Win32:Rootkit-gen[Rtk]

system · May 18, 2017, 9:04am

So avast detects it everytime I startup windows the files are located in C:\users\Myname avast keeps blocking it and the virus seems to recreate itself Please i need help.

system · May 18, 2017, 9:06am

everytime i run malwarebytes and it freezes and it causes my pc to slow down

system · May 18, 2017, 9:07am

theres is also a weird program running on background powershell.exe

system · May 18, 2017, 9:09am

heres the log

system · May 18, 2017, 9:19am

also in msconfig startup theres a startup called “X” and the file is x.vbs

system · May 18, 2017, 9:28am

so after I restarted my pc the powershell.exe seems gone but avast threat blocked is still giving alerts that there is a new Win32:Rootkit-gen[Rtk]

system · May 18, 2017, 9:37am

NEW VIRUS FOUND IDP.ARES.GENERIC

system · May 18, 2017, 9:39am

heres all the threats

system · May 18, 2017, 10:37am

new virus is still IDP.ARES.Generic

Pondus · May 18, 2017, 10:56am

Have you run Combofix?

if so why? also attach combofix log

Malware expert is probaly not online before tomorrow

system · May 18, 2017, 11:11am

I run combo in the morning. But dont worry i fixed it already i used the malwarebytes rootkit tool and it deleted the vbs script which is the reason why it keeps creating the virus if connected to the internet. You can close this now thanks btw

system · May 18, 2017, 11:13am

thats also the reason why it runs the powershell thingy on startup

Win32:Rootkit-gen[Rtk]

Announcements