cookster | 20120502 |
Jiangmin | Trojan/JmGeneric.bwc | 20120502 |
K7AntiVirus | Riskware | 20120501 |
Kaspersky | Trojan.Win32.Scar.fuwz | 20120502 |
McAfee | Generic.dx!bcsf | 20120502 |
McAfee-GW-Edition | Generic.dx!bcsf | 20120501 |
Microsoft | TrojanClicker:Win32/Cookster.A | 20120501 |
NOD32 | Win32/TrojanClicker.Cookster.A | 20120502 |
Norman | W32/Troj_Generic.HYXO | 20120501 |
nProtect | Trojan-Clicker/W32.Agent.882008 | 20120501 |
Panda | Generic Trojan | 20120501 |
PCTools | Trojan.ADH | 20120430 |
Rising | Trojan.Win32.Generic.12B09877 | 20120428 |
Sophos | - | 20120502 |
SUPERAntiSpyware | - | 20120402 |
Symantec | Trojan.ADH | 20120502 |
TheHacker | - | 20120502 |
TrendMicro | TROJ_CLICKER.JDM | 20120502 |
TrendMicro-HouseCall | TROJ_CLICKER.JDM | 20120502 |
VBA32 | Trojan.Scar.fuwz | 20120430 |
VIPRE | Trojan.Win32.Generic!BT | 20120502 |
ViRobot | - | 20120502 |
VirusBuster | Trojan.CL.Cookster!/GvIURofFQc | 20120501 |
ssdeep 24576:fSM735L5U/KeyV2fUmmDTAF1bD8p5/mdD0kL:/735LKaTAT0p5/mLL |
TrID Win32 Executable MS Visual C++ (generic) (75.0%) |
PEiD packer identifier Armadillo v1.71 |
ExifTool SpecialBuild.............: LegalTrademarks..........: SubsystemVersion.........: 4.0Comments.................: LinkerVersion............: 6.0ImageVersion.............: 0.0FileSubtype..............: 0FileVersionNumber........: 7.5.0.1231LanguageCode.............: Chinese (Simplified)FileFlagsMask............: 0x003fFileDescription..........: 360CharacterSet.............: UnicodeInitializedDataSize......: 438272FileOS...................: Win32PrivateBuild.............: MIMEType.................: application/octet-streamLegalCopyright...........: (C) 360.cn Inc. All Rights Reserved.FileVersion..............: 7, 5, 0, 1231TimeStamp................: 2011:11:13 12:13:58+01:00FileType.................: Win32 EXEPEType...................: PE32InternalName.............: 360SafeProductVersion...........: 7, 5, 0, 1231UninitializedDataSize....: 0OSVersion................: 4.0OriginalFilename.........: 360Safe.EXESubsystem................: Windows GUIMachineType..............: Intel 386 or later, and compatiblesCompanyName..............: 360.cnCodeSize.................: 450560ProductName..............: 360ProductVersionNumber.....: 7.5.0.1231EntryPoint...............: 0x26f7eObjectFileType...........: Executable application |
Sigcheck publisher................: 360.cnproduct..................: 360____internal name............: 360Safecopyright................: (C) 360.cn Inc. All Rights Reserved.original name............: 360Safe.EXEcomments.................: file version.............: 7, 5, 0, 1231description..............: 360____ ___ |
Portable Executable structural information Compilation timedatestamp.....: 2011-11-13 11:13:58Target machine................: 0x14C (Intel 386 or later processors and compatible processors)Entry point address...........: 0x00026F7EPE Sections...................:Name Virtual Address Virtual Size Raw Size Entropy MD5.text 4096 449310 450560 6.62 0f9b34453e554923908bf10cda3164ec.rdata 454656 87842 90112 4.60 a7d94d77583bac6599587fc274245dd2.data 544768 48392 32768 3.76 1770ccb49b49a919dd83fc31f6ab5871.rsrc 593920 299008 299008 5.13 b1fb42f6f7e57b3210e1fc762e639f3bPE Imports....................:comdlg32.dllGetSaveFileNameA, GetOpenFileNameA, GetFileTitleAOLEPRO32.DLLoledlg.dllWININET.dllInternetCanonicalizeUrlA, InternetGetCookieA, InternetSetCookieA, InternetSetStatusCallback, InternetSetOptionExA, InternetOpenUrlA, InternetCloseHandle, InternetOpenA, InternetQueryOptionA, InternetCrackUrlA, InternetWriteFile, InternetReadFile, InternetQueryDataAvailable, InternetGetLastResponseInfoA, GopherFindFirstFileA, InternetFindNextFileA, FtpFindFirstFileA, HttpQueryInfoA, HttpSendRequestExA, HttpEndRequestA, HttpSendRequestA, HttpAddRequestHeadersA, InternetErrorDlg, HttpOpenRequestA, GopherOpenFileA, GopherGetAttributeA, GopherCreateLocatorA, FtpGetFileA, FtpPutFileA, FtpOpenFileA, FtpGetCurrentDirectoryA, FtpSetCurrentDirectoryA, FtpRemoveDirectoryA, FtpCreateDirectoryA, FtpRenameFileA, FtpDeleteFileA, InternetConnectA, InternetSetFilePointerGDI32.dllSaveDC, RestoreDC, SelectObject, SelectPalette, SetBkMode, SetPolyFillMode, SetROP2, SetStretchBltMode, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowOrgEx, OffsetWindowOrgEx, SetWindowExtEx, ScaleWindowExtEx, SelectClipRgn, ExcludeClipRect, IntersectClipRect, OffsetClipRgn, MoveToEx, LineTo, SetTextAlign, SetTextJustification, SetTextCharacterExtra, SetMapperFlags, GetCurrentPositionEx, ArcTo, SetArcDirection, PolyDraw, PolylineTo, SetColorAdjustment, PolyBezierTo, StartDocA, GetClipRgn, CreateRectRgn, SelectClipPath, ExtSelectClipRgn, PlayMetaFileRecord, GetObjectType, EnumMetaFile, PlayMetaFile, GetViewportExtEx, GetWindowExtEx, CreatePen, ExtCreatePen, CreateSolidBrush, CreateHatchBrush, CreatePatternBrush, CreateDIBPatternBrushPt, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, GetTextExtentPoint32A, GetTextMetricsA, CreateFontIndirectA, DPtoLP, LPtoDP, CopyMetaFileA, CreateDCA, GetMapMode, PatBlt, SetRectRgn, CombineRgn, CreateRectRgnIndirect, DeleteDC, GetStockObject, GetDeviceCaps, GetBkColor, GetTextColor, GetObjectA, SetBkColor, SetTextColor, GetClipBox, GetDCOrgEx, GetTextExtentPointA, BitBlt, CreateCompatibleDC, DeleteObject, CreateDIBitmap, CreateBitmapSHELL32.dllDragQueryFileA, DragFinish, SHGetFileInfoA, DragAcceptFiles, ExtractIconAKERNEL32.dllTlsAlloc, GlobalHandle, TlsFree, GlobalReAlloc, TlsSetValue, LocalReAlloc, TlsGetValue, GlobalFlags, GetPrivateProfileIntA, GetPrivateProfileStringA, WritePrivateProfileStringA, GetCurrentDirectoryA, GetProcessVersion, SizeofResource, GetCPInfo, GetOEMCP, FindNextFileA, GetFileAttributesA, GetFileSize, GetFileTime, LocalFileTimeToFileTime, SystemTimeToFileTime, SetFileTime, SetFileAttributesA, SetErrorMode, GlobalSize, RtlUnwind, RaiseException, GetTimeZoneInformation, GetSystemTimeAsFileTime, GetCommandLineA, HeapFree, CreateThread, ExitThread, HeapAlloc, GetSystemTime, GetLocalTime, HeapReAlloc, HeapSize, GetACP, SetStdHandle, GetFileType, FatalAppExitA, SetUnhandledExceptionFilter, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, FileTimeToLocalFileTime, GetStdHandle, GetEnvironmentVariableA, GetVersionExA, HeapDestroy, HeapCreate, VirtualFree, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW, VirtualAlloc, IsBadWritePtr, GetDriveTypeA, IsBadReadPtr, IsBadCodePtr, IsValidLocale, IsValidCodePage, GetLocaleInfoA, EnumSystemLocalesA, GetUserDefaultLCID, SetConsoleCtrlHandler, GetLocaleInfoW, CompareStringA, CompareStringW, SetEnvironmentVariableA, GetProfileStringA, InterlockedExchange, ReadFile, CloseHandle, WaitForSingleObject, CreateProcessA, GetStartupInfoA, CreatePipe, GetModuleFileNameA, GetLastError, CreateMutexA, Sleep, ExitProcess, WinExec, CopyFileA, Process32Next, TerminateProcess, FileTimeToSystemTime, MulDiv, GetShortPathNameA, GetThreadLocale, GetStringTypeExA, GetFullPathNameA, GetVolumeInformationA, FindFirstFileA, FindClose, MoveFileA, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, GetCurrentProcess, OpenProcess, Process32First, CreateToolhelp32Snapshot, DeleteFileA, WriteFile, SetFilePointer, CreateFileA, GetTickCount, DuplicateHandle, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, LocalAlloc, EnterCriticalSection, SetLastError, lstrcpynA, lstrlenW, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, lstrcpyA, GetModuleHandleA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, WideCharToMultiByte, FindResourceA, LoadResource, CreateEventA, SuspendThread, SetThreadPriority, ResumeThread, SetEvent, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, MultiByteToWideChar, InterlockedDecrement, InterlockedIncrement, FormatMessageA, LocalFree, lstrlenA, SetHandleCountWINSPOOL.DRV DocumentPropertiesA, ClosePrinter, OpenPrinterAADVAPI32.dllRegDeleteValueA, RegCreateKeyA, RegEnumKeyA, RegQueryValueA, RegSetValueA, RegDeleteKeyA, RegCloseKey, RegCreateKeyExA, RegOpenKeyA, RegQueryValueExA, RegOpenKeyExA, RegSetValueExAole32.dllOleInitialize, OleUninitialize, CoUninitialize, CoCreateInstance, CoInitialize, CLSIDFromProgID, CLSIDFromString, CoGetClassObject, StgOpenStorageOnILockBytes, StgCreateDocfileOnILockBytes, CreateILockBytesOnHGlobal, CoTaskMemFree, CoTaskMemAlloc, CoDisconnectObject, OleRun, OleDuplicateData, CreateBindCtx, SetConvertStg, WriteFmtUserTypeStg, WriteClassStg, OleRegGetUserType, ReadFmtUserTypeStg, ReadClassStg, StringFromCLSID, CoTreatAsClass, CreateStreamOnHGlobal, OleIsCurrentClipboard, OleFlushClipboard, OleSetClipboard, CoRevokeClassObject, CoRegisterClassObject, CoRegisterMessageFilter, CoFreeUnusedLibraries, ReleaseStgMediumCOMCTL32.dllWS2_32.dll -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -USER32.dllDrawTextA, GrayStringA, LoadStringA, LoadCursorA, SetCapture, ReleaseCapture, WaitMessage, GetWindowThreadProcessId, WindowFromPoint, GetClassNameA, PtInRect, InsertMenuA, DeleteMenu, GetMenuStringA, GetSysColorBrush, GetDialogBaseUnits, DestroyMenu, CopyAcceleratorTableA, SetRect, GetNextDlgGroupItem, MessageBeep, AppendMenuA, RemoveMenu, SetRectEmpty, LoadAcceleratorsA, TranslateAcceleratorA, LoadMenuA, SetMenu, ReuseDDElParam, UnpackDDElParam, InvalidateRect, BringWindowToTop, InflateRect, RegisterClipboardFormatA, PostThreadMessageA, DestroyIcon, ClientToScreen, wvsprintfA, CharNextA, MoveWindow, SetWindowTextA, IsDialogMessageA, ScrollWindowEx, IsDlgButtonChecked, SetDlgItemTextA, SetDlgItemInt, GetDlgItemTextA, GetDlgItemInt, CheckRadioButton, CheckDlgButton, CharUpperA, GetDesktopWindow, MapDialogRect, SetWindowContextHelpId, UpdateWindow, SendDlgItemMessageA, MapWindowPoints, GetSysColor, SetFocus, AdjustWindowRectEx, ScreenToClient, EqualRect, DeferWindowPos, BeginDeferWindowPos, CopyRect, EndDeferWindowPos, ScrollWindow, GetScrollInfo, TabbedTextOutA, ShowScrollBar, GetScrollRange, SetScrollRange, GetScrollPos, SetScrollPos, GetTopWindow, IsChild, GetCapture, WinHelpA, wsprintfA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, TrackPopupMenu, SetWindowPlacement, GetWindowTextLengthA, GetWindowTextA, GetDlgCtrlID, CreateWindowExA, GetClassLongA, SetPropA, GetPropA, CallWindowProcA, DefWindowProcA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, GetWindow, SetWindowLongA, SetWindowPos, RegisterWindowMessageA, OffsetRect, IntersectRect, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, EndDialog, SetActiveWindow, IsWindow, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, UnhookWindowsHookEx, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, GetParent, GetLastActivePopup, EndPaint, BeginPaint, GetWindowDC, ReleaseDC, SetScrollInfo, GetDC, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, ShowOwnedPopups, PostQuitMessage, PostMessageA, OemToCharA, CharToOemA, KillTimer, IsIconic, GetSystemMetrics, GetClientRect, DrawIcon, SendMessageA, SetTimer, EnableWindow, ShowWindow, LoadIconA, IsWindowUnicode, DefDlgProcA, DrawFocusRect, ExcludeUpdateRgn, ShowCaret, HideCaret, UnregisterClassA, RemovePropAOLEAUT32.dll-, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -PE Exports....................: |
First seen by VirusTotal 2012-01-19 01:43:28 UTC ( 3 月, 2 周 ago ) |
42个杀毒软件,32个检测为木马……
相关推荐
《360安全卫士:木马查杀与系统防护详解》 在信息化时代,网络安全问题日益凸显,其中木马病毒作为一类隐蔽性极强的恶意软件,对用户的个人信息安全构成严重威胁。针对这一问题,360安全卫士应运而生,成为众多用户...
360安全卫士使用新的木马评估技术,搭载新版360云查杀引擎,更精确的识别和打击木马、病毒,由360安全专家潜心研制的木马特征识别技术,大幅提升侦测未知木马的能力,特有的威胁感知技术,能有效解决木马绕过传统...
360安全卫士拥有查杀木马、清理插件、修复漏洞、电脑体检、保护隐私等多种功能,并独创了“木马防火墙”“360密盘”等功能,依靠抢先侦测和云端鉴别,可全面、智能地拦截各类木马,保护用户的帐号、隐私等重要信息。...
这是一款最新的软件,让您的电脑安全的上网不受任何侵害
1.顽固型木马查杀及部分感染型木马感染文件的修复 可查杀机器狗、U盘病毒、磁碟机等数十种顽固型木马 修复360安全卫士及360保险箱 建议您在断网或者安全模式下使用专杀大全,效果会更佳(开机后按F8可...
新年刚到就出现一个超前木马,能一次复制上千个,请大家注意
并修复360安全卫士及360保险箱 木马监控及强力压制 在查杀木马后开启木马监控功能,可以防止木马再次启动,在重启前有效。 漏洞检测与主动防御 调用360安全卫士最强主动防御类功能,对系统进行全面检测 360顽固...
在描述中提到,当电脑已经受到木马的侵扰,以至于360安全卫士这类常见的安全防护软件无法安装或启动时,这款专杀大全就能发挥其作用。它能够深入系统底层,检测并消除那些隐藏极深、对抗反病毒软件的顽固木马,从而...
- **软件功能**:360安全卫士提供多种功能,包括电脑防护、优化清理、查杀恶意软件等,如电脑体检、清理浏览器插件、木马查杀、系统漏洞修复、系统性能优化、软件管理等,并有浏览器防护和系统防护措施。...
360安全卫士是由奇虎公司推出的完全免费的安全类上网辅助工具软件,它拥有查杀流行木马、清理恶评及系统插件,管理应用软件,卡巴斯基杀毒,系统实时保护,修复系统漏洞等数个强劲功能,同时还提供系统全面诊断,弹...
360安全卫士是一款广泛使用的中国个人电脑安全软件,它提供了病毒扫描、木马查杀、系统清理和优化等功能。然而,有时候,一些非恶意的程序或者用户自定义的软件可能会被误判为威胁,从而无法正常运行。这时,“360...
360首页安全卫士杀毒安全浏览器保险箱系统急救箱手机卫士安全播报百科求助论坛游戏 360首页 > 360安全提示 360安全卫士7.0正式版发布啦!(炫彩换肤、新增流量监控) 来源:360安全中心 发布日期:2010-04-02 已有...
360 4.4.1安全卫士是一款由中国360公司开发的综合性安全防护软件,其主要功能包括系统漏洞修复、木马查杀以及系统优化等,旨在为用户提供全面的网络安全保护。这款安全卫士版本号为4.4.1,表明它是该系列的最新迭代...
360卫士的核心功能包括病毒查杀、木马防御、垃圾清理、系统优化、网络防护等。病毒查杀模块采用先进的云查杀技术,能实时更新病毒库,对各种新型恶意软件进行有效拦截。木马防御则针对潜伏型恶意程序,保护用户的...
目前木马威胁之大已远超病毒,360安全卫士在杀木马、防盗号、保护网银游戏等各种帐号和隐私安全、防止电脑变肉鸡等方面表现出色,被誉为“防范木马的第一选择”。此外,360安全卫士自身非常轻巧,还可以优化系统,...
《360安全卫士漏洞修复单文件版详解》 在数字时代,计算机系统的安全问题日益突出,其中,系统漏洞是网络安全的一大隐患。360安全卫士作为一款知名的免费安全软件,其漏洞修复功能备受用户青睐。本文将详细介绍360...
360安全卫士是国内最受欢迎免费安全软件,它拥有查杀流行木马、清理恶评及系统插件,管理应用软件,卡巴斯基杀毒,系统实时保护,修复系统漏洞等数个强劲功能,同时还提供系统全面诊断,弹出插件免疫,清理使用痕迹...
360安全卫士,作为一款备受用户信赖的安全防护软件,它集成了多种功能,旨在为用户提供全面的系统安全保护,防止病毒、木马等恶意软件侵入系统。这款软件的最新版本360se_2.0.exe,不仅在性能上有所提升,而且用户...