home

Changsha Spring Culture Communications Ltd.

Publisher Information

Changsha Spring Culture Communications Ltd. is a software developer located in Changsha, Hunan in China*. Thre are 3 additional code signing certificates issued to this publisher.
Authority:
VeriSign, Inc.

Valid from:
8/1/2012 8:00:00 AM

Valid to:
11/1/2015 7:59:59 AM

Subject:
CN=Changsha Spring Culture Communications Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Changsha Spring Culture Communications Ltd., L=Changsha, S=Hunan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
55eccb2274bcf4877b864f67ed1d1b49

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

ESET NOD32
Win32/Packed.VMProtect.AAN (variant), Win32/Agent.RKD (variant)
75.00%

Quick Heal
(Suspicious) - DNAScan
62.50%

Sophos
Mal/FakeAV-OP
62.50%

Kaspersky
HEUR:Trojan.Win32.Generic, UDS:DangerousObject.Multi.Generic
50.00%

VIPRE Antivirus
Trojan.Win32.Generic
50.00%

Fortinet FortiGate
W32/FakeAV.OP!tr, W32/Generic.RKD!tr
50.00%

NANO AntiVirus
Trojan.Win32.FakeAVOP.ctcwsl, Trojan.Win32.Hosts.djovsi
37.50%

McAfee
Artemis!BC7EE4D98BF3, Artemis!705A8EBB62C6, Artemis!BA875BBF09DE
37.50%

K7 AntiVirus
Riskware , Trojan
37.50%

avast!
Win32:GenMaliciousA-ACB [Trj]
37.50%

0 / 68
aizojes.dll (by HNSPRING)  (fca36e5b21b6db296d3228978dbdd08a)

0 / 68
adnhbkju.dll (by HNSPRING)  (c5e308c2f7959e01935df897e05f31dd)

0 / 68
wmbmgr.exe.old  (e39bfa898b9331344247c78342f4aad8)

0 / 68
WMBMGR.EXE  (428eca224504e15a28fcc3e94fa59afd)

28 / 68    (PUP)
mzdclient.exe (MZDCLIENT by HNSPRING)  (ba875bbf09dee95ada4d913b954b91f8)

0 / 68
pxdscsi.sys (MZD.Live by MZ)  (e81d3525bb1ed67a0b0c828dd2eeaaca)

0 / 68
pxdpnp.sys (MZD.Live by MZ)  (c1cab28c1f70fa147e0665c6df01cea7)

0 / 68
pxdndis.sys (MZD.Live by MZ)  (1e3ada00b98771f20994d671a683fb75)

0 / 68
uiefxgb.dll (by HNSPRING)  (4816d2ca1ec817ce38f8b1720996d9fd)

0 / 68
mzdscsi.sys (MZD.Live by MZ)  (7ac759b5d197cea5094e1adcb9944204)

0 / 68
mzdscsi.sys (MZD.Live by MZ)  (9d8ac1fa251d2111795238de550848d5)

0 / 68
mzdpnp.sys (MZD.Live by MZ)  (cab8cb03891d89197df1071db929aa56)

0 / 68
mzdndis.sys (MZD.Live by MZ)  (3b6f40cded88d1c2be7a7874b72f7faf)

0 / 68
mzdpnp64.sys (MZD.Live by MZ)  (f527c3e34c345ab5b8a8731469bddfb2)

0 / 68
wmbsvc.dll (SpringLiveUpdate by Spring Tech)  (915eeb90fb11526a7f6edd7a457710cc)

0 / 68
WMBTOOLS.EXE  (b006e426a1bfbd7631b699f191feda17)

0 / 68
mzdscsi.sys (MZD.Live by MZ)  (afff50dd8c799dd4a1a72203c3920f83)

0 / 68
mzdpnp.sys (MZD.Live by MZ)  (11741d553214ea7882613e5265b66457)

0 / 68
mzdndis.sys (MZD.Live by MZ)  (290776ac7b7229294dd90225d901a2e5)

0 / 68
mzdclient.exe (MZDCLIENT by HNSPRING)  (cef8b6a4b89ea50e3c6e5cf5d910a84d)

0 / 68
mzdscsi.sys (MZD.Live by MZ)  (cbfc8fdb261efdebdccc59e6476d4ea7)

0 / 68
wmbmgr.dll.old  (2804affaaf7666ec8321e6d97648e9f1)

0 / 68
WMBMGR.DLL  (0304b5d544971d5c0631f2f6c6bdae0f)

0 / 68
wmbsvc.dll (SpringLiveUpdate by Spring Tech)  (a7cbd213d49af10d0f3084e0508432dd)

1 / 68
wmbmgr.dll.old  (0839754c9c4b8ea30647c1368bab48fe)

0 / 68
mzdpnp64.sys (MZD.Live by MZ)  (4f59554db2f4044a0aa164e36c2b7806)

0 / 68
mzdsetup20131111.exe (MZD Client Setup by CSSPL)  (4b36698065e68e8f1ffe2568da4abfc0)

7 / 68      (Malware)
IESAFE.DLL (by HNSPRING)  (03712cba2829b9c9b5593a938cbfc3a7)

0 / 68
mzdpnp.sys (MZD.Live by MZ)  (a90b69bd087daffe276da344b34e9109)

0 / 68
WMBTOOLS.EXE  (5076a5c915a8e40d3d805838750ca6b2)

 
Latest 30 of 45 files

The certificates below are also signed by Changsha Spring Culture Communications Ltd..

7C44F14A7EFE1423AC2C127A5F951A1B  (Oct 27, 2015 to Nov 26, 2018)

0EF0746B819F5EC82003DB65F5079FBD  (Sep 06, 2010 to Oct 06, 2012)

1E98C34006932EC2F9CFEB2CDFC39FD9  (Sep 08, 2009 to Sep 09, 2010)

* Note, the details and description above are based on the code signing digital signature issued to Changsha Spring Culture Communications Ltd. by VeriSign, Inc. on August 01, 2012 with the serial number '55eccb2274bcf4877b864f67ed1d1b49'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.