是小红伞误报还是病毒？

显示全部楼层 · 发表于 2009-1-20 20:02:00

可疑的东西小红伞老是在叫啊

显示全部楼层 · 发表于 2009-1-20 20:04:00

rs 0

显示全部楼层 · 发表于 2009-1-20 20:10:20

http://www.virustotal.com/zh-cn/ ... 8bcbf9d7cf1bd96c447
估计多半是毒了…………

卡巴杀

已删除：木马程序 Trojan.Win32.Agent.bjci 文件　: D:\软件\其它\v\k\new\新建文件夹.rar/新建文件夹\NetGuy13.exe
已删除：木马程序 Trojan-Downloader.Win32.Agent.bddy 文件　: D:\软件\其它\v\k\new\新建文件夹.rar/新建文件夹\NetGuy16.exe

还剩下一个文件没杀，VT上4/39，上报卡巴试试…………

[ 本帖最后由 sbbdms 于 2009-1-20 20:32 编辑 ]

显示全部楼层 · 发表于 2009-1-20 20:12:28

[Scanning : C:\Test]

C:\Test\新建文件夹.rar<RAR>:NetGuy13.exe <- Trojan.Agent.Bjci : No action

Scanned objects : 7

Infected objects : 1

显示全部楼层 · 发表于 2009-1-21 12:23:15

木马名称：Trojan.Win32.Agent.agxy

程序：
C:\DOCUMENTS AND SETTINGS\............\LOCAL SETTINGS\TEMP\RAR$EX00.485\新建文件夹\NETGUY13.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

显示全部楼层 · 发表于 2009-1-21 17:35:30

avast 4.8

显示全部楼层 · 发表于 2009-1-21 18:50:56

100%是毒-NOD32全杀看host应该是本地毒（猜的）
127.0.0.1    localhost

# ***************************

1.2.3.4    www.360Safe.com
1.2.3.4    www.360.cn
1.2.3.4    bbs.360safe.com
1.2.3.4    baike.360.cn
1.2.3.4    kaba.360.cn
1.2.3.4    bbs.360.cn
1.2.3.4    dl.360Safe.com
1.2.3.4    forum.ikaka.com
1.2.3.4    tool.ikaka.com
1.2.3.4    file.ikaka.com
1.2.3.4    update.ikaka.com
1.2.3.4    bbs.ikaka.com
1.2.3.4    bbs.janmeng.com
1.2.3.4    www.ikaka.com
1.2.3.4    forum.jiangmin.com
1.2.3.4    update.rising.com.cn
1.2.3.4    online.rising.com.cn
1.2.3.4    center.rising.com.cn
1.2.3.4    www.rising.com.cn
1.2.3.4    fw.rising.com.cn
1.2.3.4    csc.rising.com.cn
1.2.3.4    buy.rising.com.cn
1.2.3.4    sos.rising.com.cn
1.2.3.4    download.rising.com.cn
1.2.3.4    help.rising.com.cn
1.2.3.4    go.rising.com.cn
1.2.3.4    up.duba.net
1.2.3.4    bbs.duba.net
1.2.3.4    shadu.baidu.com
1.2.3.4    www.kztechs.com
1.2.3.4    security.symantec.com
1.2.3.4    shadu.duba.net
1.2.3.4    online.jiangmin.com
1.2.3.4    cn.mcafee.com
1.2.3.4    bbs.mcafeefans.com
1.2.3.4    mcafeefans.com
1.2.3.4    www.ahn.com.cn
1.2.3.4    www.kaspersky.com.cn
1.2.3.4    www.kaspersky.com
1.2.3.4    www.pcav.cn
1.2.3.4    www.vrv.com.cn
1.2.3.4    bbs.sucop.com
1.2.3.4    www.sucop.com
1.2.3.4    sucop.com
1.2.3.4    bbs.cpcw.com
1.2.3.4    www.shudoo.com
1.2.3.4    alert.rising.com.cn
1.2.3.4    www.dswlab.com
1.2.3.4    dswlab.com
1.2.3.4    bbs.dswlab.com
1.2.3.4    zhidao.ikaka.com
1.2.3.4    bbs.kafan.cn
1.2.3.4    bbs.kaspersky.com.cn
1.2.3.4    www.trendmicro.com.cn
1.2.3.4    bbs.trendmicro.com.cn
1.2.3.4    cn.trendmicro.com
1.2.3.4    www.kpfans.com
1.2.3.4    kpfans.com
1.2.3.4    www.mcafee.com

1.2.3.4    dnl-cn1.kaspersky-labs.com
1.2.3.4    dnl-cn2.kaspersky-labs.com
1.2.3.4    dnl-cn3.kaspersky-labs.com
1.2.3.4    dnl-cn4.kaspersky-labs.com
1.2.3.4    dnl-cn5.kaspersky-labs.com
1.2.3.4    dnl-cn6.kaspersky-labs.com
1.2.3.4    dnl-cn7.kaspersky-labs.com
1.2.3.4    dnl-cn8.kaspersky-labs.com
1.2.3.4    dnl-cn9.kaspersky-labs.com
1.2.3.4    dnl-cn10.kaspersky-labs.com
1.2.3.4    dnl-cn11.kaspersky-labs.com
1.2.3.4    dnl-cn12.kaspersky-labs.com
1.2.3.4    dnl-cn13.kaspersky-labs.com
1.2.3.4    dnl-cn14.kaspersky-labs.com
1.2.3.4    dnl-cn15.kaspersky-labs.com

1.2.3.4    dnl-cd1.kaspersky-labs.com
1.2.3.4    dnl-cd2.kaspersky-labs.com
1.2.3.4    dnl-cd3.kaspersky-labs.com
1.2.3.4    dnl-cd4.kaspersky-labs.com
1.2.3.4    dnl-cd5.kaspersky-labs.com
1.2.3.4    dnl-cd6.kaspersky-labs.com
1.2.3.4    dnl-cd7.kaspersky-labs.com
1.2.3.4    dnl-cd8.kaspersky-labs.com
1.2.3.4    dnl-cd9.kaspersky-labs.com
1.2.3.4    dnl-cd10.kaspersky-labs.com
1.2.3.4    dnl-cd11.kaspersky-labs.com
1.2.3.4    dnl-cd12.kaspersky-labs.com
1.2.3.4    dnl-cd13.kaspersky-labs.com
1.2.3.4    dnl-cd14.kaspersky-labs.com

1.2.3.4    dnl-eu1.kaspersky-labs.com
1.2.3.4    dnl-eu2.kaspersky-labs.com
1.2.3.4    dnl-eu3.kaspersky-labs.com
1.2.3.4    dnl-eu4.kaspersky-labs.com
1.2.3.4    dnl-eu5.kaspersky-labs.com
1.2.3.4    dnl-eu6.kaspersky-labs.com
1.2.3.4    dnl-eu7.kaspersky-labs.com
1.2.3.4    dnl-eu8.kaspersky-labs.com
1.2.3.4    dnl-eu9.kaspersky-labs.com
1.2.3.4    dnl-eu10.kaspersky-labs.com
1.2.3.4    dnl-eu11.kaspersky-labs.com
1.2.3.4    dnl-eu12.kaspersky-labs.com
1.2.3.4    dnl-eu13.kaspersky-labs.com
1.2.3.4    dnl-eu14.kaspersky-labs.com
1.2.3.4    dnl-eu15.kaspersky-labs.com
1.2.3.4    dnl-us1.kaspersky-labs.com
1.2.3.4    dnl-us2.kaspersky-labs.com
1.2.3.4    dnl-us3.kaspersky-labs.com
1.2.3.4    dnl-us4.kaspersky-labs.com
1.2.3.4    dnl-us5.kaspersky-labs.com
1.2.3.4    dnl-us6.kaspersky-labs.com
1.2.3.4    dnl-us7.kaspersky-labs.com
1.2.3.4    dnl-us8.kaspersky-labs.com
1.2.3.4    dnl-us9.kaspersky-labs.com
1.2.3.4    dnl-us10.kaspersky-labs.com
1.2.3.4    dnl-us11.kaspersky-labs.com
1.2.3.4    dnl-us12.kaspersky-labs.com
1.2.3.4    dnl-us13.kaspersky-labs.com
1.2.3.4    dnl-us14.kaspersky-labs.com
1.2.3.4    dnl-us15.kaspersky-labs.com
1.2.3.4    dnl-ru1.kaspersky-labs.com
1.2.3.4    dnl-ru2.kaspersky-labs.com
1.2.3.4    dnl-ru3.kaspersky-labs.com
1.2.3.4    dnl-ru4.kaspersky-labs.com
1.2.3.4    dnl-ru5.kaspersky-labs.com
1.2.3.4    dnl-ru6.kaspersky-labs.com
1.2.3.4    dnl-ru7.kaspersky-labs.com
1.2.3.4    dnl-ru8.kaspersky-labs.com
1.2.3.4    dnl-ru9.kaspersky-labs.com
1.2.3.4    dnl-ru10.kaspersky-labs.com
1.2.3.4    dnl-ru11.kaspersky-labs.com
1.2.3.4    dnl-ru12.kaspersky-labs.com
1.2.3.4    dnl-ru13.kaspersky-labs.com
1.2.3.4    dnl-ru14.kaspersky-labs.com
1.2.3.4    dnl-ru15.kaspersky-labs.com
1.2.3.4    dnl-jp1.kaspersky-labs.com

1.2.3.4    dnl-jp2.kaspersky-labs.com
1.2.3.4    dnl-jp3.kaspersky-labs.com
1.2.3.4    dnl-jp4.kaspersky-labs.com
1.2.3.4    dnl-jp5.kaspersky-labs.com
1.2.3.4    dnl-jp6.kaspersky-labs.com
1.2.3.4    dnl-jp7.kaspersky-labs.com
1.2.3.4    dnl-jp8.kaspersky-labs.com
1.2.3.4    dnl-jp9.kaspersky-labs.com
1.2.3.4    dnl-jp10.kaspersky-labs.com
1.2.3.4    dnl-jp11.kaspersky-labs.com
1.2.3.4    dnl-jp12.kaspersky-labs.com
1.2.3.4    dnl-jp13.kaspersky-labs.com
1.2.3.4    dnl-jp14.kaspersky-labs.com
1.2.3.4    dnl-jp15.kaspersky-labs.com
1.2.3.4    dnl-kr1.kaspersky-labs.com
1.2.3.4    dnl-kr2.kaspersky-labs.com
1.2.3.4    dnl-kr3.kaspersky-labs.com
1.2.3.4    dnl-kr4.kaspersky-labs.com
1.2.3.4    dnl-kr5.kaspersky-labs.com
1.2.3.4    dnl-kr6.kaspersky-labs.com
1.2.3.4    dnl-kr7.kaspersky-labs.com
1.2.3.4    dnl-kr8.kaspersky-labs.com
1.2.3.4    dnl-kr9.kaspersky-labs.com
1.2.3.4    dnl-kr10.kaspersky-labs.com
1.2.3.4    dnl-kr11.kaspersky-labs.com
1.2.3.4    dnl-kr12.kaspersky-labs.com
1.2.3.4    dnl-kr13.kaspersky-labs.com
1.2.3.4    dnl-kr14.kaspersky-labs.com
1.2.3.4    dnl-kr15.kaspersky-labs.com

# *********结束******************

显示全部楼层 · 发表于 2009-1-21 22:07:51

我刚下载，红伞就报毒了，下载完扫现了三个病毒，看图片吧

显示全部楼层 · 发表于 2009-1-21 23:15:02

a-squared 4.0.0.29 20090121163149 2009-01-21 Trojan.AntiHosts!IK 2.505
AntiVir 7.9.0.57 7.1.1.159 2009-01-21 TR/AntiHosts.Gen 1.829
Authentium 5.1.1 200901202134 2009-01-20 - 1.127
AVAST! 3.0.1 090121-0 2009-01-21 Win32:Trojan-gen {Other} 0.012
AVG 7.5.52.442 270.10.10/1906 2009-01-21 BackDoor.Agent.YJH 1.883
BitDefender 7.81008.2566736 7.23269 2009-01-21 - 2.376
CA (VET) 9.0.0.143 31.6.6319 2009-01-21 - 8.384
ClamAV 0.94.2 8884 2009-01-21 Trojan.Downloader-62766 0.055
Comodo 3.0 940 2009-01-21 TrojWare.Win32.Agent.~AHK 0.916
CP Secure 1.1.0.715 2009.01.21 2009-01-21 - 6.702
Dr.Web 4.44.0.9170 2009.01.21 2009-01-21 Trojan.Siggen.2065 3.959
F-Prot 4.4.4.56 20090120 2009-01-20 - 1.114
F-Secure 5.51.6100 2009.01.21.05 2009-01-21 Trojan-Downloader.Win32.Agent.bddy [AVP] 0.129
GData 19.2540/19.194 20090121 2009-01-21 Trojan.Win32.Agent.bjci [Engine:A] 3.311
Ikarus T3.1.01.45 2009.01.21.72188 2009-01-21 Trojan.AntiHosts 3.689
Microsoft 1.4205 2009.01.21 2009-01-21 - 6.885
mks_vir 2.01 2009.01.21 2009-01-21 - 2.787
Norman 5.93.01 5.93.00 2009-01-20 - 6.687
nProtect 20090121.02 3015017 2009-01-21 Trojan-Downloader/W32.Agent.94208.CE 5.572
Quick Heal 10.00 2009.01.21 2009-01-21 Trojan.Agent.bjci 0.902
Sophos 2.82.1 4.37 2009-01-21 Troj/Agent-IQW 2.438
Sunbelt 4756 4756 2009-01-08 - 0.516
The Hacker 6.3.1.5 v00224 2009-01-19 - 0.823
VBA32 3.12.8.10 20090120.2019 2009-01-20 Trojan-Downloader.Win32.Agent.bddy 1.554
ViRobot 20090121 2009.01.21 2009-01-21 - 0.413
VirusBuster 4.5.11.10 10.100.33/762820 2009-01-21 - 1.008
卡巴斯基 5.5.10 2009.01.21 2009-01-21 Trojan-Downloader.Win32.Agent.bddy 0.101
安博士V3 2009.01.22.00 2009.01.22 2009-01-22 - 1.418
安天 2.0.18 20090118.2063925 2009-01-18 - 0.017
江民杀毒 11.0.706 2009.01.21 2009-01-21 Trojan/Agent.aary 1.434
熊猫卫士 9.05.01 2009.01.20 2009-01-20 - 2.635
瑞星 20.0 21.13.22.00 2009-01-21 - 1.310
赛门铁克 1.3.0.24 20090120.003 2009-01-20 - 0.272
趋势科技 8.700-1004 5.782.02 2009-01-21 - 0.068
迈克菲 5.3.00 5501 2009-01-20 - 2.997
金山毒霸 2008.9.8.18 2009.1.21.20 2009-01-21 Win32.TrojDownloader.Agent.94208 0.806
飞塔 2.81-3.117 9.933 2009-01-15 -

显示全部楼层 · 发表于 2009-1-21 23:32:41

D:\download\新建文件夹.rar>>新建文件夹\NetGuy13.exe Trojan.Agent.bjci.iwuu 木马还未处理
D:\download\新建文件夹.rar>>新建文件夹\NetGuy16.exe TrojanDownloader.Agent.bddy.tkcs 木马还未处理

[误报文件] 是小红伞误报还是病毒？

本帖子中包含更多资源

ArcaVir 2008

avast

本帖子中包含更多资源

浏览过的版块