又更新了！结果: 11/36 (30.56%)

qigang

反病毒引擎	版本	最后更新	扫描结果
AhnLab-V3	2008.8.21.0	2008.08.26	Win-AppCare/Sogou.192512.H
AntiVir	7.8.1.23	2008.08.26	-
Authentium	5.1.0.4	2008.08.25	-
Avast	4.8.1195.0	2008.08.25	Win32:BHO-GG
AVG	8.0.0.161	2008.08.26	-
BitDefender	7.2	2008.08.26	Adware.Sogou.Gen
CAT-QuickHeal	9.50	2008.08.25	-
ClamAV	0.93.1	2008.08.26	-
DrWeb	4.44.0.09170	2008.08.26	-
eSafe	7.0.17.0	2008.08.24	-
eTrust-Vet	31.6.6048	2008.08.25	Win32/Sadbiz!generic
Ewido	4.0	2008.08.25	-
F-Prot	4.4.4.56	2008.08.26	W32/Cpush.A.gen!Eldorado
F-Secure	7.60.13501.0	2008.08.26	-
Fortinet	3.14.0.0	2008.08.26	-
GData	2.0.7306.1023	2008.08.20	Win32:BHO-GG
Ikarus	T3.1.1.34.0	2008.08.26	Virus.Win32.BHO.GG
K7AntiVirus	7.10.428	2008.08.25	-
Kaspersky	7.0.0.125	2008.08.26	-
McAfee	5369	2008.08.25	-
Microsoft	1.3807	2008.08.25	Program:Win32/Sogou
NOD32v2	3388	2008.08.26	a variant of Win32/Adware.Cinmus
Norman	5.80.02	2008.08.26	-
Panda	9.0.0.4	2008.08.25	Suspicious file
PCTools	4.4.2.0	2008.08.25	-
Prevx1	V2	2008.08.26	-
Rising	20.59.11.00	2008.08.26	-
Sophos	4.32.0	2008.08.26	Troj/AdClick-ER
Sunbelt	3.1.1582.1	2008.08.26	-
Symantec	10	2008.08.26	-
TheHacker	6.3.0.6.060	2008.08.23	-
TrendMicro	8.700.0.1004	2008.08.26	-
VBA32	3.12.8.4	2008.08.25	-
ViRobot	2008.8.26.1350	2008.08.26	-
VirusBuster	4.5.11.0	2008.08.25	-
Webwasher-Gateway	6.6.2	2008.08.26	-

附加信息

File size: 192512 bytes

MD5...: 45a727242c091a4cc14bba6af45592d6

SHA1..: 8585173e938982ac8b52e07200eab512788cc281

SHA256: a2bf81ade9ca6fd419c26de39875deb62d780598ab67bc33f250933fd0ade846

SHA512: 99696b0e830a35dc6b3c436b17ec92926b8113007063e32b182bd471e5be4fde f108233c2bfc06e5eea72febc77ccfb31f4da7b753889388348eae52aaed90e2

PEiD..: -

PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x10017240 timedatestamp.....: 0x48b39955 (Tue Aug 26 05:49:09 2008) machinetype.......: 0x14c (I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x20aa3 0x21000 6.61 da30b84abe7fd2333b78ad6731a55194 .rdata 0x22000 0x602d 0x7000 4.81 ce8aed7515e8a14fd60dd2f5711d03d9 .data 0x29000 0x2f68 0x2000 2.69 8933fc11e9e8d7dd5b22248e3d19a744 .rsrc 0x2c000 0xee0 0x1000 3.91 56c2e64abf7e40c8b832912b03088b45 .reloc 0x2d000 0x2a44 0x3000 5.02 7c21eefcda674f6a2c515ea94e3c7253 ( 9 imports ) > WS2_32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, - > WININET.dll: InternetCloseHandle, InternetOpenA, InternetCanonicalizeUrlA, InternetGetCookieA, InternetSetCookieA, InternetReadFile, HttpQueryInfoA, InternetOpenUrlA > KERNEL32.dll: IsBadCodePtr, IsBadReadPtr, LoadLibraryA, GetStringTypeW, GetStringTypeA, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, GetStartupInfoA, GetFileType, GetStdHandle, SetHandleCount, GetTimeZoneInformation, UnhandledExceptionFilter, SetUnhandledExceptionFilter, InterlockedExchange, GetACP, GetLocaleInfoA, GetThreadLocale, GetVersionExA, MultiByteToWideChar, WideCharToMultiByte, RaiseException, EnterCriticalSection, LeaveCriticalSection, InitializeCriticalSection, DeleteCriticalSection, SizeofResource, LockResource, LoadResource, FindResourceA, FindResourceExA, GetLastError, lstrlenA, GetTickCount, SetEvent, WaitForSingleObject, CloseHandle, CreateProcessA, lstrcatA, GetShortPathNameA, GetModuleFileNameA, lstrcmpiA, lstrlenW, lstrcpyA, GetModuleHandleA, lstrcpynA, InterlockedIncrement, InterlockedDecrement, IsDBCSLeadByte, GetPrivateProfileStringA, GetPrivateProfileIntA, ResumeThread, ResetEvent, ReleaseMutex, CreateMutexA, WaitForMultipleObjects, CreateEventA, TerminateThread, HeapFree, WriteFile, HeapAlloc, GetProcessHeap, CreateFileA, DeleteFileA, CreateThread, MoveFileA, ReadFile, GetTempFileNameA, GetTempPathA, FreeLibrary, LoadLibraryExA, ExitProcess, Sleep, CompareStringA, CompareStringW, TlsSetValue, TlsFree, SetLastError, TlsAlloc, GetCPInfo, GetOEMCP, GetCommandLineA, GetSystemTimeAsFileTime, GetCurrentThreadId, ExitThread, RtlUnwind, VirtualQuery, GetSystemInfo, VirtualAlloc, VirtualProtect, HeapSize, HeapReAlloc, HeapDestroy, GetProcAddress, SetFilePointer, SetStdHandle, FlushFileBuffers, GetLocalTime, SetEnvironmentVariableA, LCMapStringA, LCMapStringW, GetCurrentProcessId, QueryPerformanceCounter, GetCurrentProcess, TerminateProcess, IsBadWritePtr, VirtualFree, HeapCreate, TlsGetValue > USER32.dll: SetWindowPos, SendMessageA, PostMessageA, EnumChildWindows, GetDesktopWindow, GetClassNameA, GetMessageA, TranslateMessage, DispatchMessageA, SystemParametersInfoA, GetForegroundWindow, CharNextA, wsprintfA, GetParent > ADVAPI32.dll: RegEnumValueA, RegEnumKeyExA, RegSetValueExA, RegQueryValueExA, RegOpenKeyExA, RegCreateKeyExA, RegCloseKey, RegDeleteValueA, RegDeleteKeyA, RegQueryInfoKeyA > SHELL32.dll: SHGetFileInfoA > ole32.dll: CoTaskMemFree, StringFromCLSID, CLSIDFromString, StringFromGUID2, CoCreateGuid, CoUninitialize, CoCreateInstance, CoInitialize, CoTaskMemAlloc, CoTaskMemRealloc > OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, - > SHLWAPI.dll: PathFindExtensionA ( 6 exports ) DllCanUnloadNow, DllGetClassObject, DllMain, DllRegisterServer, DllUnregisterServer, _EntryPoint@16

ThreatExpert info: http://www.threatexpert.com/repo ... a4cc14bba6af45592d6

huangxinster

kis miss
上报

主动防御

晕，微软的都报了 再汗一个

Kitman

The file 'cpush.dll' has been determined to be 'UNDER ANALYSIS'.

BING126

McAfee  miss

尤金卡巴斯基

2008/8/27 9:45:42        已清除        风险软件 not-a-virus:AdWare.Win32.BHO.cqm        G:\Temp\Virus\cpush.rar/cpush.dll

wusuobuzai

貌似报的不是很多啊~!

啊弥陀佛

cpush.dll

conan1229

级别不够.....

hj5abc

gen

The file 'H:\cpush.rar'
contained a virus or unwanted program 'ADSPY/Sogou.Gen.79' [adware]
Action(s) taken:The file was deleted!

[ 本帖最后由 hj5abc 于 2008-8-27 12:13 编辑 ]