OK I have found a protector driver for the protection driver... 'Tis almost like Russian dolls this latest variant
Once we are done I would like to have copies of the files for onward transmission to Avast for analysis. I will give instructions for that later
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open
notepad and copy/paste the text in the quotebox below into it:
File::
c:\windows\system32\drivers\pzrastpk.sys
C:\Windows\SysNative\SE26mdfl.dll
C:\Windows\SysNative\dds_trash_log.cmd
NetSvc::
zpaction
Driver::
pzrastpk
zpaction
Save this as
CFScript.txt, in the same location as ComboFix.exe
Refering to the picture above, drag CFScript into ComboFix.exeWhen finished, it shall produce a log for you at
C:\ComboFix.txt which I will require in your next reply.