My computer is extremely slow because of this program. I cannot disable it from startup, nor can I even locate the file for forced deletion.
Kaspersky virus removal tool log attached.
My computer is extremely slow because of this program. I cannot disable it from startup, nor can I even locate the file for forced deletion.
Kaspersky virus removal tool log attached.
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore
- Execute following script in Manual disinfection
After reboot execute following script in Manual disinfectionКод:begin SearchRootkit(true, true); SetAVZGuardStatus(True); ClearQuarantine; QuarantineFile('C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\monxga32.exe',''); DeleteFile('C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\monxga32.exe'); ExecuteWizard('TSW', 2, 2, true); ExecuteWizard('SCU', 2, 2, true); BC_ImportAll; ExecuteSysClean; BC_Activate; SetAVZPMStatus(True); RebootWindows(true); end.
and upload the C:\quarantine.zip over the link Upload quarantined files on the top of this page.Код:begin CreateQurantineArchive('C:\quarantine.zip'); end.
- Install Service Pack 3 + All subsequent updates + Internet Explorer 8.
- Repeat a log file of AVPTool.
- Make a log file with Hijackthis ( Analysis, p.3 for further informations).
- Attach both logs to your new post..
I use firefox, so I suppose I don't need internet explorer.
Kaspersky virus removal tool log and HijackThis log attached.
Quarantine.zip also uploaded.
Your main problem ist hereInstall Service Pack 3 + all subsequent updates + Internet Explorer 8.Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Статистика проведенного лечения:
- Получено карантинов: 1
- Обработано файлов: 3
- В ходе лечения обнаружены вредоносные программы:
- c:\documents and settings\administrator\start menu\programs\startup\monxga32.exe - Backdoor.Win32.Bredolab.dxc ( DrWEB: Trojan.Botnetlog.126, AVAST4: Win32:Rootkit-gen [Rtk] )