Hey guys,
my computer got infected with Monderb, which can't be solved by KAV2009 somehow. I need a Script for AVZ, which fits my following logs.
Would be so happy if someone could help me!
Thanks in advance.
Hey guys,
my computer got infected with Monderb, which can't be solved by KAV2009 somehow. I need a Script for AVZ, which fits my following logs.
Would be so happy if someone could help me!
Thanks in advance.
Script for you -
After reboot send quarantine.zip to virus analyst here and repeat second AVZ and HijackThis logs for checkup.Код:begin SetAVZGuardStatus(True); SearchRootkit(true, true); DelWinlogonNotifyByKeyName('mlJBtqro'); DelBHO('{6C350DFC-885F-4296-82E3-6428DD982099}'); DelBHO('{4CAB59B4-55A3-4737-9FD5-B93C6430BF76}'); DelBHO('{2EC16230-1DAA-4F18-8FA3-55C8F69F7039}'); QuarantineFile('C:\WINXP\inf\unregmp2.exe',''); QuarantineFile('C:\WINXP\system32\DRIVERS\tcpip.sys',''); QuarantineFile('C:\WINXP\system32\sfc_os.dll',''); QuarantineFile('C:\WINXP\system32\mlJBtqro.dll',''); QuarantineFile('C:\WINXP\system32\geBRjjKB.dll',''); QuarantineFile('C:\WINXP\system32\fnompsjg.dll',''); DeleteFile('C:\WINXP\system32\fnompsjg.dll'); DeleteFile('C:\WINXP\system32\geBRjjKB.dll'); DeleteFile('C:\WINXP\system32\mlJBtqro.dll'); BC_ImportDeletedList; ExecuteSysClean; BC_Activate; CreateQurantineArchive(GetAVZDirectory+'quarantine.zip'); RebootWindows(true); end.
thank you.
i uploaded the zip and here are the logs.
Some cosmetic fix - launch HijackThis, do log, select and "fix" this items -
To uploaded quarantine wait a analysts answerКод:O2 - BHO: (no name) - {6C350DFC-885F-4296-82E3-6428DD982099} - C:\WINXP\system32\mlJBtqro.dll (file missing) O2 - BHO: (no name) - {820F527F-4AAB-46F0-9CA8-73F2C51EB9B5} - C:\WINXP\system32\geBRjjKB.dll (file missing) O20 - Winlogon Notify: mlJBtqro - C:\WINXP\
Upd: All other files in quarantine clean, logs visible clean, this problem solved ?
Последний раз редактировалось RiC; 10.11.2008 в 21:42.
Ваши права в разделе
Ответить с цитированием