[ Azra @ 28.12.2005. 17:24 ] @
| Kasperski AVP je detektovao virus Win32.Nsag.b ali ga ne moze dezifikovati virus je u C:Windows\system32\wininet.dll KAKO DA SE RESIM OVE NAPASTI ??? [Ovu poruku je menjao Azra dana 28.12.2005. u 18:33 GMT+1] |
|
[ Shadowed @ 28.12.2005. 17:49 ] @
Jesi li probao sa uputstvima iz TOP teme?
[ Azra @ 28.12.2005. 18:21 ] @
ama sve sam probao ad-aware, spy boot, avg, u safe modu ,...
da li sme pomocu programa KILLBOX da izbrisem .....winnnt.dll na sajtu kaspersky taj virus zovu jos i Bloodhound.W32.EP ali nema objasnjenje kako ga ukloniti ??? sistem ima SP1, ne otvara IE vec ispisuje cannot find file ///c:/secure 32.html`. sta da radim, da li da instaliram SP2 ?? [ Goran Mijailovic @ 28.12.2005. 19:00 ] @
http://www.virusbuster.hu/en/viruslab/descriptions/nsag
http://www.viruslist.com/ru/viruses/encyclopedia?virusid=88859 http://www.viruslist.com/en/viruses/encyclopedia?virusid=88859 http://www.sophos.com/search/s...Win32.Nsag.b&x=62&y=25 http://www.sophos.com/virusinfo/analyses/trojalespyc.html Citat: Virus information Troj/AleSpy-C Name Troj/AleSpy-C Type * Trojan Affected operating systems * Windows Aliases * Virus.Win32.Nsag.b Citat: Troj/AleSpy-D Name Troj/AleSpy-D Type * Trojan Affected operating systems * Windows Side effects * Reduces system security Aliases * Virus.Win32.Nsag.b * W32/Alemod.f.dll * W32.Desktophijack Probaj ovo: Citat: # Download an emergency copy of SAV32CLI. On an uninfected Windows computer, run this file to extract the contents into a SAV32CLI folder on a medium that can be write-protected. Copy the SAV32CLI folder produced onto a medium that can be write-protected. Add any relevant IDEs to this folder and write-protect the disk (on a CD/R or CD/RW close the session). # Restart the computer in Safe Mode. Go to Start|Shut Down. Select 'Restart' from the dropdown list and click 'OK'. Windows will restart. Press F8 when you see the following text at the bottom of the screen "For troubleshooting and advanced startup options for Windows 2000, press F8". In the Windows 2000 Advanced Options Menu, select the third option 'Safe Mode with Command Prompt'. # At the infected computer, place the CD in the CD drive (D: in this example). At the command prompt type D: to access the CD drive. Type: CD SAV32CLI Then type: SAV32CLI -REMOVE -P=C:\LOGFILE.TXT to remove the Trojan. # Before leaving Safe Mode, edit any registry entries mentioned in the Trojan analysis recovery instructions. http://www.sophos.com/support/disinfection/trojan.html [Ovu poruku je menjao Goran Mijailovic dana 28.12.2005. u 20:03 GMT+1] [ IcyImpact @ 28.12.2005. 19:26 ] @
Citat: sta da radim, da li da instaliram SP2 ?? Problematični malware možeš ukloniti i bez SP2, ali se svakako preporučuje da ga instaliraš. [ Goran Mijailovic @ 28.12.2005. 19:30 ] @
Ali se ne preporucuje da instaliras sp2 preko sp1, vec samo clean install a onda ces se resiti svega ;)
[ Azra @ 28.12.2005. 20:18 ] @
Upravo skidam sav32sfx.exe ( nija malo 7696 kb) .
Da ponovim: skinem fajl, raspakujem na drugom PC-u i narezem na CDRW i onda na zarazenom PC-u idem u safe mod i kucam u command promt > E: CD SAV32CLI SAV32CLI -REMOVE -P=C:\LOGFILE.TXT DA LI SYSTEM RESTORE DA BUDE UKLJ ILI ISKLJ. i to bi bilo to !!! [ Goran Mijailovic @ 28.12.2005. 21:25 ] @
mrzi me sad da te saljem na link ali generalna preporuka prilikom ciscenja virii je iskljucite system restore!
[ Azra @ 28.12.2005. 23:06 ] @
SAV32CLI.... odradio posao, PC cist ko suza ,sve radi OK
Gorane hvala !!! [ Goran Mijailovic @ 28.12.2005. 23:45 ] @
Mislim sta reci
 Srecna Nova  Copyright (C) 2001-2025 by www.elitesecurity.org. All rights reserved.
|