Persistent rootkit help?

Custom / CUSTOM
September 19, 2009 at 05:06:41
Specs: Microsoft Windows XP Home Edition, 2.996 GHz / 3583 MB
Recently, my computer was infected by a persistent rootkit. I believe the source of it was from my friend's computer since my thumbdrive was infected when i scanned it. Is there anyway to remove it. Is it possible to remove it without reformatting?

''Persistent rootkits become active each time your computer boots. Persistent rootkits install in the Windows Registry or as part of the Windows file system. In general, this type of rootkit is associated with malware that initiates a specific action, like sending your personal data to a remote location and continues to perform the operation until removed from your system.'


See More: Persistent rootkit help?

Report •


#1
September 19, 2009 at 06:07:35
I'm Mister Mask and I will be helping you with your computer problems.

- Please do not run other tools or scans.
- Copy and paste all logs requested in you reply and follow the instructions exactly
- If you don't know or understand something, please don't hesitate to say or ask before you proceed with my instructions.
- Absence of symptoms does not mean that everything is clear

# 1 - Search Infections


Download "Random's System Information Tool (RSIT)" by random/random and save it on your Desktop.

- Execute RSIT.exe to start RSIT.
- Clic on Continue at screen Disclaimer and let the values as default
- If the tool HijackThis is not present or not detected RSIT dowload it, you must accept the license.
- When the analyst is finity, two reports pop up

Please paste only Log.txt

NB : Reports are saved in : C:\rsit\

Please in your next reply, post :
- Log.txt

@+

Sorry for my future orthographic faults, English is not my mother tongue ;=)


Report •

#2
September 23, 2009 at 02:08:47
i am unable to post the log.txt for some apparent reason but i uploaded it..

http://www.megaupload.com/?d=KO0RMZW1


Report •

#3
September 23, 2009 at 02:54:38
You've too many protection on your PC.
Many protection software don't give a superior security.

Please keep only MalwareBytes and AVG8.
Uninstall other.

You've many Toolbar ... Crawler and Ask Toolbar behaves like spyware, uninstall it too, if you can't uninstall it, i can provide a protocol.

The PC is not infected.

@+

Sorry for my future orthographic faults, English is not my mother tongue ;=)


Report •

Related Solutions

#4
September 23, 2009 at 03:13:43
really?thanks alot.but i only installed all the external protection after i found out from the AVG8.5 rootkit scanner

Report •

#5
September 23, 2009 at 03:17:37
just a note..Im keeping AVG8.5,malwarebytes,cc cleaner and registrymechanic. and is it okay to stack AVG8.5 and malwarebytes?

Edit: i re-scanned the computer with AVG 8.5 and 1 rootkit was detected.

C:\\WINDOWS\System32\Drivers\apzu2onc.SYS


Report •


Ask Question