Hi. I've got an infection of some kind that has a rootkit component that is still there even after Avast and/or MalwareBytes run a boot-time scan to eliminate it. Immediately after the reboot, I scan my computer with Avast and the infection is still there. Avast reports the infected file as "C:\WINDOWS\SYSTEM32\zuyinuni.dll" and classifies it as "Rootkit: hidden file". Initially the infection affected my search results on Yahoo! search engines, redirecting all links in the search results to malicious pages, and for a time it also blocked MalwareBytes from operating properly at all. I was able to get around that problem by reinstalling MalwareBytes and downloading a randomly renamed copy of mbam.exe, which the infection was deleting during the install process. Once fixed and renamed, MalwareBytes was able to repair the search engine problem, and now the only sign of the infection is when it shows up on my scans with Avast and MalwareBytes, but it appears to survive these programs' attempts to delete it during boottime. Any assistance in finishing off this pernicious beast would be appreciated.
EDIT: Oh, yes. I'm running Windows XP.
Edited by indigowombat, 02 April 2010 - 09:00 PM.