驱动+DLL

显示全部楼层 · 发表于 2009-3-17 19:18:31

还有一个驱动忘记备份了.

显示全部楼层 · 发表于 2009-3-17 19:21:55

Starting the file scan:

Begin scan in 'D:\new\��.rar'
D:\new\��.rar
  [0] Archive type: RAR
--> jvykd.sys
   [DETECTION] Is the TR/Rootkit.Gen Trojan
--> kblpv.sys
   [DETECTION] Is the TR/Rootkit.Gen Trojan
--> zQap08.dll
   [DETECTION] Is the TR/Dldr.BHOSta Trojan
--> 04gl99.dll
   [DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '49ee882a.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!

End of the scan: 2009年3月17日  19:23
Used time: 00:00 Minute(s)

The scan has been done completely.

   0 Scanned directories
   5 Files were scanned
   4 Viruses and/or unwanted programs were found
   0 Files were classified as suspicious
   1 files were deleted
   0 Viruses and unwanted programs were repaired
   1 Files were moved to quarantine
   0 Files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   1 Archives were scanned
   0 Warnings
   1 Notes

显示全部楼层 · 发表于 2009-3-17 19:23:20

Name: Trojan.DL.Agent.GAQI
Type: Trojan

Description:

Files:
c:\users\administrator\desktop\新建文件夹\04gl99.dll

Name: Rootkit.Agent.FMRI
Type: Trojan

Description:

Files:
c:\users\administrator\desktop\新建文件夹\jvykd.sys

Name: Trojan.DL.BHOSta.CC
Type: Trojan

Description:

Files:
c:\users\administrator\desktop\新建文件夹\zqap08.dll

Name: Trojan.DL.RtkDL.Gen
Type: Virus

Description:

Files:
c:\users\administrator\desktop\新建文件夹\kblpv.sys

显示全部楼层 · 发表于 2009-3-17 19:26:35

趋势删

显示全部楼层 · 发表于 2009-3-17 20:34:36

发现病毒: Trojan.Agent.AKEH (Engine A)
文件: zQap08.dll
发现病毒: Trojan.Agent.AKEH (Engine A)
文件: 04gl99.dll

显示全部楼层 · 发表于 2009-3-17 20:52:18

KIS8.0 Kill
2009-3-17 20:51:39 http://bbs.kafan.cn/attachment.p ... 37294270//jvykd.sys Internet Explorer 检测到威胁: Trojan-Downloader.Win32.Agent.afea

显示全部楼层 · 发表于 2009-3-17 20:57:24

文件或对象名称    病毒名称          最终处理状态
E:\My Documents\桌面\test\样本\04gl99.dll Trojan.Agent.AKEH       已移动至隔离区
E:\My Documents\桌面\test\样本\zQap08.dll Trojan.Agent.AKEH    已移动至隔离区
E:\My Documents\桌面\test\样本\jvykd.sys Trojan.Generic.707212 已移动至隔离区
E:\My Documents\桌面\test\样本\kblpv.sys Trojan.Generic.777894 已移动至隔离区

显示全部楼层 · 发表于 2009-3-17 21:04:44

McAfee 报了4个。。

04gl99.dll       downloader-blw
jvykd.sys          backdoor-dsn!sys
kblpv.sys          backdoor-dsn!sys
zqap08.dll       downloader-blw

显示全部楼层 · 发表于 2009-3-18 00:36:14

2009/3/18 0:35:40 已清除木马程序 Trojan-Downloader.Win32.Agent.afea G:\Temp\Virus\样本.rar/jvykd.sys
2009/3/18 0:35:40 已清除木马程序 Trojan-Downloader.Win32.Agent.aiqk G:\Temp\Virus\样本.rar/04gl99.dll
2009/3/18 0:35:40 已清除木马程序 Trojan-Downloader.Win32.BHOSta.ce G:\Temp\Virus\样本.rar/zQap08.dll

Signature Miss 1,To KL

显示全部楼层 · 发表于 2009-3-18 01:53:01

Hello,

v.sys - Trojan-Downloader.Win32.ChinaHuan.uu

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

Regards, Vitaly Yakutenko
Virus analyst, Kaspersky Lab.
10/1, 1st Volokolamsky Proezd, Moscow, 123060, Russia
Tel./Fax: + 7 (495) 797 8700
http://www.kaspersky.com http://www.viruslist.com

[病毒样本] 驱动+DLL

本帖子中包含更多资源

本帖子中包含更多资源

BD kill