Symantec Anti-Virus detects that the virus is pwsteal. Trojan. Check the Symantec website and confirm that the virus is Trojan. redfall. It is complicated to clean up the virus. You need to manually modify the registry. The official solution is as follows.
Http://securityresponse.symantec.com/avcenter/venc/data/trojan.redfall.html
AccordingArticleFailed to manually modify the registry. Because our company uses the ISA proxy to access the Internet, the client is fully configured with fwc, therefore, the 000000000001 key value parameter in HKEY_LOCAL_MACHINE/system/CurrentControlSet/services/Winsock2/parameters/protocol_catalog9/catalog_entries is different from that in the article. After modification, you still cannot access the Internet.
Then the software is successfully repaired. The software name is LSP-fix,
: Http://www.cexx.org/LSPFix.exe
Illustration:
My solution steps:
First, I fixed it with the software and prompted me to fix several protocols. At that time, it was still unable to access the network. When I click the next button, it prompts that lsass.exe cannot be initialized, and then a one-minute countdown shutdown dialog box appears (it seems that if the file is damaged, it will automatically restart in one minute ).
Press F8 when restarting and use last known good mode to enter the system. Everything works normally.
If I cannot use the software, I will re-install the TCP/IP protocol. I have to uninstall it before installing it. After the installation is restarted, you still cannot access the Internet. Now I can fix it with that software. Then I restarted it with caution. Everything is normal !!
Solve the problem !!
Many of the above steps are unclear. I will rewrite them:
1. reinstall the TCP/IP protocol and uninstall it before installation.
2. Fix it with that software. Because ws2_64.dll has been deleted, you cannot see the file in the list on the left. Select I konw I am doing and click Finish. Several protocols are fixed.
3. Now you can access the Internet.
4. The test was successful in the Windows 2000 Pro environment. I think the same is true for other systems.
How to uninstall and reinstall TCP/IP protocol: http://blog.csdn.net/starlee1738/archive/2004/12/04/204294.aspx