Another major infection; Rootkits!

Kaoruko

The answer is simple use WDO.

We have a tutorial on how to use WDO:
Windows Defender Offline

Here's the procedure I use, which is basically the same:
HOW TO USE MICROSOFT'S OFFLINE MALWARE REMOVER
Windows Defender Offline
· performs an offline scan of an infected PC to remove viruses, rootkits and other advanced malware.
· is a free standalone, bootable malware and virus remover from Microsoft.

Download Windows Defender Offline (about 785 kB)
You will have the choice of downloading the 32bit version (x86) or the 64 bit version (x64).
The link will help you determine whether you are running a 32 bit version or 64 bit version of Windows

NOTE!! You can download and prepare a 32 bit version using a 64 bit version of Windows
NOTE!! You can download and prepare a 64 bit version using a 32bit version of Windows.

You run the 32 bit version on a 32 bit version of Windows.
You run the 64 bit version on a 64 bit version of Windows.

The 32 bit download file name is: mssstool32.exe
The 64 bit download file name is: mssstool64.exe

For the curious, this program was originally name Microsoft Standalone System Sweeper.


INSTALLATION:
· Requires an Internet Connection.
· Insert 512 mB or larger USB stick into a usb port.
· Run the downloaded program--mssstool64.exe or mssstool32.exe
· NEXT button
· Choose the option On a USB flash drive that is not password protected
· NEXT button
· NEXT button
.
The install program will:
· format the usb stick using the NTFS format.
· download less than 230 mB.
· name the USB stick WDO_Media32 or WDO_Media64
· use less than 300 mB.

How to UPDATE the Windows Defender Offline USB stick:
· reinsert the usb stick
· run the installation program, mssstool64.exe or mssstool32.exe, again.
· the update will download less than 65 mB.

Since the malware database is sometimes updated several times in a day, always update before running.

PERFORM AN OFFLINE SCAN
Bootup your computer from the USB stick
Windows Defender Offline will automatically perform a quick scan.
After the quick scan finishes, Choose Full Scan
Select all of your drives

The initial, full scan can easily take several hours, but
Remember, your computer is being very thoroughly checked for all types of malware.

kaoruko,
malware seldom travels alone.
One of the main reasons I strongly recommend WDO.

Run WDO.

Hi Kaoroku,

Unfortunately, if some specialist generic tools such as TDSKiller do not fix the problem, then a disk wipe and clean install are usually the only method to ensure that the rookits have been completely removed.

Regards,
Golden