Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


ndis.sys TR/Rootkit.gen

  • Please log in to reply
2 replies to this topic

#1 JayNG


  • Members
  • 2 posts
  • Local time:08:26 PM

Posted 09 June 2011 - 11:25 PM

Hello Bleeding Computer

I've recently scanned my Windows XP Home Edition PC with Avira , And also AVG and its popped up with an infection on ndis.sys saying a rootkit.gen , I'm not very good with computers and have no idea how to go about this situation , Is it safe to delete the infection through my anti virus or will it affect my computer?

Ever since ive come across this infection my internet connection has been at a minimum , Taking on average around 5 mins to load a basic webpage I.E google.

Thanks in advance

Edited by Andrew, 10 June 2011 - 02:53 AM.
Mod Edit: Moved To AII Pending Malware Log generation - AA

BC AdBot (Login to Remove)


#2 USN Vet


  • Members
  • 190 posts
  • Gender:Male
  • Local time:03:26 PM

Posted 10 June 2011 - 02:05 AM

If your antivirus detected it, and gives you the option to delete it, why would you not delete it ?
Feel free to ignore my comment, just another user !

#3 Andrew


    Bleepin' Night Watchman

  • Moderator
  • 8,260 posts
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:12:26 PM

Posted 10 June 2011 - 02:53 AM

ndis.sys is a critical system component. Without ndis.sys, you would not be able to access any network resources. It is not uncommon for rootkits to adulterate system drivers and deleting the file would not in itself remove all traces of infection and would likely crash the computer.

You should follow this guide to generate a DDS and GMER report and post it in the Malware Logs Analysis forum. From there a member of the Malware Removal Team will be able to guide you through the steps necessary to identify and clean any infections.

Edited by Andrew, 10 June 2011 - 02:56 AM.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users