rootkit loads 54 cmd's on bootup

Discussion in 'ESET NOD32 Antivirus' started by rand4505, Jul 5, 2011.

Thread Status:
Not open for further replies.
  1. rand4505

    rand4505 Registered Member

    Joined:
    Jul 5, 2011
    Posts:
    6
    I have been infected with what I think is a rootkit that NOD did not block. It loads 54 cmd prompts on bootup before Nod loads with echo off so I can not tell whats going on. Logs as follows. The Sysinspector log is 15.3m in size and I can not upload it here.


    Runscanner logfile http://www.runscanner.net
     

    Attached Files:

    Last edited by a moderator: Jul 5, 2011
  2. SolidState

    SolidState Registered Member

    Joined:
    Dec 18, 2007
    Posts:
    92
    Disable Spybots realtime as IMHO it's borderline useless. I'd then use SAS off of a boot disk and/or use MBAM. Easiest place to start.

    I'd use rkill and MBAM first.

    PS with the right SARDU boot disk or USB thumb drive it should be able to be fixed within an hour or so. If it's a rootkit then you prob can't remove from infected kernel.
     
  3. rand4505

    rand4505 Registered Member

    Joined:
    Jul 5, 2011
    Posts:
    6
    Any links for making vista bootable thumb drives? I have been unable to find one.

    N/M found one...
     
    Last edited: Jul 5, 2011
  4. SolidState

    SolidState Registered Member

    Joined:
    Dec 18, 2007
    Posts:
    92
    checkout SARDU for AV boot disk creation!!!

    It's the BEST!!!
     
Thread Status:
Not open for further replies.