Hi spetrarca,
Please rerun TDSSKiller. When you are present with these lines:
13:27:01.0333 4752 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:27:01.0333 4752 \Device\Harddisk0\DR0 - detected TDSS File System (1)
use the drop down menu and select delete.
Next
Please follow all previous instructions regarding security programs.
Open a new Notepad session - Click the Start button, click run
- in the run box type notepad
- click ok
- In the notepad, Click "Format" and be certain that Word Wrap is not checked.
- Copy and paste all the text in the code box below into the Notepad. Do Not copy the word CODE
Code:
KillAll::
RootKit::
c:\windows\svchost.exe
In the notepad - Click File, Save as..., and set the Save in to your Desktop
- In the filename box, type (including quotation marks) as the filename: "CFScript.txt"
- Click save
Using your mouse left button, drag the new file CFscript.txt and drop it on the ComboFix.exe icon as shown below.
This will start ComboFix again.Close all browser/windows first.
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**
Please post the TDSSKiller log and the combofix log.
How's the computer?