BD报的

liunanyuan

Scanned files C:\Documents and Settings\Administrator\Desktop\2.rar OK C:\Documents and Settings\Administrator\Desktop\2.rar=>KAVPassport.DLL Infected: Backdoor.Assasin.X C:\Documents and Settings\Administrator\Desktop\2.rar=>KAVPassport.DLL Disinfection failed C:\Documents and Settings\Administrator\Desktop\2.rar=>KAVPassport.DLL Move failed C:\Documents and Settings\Administrator\Desktop\2.rar=>cnnic.exe Infected: Trojan.Muldrop.EA C:\Documents and Settings\Administrator\Desktop\2.rar=>cnnic.exe Disinfection failed C:\Documents and Settings\Administrator\Desktop\2.rar=>cnnic.exe Move failed

dyw1021

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\cnnic.rar'
C:\Documents and Settings\Administrator\桌面\cnnic.rar
  [0] Archive type: RAR
  --> cnnic.exe
      [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Cdnup.A.1
      [INFO]      The file was moved to '47922039.qua'!


End of the scan: 2007年10月28日  13:36
Used time: 00:03 min

The scan has been done completely.

      0 Scanning directories
      2 Files were scanned
      1 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      1 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      1 Archives were scanned
      0 Warnings
      0 Notes

mofunzone

We received the following archive files:
File ID          Filename          Size (Byte)         Result
2229167          KAVPassport.rar         168.79 KB         OK

A listing of files contained inside archives alongside their results can be found below:
File ID          Filename          Size (Byte)         Result
199858          KAVPassport.DLL          172.5 KB          FALSE POSITIVE


Please find a detailed report concerning each individual sample below:
Filename         Result
KAVPassport.DLL          FALSE POSITIVE

The file 'KAVPassport.DLL' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection is removed from our virus definition file (VDF) with the version: 6.37.1.24 .

平淡

BING126

McAfee MISS

Nerazzurri

HC303

楼主是不是装了金山词霸破解版
KAVPASSPORT.DLL好像是用来破解金山通行证的.

Nerazzurri

Hello.
No malicious software was found in the attached file.

Please quote all when answering. Do not forget to include you registration data.
-----------------
Regards, Vyacheslav Zakorzhevsky
Virus Analyst, Kaspersky Lab.

Ph.: +7(095) 797-8700
E-mail: newvirus@kaspersky.com
http://www.kaspersky.com   http://www.viruslist.com


> Attachment: KAVPassport.rar

29159011

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\SETUP\SETUP.EXE
木马程序生成以下文件:
1) C:\PROGRAM FILES\CNNIC\CDN\IDNCONV.DLL
2) C:\PROGRAM FILES\CNNIC\CDN\CDNUNINS.EXE
3) C:\PROGRAM FILES\CNNIC\CDN\CDNAUX.DLL
4) C:\PROGRAM FILES\CNNIC\CDN\CLIENT.DLL
5) C:\PROGRAM FILES\CNNIC\CDN\CDNCTR.EXE
6) C:\PROGRAM FILES\CNNIC\CDN\CDNIEHLP.DLL
7) C:\PROGRAM FILES\CNNIC\CDN\CDNGLO.DLL
8) C:\PROGRAM FILES\CNNIC\CDN\CDNDET.DLL
是否删除木马程序及其衍生物?