1个

hlx98007

4.exe文件比较大，所以单独发。

a750828

McAfee Adware-CDNHelper

无尽藏海

红伞报        ADSPY/Cdnup.A.1

[Found Trojan]  <W32/Trojan.YGH (exact, not disinfectable)> F:\virus\4.zip->4.exe
[Contains infected objects] F:\virus\4.zip
[Quarantined] F:\virus\4.zip->4.exe

2008-2-20 2:17:50 Kernel File  'F:\virus\4.zip' was sent to ESET for analysis.

[ 本帖最后由 无尽藏海 于 2008-2-20 02:18 编辑 ]

长空之鹰

KIS7.0129过

病毒库2.19 22:28

hlx98007

是啊，卡巴飘过的。

长空之鹰

File 4.zip received on 02.19.2008 19:22:41 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 18/32 (56.25%)

Loading server information...
Your file is queued in position: ___.
Estimated start time is between ___ and ___
.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.

Compact
Print results

Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position:
) for an undefined time. You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.  

Email:

Antivirus	Version	Last Update	Result
AhnLab-V3	2008.2.20.0	2008.02.19	-
AntiVir	7.6.0.67	2008.02.19	ADSPY/Cdn.B.1
Authentium	4.93.8	2008.02.19	W32/Trojan.YGH
Avast	4.7.1098.0	2008.02.18	Win32:Adware-gen
AVG	7.5.0.516	2008.02.19	Adware Generic2.FWT
BitDefender	7.2	2008.02.19	Adware.CDN.J
CAT-QuickHeal	9.50	2008.02.18	-
ClamAV	0.92.1	2008.02.19	Adware.CDN-8
DrWeb	4.44.0.09170	2008.02.19	Adware.Cdn
eSafe	7.0.15.0	2008.02.17	-
eTrust-Vet	31.3.5548	2008.02.19	-
Ewido	4.0	2008.02.19	Adware.Cdnup
FileAdvisor	1	2008.02.19	-
Fortinet	3.14.0.0	2008.02.19	Adware/Bdsearch
F-Prot	4.4.2.54	2008.02.18	W32/Trojan.YGH
F-Secure	6.70.13260.0	2008.02.19	-
Ikarus	T3.1.1.20	2008.02.19	AdWare.Cdnup.A.1
Kaspersky	7.0.0.125	2008.02.19	-
McAfee	5232	2008.02.18	potentially unwanted program Adware-CDNHelper
Microsoft	1.3204	2008.02.19	BrowserModifier:Win32/CNNIC
NOD32v2	2886	2008.02.19	-
Norman	5.80.02	2008.02.19	-
Panda	9.0.0.4	2008.02.19	Generic Malware
Prevx1	V2	2008.02.19	Heuristic: Suspicious File With Covert Attributes
Rising	20.32.12.00	2008.02.19	-
Sophos	4.26.0	2008.02.19	CNav
Sunbelt	3.0.884.0	2008.02.19	-
Symantec	10	2008.02.19	-
TheHacker	6.2.9.223	2008.02.18	-
VBA32	3.12.6.1	2008.02.17	suspected of Embedded.OScope.Adware.GV.Cdn
VirusBuster	4.3.26:9	2008.02.19	-
Webwasher-Gateway	6.6.2	2008.02.19	Ad-Spyware.Cdnup.A.1

Additional information

File size: 436358 bytes

MD5: 7c8917132741727c166197308368eed6

SHA1: 8b5a92a13b022ceff522cecc30f7685c46381280

PEiD: -

packers: ASPack

Prevx info: http://info.prevx.com/aboutprogr ... 6219D4CA700D8FD5955

capsshift

多引擎扫描，红伞已经报了。

清蒸波波面

费尔已经杀了

kkgh

ewido anti-spyware - Scan Report
---------------------------------------------------------

+ 创建时间:        10:26:37 2008-2-20

+ 扫描结果:       



C:\Documents and Settings\zh\桌面\4.exe -> Adware.Cdnup : 已清除.
C:\Documents and Settings\zh\桌面\4.zip/4.exe -> Adware.Cdnup : 已清除.


::报告结束

微点卫士

程序:
C:\SANDBOX\ADMINISTRATOR\DEFAULTBOX\DRIVE\C\PROGRAM FILES\CNNIC\CDN\CDNUP.EXE
是否阻止该进程继续运行?

程序:
C:\SANDBOX\ADMINISTRATOR\DEFAULTBOX\DRIVE\C\PROGRAM FILES\CNNIC\CDN\CDNUP.EXE
是否删除病毒程序及其衍生物?