卡巴一族被挂(23x)

显示全部楼层 · 发表于 2008-9-20 14:58:23

下载器http://www.php-baidu1.cn/dows.exe（貌似是落雪的下载器）
读取Http://www.php-baidu.cn/txt.txt

http://www.49612812.cn/wm1/01.exe
01.exe
http://www.49612812.cn/wm1/02.exe
02.exe
http://www.49612812.cn/wm1/03.exe
03.exe
http://www.49612812.cn/wm1/04.exe
04.exe
http://www.49612812.cn/wm1/05.exe
05.exe
http://www.49612812.cn/wm1/06.exe
06.exe
http://www.49612812.cn/wm1/07.exe
07.exe
http://www.49612812.cn/wm1/08.exe
08.exe
http://www.49612812.cn/wm1/09.exe
09.exe
http://www.49612812.cn/wm1/10.exe
10.exe
http://www.49612812.cn/wm1/11.exe
11.exe
http://www.49612812.cn/wm1/12.exe
12.exe
http://www.49612812.cn/wm1/13.exe
13.exe
http://www.49612812.cn/wm1/14.exe
14.exe
http://www.49612812.cn/wm1/15.exe
15.exe
http://www.49612812.cn/wm1/16.exe
16.exe
http://www.49612812.cn/wm1/17.exe
17.exe
http://www.49612812.cn/wm1/18.exe
18.exe
http://www.49612812.cn/wm1/19.exe
19.exe
http://www.49612812.cn/wm1/20.exe
20.exe
http://www.49612812.cn/wm1/21.exe
21.exe
http://www.49612812.cn/wm1/22.exe
22.exe
http://www.49612812.cn/wm1/23.exe
23.exe
http://www.49612812.cn/wm1/24.exe
24.exe
http://www.49612812.cn/wm1/25.exe
25.exe
http://www.49612812.cn/wm1/26.exe
26.exe
http://www.49612812.cn/wm1/27.exe
27.exe
http://www.49612812.cn/wm1/28.exe
28.exe
http://www.49612812.cn/wm1/29.exe
29.exe
http://www.49612812.cn/wm1/30.exe
30.exe

复制代码

[ 本帖最后由 promised 于 2008-9-20 15:00 编辑 ]

显示全部楼层 · 发表于 2008-9-20 15:00:42

树大招风。。

显示全部楼层 · 发表于 2008-9-20 15:05:39

卡巴09exe全部清空留下了几个*.dll
to kl

显示全部楼层 · 发表于 2008-9-20 15:10:44

onlinegame的dll是真
exe只是做dropper而已

显示全部楼层 · 发表于 2008-9-20 15:12:09

我知道，卡巴最近入库onlinegames很多，但看来还是跟不上节奏，这东西更新太快。

显示全部楼层 · 发表于 2008-9-20 15:18:06

卡巴自从1年多前就天天入库很多onlinegames
特征码永远跟不上节奏，幸亏卡巴还是每小时更新的
但用户中onlinegame依然屡见不鲜
ps:卡巴一族怎么现在这么多帖子

显示全部楼层 · 发表于 2008-9-20 15:19:28

Begin scan in 'E:\Download\Virus\vir.rar'
E:\Download\Virus\vir.rar
[0] Archive type: RAR
--> vir\dowsun_.exe
   [DETECTION] Is the TR/Unpacked.Gen Trojan
   --> vir\01.exe
      [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> vir\02.exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
--> vir\03.exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
--> vir\04.exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
--> vir\05.exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
--> vir\06.exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
--> vir\07.exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
--> vir\08.exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
--> vir\09.exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
   --> vir\dows.exe
      [DETECTION] Contains HEUR/Crypted suspicious code
--> vir\10.exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
--> vir\HBCHIBI.dll
   [DETECTION] Contains HEUR/Malware suspicious code
--> vir\HBKDXY.dll
   [DETECTION] Contains HEUR/Malware suspicious code
--> vir\HBWULIN2.dll
   [DETECTION] Contains HEUR/Malware suspicious code
--> vir\HBZHUXIAN.dll
   [DETECTION] Contains HEUR/Malware suspicious code
--> vir\HBW2I.dll
   [DETECTION] Contains HEUR/Malware suspicious code
--> vir\explore.exe
   [DETECTION] Is the TR/PSW.OnlineGames.ZPL Trojan
--> vir\HBKernel32.sys
   [DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.rnq.2 back-door program
[NOTE]    The file was deleted!

End of the scan: 2008年9月20日星期六  15:18
Used time: 00:09 Minute(s)

The scan has been done completely.

   0 Scanning directories
   24 Files were scanned
   10 viruses and/or unwanted programs were found
   9 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   5 Files not concerned
   1 Archives were scanned
   0 Warnings
   1 Notes

显示全部楼层 · 发表于 2008-9-20 15:20:15

现在卡巴是大量入库，原来每天是零星，现在是几十几十的入库~~

不是吧，你不知道？
卡巴一族现在在换key~~MS铜卡币可以换正版的KIS和KAV

显示全部楼层 · 发表于 2008-9-20 15:24:40

以前每次零星入库是有可能的
但不可能每天只入库一点点
我以前看到一天会更新24*10+
ps:我又不用杀软
我关心这个干吗

显示全部楼层 · 发表于 2008-9-20 15:28:13

访问卡巴一族论坛没提示病毒啊，现在卡巴一族一天10万左右的回帖

[病毒样本] 卡巴一族被挂(23x)

本帖子中包含更多资源

回复 3楼 syfwxmh 的帖子

回复 4楼 promised 的帖子

回复 5楼 syfwxmh 的帖子

回复 6楼 promised 的帖子

回复 8楼 syfwxmh 的帖子