Hi,
- First run!
[*]Re-run TDSSKiller.exe and click on Change parametres.
[*]Under Additional options check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
[*]Click on Start Scan.
[*]If an infected file is detected, the default action will be Cure, click on Continue.
[*]If a suspicious file is detected, the default action will be Skip, click on Continue.
[*]It may ask you to reboot the computer to complete the process. Click on Reboot Now.
[*]Click the Report button and attach the contents of it into your next reply
Note:It will also create a log in the [b]C:[/b] directory.
- Secondly run!
Again re-run TDSSKiller as before (with change parametres ) and use Delete option for this entry:
\Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c )
Re run zoek.exe using this script; Attach fresh zoek logreports:
C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn;f
C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn;f
TranslatorBar 1 Toolbar;ff
C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\s4zf9nqb.default\extensions\{00bf7b9c-acd2-4080-bea8-b1c41987070f};f
emptyalltemp;
autoclean;
How is your computer running now?