n 12/13/2010 10:26 PM, BillJohnston wrote:
Try one of these. Surely one will get control of conhost and disable
it. You probably have a rootkit along with the other problems, so you
need something outside of the Windows OS to scan.
Download this Avira Antivir Rescue System program which will burn a CD
image to a blank CD. It's updated a few times per day. Insert the CD
into the damaged machine and let it do a scan of your system. Before
starting the scan, select "Configuration" and set to repair or rename
the infected files. Sometimes your machine won't restart after such a
repair process, so you might want to save needed files to another system
before using this. If you can't, then you can move the hard drive to
another machine to copy needed files. You can do that before, or after
Then run these:
AVG now has a Rescue CD that's free. They also have a free USB download
that should work on newer systems that can boot from a USB device. Get
You can try some of the CD's mentioned at the following site.
BitDefender was my favorite, but if the infected machine can't connect
to the internet to get updates, Avira comes with current virus
definitions. Also, some of these just won't run on some systems,
perhaps because there's no drivers available for some system devices,
motherboard, graphics card, etc. So try a few of these till you find
one that works:
Burn BitDefender, or another program listed at the link below, to a CD
(using a working machine) and test the infected machine with it.
BitDefender also has a Rootkit checker on the Linux Desktop; run it if
you think that's the problem:
Download the executable rather than the .iso image, if one is available,
(though no .exe is available for BitDefender).
After the scan is run, if you elect to quarantine files, they're
quarantined to RAM and lost after you reboot. You'll need to copy any
quarantined files to the hard drive, a thumb drive or elsewhere before