作者bornagain (麦可‧柯里昂)
看板AntiVirus
标题[中毒] Infostealer.Gampass 病毒
时间Wed Jun 18 12:18:47 2008
Po文请使用下列格式并将有要求的档案附上,资料详细才有办法帮您处理:
1.问题描述:
请在下面说明碰到的中毒情形,越详细越好(可贴图说明):
2.扫毒报告:
请先使用扫毒软体执行全机扫描後将扫毒结果传到置底空间
如会扫描很久请最少扫描以下位置:
C:\Windows\System32 C:\Windows C:\Program Files
请务必补上扫毒报告,如无法扫描请务必注明,也可使用线上扫毒扫描报告
线上扫毒使用方式请看
3.系统辅助分析软体扫描报告(请依照COMBOFIX→Hijackthis→SRENG排序执行):
请将扫描结果上传至置底空间,置底空间无法使用者请改用http://www.kotuha.com
使用方式:
Combofix: http://reinfors.googlepages.com/Combofix
Hijackthis: http://reinfors.googlepages.com/Hijackthis
SRENG: http://reinfors.googlepages.com/SRENG
如无法使用网路请看 1 - 8 使用方式
4.报告连结:
请将扫描报告(log)贴於下方 (上面的全要)
Combofix :
Hijackthis:
SRENG :
扫毒报告 :
打扰了大家,我是初学者,请大家多多包涵。昨天晚上发现中了此病毒,赛门铁克无法
隔离也无法删除,今天早上我用线上扫毒,扫毒报告如下,请问如何是好呢?
C:\Documents and Settings\Joseph\Application Data\Phonestoresoftware\SOFT MESS ANTI.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Application Data\Phonestoresoftware\nyweeqfg.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Application Data\Phonestoresoftware\Bind Sixth Plan Aim.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Application Data\Phonestoresoftware\Logo Cash Thunk.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Application Data\Phonestoresoftware\qlgqcput.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Application Data\Phonestoresoftware\sjqnmwhh.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Application Data\Phonestoresoftware\jghuxpgd.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Application Data\Phonestoresoftware\atcxlono.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Application Data\Phonestoresoftware\nkdytmka.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Application Data\Phonestoresoftware\brhsjtmw.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Application Data\Phonestoresoftware\bkzffrmb.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Application Data\Phonestoresoftware\duxrixbf.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Application Data\Phonestoresoftware\qlccoytl.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Local Settings\Temp\sta225.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Local Settings\Temp\sta3D.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Local Settings\Temp\bis32.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Local Settings\Temp\sta11.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Local Settings\Temp\staF.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Local Settings\Temp\staE.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Local Settings\Temp\staC.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Local Settings\Temp\staB4.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Local Settings\Temp\sta61.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Local Settings\Temp\staB2.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Local Settings\Temp\sta45.exe 感染了 Adware.Lop
C:\Documents and Settings\Joseph\Local Settings\Temp\staD.exe 感染了 Adware.Lop
C:\Documents and Settings\All Users\Application Data\Part Long Boob Idle\DALE MEDIA.exe 感染了 Adware.Lop
此外,我用spybot扫毒结果是没有问题,不过自此之後电脑就一直出现"常驻─拒绝登录
改变因为它出现在黑名单"的讯息,恳请各位板友帮忙,人在大陆中毒真的好麻烦,目前
又不方便拿去修>_<
谢谢!拜托拜托!
--
※ 发信站: 批踢踢实业坊(ptt.cc)
◆ From: 123.119.33.112
1F:→ yukitowu:明明就是打中文 怎麽连整篇的Po范例都看不懂? 06/18 12:21
2F:→ yukitowu:建议你照Po范例跑一遍吧... 最少也要跑EFIX 06/18 12:22
3F:→ koei24:像这种自称初学者又不看置底的,当然不会(优先)处理 06/18 12:25
4F:→ angnus:看来你的电脑也要bornagain了(思) 看看置底吧 06/18 12:55