It seems that a rootkit has come to live in my computer, running XP SP2.

Avast! spotted it and supposedly removed it, but it’s still around. One of the give-aways is the “View hidden folders and files” option in the Tools - Folder options dialogues no longer functions. Also, clicking on one of the drive icons gets me a dialog asking “what to open this program with?”.

I’ve done three boot scans and with a trio of big hard drives in six partitions that takes from 11 to 12 hours when it discovers more-or-less the same things it removed the last time a boot scan was done or I ran Avast!.

This is driving me nuts as I cannot move any of the files I work on at home to work.

For what it’s worth, Kapersky - the utility used at work - is utterly worthless. Avast! spotted the thing, while Kapersky is completely blind to it. And yes, I got it from the office computers. Worse, NONE of our IT people at work seem to have the slightest idea as to what a rootkit is in the first place. I’m a damn car designer and I had to explain it to them!

If someone can give me some advice on how to kill this thing short of re-formatting all three of my hard drives, I’ll be eternally grateful.

bwob

WE’ll do this backwards

uh what exactly did avast find?

please go to
www.bleepingcomputer.com/forums/topic131299.html
SDFIX and follow the instructions exactly
It has a rootkit scanner built in and will also find SOME find other current baddies

there are some additional troubleshooting tips here
http://forums.majorgeeks.com/showthread.php?p=869653

(U are backed up)

THen I would run Scans with Malware Bytes Anti Malware with those big disks just run the quick scan for now
Check any baddies then REMOVE CHECKED- a backup will be made- post the log

read the top of this forum and submit a HJT after the mbam
do not FIX anything
thanks

and Spybot Search and Destroy Quarantine do not delete/ remove
let spybot get rid of cookies so they do not clutter the process
post the log- excluding cookies
DO THIS OVERNIGHT TONIGHT 0r Super ANTI SPYWARE full scans
Please immunize with spybot If you have IE on your system install SD-Helper
Do not install T-timer for now and if you do turn it off for now

do you have Windows Defender or any proactive anti malware installed? (Spybot t-timer- etc)