|
|
33#
发表于 2007-6-15 22:37:08
|
只看该作者
来自:美国
今天一大早刚起来,正在看这个帖子,Symentac Antivirus报了两个muma.
一个是Infostealer.Gampass,一看名字就是盗游戏帐号的,另一个是Infostealer,先将Symantec的有关报告帖在下面. 两个都是6月15号出的最新版本, 请大家一定小心.
Infostealer.Gampass(在我电脑里面以文件名jh514006234.exe存在)
Discovered: November 12, 2006
Updated: March 16, 2007 7:51:32 AM
Also Known As: LIneage YI [Computer Associates]
Type: Trojan
Infection Length: Varies
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Infostealer.Gampass is a generic detection for a Trojan horse that steals online game accounts, such as Lineage, Ragnarok online, Rohan, and Rexue Jianghu.
Note: Virus definitions dated November 17, 2006 or later may detect this threat as Bloodhound.KillAV.ProtectionInitial Rapid Release version November 12, 2006
Latest Rapid Release version June 15, 2007 revision 019
Initial Daily Certified version November 12, 2006
Latest Daily Certified version June 15, 2007 revision 018
Initial Weekly Certified release date November 15, 2006
Once executed, the Trojan may copy itself with a random name in the %Windir% directory.
It may then drop randomly named DLL files in the %System% directory.
The Trojan also may end the following processes:
RavMon.exe
Ravmond.EXE
IPARMOR.EXE
adam.exe
EGHOST.EXE
MAILMON.EXE
KAVPFW.EXE
Next, it may add a value to the following registry subkey so that it runs every time Windows starts:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
It also may log keystrokes when users log into various online games and send them to a predetermined email address or web site.
------------------------------
Infostealer(在我电脑里以wlm.exe存在)
Discovered: December 8, 1997
Updated: April 4, 2007 5:02:59 PM
Type: Trojan
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Infostealer is a generic detection for Trojan horse programs that attempt to steal sensitive information such as login credentials.
Note: Virus definitions dated 3rd May, 2006 or earlier may detect this threat as PWSteal.Trojan.ProtectionInitial Rapid Release version December 8, 1997
Latest Rapid Release version June 14, 2007 revision 053
Initial Daily Certified version December 8, 1997
Latest Daily Certified version June 15, 2007 revision 018
Initial Weekly Certified release date December 10, 1997 |
|
楼主: 巡游天官
但是就没有你们说的这2个daso.exe 、daso0.dll ~~~~~~~~
谁知道是不是你们自己弄出来的
俺都吓的好长时间不敢解锁了
注册表搞不了
我天天删
不知道什么东西 好象查了下 用这玩意的都有吧 
