Posted 15 June 2010 - 02:25 PM
First post, need help with possible malicious rootkit removal.
Win XP Pro SP2
Infected with Antimalware Doctor Friday afternoon.
Ran Malwarebyte's Anti-Malware - got rid of most everything except:
Repeated scans report:
"C:\Windows\system32\drivers\znyrb.sys (Trojan.Rootkit) -> Delete on reboot"
Reboot system and re-run scan, returns same result
Ran Sophos ARK
Unknown hidden file - "C:\Windows\system32\drivers\znyrb.sys"
Removable - Yes (but clean up not recommended for this file)
How to proceed?