My PC seems to have been infected with the Small-KDG virus (see warning below). The problem is that while Avast detects the virus, it cannot remove it permanently. I have tried several times to move the infected file to the Chest, or delete it manually from c:windows32/services.sys but whenever I restart the computer I get a warning from Avast that the virus is still there.
In c:windows32 folder, there is another ‘service’ file apart from the ‘service.sys’ but this one is an application file. Am I supposed to remove this as well so that the virus disappears permanently (I’ve been reluctant to touch this file in case it is an important file and mess the computer up)
Any ideas on how to permanently remove the virus would be greatly appreciated
Many thanks
Nick
Scanning of selected files
Action was completed successfully!
Virus has been detected!
File Name: service.sys
FileID: 10
Virus Description: Win32:Small-KDG [trj]
The boot time scan can access files before they are locked by the operating system, and delete malicious files. It also runs a rootkit scan for hidden malware.
But there may well be something else that avast! is not detecting which is why the HijackThis! log is important: it shows running processes and start-up entries from the registry.
I ran the free edition of the super anti-spyware program which seems to have detected and quarantined the offending files (C:windows32/service.exe and C:windows32/service.sys). As suspected, the exe file was probably the one restoring the virus each time I was rebooting.