How to Remove Win32:Rootkit-gen[Rtk] Virus

To Remove Win32:Rootkit-gen[Rtk] Virus you need to first kill its processes and then delete its files on your hard disk to fully eliminate the virus. If your computer is infected with Win32:Rootkit-gen[Rtk]Virus, you’ll notice a process with the name ‘ur0.com’ running in the background. The Win32:Rootkit-gen[Rtk]Virus resides in ur0.com file. We need to kill this process first.

How to Remove Win32:Rootkit-gen[Rtk] Virus

Press Ctrl+Alt+Del to open the Task Manager, end the ur0.com process, if any.

Next, you need to check if there’s any startup program relating to this virus. To do so, type msconfig in the search box and hit enter. Go to Startup and check if there’s any such file. If there is simple remove it.

Now, reboot into safe mode, search the ur0.com file and delete any such file.

We are not done yet! Win32:Rootkit-gen[Rtk] Virus is also saved in the System Restore files. Hence, you need to turn off the System Restore. (In XP- right click on My Computer> Properties> System Restore tab> Click on Turn off System Restore on all drives. In Vista- Control Panel> System Protection> Uncheck C drive. Click on “Turn System Restore Off” button. In Windows 7- right click on My Computer> Properties> System Protection> Configure> Click on “Turn off system protection”).

Reboot the PC for changes to take effect. The system restore files will now get deleted. Once the computer reboots simply turn on system restore. Hopefully, the virus should be gone by now.

STAY IN TOUCH WITH UPDATES | SUBSCRIBE VIA RSS or Email |

Discussion

3 comments for “How to Remove Win32:Rootkit-gen[Rtk] Virus”

  • mike robinson

    I have a virus called win32:rootkit=gen [rtk]. Avast finds it, I delete it, restarts Avast and it fonds it again so it is regenerating as soon as I delete it ? is thaat possible ?, I have turned of system restore and have no ur0.com file antwhere on my comp, even in hidden files. Please can somebody find a way of getting rid of this. the version is 100115-1 and todays dadte 15/01/2010. Thanks

  • rhizzu

    how about to remove in flash drive?
    when it remove the virus on FD. and unplug then replug again..
    the virus came back again to FD.

    how can i remove permanently?

  • Alexander Contesti

    Yes, I too recently discovered the infamous Win32 Rootkit -gen Virus- it was discovered by running Reimage which detected and told me this specific virus. Cannot find ur0 , disabled system restore , enabled safe boot, restart, as per the GEEKS , nothing happened – in safe mode the restart never happened so I had to turn off the computer manually. AVG sez my system is fine, Windows and Microsoft say all systems go. Every STUPID antivirus, malware, spyware, trojan scans came up with humungous errors even after cleaning up registry, numerous restarts etc. Running more scans showed more problems than I had before. Anyway that’s my 2 cents worth , if anybody responds to this in a positive way, I’ll be thankful for any help. I have to go now , still searching for ur0.

web analytics