360卫士 是 木马?
换了台电脑使用,装上了QQ电脑管家。使用过程中QQ电脑管家弹出如下提示:
用FileInfo提取这个被QQ电脑管家报为木马的文件的信息:
文件说明符 : C:\Program Files\Common Files\2.1.exe
属性 : A---
数字签名:360.cn
PE文件:是
语言 : 中文(简体,中国)
文件版本 : 7, 5, 0, 1231
说明 : 360安全卫士 主程序
版权 : (C) 360.cn Inc. All Rights Reserved.
产品版本 : 7, 5, 0, 1231
产品名称 : 360安全卫士
公司名称 : 360.cn
内部名称 : 360Safe
源文件名 : 360Safe.EXE
创建时间 : 2012-2-20 21:44:5
修改时间 : 2012-1-2 11:6:22
大小 : 882008 字节 861.344 KB
MD5 : 85f3403cbc0a73cc43241e644b11c6fa
SHA1: F0185B542712B5BED0F975C8D11665E18FBD358D
CRC32: 3ad81b86
原来是360卫士……
难道上误报?上传 https://www.virustotal.com/ 使用多引擎扫描结果如下:
(https://www.virustotal.com/file/8ed8cbdc05804d8fcc61674ed93eb3ad55fd6cfe675a8d724298e9eff1cae274/analysis/1335935256/)
SHA256: | 8ed8cbdc05804d8fcc61674ed93eb3ad55fd6cfe675a8d724298e9eff1cae274 |
SHA1: | f0185b542712b5bed0f975c8d11665e18fbd358d |
MD5: | 85f3403cbc0a73cc43241e644b11c6fa |
File size: | 861.3 KB ( 882008 bytes ) |
File name: | 2.1.exe |
File type: | Win32 EXE |
Detection ratio: | 33 / 42 |
Analysis date: | 2012-05-02 05:07:36 UTC ( 0 分钟 ago ) |
details
Antivirus | Result | Update |
---|---|---|
AhnLab-V3 | Trojan/Win32.Scar | 20120501 |
AntiVir | TR/Crypt.XPACK.Gen3 | 20120502 |
Antiy-AVL | Trojan/Win32.Scar.gen | 20120502 |
Avast | Win32:Sentry [Trj] | 20120502 |
AVG | Clicker.AUYR | 20120501 |
BitDefender | Trojan.Clicker.NAA | 20120502 |
ByteHero | - | 20120430 |
CAT-QuickHeal | - | 20120501 |
ClamAV | - | 20120501 |
Commtouch | - | 20120502 |
Comodo | UnclassifiedMalware | 20120501 |
DrWeb | Trojan.MulDrop2.62632 | 20120502 |
Emsisoft | Trojan-Clicker.Win32.Cookster!IK | 20120502 |
eSafe | Win32.TRCrypt.XPACK | 20120430 |
eTrust-Vet | Win32/Cookster.E | 20120501 |
F-Prot | - | 20120501 |
F-Secure | Trojan.Clicker.NAA | 20120502 |
Fortinet | W32/Scar.EID!tr | 20120502 |
GData | Trojan.Clicker.NAA | 20120502 |
Ikarus | Trojan-Clicker.Win32.Cookster | 20120502 |
Jiangmin | Trojan/JmGeneric.bwc | 20120502 |
K7AntiVirus | Riskware | 20120501 |
Kaspersky | Trojan.Win32.Scar.fuwz | 20120502 |
McAfee | Generic.dx!bcsf | 20120502 |
McAfee-GW-Edition | Generic.dx!bcsf | 20120501 |
Microsoft | TrojanClicker:Win32/Cookster.A | 20120501 |
NOD32 | Win32/TrojanClicker.Cookster.A | 20120502 |
Norman | W32/Troj_Generic.HYXO | 20120501 |
nProtect | Trojan-Clicker/W32.Agent.882008 | 20120501 |
Panda | Generic Trojan | 20120501 |
PCTools | Trojan.ADH | 20120430 |
Rising | Trojan.Win32.Generic.12B09877 | 20120428 |
Sophos | - | 20120502 |
SUPERAntiSpyware | - | 20120402 |
Symantec | Trojan.ADH | 20120502 |
TheHacker | - | 20120502 |
TrendMicro | TROJ_CLICKER.JDM | 20120502 |
TrendMicro-HouseCall | TROJ_CLICKER.JDM | 20120502 |
VBA32 | Trojan.Scar.fuwz | 20120430 |
VIPRE | Trojan.Win32.Generic!BT | 20120502 |
ViRobot | - | 20120502 |
VirusBuster | Trojan.CL.Cookster!/GvIURofFQc | 20120501 |
ssdeep 24576:fSM735L5U/KeyV2fUmmDTAF1bD8p5/mdD0kL:/735LKaTAT0p5/mLL |
TrID Win32 Executable MS Visual C++ (generic) (75.0%) |
PEiD packer identifier Armadillo v1.71 |
ExifTool SpecialBuild.............: LegalTrademarks..........: SubsystemVersion.........: 4.0Comments.................: LinkerVersion............: 6.0ImageVersion.............: 0.0FileSubtype..............: 0FileVersionNumber........: 7.5.0.1231LanguageCode.............: Chinese (Simplified)FileFlagsMask............: 0x003fFileDescription..........: 360CharacterSet.............: UnicodeInitializedDataSize......: 438272FileOS...................: Win32PrivateBuild.............: MIMEType.................: application/octet-streamLegalCopyright...........: (C) 360.cn Inc. All Rights Reserved.FileVersion..............: 7, 5, 0, 1231TimeStamp................: 2011:11:13 12:13:58+01:00FileType.................: Win32 EXEPEType...................: PE32InternalName.............: 360SafeProductVersion...........: 7, 5, 0, 1231UninitializedDataSize....: 0OSVersion................: 4.0OriginalFilename.........: 360Safe.EXESubsystem................: Windows GUIMachineType..............: Intel 386 or later, and compatiblesCompanyName..............: 360.cnCodeSize.................: 450560ProductName..............: 360ProductVersionNumber.....: 7.5.0.1231EntryPoint...............: 0x26f7eObjectFileType...........: Executable application |
Sigcheck publisher................: 360.cnproduct..................: 360____internal name............: 360Safecopyright................: (C) 360.cn Inc. All Rights Reserved.original name............: 360Safe.EXEcomments.................: file version.............: 7, 5, 0, 1231description..............: 360____ ___ |
Portable Executable structural information Compilation timedatestamp.....: 2011-11-13 11:13:58Target machine................: 0x14C (Intel 386 or later processors and compatible processors)Entry point address...........: 0x00026F7EPE Sections...................:Name Virtual Address Virtual Size Raw Size Entropy MD5.text 4096 449310 450560 6.62 0f9b34453e554923908bf10cda3164ec.rdata 454656 87842 90112 4.60 a7d94d77583bac6599587fc274245dd2.data 544768 48392 32768 3.76 1770ccb49b49a919dd83fc31f6ab5871.rsrc 593920 299008 299008 5.13 b1fb42f6f7e57b3210e1fc762e639f3bPE Imports....................:comdlg32.dllGetSaveFileNameA, GetOpenFileNameA, GetFileTitleAOLEPRO32.DLLoledlg.dllWININET.dllInternetCanonicalizeUrlA, InternetGetCookieA, InternetSetCookieA, InternetSetStatusCallback, InternetSetOptionExA, InternetOpenUrlA, InternetCloseHandle, InternetOpenA, InternetQueryOptionA, InternetCrackUrlA, InternetWriteFile, InternetReadFile, InternetQueryDataAvailable, InternetGetLastResponseInfoA, GopherFindFirstFileA, InternetFindNextFileA, FtpFindFirstFileA, HttpQueryInfoA, HttpSendRequestExA, HttpEndRequestA, HttpSendRequestA, HttpAddRequestHeadersA, InternetErrorDlg, HttpOpenRequestA, GopherOpenFileA, GopherGetAttributeA, GopherCreateLocatorA, FtpGetFileA, FtpPutFileA, FtpOpenFileA, FtpGetCurrentDirectoryA, FtpSetCurrentDirectoryA, FtpRemoveDirectoryA, FtpCreateDirectoryA, FtpRenameFileA, FtpDeleteFileA, InternetConnectA, InternetSetFilePointerGDI32.dllSaveDC, RestoreDC, SelectObject, SelectPalette, SetBkMode, SetPolyFillMode, SetROP2, SetStretchBltMode, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowOrgEx, OffsetWindowOrgEx, SetWindowExtEx, ScaleWindowExtEx, SelectClipRgn, ExcludeClipRect, IntersectClipRect, OffsetClipRgn, MoveToEx, LineTo, SetTextAlign, SetTextJustification, SetTextCharacterExtra, SetMapperFlags, GetCurrentPositionEx, ArcTo, SetArcDirection, PolyDraw, PolylineTo, SetColorAdjustment, PolyBezierTo, StartDocA, GetClipRgn, CreateRectRgn, SelectClipPath, ExtSelectClipRgn, PlayMetaFileRecord, GetObjectType, EnumMetaFile, PlayMetaFile, GetViewportExtEx, GetWindowExtEx, CreatePen, ExtCreatePen, CreateSolidBrush, CreateHatchBrush, CreatePatternBrush, CreateDIBPatternBrushPt, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, GetTextExtentPoint32A, GetTextMetricsA, CreateFontIndirectA, DPtoLP, LPtoDP, CopyMetaFileA, CreateDCA, GetMapMode, PatBlt, SetRectRgn, CombineRgn, CreateRectRgnIndirect, DeleteDC, GetStockObject, GetDeviceCaps, GetBkColor, GetTextColor, GetObjectA, SetBkColor, SetTextColor, GetClipBox, GetDCOrgEx, GetTextExtentPointA, BitBlt, CreateCompatibleDC, DeleteObject, CreateDIBitmap, CreateBitmapSHELL32.dllDragQueryFileA, DragFinish, SHGetFileInfoA, DragAcceptFiles, ExtractIconAKERNEL32.dllTlsAlloc, GlobalHandle, TlsFree, GlobalReAlloc, TlsSetValue, LocalReAlloc, TlsGetValue, GlobalFlags, GetPrivateProfileIntA, GetPrivateProfileStringA, WritePrivateProfileStringA, GetCurrentDirectoryA, GetProcessVersion, SizeofResource, GetCPInfo, GetOEMCP, FindNextFileA, GetFileAttributesA, GetFileSize, GetFileTime, LocalFileTimeToFileTime, SystemTimeToFileTime, SetFileTime, SetFileAttributesA, SetErrorMode, GlobalSize, RtlUnwind, RaiseException, GetTimeZoneInformation, GetSystemTimeAsFileTime, GetCommandLineA, HeapFree, CreateThread, ExitThread, HeapAlloc, GetSystemTime, GetLocalTime, HeapReAlloc, HeapSize, GetACP, SetStdHandle, GetFileType, FatalAppExitA, SetUnhandledExceptionFilter, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, FileTimeToLocalFileTime, GetStdHandle, GetEnvironmentVariableA, GetVersionExA, HeapDestroy, HeapCreate, VirtualFree, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW, VirtualAlloc, IsBadWritePtr, GetDriveTypeA, IsBadReadPtr, IsBadCodePtr, IsValidLocale, IsValidCodePage, GetLocaleInfoA, EnumSystemLocalesA, GetUserDefaultLCID, SetConsoleCtrlHandler, GetLocaleInfoW, CompareStringA, CompareStringW, SetEnvironmentVariableA, GetProfileStringA, InterlockedExchange, ReadFile, CloseHandle, WaitForSingleObject, CreateProcessA, GetStartupInfoA, CreatePipe, GetModuleFileNameA, GetLastError, CreateMutexA, Sleep, ExitProcess, WinExec, CopyFileA, Process32Next, TerminateProcess, FileTimeToSystemTime, MulDiv, GetShortPathNameA, GetThreadLocale, GetStringTypeExA, GetFullPathNameA, GetVolumeInformationA, FindFirstFileA, FindClose, MoveFileA, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, GetCurrentProcess, OpenProcess, Process32First, CreateToolhelp32Snapshot, DeleteFileA, WriteFile, SetFilePointer, CreateFileA, GetTickCount, DuplicateHandle, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, LocalAlloc, EnterCriticalSection, SetLastError, lstrcpynA, lstrlenW, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, lstrcpyA, GetModuleHandleA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, WideCharToMultiByte, FindResourceA, LoadResource, CreateEventA, SuspendThread, SetThreadPriority, ResumeThread, SetEvent, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, MultiByteToWideChar, InterlockedDecrement, InterlockedIncrement, FormatMessageA, LocalFree, lstrlenA, SetHandleCountWINSPOOL.DRV DocumentPropertiesA, ClosePrinter, OpenPrinterAADVAPI32.dllRegDeleteValueA, RegCreateKeyA, RegEnumKeyA, RegQueryValueA, RegSetValueA, RegDeleteKeyA, RegCloseKey, RegCreateKeyExA, RegOpenKeyA, RegQueryValueExA, RegOpenKeyExA, RegSetValueExAole32.dllOleInitialize, OleUninitialize, CoUninitialize, CoCreateInstance, CoInitialize, CLSIDFromProgID, CLSIDFromString, CoGetClassObject, StgOpenStorageOnILockBytes, StgCreateDocfileOnILockBytes, CreateILockBytesOnHGlobal, CoTaskMemFree, CoTaskMemAlloc, CoDisconnectObject, OleRun, OleDuplicateData, CreateBindCtx, SetConvertStg, WriteFmtUserTypeStg, WriteClassStg, OleRegGetUserType, ReadFmtUserTypeStg, ReadClassStg, StringFromCLSID, CoTreatAsClass, CreateStreamOnHGlobal, OleIsCurrentClipboard, OleFlushClipboard, OleSetClipboard, CoRevokeClassObject, CoRegisterClassObject, CoRegisterMessageFilter, CoFreeUnusedLibraries, ReleaseStgMediumCOMCTL32.dllWS2_32.dll -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -USER32.dllDrawTextA, GrayStringA, LoadStringA, LoadCursorA, SetCapture, ReleaseCapture, WaitMessage, GetWindowThreadProcessId, WindowFromPoint, GetClassNameA, PtInRect, InsertMenuA, DeleteMenu, GetMenuStringA, GetSysColorBrush, GetDialogBaseUnits, DestroyMenu, CopyAcceleratorTableA, SetRect, GetNextDlgGroupItem, MessageBeep, AppendMenuA, RemoveMenu, SetRectEmpty, LoadAcceleratorsA, TranslateAcceleratorA, LoadMenuA, SetMenu, ReuseDDElParam, UnpackDDElParam, InvalidateRect, BringWindowToTop, InflateRect, RegisterClipboardFormatA, PostThreadMessageA, DestroyIcon, ClientToScreen, wvsprintfA, CharNextA, MoveWindow, SetWindowTextA, IsDialogMessageA, ScrollWindowEx, IsDlgButtonChecked, SetDlgItemTextA, SetDlgItemInt, GetDlgItemTextA, GetDlgItemInt, CheckRadioButton, CheckDlgButton, CharUpperA, GetDesktopWindow, MapDialogRect, SetWindowContextHelpId, UpdateWindow, SendDlgItemMessageA, MapWindowPoints, GetSysColor, SetFocus, AdjustWindowRectEx, ScreenToClient, EqualRect, DeferWindowPos, BeginDeferWindowPos, CopyRect, EndDeferWindowPos, ScrollWindow, GetScrollInfo, TabbedTextOutA, ShowScrollBar, GetScrollRange, SetScrollRange, GetScrollPos, SetScrollPos, GetTopWindow, IsChild, GetCapture, WinHelpA, wsprintfA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, TrackPopupMenu, SetWindowPlacement, GetWindowTextLengthA, GetWindowTextA, GetDlgCtrlID, CreateWindowExA, GetClassLongA, SetPropA, GetPropA, CallWindowProcA, DefWindowProcA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, GetWindow, SetWindowLongA, SetWindowPos, RegisterWindowMessageA, OffsetRect, IntersectRect, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, EndDialog, SetActiveWindow, IsWindow, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, UnhookWindowsHookEx, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, GetParent, GetLastActivePopup, EndPaint, BeginPaint, GetWindowDC, ReleaseDC, SetScrollInfo, GetDC, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, ShowOwnedPopups, PostQuitMessage, PostMessageA, OemToCharA, CharToOemA, KillTimer, IsIconic, GetSystemMetrics, GetClientRect, DrawIcon, SendMessageA, SetTimer, EnableWindow, ShowWindow, LoadIconA, IsWindowUnicode, DefDlgProcA, DrawFocusRect, ExcludeUpdateRgn, ShowCaret, HideCaret, UnregisterClassA, RemovePropAOLEAUT32.dll-, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -PE Exports....................: |
First seen by VirusTotal 2012-01-19 01:43:28 UTC ( 3 月, 2 周 ago ) |
42个杀毒软件,32个检测为木马……
360卫士 是 木马?相关推荐
- 易语言 过360卫士杀毒五引擎误报(2016.7.11)
点击阅读原文 推荐使用EIDE助手内的优化编译出来的程序 360卫士比较厉害的就是自创云查杀引擎.自称不用更新病毒库,就算新病毒也能几分钟具备查杀能力. 觉得说白了其实就是白名单系统,只要你的软件,不 ...
- 当年辉煌一时的360卫士市值暴跌七成,发生了什么事?
不管是电脑端还是手机端,相信大家都使用过杀毒软件,即使我们的设备没有被病毒侵染,但是只要安装了杀毒软件就仿佛吃下了一颗定心丸.而在众多杀毒软件中,大家一定对360卫士不陌生,尤其是智能手机刚发展前期, ...
- 360怎么看电脑配置_Win10系统自带杀毒和垃圾清理好么?需不需要安装360卫士
文/二蛋 Win10系统自带杀毒软件和垃圾清理好用么?需不需要安装360卫士? 手机系统有安卓和苹果之分,但是电脑系统可能大部分人用的都是微软系统,当然除了个别专业人士用苹果电脑除外哈. 那我们也知道 ...
- Atitit 通过调用gui接口杀掉360杀毒 360卫士 qq保镖等难以结束的进程(javac# php )...
Atitit 通过调用gui接口杀掉360杀毒 360卫士 qq保镖等难以结束的进程(javac# php ) 1.1. 这些流氓软件使用操作系统os提供的普通api根本就杀不掉啊1 1.2. 使用 ...
- 360卫士锁定IE主页之更换主页
360卫士把主页改成 about:blank,空白页. 想换成www.hao123.com,简单办法,退出360卫士(图标右键退出),改好主页后,再启动360卫士,它又将hao123锁定了. 在系统修 ...
- 这年头居然还有用360卫士清理垃圾的?那玩意就是最大的...Python自动清理不香吗?
前言 我不知道各位有没有这样的一种体验,就是下载一个360卫士,然后会连带的下载一堆应用文件,什么360浏览器啊各种!而且卸载起来都不好卸载,巨麻烦,所以这年头谁还用他来守护咱们的电脑啊!网友直言:3 ...
- 怎么屏蔽360卫士精选?360卫士精选关闭教程
360安全卫士是很多用户都会安装在电脑中的一款系统防护软件,缺点就是携带捆绑软件,还经常有弹窗广告.很多用户就想要取消360卫士精选弹窗,要怎么操作呢?下面小编就来教教大家,还用户一个干净的网络环境. ...
- 奇虎360安全卫士推出木马程序查杀功能
奇虎360安全卫士推出木马程序查杀功能[@more@]6月15日,奇虎公司对外宣布,旗下所属的国内最大安全辅助类软件360安全卫士推出木马程序查杀功能.据悉,这是国内首款免费.专业的木马查杀功能,是3 ...
- 瑞星杀毒软件、奇虎360杀毒软件、360卫士、百度卫士联手,搞不定弹出广告 amp; 恶意广告图标...
一位网友说他的电脑近期出了问题:开机后桌面和任务栏上的高速启动栏会出现恶意图标.删除了下次开机又会出现:使用电脑过程中每分钟都会弹出广告.他为电脑安装了瑞星杀毒软件.奇虎360杀毒软件.360卫士.百 ...
最新文章
- golang 复制 文件 文件夹
- go 变量在其中一个函数中赋值 另一个函数_go 学习笔记之仅仅需要一个示例就能讲清楚什么闭包...
- 【Cocosd2d实例教程六】Cocos2d实现屏幕背景的自动滚动
- C# 调用 Delphi Dll链接库方法及示例
- 图像处理:给验证码图片做降噪处理及数据清洗
- 时隔两年,盘点ECCV 2018影响力最大的20篇论文
- ONNX系列三 --- 使用ONNX使PyTorch AI模型可移植
- Java项目:企业固定资产管理系统(java+SpringBoot+VUE+maven+mysql)
- 十五. 项目沟通管理
- 苹果手机怎么识别文字
- html五星评分标准,五星级酒店评分标准.doc
- Nickel 28就青山控股集团镍锍生产计划发表评论
- 计算机二级MS考试题目占分数
- flask、celery+redis 实现定时任务和异步——(一)
- 亚信科技笔试java
- MPS和MRP的区别
- java投票_java做投票系统
- 小伙开私人影院,裁掉员工玩套路,你见过哪个老板敢这么玩?
- java用HttpURLConnection发起HTTPS请求并跳过SSL证书,解决:unable to find valid certification path to requested targ
- CLAHE算法 opencv
热门文章
- Windows下命令行怎样登录MySQL
- 蓝牙4.0BLE中协议栈详解
- 寄存器和存储器的区别?
- Android实现弹出窗口(PopUpWindow)
- DNS服务未响应的简单解决办法
- 30套最实用JAVA学习视频教程合集
- @EnableCaching
- Error: `fsevents` unavailable (this watcher can only be used on Darwin)
- C语言实现,输入某年某月某日,判断这一天是这一年的第几天?
- 聊天机器人chatbot搭建及思考(TensorFlow)(附代码)