Test Sample(1)

显示全部楼层 · 发表于 2008-6-10 20:30:43

地址：http://wind.tyuced.cn/adswin//adsupdate.asp?ver=2007010300

[update]
ver=2008052700
url=http://wind.tyuced.cn/adswin/soft/84cf15bec3ac347c.exe
[count]
count=1
mecount=1
url=http://wind.tyuced.cn/adswin/count/count.asp
[ads]
adstimer=600
adsautoclick=1
adsdisplaytimer=41

显示全部楼层 · 发表于 2008-6-10 20:31:50

Begin scan in 'C:\Documents and Settings\haha\桌面\84cf15bec3ac347c.rar'
C:\Documents and Settings\haha\桌面\84cf15bec3ac347c.rar
  [0] Archive type: RAR
  --> 84cf15bec3ac347c.exe
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Popwin.blg Backdoor server programs
   [NOTE]    A backup was created as '48b1745f.qua'  ( QUARANTINE )

End of the scan: 2008年6月10日  20:31
Used time: 00:02 min

The scan has been done completely.

   0 Scanning directories
   2 Files were scanned
   1 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   1 Archives were scanned
   0 Warnings
   1 Notes

显示全部楼层 · 发表于 2008-6-10 20:42:55

晕倒。。。
这个报的有点搞笑。。。

显示全部楼层 · 发表于 2008-6-10 20:45:38

信息 2008-06-10  20:45:19 您此次查毒清除了1个病毒
信息 2008-06-10  20:45:19 您此次查毒共查出1个病毒以及危险代码
信息 2008-06-10  20:45:19 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件3个
信息 2008-06-10  20:45:19 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2008-06-10  20:45:19 D:\Desktop\84cf15bec3ac347c.rar\84cf15bec3ac347c.exe Worm.DownLoaderT.at.180224 清除成功

显示全部楼层 · 发表于 2008-6-10 21:19:35

访问被拒绝
找不到所请求的 URL

在尝试检索 URL 时:

http://bbs.kafan.cn/attachment.php?aid=
283414&k=27c8bbf6094b07ef172d4998da30b67
8&t=1213103885

遇到了下列错误:

所请求的对象已被感染了下列病毒: Backdoor.Win32.Popwin.blg

如果您认为这是不正确的,请联系您的服务提供商。
生成于:
Tue Jun 10 21:18:22 2008
Kaspersky Internet Security 2009

显示全部楼层 · 发表于 2008-6-10 21:21:30

[Scanning : C:\Documents and Settings\All Users\Documents\Test]

C:\Documents and Settings\All Users\Documents\Test\84cf15bec3ac347c.rar<RAR>:84cf15bec3ac347c.exe <- Trojan.Popwin.Blg : No action

Scanned objects : 3

Infected objects : 1

显示全部楼层 · 发表于 2008-6-10 21:22:08

[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\84cf15bec3ac347c.rar->84cf15bec3ac347c.exe->(UPack)

---------------------------------------------------------------------
Scan ended: 2008-6-10, 21:21:44
Duration: 0:00:04

Scan result:

Scanned files:    6
Infected objects:    1
Disinfected objects:    0
Quarantined files:    0
---------------------------------------------------------------------

显示全部楼层 · 发表于 2008-6-11 10:52:11

微点砍掉

显示全部楼层 · 发表于 2008-6-11 11:47:59

2008-6-11 11:47:39 未采取操作 Administrator C:\Documents and Settings\Administrator\桌面\84cf15bec3ac347c.rar\84CF15BEC3AC347C.EXE Generic BackDoor(特洛伊)

显示全部楼层 · 发表于 2008-6-11 17:38:29

Virus or unwanted program 'BDS/Popwin.blg [backdoor]'
detected in file 'C:\Documents and Settings\Administrator\桌面\84cf15bec3ac347c.exe.
Action performed: Deny access

[病毒样本] Test Sample(1)

本帖子中包含更多资源

本帖子中包含更多资源

ArcaVir2008

F-Prot 4.4.4

本帖子中包含更多资源