[Reallovely]

Hello,

My system Windows XP , MCAfee Antivirus Plus got a virus this weekend. McAfee did pretty allright, but i als used the kaspersky virus removal tool.

This worked fine virus deleted, only today i found out that it was back. I used avenger to look at the problem.

Here s the avenger file:

Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.

Hidden driver "ufcyjro" found!
ImagePath: system32\drivers\lthxztg.sys
Start Type: 0 (Boot)

Rootkit scan completed.


Warning: Invalid contents in ServiceGroupOrder key!
There may be a driver loading earlier than Avenger!


Completed script processing.

*******************

Finished! Terminate.


This hidden file is maybe the root of the virus. Unfortunately this file can t be found so I don t know how to delete it.

Can You help me with this please ???

New avenger file looks like this

Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.

Hidden driver "SiSPort" found!
DisplayName: SIS PORT Driver
ImagePath: \??\C:\WINDOWS\SiSPort.sys
Start Type: 3 (Manual)

Rootkit scan completed.


Completed script processing.

*******************

Finished! Terminate.


Is this sisport a problem????

Edited by Reallovely, 05 April 2011 - 08:16 PM.