Sign in with
Sign up | Sign in
Your question

netstat -b command causes immediate reboot

Last response: in Networking
Share
October 14, 2007 8:46:33 PM

Not sure if this is a spyware/malware issue, OR if I have an OS issue:

History:
I was notified by my ISP that one of my pc's had forwarded a lot of mail (spam).

I was running AVG Antivirus at the time, no software firewall, but a hardware firewall/router. AVG was current (daily) and had no entries for problems. I ran a manual scan without issues. (I refer to all 3 pcs)

In researching possible infections, I ran Spybot S&D, which only found some questionable cookies, which were cleaned up. I also ran a tool called "Autoruns" to verify all startup entries in the registry; again no issues or surprises.

I ran into a problem on one pc, when using a tool I have used effectively in the past "ActivePorts" to scan for open ports on the pc, which ties the port to an application and executable. Basically a GUI for the netstat command.

As soon as the tool runs it does a port scan - -
The problems is that this causes an immediately reboot of the pc - an immediate black screen and subsequent power up reboot.

I played with the netstat command and found that "netstat -b" gives me the issue.

Using all the tools above I can't identify this as a malware issue, although I opened a discussion on the SpywareWarrior.com forum in case - maybe they can tell if there is something on the pc preventing my looking at open ports - something trying to cover it's tracks...

In this posting I'm trying to determine (with your help :)  ) if there might be a system/OS issue.
I really don't want to reinstall the OS/apps.

Thanks.

More about : netstat command reboot

October 14, 2007 11:17:24 PM

You could install the free version of ZoneAlarm, any time a program attempts to connect to the Internet, you can set it up to ask your permission. Might tell you what is trying to connect that could be the problem. Also, you could try a Windows repair from the CD. If it's a really nasty virus or malware, you may not have any other choice than a clean install of Windows
October 16, 2007 11:20:12 PM

I opened a query on the 'spywarior.com' forums (HijackThis) and resolved my problem. There was a rootkit installed that hid it's service and it's activity. Those guys led me through the steps to identify and solve the issue quickly and without any thrashing. Very crisp. Highly recommended.
!