zbot trojan remover免费下载 最新更新|软件分类|软件专题|手机版|论坛转贴|软件发布

您当前所在位置:首页安全相关病毒防治 → ZBot病毒查杀工具(ZBot Trojan Remover) v1.7 绿色版

ZBot病毒查杀工具(ZBot Trojan Remover)

v1.7 绿色版

ZBot病毒查杀工具(ZBot Trojan Remover)
  • 软件大小:554KB
  • 软件语言:中文
  • 软件类型:国产软件 / 病毒防治
  • 软件授权:免费软件
  • 更新时间:2017-07-17 17:47
  • 软件等级:4星
  • 应用平台:WinXP, Win7
  • 软件官网:

ITMOP本地下载文件大小:554KB

点赞好评0%(0) 差评差评0%(0)

软件介绍人气软件精品推荐相关文章网友评论下载地址

小编为您推荐:ZBotTrojanRemover病毒查杀工具

ZBot病毒查杀工具(ZBot Trojan Remover)是一款好用的病毒查杀软件,可以检测并查杀ZBot变种木马病毒,这病毒可以从网站上窃取用户的银行信息,信用卡信息和paypal账户的登录凭据。欢迎来IT猫扑网下载!

病毒样本:

Malware Analyzer by HX

Analysis started

MD5: 2BB9A1C4B35719ABD022C605A546D6C4

Executing -> \Device\HarddiskVolume3\Users\Gateway\Desktop\2BB9A1C4B35719ABD022C605A546D6C4.exe (PID: 13440)

Command-line: "C:\Users\Gateway\Desktop\2BB9A1C4B35719ABD022C605A546D6C4.exe"

C:\Users\Gateway\Desktop\2BB9A1C4B35719ABD022C605A546D6C4.exe

WriteFile, C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe

C:\Users\Gateway\Desktop\2BB9A1C4B35719ABD022C605A546D6C4.exe

WriteRegistryKey, Software\Microsoft

C:\Users\Gateway\Desktop\2BB9A1C4B35719ABD022C605A546D6C4.exe

WriteRegistryKey, Juat

C:\Users\Gateway\Desktop\2BB9A1C4B35719ABD022C605A546D6C4.exe

DeleteFile, C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe

C:\Users\Gateway\Desktop\2BB9A1C4B35719ABD022C605A546D6C4.exe

WriteFile, C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe

C:\Users\Gateway\Desktop\2BB9A1C4B35719ABD022C605A546D6C4.exe

WriteFile, C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe

Executing -> \Device\HarddiskVolume3\Sandbox\Gateway\Analyzer\user\current\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

Command-line: "C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe"

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe

WriteRegistryKey, Software\Microsoft\Juat

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe

WriteRegistryKey, f62bfi

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

accessPROTECTEDProgram, C:\Windows\System32\taskhost.exe (PID: 1992)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Windows\System32\dwm.exe (PID: 2976)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Users\Gateway\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (PID: 3484)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Program Files (x86)\Google\Drive\googledrivesync.exe (PID: 3496)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Program Files\sandboxie\SbieCtrl.exe (PID: 3524)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (PID: 3584)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, K:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 8 for Windows\avp.exe (PID: 3592)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Users\Gateway\Desktop\goagent-goagent-a51d6a2\local\goagent.exe (PID: 3600)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Windows\System32\conhost.exe (PID: 3608)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Program Files\BOINC\boincmgr.exe (PID: 3696)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Users\Gateway\Desktop\goagent-goagent-a51d6a2\local\python27.exe (PID: 3704)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Program Files\BOINC\boinctray.exe (PID: 3776)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, K:\SkyDrive\Programs\vb\Sherlogger\Sherlogger.exe (PID: 3840)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, K:\Program Files (x86)\BaiduYun\baiduyun.exe (PID: 3868)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Program Files (x86)\Google\Drive\googledrivesync.exe (PID: 3952)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Program Files\BOINC\boinc.exe (PID: 3964)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Windows\System32\conhost.exe (PID: 3972)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Program Files (x86)\alipay\SafeTransaction\AlipaySafeTran.exe (PID: 17800)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_dsfl_vina_6.25_windows_x86_64 (PID: 57092)

C:\Users\Gateway\AppData\Roaming\Gola\xyeq.exe (PID: 16540)

AccessPROTECTEDProgram, C:\Windows\System32\conhost.exe (PID: 58156)

Rolling back...

Analysis ended

Reason: Malware detected and rolled back

Anomalies:

- Modifies protected resource. The executable modifies important resources (files, processes, etc.)

更多>>软件截图

推荐软件

其他版本下载

    精品推荐

    相关文章

    下载地址

    • ZBot病毒查杀工具(ZBot Trojan Remover) v1.7 绿色版

    查看所有评论>>网友评论

    发表评论

    (您的评论需要经过审核才能显示) 网友粉丝QQ群号:203046401

    查看所有0条评论>>

    更多>>猜你喜欢