| Other > Viruses and worms |
| c:\windows\system32\svchost.exe Rootkit ;-( |
| << < (25/34) > >> |
| Calambo:
--- Quote from: PiotrW on June 05, 2008, 08:05:44 PM ---Well, the patches didn't work for me. I used the Russian patch, I also ran WinSocksFix... and my Internet connection is still down! Any other advice, people..? --- End quote --- Yes, I have one, as it worked for me. In my previous message I said it didn't worked for me, as the registry did not seem to save the update. Searching why, I found that all updates in the reg file were located in HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ On my computer, I have ControlSet001 but also ControlSet002, ControlSet004 and CurrentControlSet So, I modified the reg file with a text editor, replacing ControlSet001 by all the others, and it worked :) I think it wasn't necessary to change all control sets, but using CurrentControlSet instead of ControlSet001 could be an idea. The microsoft documentation (http://support.microsoft.com/kb/100010/en-us/) says : --- Quote ---The most valuable and reliable control set is CurrentControlSet. If you need to modify system settings in the Registry, CurrentControlSet is the best subkey to choose because you know that it is the correct control set. --- End quote --- ---------- Pour ceux qui comme moi n'ont pas réglé le problème avec le fichier .reg d'avast, je vous conseille d'éditer ce fichier et de remplacer le texte "ControlSet001" par "CurrentControlSet" dans tout le fichier, ainsi vous serez certain de modifier la bonne configuration. En tout cas, pour moi, ça a marché après cette petite manipulation |
| kstmb:
--- Quote from: Calambo on June 05, 2008, 10:34:14 PM ---In my previous message I said it didn't worked for me, as the registry did not seem to save the update. Searching why, I found that all updates in the reg file were located in HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ On my computer, I have ControlSet001 but also ControlSet002, ControlSet004 and CurrentControlSet So, I modified the reg file with a text editor, replacing ControlSet001 by all the others, and it worked :) I think it wasn't necessary to change all control sets, but using CurrentControlSet instead of ControlSet001 could be an idea. The microsoft documentation (http://support.microsoft.com/kb/100010/en-us/) says : --- End quote --- No matter, because ControlSet001 is the copy of CurrentControlSet. Number of current ControlSet you can find in HKEY_LOCAL_MACHINE\SYSTEM\Select\Current. If some services don't work correctly, you try to recover your personal settings. See Reply #116 |
| Lisandro:
--- Quote from: igor on June 05, 2008, 10:13:54 PM ---Yes, that's right. The false positive does not happen on "ordinary" system --- End quote --- Hmmm... seems cracked systems are being used... Like a friend of mine said: --- Quote ---That are the users of illegal Windows? They cannot easily recover, and they cry loudest that avast is to blame. Where people cannot pay the official version well that is hard if they cannot easily recover. --- End quote --- --- Quote from: Tech on June 04, 2008, 02:32:51 PM ---The system can be booted without this file, certainly into safe mode, so I'm not sure this is exactly the (probably quite rare) case when it would make a difference. --- End quote --- But you will agree that it would happen with a file that Windows need to boot/logon. Can it be implemented? --- Quote from: igor on June 05, 2008, 10:13:54 PM --- --- Quote from: Tech on June 05, 2008, 10:06:05 PM ---My questions remain unanswered: --- End quote --- So do mine (reply #48). --- End quote --- Hope the affected users drop the answer... Thanks Igor. |
| kostik:
--- Quote from: Calambo on June 05, 2008, 10:34:14 PM --- --- Quote from: PiotrW on June 05, 2008, 08:05:44 PM ---Well, the patches didn't work for me. I used the Russian patch, I also ran WinSocksFix... and my Internet connection is still down! Any other advice, people..? --- End quote --- Yes, I have one, as it worked for me. In my previous message I said it didn't worked for me, as the registry did not seem to save the update. Searching why, I found that all updates in the reg file were located in HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ On my computer, I have ControlSet001 but also ControlSet002, ControlSet004 and CurrentControlSet So, I modified the reg file with a text editor, replacing ControlSet001 by all the others, and it worked :) I think it wasn't necessary to change all control sets, but using CurrentControlSet instead of ControlSet001 could be an idea. The microsoft documentation (http://support.microsoft.com/kb/100010/en-us/) says : --- Quote ---The most valuable and reliable control set is CurrentControlSet. If you need to modify system settings in the Registry, CurrentControlSet is the best subkey to choose because you know that it is the correct control set. --- End quote --- ---------- Pour ceux qui comme moi n'ont pas réglé le problème avec le fichier .reg d'avast, je vous conseille d'éditer ce fichier et de remplacer le texte "ControlSet001" par "CurrentControlSet" dans tout le fichier, ainsi vous serez certain de modifier la bonne configuration. En tout cas, pour moi, ça a marché après cette petite manipulation --- End quote --- Calambo, cette méthode de changement des controlset, tu l'appliques avec les fichiers de Pierre ou celui mis en ligne par Avast (message de Igor, page 8 ) ? |
| fonzy44:
Is it a joke ? My Windows XP version is LEGAL, and I'm still stuck, so please stop to argue that only cracked version of Windows are affected. And more, I don't use any third party software as nLite. >:( >:( >:( !@#&!ç!!!! Et puis zut, ras le bol de taper du texte en anglais vu que de toute façon les seuls à réagir sont francophones (excepté polonus). Ma version d'XP est légale et je suis toujours autant "din l'brin non di tchosss" ! Et évidemment le patch d'Avast ne fonctionne pas ! Je vais essayer la modification proposée par Calambo. Fonzy |
| Navigation |
| Message Index |
| Next page |
| Previous page |