Rootkit: Can't get rid of it!
by WhatsOccurin - 11/20/11 5:28 AM
I was contacted by a neighbour this morning as they were having problems with their printer, so I went round to investigate.
It appears that they have got a root kit infection according to TDSSKiller, which won't cure the problem, by the name of Rootkit.Win32.zaccess.e (Service seems to related to an AVG file located in C:/Windows/System32/drivers).
I tried running Malwarebytes' Anti-malware but it won't run.
Furthermore, I tried restarting in Safe Mode, but I am presented with a blue screen, so that won't work either.
The CD drive isn't detected (neither is the printer, hence the printer problem they were having), so creating a CD on another computer and running it on the infected computer is out of the question.
The internet on the infected computer had google redirecting problems, but now the internet will not connect at all (therefore I cannot download programs to create logs etc.).
I found an article about the particular root kit and it advised deleting certain registry files to remove it, however these files are not present.
System restore will not work either.
A 'privacy protection' virus was also present, however I managed to remove it.
Due to the fact I cannot get any new programs on the computer to get rid of the root kit, I suspect the only way may be to boot from the Windows XP disk, reinstall windows and reformat the hard drive in the process!
Any advise would be great as my neighbours are relying on me to get rid of it, to avoid paying extortionate removal prices!
Many thanks in advance!