Alan Vowles Posted March 1, 2010 ID:207752 Share Posted March 1, 2010 Fulls scans keep revealing Rootkit.Agent c:\windows\system32\drivers\xfvrdz.sys with an Action 'Delete on Reboot' but when I reboot it's still there.I can see the file under Windows Explorer, it's not hidden or system or anything and interestingly the date timestamp is always the reboot time suggesting that it's put back everytime I reboot.I stopped system restore to see if that prevented it from being put back, I've tried manually deleting it in normal mode and safe mode but it's always in use, I've connected the drive to another system and deleted it but when I put the drive back in my system the file returns when I boot up.Any ideas?ThanksAlan Link to post Share on other sites More sharing options...
Maniac Posted March 1, 2010 ID:207754 Share Posted March 1, 2010 Hello Alan, and welcome to Malwarebytes.orgWe don't work on Malware removal in the general forums. Please print out, read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here. One of the expert helpers there will give you one-on-one assistance when one becomes available.After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someon has replied to your post.Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org Link to post Share on other sites More sharing options...
Recommended Posts