Headache with Win32:Confi [Wrm]

Avast Free Antivirus / Premium Security
1

Hi friends,

I am getting headcahe with ??? Win32:Confi [Wrm].Avast is showing up a window to delete it So If i delete it again it is coming.How can I permanently delete this Win32:Confi [Wrm] Rootkit.Please enlighten me and show the way to solution.

Avast log viewer:

12/12/2009 8:46:00 AM SYSTEM 1800 Sign of “Win32:Rootkit-gen [Rtk]” has been found in “C:\WINDOWS\System32\x” file.
12/12/2009 8:48:36 AM Bharath 3388 Sign of “Win32:Rootkit-gen [Rtk]” has been found in “C:\WINDOWS\system32\x” file.
12/12/2009 8:58:57 AM SYSTEM 1800 Sign of “Win32:Malware-gen” has been found in “G:\QTP_10.00_Seat\Legend\l-mqt82.exe” file.
12/12/2009 9:05:36 AM SYSTEM 1800 Sign of “Win32:Rootkit-gen [Rtk]” has been found in “C:\WINDOWS\System32\x” file.
12/12/2009 9:25:11 AM SYSTEM 1800 Sign of “Win32:Rootkit-gen [Rtk]” has been found in “C:\WINDOWS\System32\x” file.
12/12/2009 9:27:11 AM SYSTEM 1800 Sign of “Win32:Confi [Wrm]” has been found in “C:\WINDOWS\System32\x” file.
12/12/2009 9:52:02 AM SYSTEM 1800 Sign of “Win32:Rootkit-gen [Rtk]” has been found in “C:\documents and settings\networkservice\local settings\temporary internet files\content.ie5\o2oachi8\fnbc[1].jpg” file.
12/12/2009 9:52:11 AM SYSTEM 1800 Sign of “Win32:Rootkit-gen [Rtk]” has been found in “C:\documents and settings\networkservice\local settings\temporary internet files\content.ie5\j0tjm9ww\vzyyfaqa[1].jpg” file.
12/12/2009 9:57:49 AM SYSTEM 1800 Sign of “Win32:Rootkit-gen [Rtk]” has been found in “C:\WINDOWS\System32\x” file.
12/12/2009 12:04:48 PM SYSTEM 1800 Sign of “Win32:Confi [Wrm]” has been found in “C:\WINDOWS\System32\x” file.
12/12/2009 12:19:32 PM SYSTEM 1800 Sign of “Win32:Confi [Wrm]” has been found in “C:\WINDOWS\System32\x” file.
12/12/2009 12:19:37 PM SYSTEM 1800 Sign of “Win32:Rootkit-gen [Rtk]” has been found in “C:\WINDOWS\System32\x” file.
12/12/2009 12:32:30 PM SYSTEM 1800 Sign of “Win32:Rootkit-gen [Rtk]” has been found in “C:\WINDOWS\System32\x” file.
12/12/2009 12:54:22 PM SYSTEM 1800 Sign of “Win32:Confi [Wrm]” has been found in “C:\WINDOWS\System32\x” file.

Among one of you,
Bharath. :smiley:

2

When you get a virus message, click schedule boot-time scan, restart your computer and when a virus is found when its scanning, choose your option.
Recommended option is Move all to chest and if it asks to remove a threat that is in your system files, choose yes to all.

3

it’s a Conficker worm… http://forum.avast.com/index.php?topic=41598.0

4

@ radhe

Go to PROFILE then Modify Profile then Forum Profile Information then Signature: and put information about your system if you like just like my sigature.

You should remove the links to your email address in your Profile as spammers and scammers will get your address.

Go to Secunia Online Software Inspector then run it to see what other applications are vulnerable:
http://secunia.com/vulnerability_scanning/online