Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Possible rootkit on netbook

  • Please log in to reply
No replies to this topic



  • Members
  • 1 posts
  • Local time:06:38 PM

Posted 03 July 2010 - 11:50 AM

I think I have a bad malware infection on my netbook, I've tried everything I can think of to get rid of it, I'll try to be brief:

System Details:
Acer Aspire One
Windows XP Home SP3

Anti-malware installed: latest versions of:
COMODO internet security (anti-virus and firewall)
Super anti-spyware
SOPHOS anti-rootkit

A week ago COMODO identified "unknown malware" in a file and I stupidly assumed it was some kind of false-positive and let it run.
Now applications often become un-responsive and within seconds the whole system freezes, usually shortly after startup.
COMODO and SAS find nothing but SOPHOS anti-rootkit reports numerous "unknown hidden files". I can delete the files and reboot but SOPHOS reports new hidden files each time I run it.
The biggest problem is I have already reset the netbook to factory default from the recovery partition and it seems the problem remains! Is it possible for malware to infect a recovery partition?
It seems like the system only freezes when connected to the internet. I use a USB "Zoom 7.2M tri-band modem" to connect, this appears as a drive D: in windows explorer - not sure if it's also possible for malware to infect that drive and then re-infect the netbook?

Any help or advice would be much appreciated!

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users