收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 卡巴斯基 【警惕】今天无意中领教到一个kill掉kis7的东东
123下一页
返回列表 发新帖
查看: 5715|回复: 27
收起左侧

[新闻资讯] 【警惕】今天无意中领教到一个kill掉kis7的东东

[复制链接]
mwe_1_
发表于 2008-9-8 19:56:46 | 显示全部楼层 |阅读模式
我的Kis 7.0.1.325被kill掉了,一直用Kis感觉很安全的说,碰到这种事说实话挺吃惊的。。。
过程:今天想下载个比特精灵Bitspirit(BT软件),google搜索“Bitspirit”,排在第一位的网站是“www.bitspirit.com.cn”,点进去,页面没什么异常,感觉就该是官网的样子,任选一个下载点,弹出的下载文件名为“setup.exe”,感觉有点奇怪,继续,文件down下来,用卡巴扫描了一次,没有问题。随后安装,一路下来,无任何异常。等我装完了bt软件,开始配置它,这个时候。。。我无意中瞟了一眼系统通知区,怎么感觉少了什么东西?卡巴呢?被关了??
再手动开启卡巴,立刻报警,风险软件 Hidden install 正在运行的进程: F:\Program Files\比特精灵\init.exe
木马 Trojan-Downloader.Win32.Agent.afjh 文件: C:\Program Files\GG\GG.exe//PE_Patch.UPX//UPX
木马 Trojan-Downloader.Win32.Agent.afji 文件: C:\Log\QQ.dll//PE_Patch.UPX//UPX
这几个东西卡巴可以杀掉(可惜在这之前卡巴已经被关了-_-!!  ps.我当然有开自我保护的)
除了上述3文件以外,C:\Program Files\GG   C:\Log 这2个隐藏目录也得删掉,其中C:\Program Files\GG下面有个GoSvr.exe 会作为系统服务运行在系统进程中,卡巴不报警,得手动kill掉。还有系统盘windows目录下还有个隐藏的没有后缀名的文件 webs,删掉。
关于这些个木马的查杀方法,可以参考下http://baike.360.cn/3237987/9864971.html ,原文中说木马会修改IE首页,我没遇到这个问题,另外原文说这几个木马是比特精灵故意绑定的恶意软件,这个。。。我不作评论了,不过可以肯定的是“www.bitspirit.com.cn”是一个仿冒网站,比特精灵的官方网站应该是“www.167bt.com”,两个网站的内容基本上是一模一样,大家要警惕了!!
关于这个木马程序,建议高手和相关技术人员去研究研究,以不断完善我们的卡巴。
回复

举报

蔓草
发表于 2008-9-8 20:18:56 | 显示全部楼层
不会吧,谢谢楼主提醒,还好我不下载bt
回复

举报

cfly
发表于 2008-9-8 20:21:18 | 显示全部楼层
感谢提醒
回复

举报

WWL363112122
发表于 2008-9-8 20:22:11 | 显示全部楼层
好像是加壳了吧!
回复

举报

wangjay1980
发表于 2008-9-8 20:35:49 | 显示全部楼层
我测试了一下,此网站提供的SETUP.EXE没有文中说的行为,只是一个安装包

下面是生成文件的LOG
2008-9-8 JAY20:30:17 比特精灵 安装  Modification C:\Documents and Settings\Owner\Local Settings\Temp\is-6KFUD.tmp\setup.tmp
2008-9-8 JAY20:30:19 Setup/Uninstall  Placed in group Low Restricted
2008-9-8 JAY20:30:19 Setup/Uninstall  Process start C:\DOCUME~1\Owner\LOCALS~1\Temp\is-6KFUD.tmp\setup.tmp
2008-9-8 JAY20:30:27 Setup/Uninstall : KLSystemData/FD-C/ Create C:\DOCUME~1\Owner\LOCALS~1\Temp\is-UJIM7.tmp\_isetup\_RegDLL.tmp
2008-9-8 JAY20:30:27 Setup/Uninstall  Modification C:\Documents and Settings\Owner\Local Settings\Temp\is-UJIM7.tmp\_isetup\_RegDLL.tmp
2008-9-8 JAY20:30:27 Setup/Uninstall : KLSystemData/FD-C/ Create C:\DOCUME~1\Owner\LOCALS~1\Temp\is-UJIM7.tmp\_isetup\_shfoldr.dll
2008-9-8 JAY20:30:27 Setup/Uninstall  Create C:\Documents and Settings\Owner\Local Settings\Temp\is-UJIM7.tmp\_isetup\_shfoldr.dll
2008-9-8 JAY20:30:39 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\unins000.dat
2008-9-8 JAY20:30:39 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\is-G82PP.tmp
2008-9-8 JAY20:30:39 Setup/Uninstall  Modification C:\Program Files\比特精灵\is-G82PP.tmp
2008-9-8 JAY20:30:45 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:45 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:45 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\is-G82PP.tmp
2008-9-8 JAY20:30:45 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\unins000.exe
2008-9-8 JAY20:30:45 Setup/Uninstall  Create C:\Program Files\比特精灵\unins000.exe
2008-9-8 JAY20:30:45 Setup/Uninstall  Rename C:\Program Files\比特精灵\unins000.exe
2008-9-8 JAY20:30:45 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\is-2A4UT.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\is-2A4UT.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\is-2A4UT.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\BitSpirit.exe
2008-9-8 JAY20:30:46 Setup/Uninstall  Create C:\Program Files\比特精灵\BitSpirit.exe
2008-9-8 JAY20:30:46 Setup/Uninstall  Rename C:\Program Files\比特精灵\BitSpirit.exe
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\is-MPFOO.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\is-MPFOO.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\BitSpirit.exe.manifest
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\is-47DR6.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\is-47DR6.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\is-47DR6.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\BLink.dll
2008-9-8 JAY20:30:46 Setup/Uninstall  Create C:\Program Files\比特精灵\BLink.dll
2008-9-8 JAY20:30:46 Setup/Uninstall  Rename C:\Program Files\比特精灵\BLink.dll
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\is-7SKDK.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\is-7SKDK.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\is-7SKDK.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\BetterSP2.exe
2008-9-8 JAY20:30:46 Setup/Uninstall  Create C:\Program Files\比特精灵\BetterSP2.exe
2008-9-8 JAY20:30:46 Setup/Uninstall  Rename C:\Program Files\比特精灵\BetterSP2.exe
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\is-N2E90.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\is-N2E90.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\is-N2E90.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\BSOPLib.dll
2008-9-8 JAY20:30:46 Setup/Uninstall  Create C:\Program Files\比特精灵\BSOPLib.dll
2008-9-8 JAY20:30:46 Setup/Uninstall  Rename C:\Program Files\比特精灵\BSOPLib.dll
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\is-VHKE7.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\is-VHKE7.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\is-VHKE7.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\bsres.dll
2008-9-8 JAY20:30:46 Setup/Uninstall  Create C:\Program Files\比特精灵\bsres.dll
2008-9-8 JAY20:30:46 Setup/Uninstall  Rename C:\Program Files\比特精灵\bsres.dll
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\is-TSJLJ.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\is-TSJLJ.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\is-TSJLJ.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\Builder.exe
2008-9-8 JAY20:30:46 Setup/Uninstall  Create C:\Program Files\比特精灵\Builder.exe
2008-9-8 JAY20:30:46 Setup/Uninstall  Rename C:\Program Files\比特精灵\Builder.exe
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\is-R3PSM.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\is-R3PSM.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\is-R3PSM.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\init.exe
2008-9-8 JAY20:30:46 Setup/Uninstall  Create C:\Program Files\比特精灵\init.exe
2008-9-8 JAY20:30:46 Setup/Uninstall  Rename C:\Program Files\比特精灵\init.exe
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\is-P3JBE.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\is-P3JBE.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\splash.bmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\is-40UDB.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\is-40UDB.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\torrent.ico
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\is-BBOG7.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\is-BBOG7.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\is-BBOG7.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\SPParser.exe
2008-9-8 JAY20:30:46 Setup/Uninstall  Create C:\Program Files\比特精灵\SPParser.exe
2008-9-8 JAY20:30:46 Setup/Uninstall  Rename C:\Program Files\比特精灵\SPParser.exe
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\Codec\is-JRGSQ.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\Codec\is-JRGSQ.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\Codec
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\Codec
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\Codec\is-JRGSQ.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\Codec\dxFilter.ax
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\Codec\dxFilter.ax
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\Codec\is-9H0IU.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\Codec\is-9H0IU.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\Codec
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\Codec
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\Codec\is-9H0IU.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\Codec\RealMediaSplitter.ax
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\Codec\RealMediaSplitter.ax
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\Codec\is-ET3LS.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall  Modification C:\Program Files\比特精灵\Codec\is-ET3LS.tmp

[ 本帖最后由 wangjay1980 于 2008-9-8 20:40 编辑 ]
回复

举报

wangjay1980
发表于 2008-9-8 20:42:07 | 显示全部楼层
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\Codec
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\Codec
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\Codec\is-JRGSQ.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\Codec\dxFilter.ax
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\Codec\dxFilter.ax
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\Codec\is-9H0IU.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\Codec\is-9H0IU.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\Codec
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\Codec
2008-9-8 JAY20:30:46 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\Codec\is-9H0IU.tmp
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\Codec\RealMediaSplitter.ax
2008-9-8 JAY20:30:46 Setup/Uninstall  Modification C:\Program Files\比特精灵\Codec\RealMediaSplitter.ax
2008-9-8 JAY20:30:46 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\Codec\is-ET3LS.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall  Modification C:\Program Files\比特精灵\Codec\is-ET3LS.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\Codec
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\Codec
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\Codec\is-ET3LS.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\Codec\wxMedia.dll
2008-9-8 JAY20:30:47 Setup/Uninstall  Create C:\Program Files\比特精灵\Codec\wxMedia.dll
2008-9-8 JAY20:30:47 Setup/Uninstall  Rename C:\Program Files\比特精灵\Codec\wxMedia.dll
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\config\is-JP29P.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\config
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\config
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\config\is-JP29P.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\config\app.ico
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\config\is-6FF7L.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\config
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\config
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\config\is-6FF7L.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\config\banner.bmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\config\is-PMR09.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\config
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\config
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\config\is-PMR09.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\config\BitSpirit Online.url
2008-9-8 JAY20:30:47 Setup/Uninstall  Create C:\Program Files\比特精灵\config\BitSpirit Online.url
2008-9-8 JAY20:30:47 Setup/Uninstall  Rename C:\Program Files\比特精灵\config\BitSpirit Online.url
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\config\is-8RLBH.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\config
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\config
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\config\is-8RLBH.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\config\ipfilter.dat
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\config\is-JBUL2.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\config
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\config
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\config\is-JBUL2.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\config\mfilter.dat
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\plugin\is-CFGR2.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall  Modification C:\Program Files\比特精灵\plugin\is-CFGR2.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\plugin
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\plugin
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\plugin\is-CFGR2.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\plugin\IPDesc.dll
2008-9-8 JAY20:30:47 Setup/Uninstall  Create C:\Program Files\比特精灵\plugin\IPDesc.dll
2008-9-8 JAY20:30:47 Setup/Uninstall  Rename C:\Program Files\比特精灵\plugin\IPDesc.dll
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\plugin\is-UQ686.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall  Modification C:\Program Files\比特精灵\plugin\is-UQ686.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\plugin
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\plugin
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\plugin\is-UQ686.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\plugin\tracker.dll
2008-9-8 JAY20:30:47 Setup/Uninstall  Create C:\Program Files\比特精灵\plugin\tracker.dll
2008-9-8 JAY20:30:47 Setup/Uninstall  Rename C:\Program Files\比特精灵\plugin\tracker.dll
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\language\is-02TM2.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\language
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\language
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\language\is-02TM2.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\language\chinese(simp).2ng
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\language\is-V3OOQ.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\language
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\language
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\language\is-V3OOQ.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\language\chinese(tard).2ng
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\sounds\is-CN5OM.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\sounds
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\sounds
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\sounds\is-CN5OM.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\sounds\alert.wav
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\sounds\is-8UAJD.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\sounds
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\sounds
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\sounds\is-8UAJD.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\sounds\msg.wav
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\tblanguage\is-23U18.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\tblanguage
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\tblanguage
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\tblanguage\is-23U18.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\tblanguage\chinese(hk).lng
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\tblanguage\is-3PFFN.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\tblanguage
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Modification C:\Program Files\比特精灵\tblanguage
2008-9-8 JAY20:30:47 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Program Files\比特精灵\tblanguage\is-3PFFN.tmp
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\tblanguage\chinese(prc).lng
2008-9-8 JAY20:30:47 Setup/Uninstall Denied: KLPrivateData/KLPrivateUserFiles/My documents2 Read C:\Documents and Settings\Owner\My Documents\desktop.ini
2008-9-8 JAY20:30:47 Setup/Uninstall Denied: KLPrivateData/KLPrivateUserFiles/My documents2 Read C:\Documents and Settings\Owner\My Documents\desktop.ini
2008-9-8 JAY20:30:47 Setup/Uninstall Denied: KLPrivateData/KLPrivateUserFiles/My documents2 Read C:\Documents and Settings\Owner\My Documents\desktop.ini
2008-9-8 JAY20:30:47 Setup/Uninstall  Create C:\Documents and Settings\All Users\「开始」菜单\程序\比特精灵\比特精灵.lnk
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Documents and Settings\All Users\「开始」菜单\程序\比特精灵\比特精灵.lnk
2008-9-8 JAY20:30:47 Setup/Uninstall Denied: KLSystemData/KLStartupRegKeys/Common Startup Modification hkey_users\S-1-5-21-1292428093-706699826-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2008-9-8 JAY20:30:47 Setup/Uninstall Denied: KLSystemData/KLStartupRegKeys/Common Startup Modification hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2008-9-8 JAY20:30:47 Setup/Uninstall Denied: KLPrivateData/KLPrivateUserFiles/My documents2 Read C:\Documents and Settings\Owner\My Documents\desktop.ini
2008-9-8 JAY20:30:47 Setup/Uninstall Denied: KLPrivateData/KLPrivateUserFiles/My documents2 Read C:\Documents and Settings\Owner\My Documents\desktop.ini
2008-9-8 JAY20:30:47 Setup/Uninstall Denied: KLPrivateData/KLPrivateUserFiles/My documents2 Read C:\Documents and Settings\Owner\My Documents\desktop.ini
2008-9-8 JAY20:30:47 Setup/Uninstall Denied: KLPrivateData/KLPrivateUserFiles/My documents2 Read C:\Documents and Settings\Owner\My Documents\My Pictures\desktop.ini
2008-9-8 JAY20:30:47 Setup/Uninstall Denied: KLPrivateData/KLPrivateUserFiles/My documents2 Read C:\Documents and Settings\Owner\My Documents\My Pictures\desktop.ini
2008-9-8 JAY20:30:47 Setup/Uninstall Denied: KLPrivateData/KLPrivateUserFiles/My documents2 Read C:\Documents and Settings\Owner\My Documents\My Pictures\desktop.ini
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Documents and Settings\All Users\「开始」菜单\程序\比特精灵\卸载 比特精灵.lnk
2008-9-8 JAY20:30:47 Setup/Uninstall  Create C:\Documents and Settings\All Users\「开始」菜单\程序\比特精灵\卸载 比特精灵.lnk
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\REGISTRY\MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\比特精灵_IS1
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/Inno Setup: Setup Version
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/Inno Setup: App Path
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/InstallLocation
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/Inno Setup: Icon Group
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/Inno Setup: User
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/Inno Setup: Selected Tasks
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/Inno Setup: Deselected Tasks
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/DisplayName
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/UninstallString
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/QuietUninstallString
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/Publisher
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/URLInfoAbout
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/HelpLink
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/URLUpdateInfo
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/NoModify
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/NoRepair
2008-9-8 JAY20:30:47 Setup/Uninstall  Create HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\比特精灵_is1/InstallDate
2008-9-8 JAY20:30:47 Setup/Uninstall : KLSystemData/FD-C/ Create C:\Program Files\比特精灵\unins000.dat
2008-9-8 JAY20:30:49 Setup/Uninstall Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc Process start c:\program files\比特精灵\init.exe
2008-9-8 JAY20:30:49 Setup/Uninstall Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc Process start c:\program files\比特精灵\init.exe
2008-9-8 JAY20:30:49 Setup/Uninstall Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc Process start c:\program files\比特精灵\init.exe
2008-9-8 JAY20:30:55 Setup/Uninstall Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc Process start c:\program files\比特精灵\bitspirit.exe
2008-9-8 JAY20:30:55 Setup/Uninstall Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc Process start c:\program files\比特精灵\bitspirit.exe
2008-9-8 JAY20:30:55 Setup/Uninstall Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc Process start c:\program files\比特精灵\bitspirit.exe
2008-9-8 JAY20:31:01 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Documents and Settings\Owner\Local Settings\Temp\is-UJIM7.tmp\_isetup\_RegDLL.tmp
2008-9-8 JAY20:31:01 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Documents and Settings\Owner\Local Settings\Temp\is-UJIM7.tmp\_isetup\_shfoldr.dll
2008-9-8 JAY20:31:01 Setup/Uninstall  Delete C:\Documents and Settings\Owner\Local Settings\Temp\is-UJIM7.tmp\_isetup\_shfoldr.dll
2008-9-8 JAY20:31:01 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Documents and Settings\Owner\Local Settings\Temp\is-UJIM7.tmp\_isetup
2008-9-8 JAY20:31:01 Setup/Uninstall Allowed: KLSystemData/FD-C/ Delete C:\Documents and Settings\Owner\Local Settings\Temp\is-UJIM7.tmp
2008-9-8 JAY20:31:01 Setup/Uninstall  Process exit C:\DOCUME~1\Owner\LOCALS~1\Temp\is-6KFUD.tmp\setup.tmp


可以看出完全没有文中说的问题,没有什么恶意行为,更不可能关闭卡巴,鉴定完毕。

[ 本帖最后由 wangjay1980 于 2008-9-8 20:43 编辑 ]
回复

举报

tpy_yx
发表于 2008-9-8 20:48:48 | 显示全部楼层
比特精灵官方网站是
www.167bt.com/
 
国人最好使用‘百度’,搜索‘比特精灵’
回复

举报

mwe_1_
 楼主| 发表于 2008-9-8 21:00:46 | 显示全部楼层
安装包没问题?那是不是运行这个假冒的BS时,启动的 init.exe 比较厉害?我的kis确实是在不经意间被关闭了
回复

举报

wangjay1980
发表于 2008-9-8 21:08:47 | 显示全部楼层

回复 8楼 mwe_1_ 的帖子

运行也没问题,而且可以成功卸载此软件
回复

举报

mwe_1_
 楼主| 发表于 2008-9-8 21:15:31 | 显示全部楼层
原帖由 wangjay1980 于 2008-9-8 21:08 发表
运行也没问题,而且可以成功卸载此软件


您是否用的卡巴2009?我相信2009能够完全封锁掉这种东西,我之前也用过,十分强大。
KIS7.0.1.325可是什么都没提示就被卡擦了啊。。。
单独对init.exe扫描难道没发现异常吗?或者试着运行它。。。(我觉得挺危险的。。)
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-1-13 02:51 , Processed in 0.121721 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表