Avast is detecting Pragma on a friend's PC running Vista Pro, running as a service.
I have tried Delete and Quarantine & performed the reboot as prompted, but it is not removed.
GMER still detects the presence of the rootkit.
Rootkit Revealer shows the file to be in \Windows\System32\drivers as PRAGMAyrbesxmecq.sys.
However, I cannot kill the process.
When I boot with a Knoppix disk and mount the drive, that particular file does not show up in the \drivers folder.
I know it is hidden, but I don't seem to have a good way to get to it.
The Threat Detected message from Avast is:
SVC:PRAGMAyrbesxmecq >
Severity: High
Result: Error: Error 0xA0000101. (-1610612479)
I have thrown everything but the kitchen sink at it (MBAM, Super AntiSpyware, etc.), and cannot get rid of it.
Any thoughts?