Rootkit Virus...........Help me to remove it

Viruses and worms
1

Hello Friends,

As soon as I started my PC I got a warning from Avast that my PC is infected and on running a full PC scan the results were shown as :

Sign of " Win32:Rootkit-gen[Rtk]" has been found in “D:\windows\system32\ntdll.dll” file.

The move to Chest option in Avast did not work as it pointed out that it was a system file and read only and could not be moved to the chest.

Kindly let me know how to get rid of this virus.

Thanks a ton.

Regards,

Sanjay S.

2

http://forum.avast.com/index.php?topic=62015.0

3

I had these symptoms start up yesterday on a PC that does nothing but run Spotify. What I did was look in System Restore and restore from a point before the problem started. I noticed that this undid “Software Distribution Service 3.0” which I’m assuming is a Windows update. On restart I ran a full Avast scan and the recommended “SuperAntiSpyWare” which detects no error.

4

Did you read the other topic that Pondus gave the link too, as that could well resolve your problem if you are using VPS 010720-0 . If it doesn’t then it would be best to start your own new topic as it isn’t the same issue and we will need more information.

5

I had this problem yesterday. Each time I started up the AVast warning would appear. It couldnt be deleted, or moved to chest (as recommended), and if I choose to ignore it the end result was always the same: the PC stopped responding, with the hourglass remaining on. Each time I had to shut down PC.

I then started up in safe mode and using CCleaner get rid of a lot of garbage. Then tried again, still with no luck. This time I started in Safe Mode with networking and googled for info on the problem. Firefox warned me that this forum was not to be trusted when I tried to click on one of the messages dealing with it: said it could be a fake link. So instead I went to the Avast site direct from the Avast software.

I read that I should update the Virus Database, which clearly could not be accessed by my PC because of the Malware warning. After updating I then restarted PC in Normal mode and the Malware warning no longer appeared. I assume that the original warning was due to a problem in the virus database, as everything is working smoothly now, without the need to remove or delete anything.

Hope this hepls

6

download this:
http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html

this may help