Just repeatedly tested several versions, DF of the above version is all worn ...
Completely crazy ing .... Currently, only a few sites can be blocked on the route .... Look forward to the emergence of the master!
Sample sent up .... Say you can't penetrate yourself first Test
Overall protection, the system is completely open, without any restrictions! Now do not know why some systems do not wear ~
Immediately after running, look at the startup item.
The virus samples have been canceled to avoid vandalism.
screen.width-500) this.style.width=screen.width-500; "border=0> the relevant pictures of this topic are as follows:
screen.width-500) this.style.width=screen.width-500; "Border=0>
As pictured above, some people also call it the robot dog virus ...
screen.width-500) this.style.width=screen.width-500; "border=0> the relevant pictures of this topic are as follows:
screen.width-500) this.style.width=screen.width-500; "Border=0>
In order to facilitate the understanding and inquiry, I have the relevant tests to say:
Just now a friend asked if it was about the standard IDE controller, I just tested it, using the Standard IDE channel to install DF, running the virus will work, the Userinit.exe file is replaced directly (chipset has via and Intel's)! After testing the nforce motherboard installed the IDE hard drive SW driver (NForce4 chipset), run virus samples will not immediately, I just test run the 3rd time after the Userinit.exe file was replaced ... It might be a bit harder for the virus to take control of the hard drive under the NForce IDE, but in the end it succeeded .... This is a sad news ... Restart, because I test at home, ADSL Internet, after dialing the firewall immediately prompts Userinit.exe Program Access network .... As shown in figure:
screen.width-500) this.style.width=screen.width-500; "border=0> the relevant pictures of this topic are as follows:
screen.width-500) this.style.width=screen.width-500; "Border=0>
In other words, the virus will not be in your operation immediately after adding from the start of the N more Trojans, but in the back, using the userinit.exe process to download Trojan from the network .... So when testing, we should pay attention to this point ... At present, can temporarily seal off the IP in the picture, but do not know that the virus will not use the domain name to download Trojans, so only to seal this one IP is useless ....
Also some friends say HDD Restore card also be worn ... Because I do not have the condition test, therefore those temporarily cannot give everybody a definite answer!
Current 1/2 page
12 Next read the full text