Malware

[simbugi]

Hi can someone help me please.  All of a sudden Avast seems to have gone nuts!!!  I keep on getting a warning saying that I have an infection with the Malware called Win32:Rootkit-gen [Rtk].  The file name is C:\WINDOWS\system32\B.tmp.  I put it in the virus chest however it keeps on coming back.  What can I do to get rid of it?  Is it dangerous?

Thanks

[FreewheelinFrank]

Hi simbugi,

Try a boot time scan with avast! Right click the scanner screen, select 'schedule a boot time scan' and reboot when requested.

If still having problems, post a HijackThis! log.

[Lisandro]

It could be... rootkits are hidden virus. Otherwise, could be a false positive detection...
Can you submit the file to www.virustotal.com?

I suggest:

1. Disable System Restore and reenable it after step 3.
2. Clean your temporary files.
3. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
4. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
5. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
7. Immunize your system with SpywareBlaster or Windows Advanced Care.
8. Check if you have insecure applications with Secunia Software Inspector.