瑞星升级程序v1.0=DLOADER.Trojan

qqq000@qq.com

F:\070425\[木马]2\瑞星升级程序v1.0\瑞星升级程序 V1.0.exe - 好
>F:\070425\[木马]2\瑞星升级程序v1.0\new[1].exe - 好
>F:\070425\[木马]2\瑞星升级程序v1.0\剑盟瑞星升级程序.exe - 好
F:\070425\[木马]2\瑞星升级程序v1.0\mUninstall.exe 是 Adware 程序    Adware.Msearch
F:\070425\[木马]2\瑞星升级程序v1.0\AutoLive.dll - 文档    CAB
>F:\070425\[木马]2\瑞星升级程序v1.0\AutoLive.dll\helper.dll 是 Adware 程序    Adware.Cnshel
>F:\070425\[木马]2\瑞星升级程序v1.0\AutoLive.dll\cns01.dat - 好
F:\070425\[木马]2\瑞星升级程序v1.0\AutoLive.dll - 文档包含感染对象                 
F:\070425\[木马]2\瑞星升级程序v1.0\CnsMinEx.dll 可能感染 -->           DLOADER.Trojan
F:\070425\[木马]2\瑞星升级程序v1.0\CnsHook.dll 是 Adware 程序    Adware.Cdn
F:\070425\[木马]2\瑞星升级程序v1.0\CnsMin.dll 是 Adware 程序    Adware.Cdn
F:\070425\[木马]2\瑞星升级程序v1.0\cns1.dll 是 Adware 程序    Adware.Cdn
F:\070425\[木马]2\瑞星升级程序v1.0\cns1.exe 是 Adware 程序    Adware.Cdn
F:\070425\[木马]2\瑞星升级程序v1.0\cns1u.cpr - 好
F:\070425\[木马]2\瑞星升级程序v1.0\cnsminkp2k.sys - 好
F:\070425\[木马]2\瑞星升级程序v1.0\cnsminkp.vxd - 好
F:\070425\[木马]2\瑞星升级程序v1.0\cnsminkpxp.sys - 好
F:\070425\[木马]2\瑞星升级程序v1.0\keepmain.dll 是 Adware 程序    Adware.Cdn
F:\070425\[木马]2\瑞星升级程序v1.0\rav2006\瑞星升级程序 V1.0.exe - 好
F:\070425\[木马]2\瑞星升级程序v1.0\rav2006\agent.ini - 好

The EQs

杀广告是nod32的弱点。。。。
Scan performed at: 2007-4-25 10:56:18
Scanning Log
NOD32 version 2216 (20070424) NT
Command line: C:\Documents and Settings\EQ2\桌面\瑞星升级程序v1.0
Operating memory - is OK

Date: 25.4.2007  Time: 10:56:22
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\瑞星升级程序v1.0\
C:\Documents and Settings\EQ2\桌面\瑞星升级程序v1.0\CnsMin.dll - a variant of Win32/CnsMin application
C:\Documents and Settings\EQ2\桌面\瑞星升级程序v1.0\mUninstall.exe - Win32/Adware.WSearch application - quarantined - unable to clean - deleted
Number of scanned files: 17
Number of threats found: 2
Number of files cleaned: 2
Time of completion: 10:56:23 Total scanning time: 1 sec (00:00:01)

qqq000@qq.com

是大蜘蛛(Dr.Web)
好好,把 瑞星升级程序v1.0
剑盟瑞星升级程序.exe
杀了

谁让他 老杀易语言

mofunzone

Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\瑞星升级程序v1.0'
C:\Documents and Settings\morgan\My Documents\瑞星升级程序v1.0\
  AutoLive.dll
      [DETECTION] Contains signature of the Ad- or Spyware ADSPY/CoolBar
      [INFO]      The file was deleted!
  cns1.dll
      [DETECTION] Is the Trojan horse TR/Dldr.Baido
      [INFO]      The file was deleted!
  cns1.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Baido
      [INFO]      The file was deleted!
  cns1u.cpr
  CnsHook.dll
      [DETECTION] Contains signature of the Ad- or Spyware ADSPY/SuspectModule
      [INFO]      The file was deleted!
  CnsMin.dll
  CnsMinEx.dll
  cnsminkp.vxd
      [DETECTION] Contains signature of the application APPL/Inst.Yok.6
      [INFO]      The file was deleted!
  cnsminkp2k.sys
  cnsminkpxp.sys
  keepmain.dll
      [DETECTION] Is the Trojan horse TR/Spy.CNSMin
      [INFO]      The file was deleted!
  mUninstall.exe
      [DETECTION] Contains signature of the Ad- or Spyware ADSPY/WSearch.2
      [INFO]      The file was deleted!
  new[1].exe
      [DETECTION] Is the Trojan horse TR/Dldr.H
      [INFO]      The file was deleted!
  剑盟瑞星升级程序.exe
      [DETECTION] Is the Trojan horse TR/Dldr.H
      [INFO]      The file was deleted!
  瑞星升级程序 V1.0.exe
C:\Documents and Settings\morgan\My Documents\瑞星升级程序v1.0\rav2006\
  agent.ini
  瑞星升级程序 V1.0.exe


End of the scan: 2007年4月24日  20:11
Used time: 00:12 min

The scan has been done completely.

      2 Scanning directories
     17 Files were scanned
      9 viruses and/or unwanted programs were found
      0 classified as suspicious:
      9 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      8 Files not concerned
      0 Archives were scanned
      0 Warnings
      0 Notes
      0 Hidden objects were found

mofunzone

Thank you for your submission. Below you can see the current status of the uploaded files.



We received the following archive files:File ID         Filename         Size (Byte)        Result
275660         123.rar        1.51 MB        OK


A listing of files contained inside archives alongside their results can be found below:File ID         Filename         Size (Byte)        Result
275661         cns1u.cpr         10.19 KB         UNDER ANALYSIS
275662         CnsMin.dll         248 KB         UNDER ANALYSIS
275663         CnsMinEx.dll         80 KB         UNDER ANALYSIS
275664         cnsminkp2k.sys         37.5 KB         UNDER ANALYSIS
275665         cnsminkpxp.sys         39 KB         UNDER ANALYSIS
275666         agent.ini         37 B         UNDER ANALYSIS
275667         ############ V1.0.exe         840.17 KB         UNDER ANALYSIS
275667         ############ V1.0.exe         840.17 KB         UNDER ANALYSIS



Please find a detailed report concerning each individual sample below: Filename        Result
cns1u.cpr         UNDER ANALYSIS


The file 'cns1u.cpr' has been determined to be 'UNDER ANALYSIS'.
Filename        Result
CnsMin.dll         UNDER ANALYSIS


The file 'CnsMin.dll' has been determined to be 'UNDER ANALYSIS'.
Filename        Result
CnsMinEx.dll         UNDER ANALYSIS


The file 'CnsMinEx.dll' has been determined to be 'UNDER ANALYSIS'.
Filename        Result
cnsminkp2k.sys         UNDER ANALYSIS


The file 'cnsminkp2k.sys' has been determined to be 'UNDER ANALYSIS'.
Filename        Result
cnsminkpxp.sys         UNDER ANALYSIS


The file 'cnsminkpxp.sys' has been determined to be 'UNDER ANALYSIS'.
Filename        Result
agent.ini         UNDER ANALYSIS


The file 'agent.ini' has been determined to be 'UNDER ANALYSIS'.
Filename        Result
############ V1.0.exe         UNDER ANALYSIS


The file '############ V1.0.exe' has been determined to be 'UNDER ANALYSIS'.
Filename        Result
############ V1.0.exe         UNDER ANALYSIS


The file '############ V1.0.exe' has been determined to be 'UNDER ANALYSIS'.

Please note that you will receive an email which will contain the results shown above. In case the final outcome of the analysis is not yet finished for all files the notification will be sent once ready.

wangjay1980

杀

458506

其实这个东西就象，一个杀是正常的，但是要是大家都杀就没有理由是正常的了。。

caocao

KIS
已检测: 广告程序 not-a-virus:AdWare.Win32.WSearch.a        文件: D:\Downloads\瑞星升级程序v1.0.part01.rar/mUninstall.exe
已检测: 广告程序 not-a-virus:AdWare.Win32.WSearch.a        文件: D:\Downloads\瑞星升级程序v1.0.part02.rar/mUninstall.exe
已检测: 广告程序 not-a-virus:AdWare.Win32.WSearch.a        文件: D:\Downloads\瑞星升级程序v1.0.part03.rar/mUninstall.exe
已检测: 广告程序 not-a-virus:AdWare.Win32.WSearch.a        文件: D:\Downloads\瑞星升级程序v1.0.part04.rar/mUninstall.exe
已检测: 广告程序 not-a-virus:AdWare.Win32.WSearch.a        文件: D:\Downloads\瑞星升级程序v1.0.part05.rar/mUninstall.exe
已检测: 广告程序 not-a-virus:AdWare.Win32.WSearch.a        文件: D:\Downloads\瑞星升级程序v1.0.part06.rar/mUninstall.exe
已检测: 广告程序 not-a-virus:AdWare.Win32.WSearch.a        文件: D:\Downloads\瑞星升级程序v1.0.part07.rar/mUninstall.exe