TROJ_GPCODE.AC

编辑:睡眠网互动百科 时间:2020-01-20 03:42:10
编辑 锁定
本词条缺少名片图,补充相关内容使词条更完整,还能快速升级,赶紧来编辑吧!
这个木马会作为一个下降的文件或下载的文件的另一个恶意软件。
该木马的所有文件进行加密的特定扩展名的任何可读可写驱动器发现。
作为一个结果,该文件变得不可读。然后下降并尽快打开文件 txt。在当前用户的桌面文件夹。
外文名
TROJ_GPCODE.AC
恶意程序类型
Trojan
别    名
 No Alias Found
在外流行

目录

TROJ_GPCODE.AC概述

编辑
破坏性:
语言: English
平台: Windows 98, Me, NT, 2000, XP, Server 2003
加密:
描述:
This Trojan may arrive as a dropped file or downloaded file of another malware.
This Trojan encrypts all files with certain extension names found on any readable and writable drive.
As a result, the said files become unreadable. It then drops and opens the file ASAP!!!.TXT on the current user's Desktop folder.

TROJ_GPCODE.AC解决方案

编辑
Identifying the Malware Files
1.Scan your computer with your Trend Micro antivirus product.
2.Note the path and file name of all files detected as TROJ_GPCODE. AC.
Trend Micro customers need to download the latest virus pattern file before scanning their computer. Other users can use Housecall, the Trend Micro online threat scanner.
Terminating the Malware Process
This procedure terminates the running malware process. You will need the name(s) of the file(s) detected earlier.
1.Open Windows Task Manager.
· On Windows 98 and ME, press
CTRL+ALT+DELETE
· On Windows NT, 2000, XP, and Server 2003, press
CTRL+SHIFT+ESC, then click the Processes tab.
2. I n the list of running programs*, locate the malware file(s) detected earlier.
3.Select one of the detected files, then press either the End Task or the End Process button, depending on the version of Windows on your computer.
4、Do the same for all detected malware files in the list of running processes.
5、To check if the malware process has been terminated, close Task Manager, and then open it again.
6.Close Task Manager.
--------------------------------------------------------------------------------
*NOTE: On computers running Windows 98 and ME, Windows Task Manager may not show certain processes. You can use a third party process viewer such as Process Explorer to terminate the malware process.
If the process you are looking for is not in the list displayed by Task Manager or Process Explorer, continue with the next solution procedure. If the malware process is in the list displayed by either Task Manager or Process Explorer, but you are unable to terminate it, restart your computer in safe mode.
Deleting the Malware File(s)
1.Right-click Start then click Search... or Find..., depending on the version of Windows you are running.
2、In the Named input box, type:
ASAP!!!.txt
3、In the Look In drop-down list, select My Computer, then press Enter.
4.Once located, select the file then press SHIFT+DELETE.
Restoring Deleted or Overwritten Files
Files which have been deleted or overwritten by the malware, can be restored from backup or using installers.
Important Windows ME/XP Cleaning Instructions
Users running Windows ME and XP must disable System Restore to allow full scanning of infected computers.
Users running other Windows versions can proceed with the succeeding solution set(s).
Running Trend Micro Antivirus
If you are currently running in safe mode, please restart your computer normally before performing the following solution.
Scan your computer with Trend Micro antivirus and delete files detected as TROJ_GPCOD E. A C. To do this, Trend Micro customers must download the latest virus pattern file and scan their computers. Other Internet users can use HouseCall, the Trend Micro online threat scanner.

TROJ_GPCODE.AC细节

编辑
恶意程序大小: 53,760 Bytes
--------------------------------------------------------------------------------
发作形态 1: Encrypts files with certain extension names
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
This Trojan may arrive as a dropped file or downloaded file of another malware.
This Trojan encrypts all files with the following extension names found on any readable and writable drive:
txt
xls
doc
pps
ppt
docx
xlsx
pptx
rtf
mdb
vsd
csv
mpl
zip
rar
As a result, the said files become unreadable. It then drops and opens ASAP!!!.TXT on the current user's Desktop folder. The text file contains the following message.
Dear User,
Thank you for using our service. We've recently inspected your system and found out many critical security holes. It's not a joke, and it bring out clearly that we were able to crypt all of your text files, documents, archives and data files. For your security we did it before than someone else: hacker, virus or just stupid vandal. In world, hijackers are hunting for your bank account, credit card information, or something valuable. Now, even if they'll hack your computer they steal nothing, because all of your important files are now crypted and secured. There is no technology or scientific method to crack this kind of encrypting in near future Unfortunatelly as like other job, our services cost money. Just only 150$ US dollars. It is worth much less than if you loose all your files. We accept only Western Union, and we garantee that your'll receive decrypting program with detailed manual in less than hour after we'd received your payment. If you need your information back, just send an email to:
xxxxxxxx
and we'll send you further instructions in 5 minutes.
Do not worry, you'll get all back in hour after we get Western Union Transfer details. ONLY IN ONE HOUR!!!
We are sorry for your inconvenience, but better we and less, than somebody and more.
Q. I didn't order your service and dont want to pay! I'll go to police!
A. It's up to you. If you belive they do it better, then do it.
Q. I am poor student\bankrupt\housewife. I dont have money.
A. It'a sad to hear.
Q. I've sent an email to you for a discount.
A. Sorry, but we can't answer to all our correspondents due to high load.
Q. I need my information ASAP!
A. Dont worry! You will get it in one hour after we receive your MTSN. (western union control number)
Q. How i can trust you? Maybe you'll rip me?
A. We understand if you send money for our work-your info important for you.And we don't want make your life worse.You'll certanly get the Decription Program.
Thank you ,
Network Security Audit Plus.
This Trojan runs on Windows 98, ME, NT, 2000, XP, and Server 2003.

TROJ_GPCODE.AC统计

编辑
自 August 17, 2007 感染计算机病毒
North America 3
Africa 0
South America 0
Asia 0
Europe 0
Australia and New Zealand 0
总计 3
前 10 名国家或地区
United States 3
感染率
Africa 0.0%
South America 0.0%
Asia 0.0%
Europe 0.0%
Australia and New Zealand 0.0%
North America 0.0%
词条标签:
计算机学 病毒