I have avast4.6 fully updated and sygate firewall on winxp pro.
Avast detects both viruses,but they come back whatever i try.
The infected files are named msdirectx.sys (not 100%sure) and sysmon.exe.
I have tried:
1)delete both viruses in normal mode and in safe mode.
2)put them in the chest.In this case,when i boot up,i get a windows message that the sysmon.exe file is missing.
3)scan with adaware.nothing happens.
4)scan with spyware doctor(updated).In this case,it detects a ‘‘hacktool.rootkit’’ which i delete,and it appears again as well.
When i scan,either in normal or on safe mode,i always turn off the system restore.
It is a pity for you, but the presence of Hacktool rootkit implies that at some point the security of your system has been compromised. System should be restored from known clean back up copies or patched to restore security.
Use hijackthis to remove bad entries, but be carefull, do not remove if you do not know what to do, post hiacklog here then.
Reboot computer and use some online AV scanner.