|Win32:Rootkit-gen[Rtk] Virus removal??|
I can see this rootkit lives in a file called zbyaryz.sys in my drivers section of windows system 32 folder. I can't however do anything with it. When i try to delete or anything it comes up 'cannot read from source file or disk'. Although i now understand that i shouldn't delete system files anyway as quote 'bad stuff will ensue' Great.
So what do i do? I have a full system back up on an external hard drive from a few weeks ago (i hope to god this virus wasn't in there before then, but i'm fairly sure it wasn't) But i don't want to plug it in to my infected laptop in case it gets infected. I tried a basic system restore, which resulted in all my restore points being deleted somehow and the virus staying put. Some googling has lead to me finding this means the virus is probably in my system restore files.
Any advice would be appreciated. If my only option is to use my backup, then how do i do this safely? I've never had to do it before so haven't a clue where to start!
Sorry for the essay, i don't know what info is useful or not, but i'm desperate :(