我朋友说是木马

显示全部楼层 · 发表于 2007-11-29 21:54:20

我朋友说是木马，我用小红伞扫过没反应，各位试试看

显示全部楼层 · 发表于 2007-11-29 22:02:36

Win32:Agent-EPC [Trj]

显示全部楼层 · 发表于 2007-11-29 22:09:09

驱逐舰无反应啊!

[ 本帖最后由 maybe00 于 2007-11-29 22:25 编辑 ]

显示全部楼层 · 发表于 2007-11-29 22:20:17

文件名称 :    sd.exe
文件大小 :    65204 byte
文件类型 :    MS-DOS executable (EXE), OS/2 or MS Windows
MD5 :    05640d52097bea5380eb40297cbdcaea
SHA1 :    cb5ca70e74b6017b71e71e840bd3367a054ca9fe

扫描结果扫描结果 :    33%的杀软(12/36)报告发现病毒
时间 :    2007/11/29 22:17:17 (CST)
软件名称引擎版本病毒库版本病毒库时间扫描结果时间
a-squared 3.0.0.126 2007.11.28 2007-11-28 - 3.278
AntiVir 7.6.0.35 7.0.1.23 2007-11-29 - 2.124
Arcavir 1.0.4 200711282024 2007-11-28 - 1.346
AVAST 1.0.8 071128-0 2007-11-28 Win32:Agent-EPC [Trj] 3.048
AVG 7.5.49.442 269.16.9/1158 2007-11-28 - 1.818
BitDefender 7.60825.957065 7.16017 2007-11-29 Backdoor.Pcclient.ADO 3.338
CA (VET) 9.0.0.143 31.3.5335 2007-11-29 - 0.746
ClamAV 0.91.2 4951 2007-11-29 - 0.049
Comodo 2.11 2.0.0.358 2007-11-29 - 0.888
CP Secure 1.1.0.655 2007.11.29 2007-11-29 BackDoor.W32.PcClient.ahi 4.974
Dr.WEB 4.44.0.9170 2007.11.29 2007-11-29 - 3.506
ewido 4.0.0.2 2007.11.28 2007-11-28 - 2.179
F-PROT 4.4.1.52 20071128 2007-11-28 Possible W32/Heuristic-162!Eldorado (not disinfectable) 1.423
F-SECURE 5.51.6100 2007.11.29.02 2007-11-29 - 3.445
IKARUS T3.1.01.15 2007.11.26.69895 2007-11-26 - 1.169
MKS_VIR 2.01 2007.11.29 2007-11-29 - 4.415
NOD32 2.70.10 2692 2007-11-28 - 0.035
NORMAN 5.91.08 5.90 2007-11-28 W32/Smalldoor.AVSB 4.728
nProtect 2007-11-28.00 1071649 2007-11-28 Backdoor/W32.PcClient.54128 11.452
Prevx V2 20071129 2007-11-29 TROJAN.DOWNLOADER.GEN 6.962
QuickHeal 9.00 2007.11.28 2007-11-28 Suspicious - DNAScan 2.539
SOPHOS 2.49.1 4.21 2007-11-26 - 5.241
The Hacker 6.2.9 v00144 2007-11-27 - 0.955
VBA32 3.12.2.5 20071129.1027 2007-11-29 Backdoor.PcClient.36 (suspicious) 1.295
ViRobot 20071128 2007.11.28 2007-11-28 - 0.673
VirusBuster 4.3.19:9 9.115.13/11.0 2007-11-28 - 1.088
卡巴斯基 5.5.10 2007.11.29 2007-11-29 - 7.363
安博士V3 2007.11.29.00 2007.11.29 2007-11-29 - 0.893
江民杀毒 10.00.650 2007.11.28 2007-11-28 - 1.456
熊猫卫士 9.04.03.0001 2007.11.29 2007-11-29 Suspicious file 3.098
瑞星 19.0 20.20.22.00 2007-11-28 Backdoor.Win32.PcShare.k 2.527
赛门铁克 1.3.0.24 20071128.002 2007-11-28 - 0.180
趋势 8.500-1001 4.854.10 2007-11-29 - 0.041
迈克菲 5.2.00 5173 2007-11-28 BackDoor-CKB 1.461

显示全部楼层 · 发表于 2007-11-29 22:35:06

在沙盘运行时小红伞报了
Found a virus or unwanted program 'HEUR/Malware' [HEUR/Malware]
in file 'C:\Sandbox\Administrator\DefaultBox\drive\C\WINNT\system32\ncfbur.dll'.
Action taken: Deny access

显示全部楼层 · 发表于 2007-11-29 22:45:05

已上报红伞~

显示全部楼层 · 发表于 2007-11-29 22:49:25

微点有拦截。。

显示全部楼层 · 发表于 2007-11-29 23:01:35

The file 'sd.exe' has been determined to be 'MALWARE'. Our analysts named the threat BDS/Pcclient.bao. The term "BDS/" denotes a Backdoor-Server program. Backdoor-Server programs are used to spy out, modify or delete data.Detection will be added to our virus definition file (VDF) with one of the next updates.

显示全部楼层 · 发表于 2007-11-29 23:11:18

已上报給卡巴

显示全部楼层 · 发表于 2007-11-29 23:22:31

原帖由 kato9096 于 2007-11-29 23:11 发表
已上报給卡巴

Hello.

New malicious software was found in the attached file.
It's detection will be included in the next update. Thank you for your help.

--
Regards, Ilya Goncharov
Virus Analyst, Kaspersky Lab.

Ph.: +7(095) 797-8700
E-mail: newvirus@kaspersky.com
http://www.kaspersky.com http://www.viruslist.com

[病毒样本] 我朋友说是木马

本帖子中包含更多资源

avast!

回复 6楼 Graybird 的帖子

浏览过的版块