I just updated my Windows XP PC to Avast free anti-virus version 8.0.1497 definition version 130918-5 and suddenly I am getting a message from Avast telling me my computer is infected with a rootkit Win32:Evo-gen [Susp].
Actually, [as a rule of thumb], no. (Only exception I’ve seen so far is when Malwarebytes has been reported here as a rootkit.)
This is because rootkits are able to hide themselves, in most cases, quite successfully and, in most cases, do not impact system performance noticeably for the average user because of the way they run and when they run.
Best to have your system checked out by a certified expert malware removal expert by running and submitting (attaching only) the following four logs: Adwcleaner, Malwarebytes, OTL, and aswMBR.exe to see if, in expert opinion, your system is infected or not.
You can get your programs here: http://forum.avast.com/index.php?topic=53253.0 Don’t run any other programs on this list unless told to do so by your malware expert and use AdwCleaner and Malwarebytes to quarantine/remove anything they find. These two programs are safe to use for unsupervised cleansing.
Once logs are attached in your next reply, a malware expert will be notified and check your system out for you.
[EDIT:] We’ll know better what you have when you attach your screenshot of your avast! alert in your next reply, as Steven Winderlich asks.
It was only when it Avast was updated to version 8.0.1497 that it found this supposed infection. I allowed Avast to remove the infection & then run a boot scan, which did not find any infection. Yet, when my machine finally booted into Windows XP again, Avast 8.0.1497 once again said that my machine was infected.
I have a screenshot of the Avast warning message & also the logs from the programs you asked me to run, but when I try to post them to the forum, I get the following error message:
According to the information I’ve easily found online that WDSC.exe is exactly what it sounds like - part of the backup Western Digital Shadow Copying service.