shichien
2007-04-30, 02:34 AM
我用卡巴有檢測到木馬程式 Rootkit.Win32.Agent.ff
請問這是屬於甚麼樣的木馬程式,還是誤判而已...
贊助商連結
請問這是屬於甚麼樣的木馬程式,還是誤判而已...
贊助商連結
|
贊助商連結 頁 :
[1]
2
shichien 2007-04-30, 02:34 AM 我用卡巴有檢測到木馬程式 Rootkit.Win32.Agent.ff 請問這是屬於甚麼樣的木馬程式,還是誤判而已... 贊助商連結 martin0129 2007-04-30, 03:38 AM 我用卡巴有檢測到木馬程式 Rootkit.Win32.Agent.ff 請問這是屬於甚麼樣的木馬程式,還是誤判而已... Antivir 也檢測到 rootkit:abuse: yuping 2007-04-30, 09:07 AM [ file data ] * name: =?utf-8?q?13266d1177871650.attachment.rar?= * size: 420274 * md5.: c363c6d5b4fce17f22a58a349b1088b6 * sha1: a9203231e2c59ddf6113bc00b7634129c7f9afc0 [ scan result ] AhnLab-V3 2007.4.28.0/20070427 found nothing AntiVir 7.4.0.15/20070429 found [RKit/Agent.FF] Authentium 4.93.8/20070427 found nothing Avast 4.7.981.0/20070430 found nothing AVG 7.5.0.467/20070429 found nothing BitDefender 7.2/20070430 found nothing CAT-QuickHeal 9.00/20070428 found [(Suspicious) - DNAScan] ClamAV devel-20070416/20070429 found nothing DrWeb 4.33/20070429 found nothing eSafe 7.0.15.0/20070429 found nothing eTrust-Vet 30.7.3601/20070427 found nothing Ewido 4.0/20070429 found nothing F-Prot 4.3.2.48/20070427 found nothing F-Secure 6.70.13030.0/20070430 found [Rootkit.Win32.Agent.ff] FileAdvisor 1/20070430 found nothing Fortinet 2.85.0.0/20070429 found nothing Ikarus T3.1.1.5/20070429 found [Rootkit.Win32.Agent.ff] Kaspersky 4.0.2.24/20070430 found [Rootkit.Win32.Agent.ff] McAfee 5019/20070427 found [New Malware.z] Microsoft 1.2405/20070429 found nothing NOD32v2 2228/20070429 found nothing Norman 5.80.02/20070427 found nothing Panda 9.0.0.4/20070429 found [Suspicious file] Prevx1 V2/20070430 found nothing Sophos 4.17.0/20070428 found nothing Sunbelt 2.2.907.0/20070419 found [VIPRE.Suspicious] TheHacker 6.1.6.095/20070415 found nothing VBA32 3.11.4/20070429 found nothing VirusBuster 4.3.7:9/20070429 found nothing Webwasher-Gateway 6.0.1/20070429 found [Rootkit.Agent.FF] shisin 2007-04-30, 09:51 AM 上傳至Virus Total的偵測結果: http://i120.photobucket.com/albums/o171/shisin/vitustotal1.png shichien 2007-04-30, 02:31 PM 看來真的是有木馬了,電腦來去重灌好了,多謝各位幫忙^^ 大灰芒果 2007-04-30, 02:54 PM 我用卡巴有檢測到木馬程式 Rootkit.Win32.Agent.ff 請問這是屬於甚麼樣的木馬程式,還是誤判而已... 光看檔名,就知道有問題了… 看看我用 AntiVir PE Classic 的掃描結果: free.rar [0] Archive type: RAR --> free\elfJoJoHookSys.sys [DETECTION] Contains signature of the rootkit RKIT/Agent.FF --> free\MapleStoryQQ.exe [DETECTION] Contains signature of the rootkit RKIT/Agent.FF.1 是比木馬更可怕的 rootkit 程式。(也算是木馬的一種吧?) 黑衣~魂 2007-04-30, 08:37 PM Kaspersky Lab: Hello, elfJoJoHookSys.sys, MapleStoryQQ.exe_ - Rootkit.Win32.Agent.ff These files are already detected. Please update your antivirus bases. Please quote all when answering. Best regards, Vladimir Lebedev Virus analyst, Kaspersky Lab. ---------------------------- Avira Virus Lab Filename Result MapleStoryQQ.exe MALWARE The file 'MapleStoryQQ.exe' has been determined to be 'MALWARE'. Our analysts named the threat RKit/Agent.FF.1. The term ?RKIT/? denotes a piece of software that uses cloaking techniques to hide itself from view. Therefore it has to be categorized as potentially malicious.Detection is added to our virus definition file (VDF) starting with version 6.38.01.65. Filename Result elfJoJoHookSys.sys MALWARE The file 'elfJoJoHookSys.sys' has been determined to be 'MALWARE'. Our analysts named the threat RKit/Agent.FF. The term ?RKIT/? denotes a piece of software that uses cloaking techniques to hide itself from view. Therefore it has to be categorized as potentially malicious.Detection is added to our virus definition file (VDF) starting with version 6.38.01.65. Timothy 2007-05-05, 07:31 AM AVG Anti-Spyware 檢測到木馬程式 Rootkit.Agent.ff :( harry_chang2003 2007-05-05, 02:45 PM PC-cillin 2007抓到了 http://xs115.xs.to/xs115/07186/PS0079.jpg ~GG~ 2007-05-06, 01:17 AM 為何Norton 都抓不報? |
|
|