PDA

Просмотр полной версии : a problem: spyware doctor found some threats...



Orange
15.06.2007, 23:48
I need help. :D
send you a logs required.
a problem: spyware doctor found some threats: lop.com; netvision dialer ecc.
HiJack founds nothing.

any suggestions?

Bratez
16.06.2007, 03:39
Execute the following script in AVZ:


begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\system32\Drivers\mchInj Drv.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\KCOM.S YS','');
QuarantineFile('c:\docume~1\mycomp~1\datiap~1\meal ch~1\Bleh hold ford.exe','');
BC_ImportQuarantineList;
BC_Activate;
RebootWindows(true);
end.
After the system reboots, upload all quarantined files according to appendix #3 of Rules.

Orange
16.06.2007, 14:41
sorry, I mistake a forum...

files uploaded ..
what's new? :)

drongo
16.06.2007, 14:53
Well, archive that you did uploaded is empty, just ini files.According to *ini 's, the requested files doesn't exist on your computer.Please try to find them like this:
http://virusinfo.info/showthread.php?t=9208

mchInjDrv.sys
KCOM.SYS
Bleh hold ford.exe

Orange
16.06.2007, 16:14
hello, drongo! :)
excuse me, but I must to know:
this files:

C:\WINDOWS\system32\Drivers\mchInjDrv.sys
C:\WINDOWS\system32\drivers\KCOM.SYS

were did you see? I can't see them in a posted logs... :?
(I want to specify, what there are not my logs, but of the user of my forum) I only try to help him (and specially to understand an AVZ operation ;))

this one: Bleh hold ford.exe belongs to Cid "virus" (a small gift from the part of MSN Messenger) "responsible" of advertisement pop-ups. It usually situated in %System%/Documents and settings/ folder, and have a random name.

archive that you did uploaded is emptyOh,sorry!
I will tell that guy to find a requested files, and upload it again...

Bratez
16.06.2007, 16:21
I can't see them in a posted logs...
You can find them in syscure log, Kernel space modules section.

Rene-gad
16.06.2007, 16:38
add @Bratez

were did you see?..
drongo works (on a regular base) as a clairvoyant ;).