Infected by Rootkit : d35b9291.sys

[Shadab]

(The laptop) was actually infected by tons of malware, including Win32.OnLineGames.anyz and Win32.AutoRun.akc ; but thanks to the excellent 'Malware Removal Guides', I was able to successfully clean all of the trojans. But this stubborn rootkit won't go away, no matter what I do. (and this is the first time I have encountered a rootkit)

GMER was able to detect it as a hidden service.
The file is located at : C:\WINDOWS\System32\drivers\d35b9291.sys

Would you like me to post a HJT log for this ?

 

[Shadab]

Thread can be safely closed / archived.

I was able to remove the offending .sys file by using a utility which would delete that file just before the Windows started up. After that, it was quite easy to remove the remaining orphaned hidden services and associated null ending registry entries.

opcorn:

 

[pskelley]

Thanks for taking the time to let us know.