瑞星卡卡安全论坛

首页 » 技术交流区 » 可疑文件交流 » 393r.dll,n9elo8.dll,733d.exe ,s.exe
endurer - 2010-3-24 22:21:00
O2 - BHO CFunPlayer Object - {66DF3805-4078-4095-BA13-09DBC92F3E87} = C:\WINDOWS\system32\393r.dll  | 2010-2-6 17:51:22 | IE Media Object | 1.0.0.1 | IE Media Object | Beijing Angels Technology ltd.  All rights reserved. | 1.0.0.1 | Beijing Angels Technology ltd.| ? | BHO.dll | b.dll


文件说明符 : C:\WINDOWS\system32\393r.dll
属性 : ----
数字签名:Beijing BoDong Wanjie Network Technology Co.Ltd
PE文件:是
语言 : 中文(中国)
文件版本 : 1.0.0.1
说明 : IE Media Object
版权 : Beijing Angels Technology ltd.  All rights reserved.
产品版本 : 1.0.0.1
产品名称 : IE Media Object
公司名称 : Beijing Angels Technology ltd.
内部名称 : BHO.dll
源文件名 : b.dll
创建时间 : 2010-1-30 21:8:29
修改时间 : 2010-2-6 17:51:22
大小 : 156328 字节 152.680 KB
MD5 : cef404bb4d617cc5c7ee83ef7e54cf4c
SHA1: 4515A901689910D07F0A18E7B1D4A34D9455CA82
CRC32: 0618c254

反病毒引擎版本最后更新扫描结果
a-squared4.5.0.502010.03.24Trojan-Downloader.Win32.Adload!IK
AhnLab-V35.0.0.22010.03.24-
AntiVir8.2.1.1962010.03.24TR/BHO.adld
Antiy-AVL2.0.3.72010.03.24AdWare/Win32.BHO.gen
Authentium5.2.0.52010.03.24-
Avast4.8.1351.02010.03.24Win32:Adload-LR
Avast55.0.332.02010.03.24Win32:Adload-LR
AVG9.0.0.7872010.03.24-
BitDefender7.22010.03.24Application.Generic.285893
CAT-QuickHeal10.002010.03.24Trojan.Agent.ATV
ClamAV0.96.0.0-git2010.03.24-
Comodo43682010.03.24ApplicUnwnt.Win32.Adware.DM.B
DrWeb5.0.1.122222010.03.24MULDROP.Trojan
eSafe7.0.17.02010.03.24Win32.TRBHO.Adld
eTrust-Vet35.2.73862010.03.24-
F-Prot4.5.1.852010.03.23-
F-Secure9.0.15370.02010.03.24Application.Generic.285893
Fortinet4.0.14.02010.03.24Adware/BHO
GData192010.03.24Application.Generic.285893
IkarusT3.1.1.80.02010.03.24Trojan-Downloader.Win32.Adload
Jiangmin13.0.9002010.03.24-
K7AntiVirus7.10.10042010.03.22Trojan.Win32.Malware.4
Kaspersky7.0.0.1252010.03.24not-a-virus:AdWare.Win32.BHO.lct
McAfee59292010.03.23potentially unwanted program Adware-BHO
McAfee+Artemis59292010.03.23potentially unwanted program Adware-BHO
McAfee-GW-Edition6.8.52010.03.24Trojan.BHO.adld
Microsoft1.56052010.03.24TrojanDownloader:Win32/Adload.L
NOD3249712010.03.24Win32/Adware.WSearch.AD
Norman6.04.102010.03.24-
nProtect2009.1.8.02010.03.24Trojan-Clicker/W32.BHO.156328
Panda10.0.2.22010.03.23Suspicious file
PCTools7.0.3.52010.03.24Adware.Ruango
Prevx3.02010.03.24High Risk Spyware
Rising22.40.02.032010.03.24-
Sophos4.51.02010.03.24Mal/Generic-A
Sunbelt60312010.03.22Trojan.Win32.Generic!BT
Symantec20091.2.0.412010.03.24Adware.ADH
TheHacker6.5.2.0.2422010.03.24-
TrendMicro9.120.0.10042010.03.24-
VBA323.12.12.22010.03.24-
ViRobot2010.3.24.22422010.03.24-
VirusBuster5.0.27.02010.03.24Trojan.BHO.ADSA



O2 - BHO BHO Class - {AFA9FF66-862A-4b0c-8D6B-3FB026ECEB0A} = C:\WINDOWS\system32\n9elo8.dll  | 2010-2-14 16:50:54 | Flacdker Product | 1, 0, 2, 8 | Transactin_Module | Copyright 2006 | 1, 0, 2, 8 | RealNetworks Corporation |  | Browser Services | Browser Services


文件说明符 : C:\WINDOWS\system32\n9elo8.dll
属性 : A---
数字签名:否
PE文件:是
语言 : 英语(美国)
文件版本 : 1, 0, 2, 8
说明 : Transactin_Module
版权 : Copyright 2006
备注 : RealNetworks Corporation
产品版本 : 1, 0, 2, 8
产品名称 : Flacdker Product
公司名称 : RealNetworks Corporation
内部名称 : Browser Services
源文件名 : Browser Services
创建时间 : 2010-2-14 16:50:52
修改时间 : 2010-2-14 16:50:54
大小 : 49152 字节 48.0 KB
MD5 : b0dbc62ab50f176d1740b17ae269ef8e
SHA1: EF84013329758D7FEB6DCA2024F22865BC89C31A
CRC32: 20b3a0d1

文件 n9elo8.dll 接收于 2010.03.24 13:40:59 (UTC)

反病毒引擎版本最后更新扫描结果
a-squared4.5.0.502010.03.24Riskware.AdWare.Win32.BHO!IK
AhnLab-V35.0.0.22010.03.24-
AntiVir8.2.1.1962010.03.24ADSPY/Bho.lft
Antiy-AVL2.0.3.72010.03.24AdWare/Win32.BHO.gen
Authentium5.2.0.52010.03.24-
Avast4.8.1351.02010.03.24Win32:Malware-gen
Avast55.0.332.02010.03.24Win32:Malware-gen
AVG9.0.0.7872010.03.24-
BitDefender7.22010.03.24-
CAT-QuickHeal10.002010.03.24-
ClamAV0.96.0.0-git2010.03.24-
Comodo43682010.03.24UnclassifiedMalware
DrWeb5.0.1.122222010.03.24-
eSafe7.0.17.02010.03.24-
eTrust-Vet35.2.73862010.03.24Win32/SillyBHO.HD
F-Prot4.5.1.852010.03.23-
F-Secure9.0.15370.02010.03.24-
Fortinet4.0.14.02010.03.24Adware/BHO
GData192010.03.24Win32:Malware-gen
IkarusT3.1.1.80.02010.03.24not-a-virus:AdWare.Win32.BHO
Jiangmin13.0.9002010.03.24Adware/Boolans.gd
K7AntiVirus7.10.10042010.03.22-
Kaspersky7.0.0.1252010.03.24not-a-virus:AdWare.Win32.BHO.lft
McAfee59292010.03.23Generic PWS!hv.ah
McAfee+Artemis59292010.03.23Artemis!B0DBC62AB50F
McAfee-GW-Edition6.8.52010.03.24Ad-Spyware.Bho.lft
Microsoft1.56052010.03.24-
NOD3249712010.03.24-
Norman6.04.102010.03.24-
nProtect2009.1.8.02010.03.24-
Panda10.0.2.22010.03.23-
PCTools7.0.3.52010.03.24Adware.WSearch.O
Prevx3.02010.03.24Medium Risk Malware
Rising22.40.02.032010.03.24-
Sophos4.51.02010.03.24-
Sunbelt60312010.03.22-
Symantec20091.2.0.412010.03.24Adware.Gen
TheHacker6.5.2.0.2422010.03.24-
TrendMicro9.120.0.10042010.03.24TROJ_DESUROU.SMB
VBA323.12.12.22010.03.24AdWare.Win32.BHO.lft
ViRobot2010.3.24.22422010.03.24-
VirusBuster5.0.27.02010.03.24-



O23 - 服务: MediaIECom (MediaIECom) - C:\WINDOWS\system32\733d.exe | 2010-2-6 17:51:24(自动)

文件说明符 : C:\WINDOWS\system32\733d.exe
属性 : ---R
数字签名:Beijing BoDong Wanjie Network Technology Co.Ltd
PE文件:是
获取文件版本信息大小失败!
创建时间 : 2010-1-30 21:8:29
修改时间 : 2010-2-6 17:51:24
大小 : 115368 字节 112.680 KB
MD5 : 2d6440d451236ec8a330bf3f54b548e7
SHA1: 7267854CC6594B0D01DCF8BBE7F38D176464B79D
CRC32: b13beaaf

文件 733d.exe 接收于 2010.03.24 13:36:37 (UTC)

反病毒引擎版本最后更新扫描结果
a-squared4.5.0.502010.03.24Trojan-Downloader.Win32.Adload!IK
AhnLab-V35.0.0.22010.03.24Win-Trojan/Adload.115368
AntiVir8.2.1.1962010.03.24ADSPY/Bho.kzb
Antiy-AVL2.0.3.72010.03.24Trojan/Win32.Adload.gen
Authentium5.2.0.52010.03.24W32/Rugu.D.gen!Eldorado
Avast4.8.1351.02010.03.24Win32:Adload-LR
Avast55.0.332.02010.03.24Win32:Adload-LR
AVG9.0.0.7872010.03.24Generic16.BKIH
BitDefender7.22010.03.24Application.Generic.284939
CAT-QuickHeal10.002010.03.24TrojanDownloader.Adload.obl
ClamAV0.96.0.0-git2010.03.24-
Comodo43682010.03.24-
DrWeb5.0.1.122222010.03.24Trojan.DownLoad1.36946
eSafe7.0.17.02010.03.24-
eTrust-Vet35.2.73862010.03.24-
F-Prot4.5.1.852010.03.23W32/Rugu.D.gen!Eldorado
F-Secure9.0.15370.02010.03.24Application.Generic.284939
Fortinet4.0.14.02010.03.24W32/Adload.OBL!tr.dldr
GData192010.03.24Application.Generic.284939
IkarusT3.1.1.80.02010.03.24Trojan-Downloader.Win32.Adload
Jiangmin13.0.9002010.03.24TrojanDownloader.Adload.ipm
K7AntiVirus7.10.10042010.03.22Trojan-Downloader.Win32.Adload.obl
Kaspersky7.0.0.1252010.03.24Trojan-Downloader.Win32.Adload.obl
McAfee59292010.03.23Generic Downloader.x!dap
McAfee+Artemis59292010.03.23Generic Downloader.x!dap
McAfee-GW-Edition6.8.52010.03.24Ad-Spyware.Bho.kzb
Microsoft1.56052010.03.24-
NOD3249712010.03.24Win32/Adware.WSearch
Norman6.04.102010.03.24-
nProtect2009.1.8.02010.03.24Trojan-Clicker/W32.BHO.115368
Panda10.0.2.22010.03.23Suspicious file
PCTools7.0.3.52010.03.24Trojan-Downloader.Adload
Prevx3.02010.03.24-
Rising22.40.02.032010.03.24-
Sophos4.51.02010.03.24Mal/Generic-A
Sunbelt60312010.03.22Trojan.Win32.Generic!BT
Symantec20091.2.0.412010.03.24SecurityRisk.ADH
TheHacker6.5.2.0.2422010.03.24-
TrendMicro9.120.0.10042010.03.24-
VBA323.12.12.22010.03.24AdWare.Win32.BHO.kzb
ViRobot2010.3.24.22422010.03.24-
VirusBuster5.0.27.02010.03.24Adware.Bho.ACXE



O23 - 服务: OSEvent (OSEvent) - C:\WINDOWS\system32\s.exe | 2010-1-20 13:31:22 | Microsoft(R) Windows(R) Operating System | 3.1.2600.2160 | COM Surrogate | Microsoft Corporation | 3.1.2600.2160 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | COM| ?(自动)


文件说明符 : C:\WINDOWS\system32\s.exe
属性 : A--R
数字签名:Beijing BoDong Wanjie Network Technology Co.Ltd
PE文件:是
语言 : 中文(中国)
文件版本 : 3.1.2600.2160 (xpsp_sp2_rtm.040803-2158)
说明 : COM Surrogate
版权 : Microsoft Corporation
产品版本 : 3.1.2600.2160
产品名称 : Microsoft(R) Windows(R) Operating System
公司名称 : Microsoft Corporation
内部名称 : COM
创建时间 : 2009-12-30 17:29:57
修改时间 : 2010-1-20 13:31:22
大小 : 85456 字节 83.464 KB
MD5 : fff63a64b440ca1b4e2071e5ac4e3a29
SHA1: FCD1C863D92785349F461E899EBE1C3FEEED892B
CRC32: b5cf10e6

文件 s.exe 接收于 2010.03.24 13:43:46 (UTC)
反病毒引擎版本最后更新扫描结果
a-squared4.5.0.502010.03.24Riskware.AdWare.Win32.Zhongsou!IK
AhnLab-V35.0.0.22010.03.24-
AntiVir8.2.1.1962010.03.24-
Antiy-AVL2.0.3.72010.03.24-
Authentium5.2.0.52010.03.24-
Avast4.8.1351.02010.03.24-
Avast55.0.332.02010.03.24-
AVG9.0.0.7872010.03.24-
BitDefender7.22010.03.24-
CAT-QuickHeal10.002010.03.24-
ClamAV0.96.0.0-git2010.03.24-
Comodo43682010.03.24UnclassifiedMalware
DrWeb5.0.1.122222010.03.24Trojan.AdLoad.8
eSafe7.0.17.02010.03.24Win32.Agent.Qoc
eTrust-Vet35.2.73862010.03.24-
F-Prot4.5.1.852010.03.23-
F-Secure9.0.15370.02010.03.24-
Fortinet4.0.14.02010.03.24-
GData192010.03.24-
IkarusT3.1.1.80.02010.03.24not-a-virus:AdWare.Win32.Zhongsou
Jiangmin13.0.9002010.03.24-
K7AntiVirus7.10.10042010.03.22-
Kaspersky7.0.0.1252010.03.24-
McAfee59292010.03.23-
McAfee+Artemis59292010.03.23Artemis!FFF63A64B440
McAfee-GW-Edition6.8.52010.03.24-
Microsoft1.56052010.03.24-
NOD3249712010.03.24a variant of Win32/Agent.QOC
Norman6.04.102010.03.24-
nProtect2009.1.8.02010.03.24-
Panda10.0.2.22010.03.23-
PCTools7.0.3.52010.03.24-
Prevx3.02010.03.24-
Rising22.40.02.032010.03.24-
Sophos4.51.02010.03.24-
Sunbelt60312010.03.22-
Symantec20091.2.0.412010.03.24Suspicious.Insight
TheHacker6.5.2.0.2422010.03.24Trojan/Agent.qoc
TrendMicro9.120.0.10042010.03.24-
VBA323.12.12.22010.03.24-
ViRobot2010.3.24.22422010.03.24-
VirusBuster5.0.27.02010.03.24-


用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; QQDownload 1.7; Maxthon)

附件: 4f.rar
海生 - 2010-3-25 16:43:00
下载看看
1
查看完整版本: 393r.dll,n9elo8.dll,733d.exe ,s.exe
© 2000 - 2025 Rising Corp. Ltd.