全新 MS04-011 EXPLOIT 今晚首現

來源: f64 2004-05-01 00:49:53 [] [舊帖] [給我悄悄話] 閱讀數 : (393 bytes)

open task manager to see if there are processes like:

avserve.exe, 914_up.exe, xax.exe running. if so you are hit.
also open c:\windows\system32\drivers\etc\hosts to see if the worm has added all av site mapping to 127.0.0.1
or, simply try to go to www.symantec.com, if you cannot go there, you are hit.

you cannot find any info about this worm at any av company yet.

所有跟帖: 

我的電腦上隻有lsass.exe,沒有上麵所提的,是否感染? -Thanks2004- 給 Thanks2004 發送悄悄話 (76 bytes) () 05/01/2004 postreply 07:52:07

老兄,你是沒病亂投醫, -arening- 給 arening 發送悄悄話 (155 bytes) () 05/01/2004 postreply 09:07:20

謝謝! 我知道lsass的本意,但前麵的貼子f64老大說是中 -標了,所以才問的- 給 標了,所以才問的 發送悄悄話 (0 bytes) () 05/01/2004 postreply 09:48:41

神經病 -又出院了- 給 又出院了 發送悄悄話 (0 bytes) () 05/03/2004 postreply 10:50:13

請您先登陸,再發跟帖!