Brewology

Hey as all you all know, I have been infected with a virus called "HackTool.Rootkit", I did a full
scan on my PC with Norton Anti Virus, Spybot S&D, and Microsoft Anti Spyware Beta and found
nothing!!. The reason I know Im infected with this virus, because everytime I reboot my PC
on Start Up mode, Norton gives me the high risk message telling me Im infected with HackTool.Rootkit
virus. I litterally tried everything!!, I tried following Symantecs removal instructions, which was
Update Norton, boot in safe, do a scan, and delete it manually. This is an Extremely hard virus to
get rid of!!, please somebody help me how do I get rid of this!!! The virus is located in my System32/
folder shown as phfr.dll or something like that, please help!! This virus can take control of your whole
system!!!

download a program called ad-aware se personal and try it.... it should help!

I just scan with Ad-Aware SE Personal and didnt find nothing

hmmm you might just need to reformat your computer, but that means you will lose everything that is on it...

oh no anything...... but reformating my hardrive, I just got another new hardware after a virus just attacked my computer,
I am not gonna keep doin this over and over.

Okay bro, before you do anything check out this link:

Symantec (Norton) confesses to using rootkit technology

There is a manual update you must make so Norton updates it's engine. You won't get it automatically, so you must to directly to it's site or run Norton Update manually.

Then run a full scan in SafeMode (reboot your PC, press F8 repeatively, choose SafeMode, run Norton and allow it to delete anything that it finds.

Let me know if you need more help.

well running in safe mode isnt a good idea cuz the virus wont get loaded. Some viruses will go into a "stealth" mode and only coming out of it when they run, so ur best bet is to scan out of safe mode, that way if its polymorphic, which means it can go from a replicating to a non replicatiing state, if its replicating it has a higher risk of norton detecting it. I guessing u tried both but here's what i would do
1. update norton while in safe mode, some viruses block ports of av updates
2. scan in safe mode
3. scan in normal mode
4. some virus hide in the boot sector of ur hd, u mite wanna see if norton can scan that too in safe and normal mode

install some ad ware removers and unplug your internet cable then restart. Then load the ad ware remover program and run a system scan.

yeah man if you really wnna get rid o this thing then you gotta
1. Update in safe mode
2. Scan in safe mode
3. Scan in normal mode

Regarding reformatting-
Just pop in the windows CD, run setup, when it asks if you wanna repair or install choose INSTALL. Then you get the option to reformat ONLY your windows partition. Do that and you should be safe dude... It'll load a brand new c: but all your data in the other drives will be safe.

This is one of the top 5 anti virus and its free http://free.grisoft.com/doc/1

If you did all that, and you still have it, it might be it goes online and downloads the virus again on your PC when you reboot. Have you tried deleting your cookies? Try that to see what happens. Delete cookies, everything in your Windows Temp folder and also Temp folders and then go through all the motions again of deleting the virus.

if you're planning to clear out junk like cookies and temp files i suggest you use WEBROOT WINDOW WASHER. its fast and thorough. removes every bit o junk. google it to get the trial ver. bittorrent it to get the full pro ver.

or if nothing works get another hard drive put everything u need on it and reformate ur p.c

well my PC has been running perfectly for the last few weeks, nothing has really gone wrong maybe its not
there, so I rather not worry about but if something goes wrong I'll follow your guys advices, thanks for the
help anyway.

dont get too relaxed it ll come back soon trying to delete ur system files this is a pretty nasty virus it sounds like a trojan horse