Hello all!

I have updated to 1.714
And scan my hard disk...

trojan Win32/DSNX.05 found in operating memory. NOD32 cannot clean this infiltration. No action can be taken on a memory infiltration.

:-(

don't understand.

help me

thx

TD-S results:


05:38:02 [TDS] Good morning I-stud, all systems are ready.
05:38:23 [Memory Scan] Memory scan started, please wait a moment ...
05:38:28 [Memory Scan] Memory scan complete.
05:38:28 [Mutex Memory Scan] Started...
05:38:30 [Mutex Memory Scan] Finished (no trojan mutexes found).
05:38:30 [Trace Scan] Started...
05:38:47 [Trace Scan] Finished.

I found that one in registry:
C:\WINDOWS\SYSTEM\RPCLTC5.EXE

I can't even see this running processes with Task Manager.. strange

How could I detect and clean this one with TD-S?

thx

Hello!

Restart Windows in safe mode. Than run NOD32 with AH.

Izi

{QUOTE-> Hello!

Restart Windows in safe mode. Than run NOD32 with AH.

Izi <-QUOTE}

Just FYI to run NOD32 with AH you need to execute it from the command line, or use the "shell extension" you can find posted in another thread on this forum with said name.

-Adam

Hi!
thk you

But What is AH?

http://www.wilderssecurity.com/showthread.php?t=9776&highlight=click

This link has information regarding the "Advanced Heuristics" scan via your right-click context menu. It is not a normal feature of NOD32 but an add-on which many users enjoy. With this add-on one can highlight a file in Explorer and right-click NOD32 Advanced Heuristics... and NOD32 will first do a memory scan and then a full/deep scan of the file that has been highlighted.

Be seeing you

In safe mode and AH scan done..

But can't delete the following infiltrations:

c:\windoxs\xpnv.exe
c:\windoxs\system\cool.exe
c:\windoxs\system\ienpstub.exe


all of them are Wind32/DSNX trojan

I delete them my self

NOD32 can't delete thiese ilfiltration
Negative point for NOD32
NOD32 bad antivirus?

Info on removing this Trojan/Backdoor:
Troj/DSNX-05 (http://www.sophos.com/virusinfo/analyses/trojdsnx05.html)
and
Backdoor.DSNX.05 (http://securityresponse.symantec.com/avcenter/venc/data/backdoor.dsnx.html)


tECHNODROME

Try Running NOD32 in "Safe Mode". This may work...


tECHNODROME

Was NOD32 unable to delete the trojans in Safe mode? What actions were you offered to take?

no particular action ..
nothing but leaving the folder infected

You may have to check your options in your scanner. Make sure you have it checked for prompt if it cannot be cleaned.