Many times, you have used anti-virus software to find out your own machine, such as Backdoor. rmtBomb.12, Trojan. win32.SendIP. 15. Wait for a string of virus names with numbers in English, and some people will be disconnected. How can I know what the virus is like?In fact, as long as we master the naming rules of some
you've never seen this QQ message.Look at that. My recent photos to scan the QQ album on the ^_^!http://www.qq.xxx.search_2.shtml.cgi-client-entry.photo.39pic.com/qq%E5%83%8F%E5%86%8C2/If you order ...The table said you wouldn't point. If you are at home. Is your computer just for your own use? If you don't take it easy. So ...If you are in the Internet café, other people point to the Internet café ...Virus information:Virus Name: Worm.Viking.bo WORM
);
MessageBox (null, szprocessid, "remotedll", mb_ OK );
}
Default:
Return true;
}
}
When I use the rmtdll.exeprogram to embed this testdll.dllinto the assumer.exe process (pid = 1208 ),
The "1208" confirmation box is displayed in the test DLL, and you can also see it using the PS tool.
Process ID: 1116
C: \ winnt \ assumer.exe (0x00400000)
......
C: \ testdll. dll (0x100000000)
......
This proves that testdll.dllhas been correctly executed in the assumer.exe process.
Origin of Trojan name
Trojan viruses intrude into computer Trojans. The name is from the ancient Greek legend (the Trojan horse in the Epic of HOMA, the Trojan horse in the word Trojan was originally of the Trojan horse, that is,
IDE controller, I just tested it, using the Standard IDE channel to install DF, running the virus will work, the Userinit.exe file is replaced directly (chipset has via and Intel's)! After testing the nforce motherboard installed the IDE hard drive SW driver (NForce4 chipset), run virus samples will not immediately, I just test run the 3rd time after the Userinit.exe file was replaced ... It might be a bit
Rootkit. win32.agent, Trojan. psw. win32.gameonline, Trojan. win32.mnless, etc. 2
EndurerOriginal1Version
There were a lot of things during this time and there was no time for remote assistance. Let the netizens handle them as follows:
Restart your computer to the safe mode with network connection,Use WinRAR to delete E:/autorun. inf and E:/autorun.exe. It is strange that this autorun.exe is only on the E d
to my network disk download http://ycosxhack.ys168.com/, "Virus Kill" directory, file name "Ps.rar", with instructions.3, this time each function module optimization, each function module can be used alone.4, taking into account the high efficiency and simplicity of the code, in some places invoke the CMD program, and because of the addition of the environment variable to make the code more versatile!
The 07.5.13 update is as follows:Solve the backs
Win32.loader. C, Trojan. psw. win32.gameonline, Trojan. psw. win32.asktao, etc. 2
EndurerOriginal1Version
Check that the last modification time of the EXE file on other disks except drive C is similar, and the file size increases, such as hijackthis 1.99.1 English version. The normal size is 218,112 bytes, the 223,585 byte after infection should be infected. No wonder the firewall prompts the program to acc
, through the spread of MSN technology has been skilled use of virus authors, many old Trojan, backdoor also have increased the function of the spread of MSN. For example, the famous Trojan horse "Wuhan Boys" (TROJAN/PSW. Whboy--let people think of Li June, he also left the panda incense
you don't need. The virus will usually come out after it is closed, and the 2000 system does not have the msconfig program, so we need to modify the Registry. Let's look down.
After sorting out, I found that General Trojans will load themselves in the following locations for the purpose of starting up and running:
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
[HKEY_LOCAL_MAC
Encounter qfgsw. sys/Trojan-Downloader.Win32.Agent.bbb/Trojan. win32.agent. BVl, etc.
EndurerOriginalDecember1Version
Last night, a netizen said that the NOD32 in his computer was reported recently:
/---Time module object name virus operation User Name Information21:30:22 Amon file C:/Windows/system32/Drivers/qfgsw. sysWin32/trojandownloader. Agent. bbbTrojan has
Many times we have used anti-virus software to find their own machines such as backdoor. rmtbomb.12, trojan.win32.sendip.15 and so on these a string of English also with digital virus name, at this time some people on the Meng, so long a string of names, how do I know what the virus ah?
In fact, as long as we know some of the
In addition, Trojan. psw. win32.qqpass, Trojan. psw. win32.gameol, etc. 1
Original endurer 2008-06-13 1st
A friend said that the real-time monitoring icons of the Rising anti-virus software and firewall software in his computer have disappeared recently, and the computer's response is very slow. Please help me with the repair.
Download pe_xscan to scan logs and
I believe many friends have heard of the Trojan program, always think it is very mysterious, very difficult, but in fact, with the Trojan Horse software intelligent, many hackers can easily achieve the purpose of the attack. Today, the author of the latest Trojan horse program-Black hole 2004, from planting, use, hide, guard against four aspects for network enthu
Article Title: identify some Linux-based Trojan viruses. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Although there are not many Trojans spread in Linux, there are also some Trojans. I have collected some information from some security sites. 1. Virus Name: Linux. Sl
function of the DLL to stimulate the Trojan to run, finally, start the trojan EXE and start the Trojan.
The EXE that starts the DLL Trojan is an important role. It is called Loader. Without Loader, the DLL Trojan is broken. Therefore, A mature DLL
Author: Green Snow Source: Eighth Regiment
Since to create the perfect IE Web Trojan, first of all must give us a perfect standard, I personally think a perfect IE web Trojan should have at least the following four features:
One: Can avoid the killing of anti-virus software;
Two: can avoid the network firewall alarm;
III: Most versions of IE (mainly including WIN
EndurerOriginal1Version
When a netizen started his computer just now, Rising's boot scanning detected a virus: Trojan. psw. zhengtu. DM, Trojan. psw. lmir. ATB, then rising monitoring umbrellas become red, and all monitoring cannot be enabled. Please help me.
Check the record history of rising stars:----------------C:/tcnewtcnew. dllTrojan. psw. zhengtu. DMC:/doc
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.