Re: Bios ChipAwayVirus - nakaza
Napsal: 12 říj 2011 21:19
Zkuste ho zabalit a pak poslat...A pripadne kdyz nepujde, tak pokracujte dal...asi je naboreny haveti a ta tam jeste nekde je a hraje si s nim 
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST380011A rev.3.06 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x89BCFAB8]
3 CLASSPNP[0xF7657FD7] -> nt!IofCallDriver[0x804E37D5] -> \Device\0000005b[0x89C10F18]
5 ACPI[0xF75AE620] -> nt!IofCallDriver[0x804E37D5] -> \Device\Ide\IdeDeviceP0T0L0-4[0x89C08D98]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user & kernel MBR OK
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-10-12 22:32:03
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 ST380011A rev.3.06
Running: gmer.exe; Driver: C:\DOCUME~1\etien\LOCALS~1\Temp\pftdypod.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-13 07:48:26
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 ST380011A rev.3.06
Running: gmer.exe; Driver: C:\DOCUME~1\etien\LOCALS~1\Temp\pftdypod.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
---- Files - GMER 1.0.15 ----
File C:\Documents and Settings\etien\Local Settings\Application Data\Opera\Opera\profile\opcache\opr1ZGJO 404 bytes
File C:\Documents and Settings\etien\Local Settings\Application Data\Opera\Opera\profile\opcache\opr1ZGJQ 405 bytes
File C:\Documents and Settings\etien\Local Settings\Application Data\Opera\Opera\profile\opcache\opr1ZGKS 399 bytes
File C:\Documents and Settings\etien\Local Settings\temp\~DF6A21.tmp 512 bytes
File C:\Documents and Settings\etien\Local Settings\temp\~DF6DF8.tmp 512 bytes
---- EOF - GMER 1.0.15 ----
Odinstalujte avg, nahradte jej Avastem
Myslite, ze tam este nieco je