sorry, no chinese input, but here are the steps
所在版块:技术の宅 发贴时间:2005-09-01 09:47

用户信息
复制本帖HTML代码
高亮: 今天贴 X 昨天贴 X 前天贴 X 
download [process explorer] and [rootkit revealer] from sysinternals.com

you shouldn't see any suspicious processes from tool 1. for diagnosis, you can copy and paste the list of processing running on your computer here.

for the second tool, you might need to run it in safe mode. to do that, reboot and press F8 and select Safe Mode.

for more information, refer to

http://research.microsoft.com/rootkit/

http://www.sysinternals.com/utilities/rootkitrevealer.html
.
欢迎来到华新中文网,踊跃发帖是支持我们的最好方法!

War is peace.
Freedom is slavery.
Ignorance is strength.
 相关帖子 我要回复↙ ↗回到正文
极度痛苦中,求助于各位大师 poi  2005-08-24 23:24 (726 bytes , 628reads )
遇到同样的问题,最后是重装系统,然后装SP2和trend officescan 山水  2005-08-28 14:46 (39 bytes , 236reads )
感谢ING poi  2005-08-29 22:51 (0 bytes , 191reads )
more info needed SmellsLikeTeenSpirit  2005-08-27 12:31 (325 bytes , 264reads )
恕在下实在是菜鸟,弱弱的请求具体地说明. poi  2005-09-01 03:18 (44 bytes , 277reads )
sorry, no chinese input, but here are the steps SmellsLikeTeenSpirit  2005-09-01 09:47 (469 bytes , 237reads )
感谢斑主大师.贴上用process explorer得到的processing runing poi  2005-09-01 22:48 (6347 bytes , 593reads )
嗯, SmellsLikeTeenSpirit  2005-09-02 00:18 (252 bytes , 185reads )
再谢一次 poi  2005-09-02 06:46 (0 bytes , 237reads )
哈哈,系统好象恢复正常了也. poi  2005-09-02 06:45 (99 bytes , 215reads )
hehe, 其实到底是哪一步解决了问题? SmellsLikeTeenSpirit  2005-09-02 22:21 (0 bytes , 214reads )
不太清楚.好象是kill掉BL515.EXE 1308 .目前一切正常. poi  2005-09-03 03:20 (0 bytes , 242reads )
cool SmellsLikeTeenSpirit  2005-09-03 13:22 (0 bytes , 127reads )
已经KILL了 poi  2005-09-02 02:13 (367 bytes , 214reads )
some kernel mode rootkits can even hide from process explorer. 留名  2005-08-30 15:02 (0 bytes , 211reads )
ya i agree SmellsLikeTeenSpirit  2005-08-30 16:52 (27 bytes , 160reads )
各位大师,为什么只有看的,没有回的.请救我于水深火热之中. poi  2005-08-27 00:09 (0 bytes , 164reads )