Recently, a suspicious program was detected using Super Rabbit, located in C:\WINDOWS\system32. It was closed in the process and appeared in the process again. After deleting it in safe mode, it started again! ~~Is this a virus?
Microsoft - - Process Information
Process file: microsoft or
Process name: GAOBOT Virus Our permanent domain name!
Process name: It is a high-wave GAOBOT virus-related program. The virus exploits the Windows LSASS vulnerability to create buffer overflow that causes the system to shut down. For more information, please refer to the Microsoft website:/technet/security/bulletin/Producer: Unknown N/A
Belongs to: GAOBOT Virus
System process: No
Background program: Yes
Using the network: Yes
Hardware related: No
Common errors: Unknown N/A
Memory usage: Unknown N/A
Safety Level (0-5): 4
Spyware: No
Adware: No
Virus: Yes
*: Yes
*************************************************
How to prevent viruses?
Solution:
First start sreng and use the Ice Blade (set to prohibit thread creation) to end the following program
icesword basic use
Microsoft - - Process Information
Process file: microsoft or
Process name: GAOBOT Virus Our permanent domain name!
Process name: It is a high-wave GAOBOT virus-related program. The virus exploits the Windows LSASS vulnerability to create buffer overflow that causes the system to shut down. For more information, please refer to the Microsoft website:/technet/security/bulletin/Producer: Unknown N/A
Belongs to: GAOBOT Virus
System process: No
Background program: Yes
Using the network: Yes
Hardware related: No
Common errors: Unknown N/A
Memory usage: Unknown N/A
Safety Level (0-5): 4
Spyware: No
Adware: No
Virus: Yes
*: Yes
*************************************************
How to prevent viruses?
Solution:
First start sreng and use the Ice Blade (set to prohibit thread creation) to end the following program
icesword basic use