找回密码
 加入华同
搜索
黄金广告位联系EMAIL:[email protected] 黄金广告[email protected]
查看: 815|回复: 4

求助.电脑高手

[复制链接]
发表于 2006-12-3 21:40:12 | 显示全部楼层 |阅读模式
我的移动硬盘里有病毒.病毒名为:Trojan.DL.Agent.apb.我怎么也删不了.最后我把移动硬盘文件全删了. 我用正版的瑞星杀病软件杀了.可是他还是里面.真是奇怪.后来点了移动硬盘的属性.但里面还有文件.我真的搞不懂了.文件不知道在哪.
发表于 2006-12-3 22:08:29 | 显示全部楼层
我认为,虽然属性里面还显示有文件的空间,但是这些空间只是一个空壳子。如果你整理一下你的移动硬盘,比如说进行碎片整理,或者是用超级兔子优化一下,这些空间就没有了( M' {! @. i5 H/ M% {* X
如果这么做了还显示有文件存在,很大的可能是磁盘出现了坏道,不过不用担心,病毒造成的坏道,一般是逻辑坏道,只要格式化后就能消除。如果你的移动硬盘曾经磕过碰过,有物理坏道也是很可能的,这种情况只能找专业人员修复了( S( Y0 D2 j0 v. M3 |% ~
谁有不同看法?
回复

使用道具 举报

发表于 2006-12-4 13:29:27 | 显示全部楼层
Common name: Agent.APB 2 o, i; p. q1 D3 H" u- ^3 s. w; b
  7 `/ g! l% ]' {5 Y
Technical name: Bck/Agent.APB : v1 A- w: D7 e6 @9 Y2 Q
  
' _% c6 ~" W1 O/ Z! J- ^# {) ~: ^  EThreat level: Low
+ t' ]; H* W+ b+ \# [  
) }1 h( f& C& v7 `Type: Backdoor
" o+ x7 v% Q- k/ V9 G& i* Z  
$ r0 G9 u, S  t0 IEffects:   
' i1 ]8 \1 t8 D8 B6 T/ E! k! }It installs a proxy server, opens a random port on the affected computer and provides its author with the information necessary to access it remotely. One of its components provides it with the ability to make downloads, so that it can update itself.8 p/ B8 g4 n9 \! G+ }
; k& }# x1 A/ N1 D0 ?
2 u. O+ \9 x1 U. q& x6 d
  # k6 v8 Z' O- r+ A% Z1 P0 ]& H
Affected platforms:  Windows 2003/XP/2000/NT/ME/98/95+ h1 l  ^: K9 D- x3 E& S

% d, w& {; y' |0 q# ~4 a6 `7 K  
5 [: @5 c9 u) n1 d- WFirst detected on: Sept. 27, 2005
  z, J2 {  \, K) u/ q  1 Y: X' q5 ^" e) t
Detection updated on: Sept. 29, 2005
' q, K4 R% k* ?0 s8 f  
4 T: t) i: Y4 U6 w( p% W/ \, k3 OIn circulation? No 2 R. v& x9 I/ O, t
  
1 P  M* |4 L) I1 l- `3 a/ U! DProactive protection: Yes, using TruPrevent Technologies  
9 S6 P4 d( ~% C+ f8 q( u' P
% T1 |8 p8 |3 X0 h* Z! E6 [) ~  + `4 U& S  P& e5 `/ t

. K" m# v! p/ tBrief Description  - M: y+ ]3 O+ D

) `( r! N  I' ~0 `7 |Agent.APB is a backdoor that installs a proxy server, and opens a random port on the affected computer.
# `0 z7 M. I' j  W. J# p% D' X, \! ]/ c; P% ~
Then, it makes GET requests of a specific format to three different websites in order to notify its authors that the computer has been compromised and supply them with the necessary information to access it remotely: number of the port opened, version of the operating system, last known IP address, etc.
( S* V4 r, i+ g7 K0 z
+ s4 N! ]5 u* V3 Z+ yAdditionally, one of the components of Agent.APB provides it with the ability to make downloads, so that it can update itself.4 ?- ]7 q% m  X& r. |7 N

9 q* s' m: |& K; f  ]8 H% fAgent.APB does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.& J- |0 v' u( q, X: u6 c, D+ q
3 F. }3 f: _. ?- S9 s, M# p
5 {0 n* j+ L+ L5 C
Visible Symptoms   
/ y: M4 x. i6 `. U& j , _0 B, ^8 y7 u9 \9 {  h1 Z
Agent.APB is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.
! G* h+ N% M" ^( L; i- g# B8 Q$ G% T7 n! p
上面是这个病毒的特征,用panda可以删除
回复

使用道具 举报

发表于 2006-12-4 13:33:46 | 显示全部楼层
http://www.qqsafe.cn/Article/Catalog8/202.html这个网页上面有完整的清楚方法。是中文
回复

使用道具 举报

 楼主| 发表于 2006-12-5 18:27:51 | 显示全部楼层
真心谢谢以上的楼主.我在这里表示感谢.谢谢.
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 加入华同

本版积分规则

Archiver|手机版|小黑屋|华人同志

GMT+8, 2024-11-24 15:01 , Processed in 0.055575 second(s), 4 queries , Redis On.

Powered by Discuz! X3.5

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表