Trojan horse Agent_r.QS [Atrisināts]

bluebird · Post no **bluebird** » 08 Mar 2010, 09:16

Labrīt!

Man te vienam datora sanākusi šmuce!

AVG norāda man uz: Trojan horse Agent_r.QS
Noskenēju un it kā izdzēsu!!

Pārstartēju datoru, bet nekā!

Vai kādam ir pieredze ar šo zvēriņu?
Paldies!

samurajs · Post no **samurajs** » 08 Mar 2010, 09:28

Tad lasi AVG forumā, ko darīt, un gatavojies uz rokdarbiem. Tas lops inficē sys failus, tā kā ar parasto antivīrusu nenotīrīsi.
http://forums.avg.com/us-en/avg-free-fo ... 197&type=0

bluebird · Post no **bluebird** » 08 Mar 2010, 10:37

Paldies par linku. Savedu visu kārtībā!

Laikam ar kādu inficētu kraku norāvu!!

Kādam varbūt arī noderēs!

There is needed to recover this injected file "atapi.sys" with clean variation, which could be found on Windows installation CD (if the same service pack is still used) or on the Internet (according to used service pack).

Then is needed to replace this file in some offline mode:
- AVG Rescue CD
- Windows Recovery Console
- Linux Live CD, Hiren's CD, WinPE, ...

Steps for Windows Recovery Console (the same service pack is on CD and in OS):
Insert the Windows 2000/XP installation CD to the CD drive and re-boot your computer. If you are asked, please select any option required to boot your computer from CD-ROM.

- When "Welcome" dialog is displayed, press R to start the Recovery Console.
- Choose the Windows operating system that you want to repair.
- Enter the administator password or press <Enter> in case the password is blank.
- Type following commands and hit <Enter> key (please proceed one by one).

D: (if D: is label of the CD-ROM, change if other)
cd i386
expand atapi.sy_ C:\Windows\system32\drivers

exit

- Restart your computer and boot your Windows normally.