全新 MS04-011 EXPLOIT 今晚首现

来源: f64 2004-05-01 00:49:53 [] [旧帖] [给我悄悄话] 阅读数 : (393 bytes)

open task manager to see if there are processes like:

avserve.exe, 914_up.exe, xax.exe running. if so you are hit.
also open c:\windows\system32\drivers\etc\hosts to see if the worm has added all av site mapping to 127.0.0.1
or, simply try to go to www.symantec.com, if you cannot go there, you are hit.

you cannot find any info about this worm at any av company yet.

所有跟帖: 

我的电脑上只有lsass.exe,没有上面所提的,是否感染? -Thanks2004- 给 Thanks2004 发送悄悄话 (76 bytes) () 05/01/2004 postreply 07:52:07

老兄,你是没病乱投医, -arening- 给 arening 发送悄悄话 (155 bytes) () 05/01/2004 postreply 09:07:20

谢谢! 我知道lsass的本意,但前面的贴子f64老大说是中 -标了,所以才问的- 给 标了,所以才问的 发送悄悄话 (0 bytes) () 05/01/2004 postreply 09:48:41

神经病 -又出院了- 给 又出院了 发送悄悄话 (0 bytes) () 05/03/2004 postreply 10:50:13

请您先登陆,再发跟帖!