To Remove Win32:Rootkit-gen[Rtk] Virus you need to first kill its processes and then delete its files on your hard disk to fully eliminate the virus. If your computer is infected with Win32:Rootkit-gen[Rtk]Virus, you’ll notice a process with the name ‘ur0.com’ running in the background. The Win32:Rootkit-gen[Rtk]Virus resides in ur0.com file. We need to kill this process first.
Press Ctrl+Alt+Del to open the Task Manager, end the ur0.com process, if any.
Next, you need to check if there’s any startup program relating to this virus. To do so, type msconfig in the search box and hit enter. Go to Startup and check if there’s any such file. If there is simple remove it.
Now, reboot into safe mode, search the ur0.com file and delete any such file.
We are not done yet! Win32:Rootkit-gen[Rtk] Virus is also saved in the System Restore files. Hence, you need to turn off the System Restore. (In XP- right click on My Computer> Properties> System Restore tab> Click on Turn off System Restore on all drives. In Vista- Control Panel> System Protection> Uncheck C drive. Click on “Turn System Restore Off” button. In Windows 7- right click on My Computer> Properties> System Protection> Configure> Click on “Turn off system protection”).
Reboot the PC for changes to take effect. The system restore files will now get deleted. Once the computer reboots simply turn on system restore. Hopefully, the virus should be gone by now.