agan72 - 2010-12-1 16:58:00
最近瑞星和360老是提示发现病毒,删除成功,可在安全模式下用最新版瑞星全盘查杀,什么也没有,今天依旧发现病毒.并且进程里多了好几个cmd.exe[code]2010-12-01,16:46:41
用户系统信息:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727)附件:
SysLog.Txt
超级游戏迷 - 2010-12-2 0:53:00
以下驱动程序怀疑是假冒的:
[Hpt366 / Hpt366][Stopped/Boot Start]
<System32\DRIVERS\Hpt366.sys> [Microsoft Corporation, 4.00]
[HPT371 / HPT371][Stopped/Boot Start]
<System32\DRIVERS\HPT371.sys> [HighPoint Technologies, Inc., v1.22]
[hpt374 / hpt374][Stopped/Boot Start]
<System32\DRIVERS\hpt374.sys> [HighPoint Technologies, Inc., v3.03]
[hpt3xx / hpt3xx][Stopped/Boot Start]
<System32\DRIVERS\hpt3xx.sys> [HighPoint Technologies, Inc., v2.351]
[hptmv / hptmv][Stopped/Boot Start]
<System32\DRIVERS\hptmv.sys> [HighPoint Technologies, Inc., v1.04]
[hptpro / hptpro][Stopped/Boot Start]
<System32\DRIVERS\hptpro.sys> [HighPoint Technologies, Inc., 1.23.12.10]
请将c:\windows\system32\drivers目录下的以下文件用winrar压缩工具压缩,将压缩包提交至“可疑文件交流区”鉴定:
Hpt366.sys
HPT371.sys
hpt374.sys
hpt3xx.sys
hptmv.sys
hptpro.sys
超级游戏迷 - 2010-12-2 0:55:00
之前,可用SRENG扫描工具禁用2楼提到的那些驱动程序,重启电脑后观察下是否有效果。
© 2000 - 2024 Rising Corp. Ltd.