Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

can't remove Rootkit.Boot.Pihar.c


  • Please log in to reply
5 replies to this topic

#1 RichZ

RichZ

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 22 July 2012 - 10:24 PM

I started getting the BSOD a few minutes after boot with a stop at 0x000008E on atapost.sys.

I tried TDSSKiller, which detects the problem. The screen says its cured and the log says it's copied to quarantine but the virus is still there. Norton NPE indicates it's prepared for a scan on reboot but this does not run. The machine does not go through a clean restart but get the BSOD with an 0x000001 APC_INDEX_MISMATCH error.

Under no condition can I conduct a clean shut-down. It always goes blue screen.

I am running Windows 7 Professional on a tablet - HP Slate 500.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:55 PM

Posted 22 July 2012 - 10:28 PM

If you're in normal mode,create a restore point

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot,click on REPAIR

Run TDSSkiller and post the log

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 RichZ

RichZ
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 23 July 2012 - 12:06 AM

Seems to be making progress - finally. I'll upload logs as soon as I can (already 1am).

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:55 PM

Posted 23 July 2012 - 06:29 AM

:thumbup2:

#5 RichZ

RichZ
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 23 July 2012 - 03:02 PM

It looks like the machine has been restored with minimal damage. There is a problem with a virtual drive used to attach an external cd/dvd unit to my tablet, but I never use it. It was installed by the guy I putchased the unit from.

I had posted the same request on another forum several days ago and heard nothing. Many thanks for the great advice.

Do you still want the log?

What would you recommended for anti-virus software that has a small footprint for a tablet?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:55 PM

Posted 23 July 2012 - 08:49 PM

Yes i still need the logs,you're not clean yet


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users