Antivirus MSDirectX.sys and MSDRV.exe
In fact, I have long known to poisoning, but I have always had a lot of impact, but I have never killed it, but I suddenly appeared seriously, I had to pack my mood, first anti-virus.
Observation symptoms
l Networks unable to connect, check the network connection properties, the transceiver package is almost zero, and the local area network ping is not available.
l The boot is the firewall and anti-virus software since startup failure.
l Open the task manager, automatically shut down, anti-virus software can't start, msconfig and regedit turn on immediately shut down
l Long-term C disk space is insufficient
2. Chasing the source
l Entering the safety model to completely anticinrate, discovering a worm msdirectX.sys, the isolation is successful. Satisfaction is OK, restart the computer problem is old, carefully think, maybe this is the reason why I have a long-term C disk space
l Continue to track, install a super rabbit to view the process, found that a MS Sound Drivers are set to start, there is a msdrv.exe process in the process, killing in the super rabbit, the task manager can appear, anti-virus software can also start, Oh, the original problem is here, for verifying, running MSDRV.EXE symptoms under DOS, locking the target. So directly enter the trail of MSDRV.exe in Msdrv.exe, killing! Full of things OK, restart Computer, problems are old, depressed, this virus also has its own function, it is really hateful!
Because knowing the system variable
,
in
System32
Find a trace in the folder
,
Reactive
.
Looking for its related information
,
Very little
,
One brother said it is Russian Trojan
,
Very cold
!
Else
A search
,
Thousands of hardships know that it is a wooden horse
,
Named
Troj_Agent.kz, the path is c: /windows/system32/msdrv.exe, so the operating system protection file is only
System32
I saw it in the folder
,
Hurt
,
Search registration form
,
Reset the boot starter
.
restart
,
Everything
OK.
