TechSpot

Hacktool.Rootkit has infected win.sys

By shahazia
Sep 16, 2005
  1. hi,

    in my personal computer i have recently installed windows XP home edition. when i last scanned my system yesterday using Nortan Antivirus it gave a message which said nortan has found a virus on your system.

    virus name: hacktool.rootkit
    file infected: c:\windows\system32\win.sys

    i tried to fix the virus by doing quarantine or delete, but it was not fixed since access to win.sys was denied. win.sys is used by a driver named win, while this driver is running i am neither able to delete or rename this file.i don't know how to stop this driver.

    what is the intensity of harm this virus can do??
    please help me.
    is there any way to remove this virus manually or any tool is available on the internet which can fix this virus.

    looking forward for suggestions
     
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

  3. mumtomanyuk

    mumtomanyuk TS Rookie

    Hi
    I am new and I have read some of your previous replys but I am still confused.

    I run Norton Anti-virus every day and today it has told me that I have Hacktool Rootkit virus in
    c\windows\system32\svkp.sys
    I have placed it in quaranteen, I have switched off my system restore. Everything says to delete the file BUT I think I have read never to delete your system files or things wont work.
    What can I do?
    Thank you for any help you can give me
    Also what is a HJT scan? :confused:
     
  4. Victor587

    Victor587 TS Rookie Posts: 47

    Just delete it, it isn't an original system file anyways.
     
  5. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...