Sys 32 rootkit agent

joelmagar · Apr 26, 2010

Malwarebytes found this virus but even after running six times it cannot delete the file. I tried to use the HiJack this program but it doesn't exactly want to be able to open the log file. its under C:\Windows\System32\drivers\vvsmwj.sys

linkin · Apr 26, 2010

Try booting in safe mode. If that doesn't budge it, try installing AVG Free as it is usually good at cleaning out that kind of thing.

johnb35 · Apr 26, 2010

Are you running a 32bit or 64 bit operating system? If its 32bit then follow this procedure.

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.

Download this file here :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Then double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you. Post that log in your next reply

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.

In your next reply please post:

The ComboFix log
A fresh HiJackThis log
An update on how your computer is running

Sys 32 rootkit agent

joelmagar

New Member

linkin

VIP Member

johnb35

Administrator