System Volume Information ćeš isprazniti ako zaustaviš system restore , što se i preporučuje ako u njemu imaš neki virus.Da bi to uradio desni klik na my computer/properties/system restore/turn off system restore on all drives.
Nakon toga u safe modu pokreni antivirus koji ti je javio za Hidrag.A,ali pazi šta brišeš a šta dezinfikuješ.
svchost.exe ti je važan sistemski fajl
Dopuna: 15 Okt 2005 11:38
Hidrag is a non-dangerous memory resident parasitic Win32 virus. The virus infects Win32 PE EXE files. While infecting the virus encrypts a block of victim files.
When the Hidrag virus runs it creates a copy of itself that is about 36K in size and places it in the Windows directory using the name svchost.exe. Next Hidrag registers this file in the system registry auto-run key:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
PowerManager = %WindowsDir%\SVCHOST.EXE
Hidrag then stays in Windows memory as an active process, searches for EXE files on all drives - starting with the C: drive - and infects them.
The virus does not manifest itself in any way.
The virus contains the following encrypted text strings:
Hidden Dragon virus. Born in a tropical swamp.
PowerManagerMutant
Dopuna: 15 Okt 2005 11:43
http://forums.thetechguys.com/showthread.php?t=11594
Poseti ovaj forum i skini ovaj remuval tool
http://www.sophos.com/support/cleaners/jeefogui.com
Dopuna: 15 Okt 2005 12:25
Imaš na ovom forumu nekoliko tema gde se spominje ovaj virus pod nazivom Jeffo,jednu od njih sam i ja postovao.Pronađi ih i javi šta si uradio.
Naravno javi i koji av koristiš
|