Thursday, July 29, 2010

Teach you to quickly identify "Sasser"

May 1 Jing Xian Internet "Sasser (Worm.Sasser)" menacing viruses, the virus is through Microsoft's latest high-risk vulnerability-LSASS vulnerability (MS04-011 bulletin Microsoft) spread, the danger of great current WINDOWS 2000/XP/Server 2003 operating system users such as the existence of the vulnerability, users of these operating systems as long as an Internet, there may be the virus attacks. Teach users how to quickly identify the following "Sasser (Worm.Sasser)" virus.

If the user's computer is one of the following phenomena, then that has been poisoned, they should take immediate measures to eliminate the virus.

First, a system error dialog box appears

Attack of the user, if a virus attack fails, the user's computer will appear LSA Shell service exceptions box, and then restart the computer after a minute there the "System Shutdown" box.

Second, a corresponding record in the system log

If the user can not determine whether there had their own computer box above exception or system reboot prompt, you can also view the system log of the way to ascertain whether the poisoning. Method is to run the Event Viewer program, see which system log, if logging as shown below, the proof has been poisoned.

Third, the system resources are a large number of occupation

Virus A successful attack will take up a lot of system resources, so that 100% CPU utilization, appears the phenomenon of the computer running unusually slow.

Fourth, there is named in memory of the process avserve

Virus A successful attack will generate in memory process called avserve.exe, users can use Ctrl + Shift + Esc approach called "Task Manager" and then see if there is a memory in the process of the virus.

5, appears in the system directory file named avserve.exe virus

Virus if the attack is successful, the system installation directory (default is C: WINNT) generated under a virus file named avserve.exe.

6, the virus appears in the registry key

Virus A successful attack would create a registry entry HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun virus key: "avserve.exe" = "% WINDOWS% avserve.exe".

Recommended links:

best video FORMAT

Wizard Chat And Instant Messaging

Shop Audio CD Players

"Tomato Garden" case of first instance pronounced loss of Chengdu, a TOTAL of over 10 million soft

Compilation of various source - DRIVER

Must-read. NET FREQUENTLY Asked Questions Summary

Ma, "New York Times" published a signed Article: Small is beautiful because

Meiling: Select Game Gu Gu and Back

DOWNLOAD converter mp4 to 3gp

mpeg4 to Avi


mkv file Converter

Alibaba IPO made to decrypt the rich mythology behind the movement

Difficulties in the implementation of ANTI-MONOPOLY law

No comments:

Post a Comment