ZeroAccess Rootkit was discovered in November 2011 and has been causing havoc ever since.
It works by using and infected file from a package with a trusted certificate and then imbeds itself into system files such as svchost and loads the mimicked dll file instead of the original.
It is a Trojan Horse that opens a backdoor to download its own files.
This is one of the nastiest viruses around to date and can be extremely difficult to remove.
I have tried Norton’s removal tool, McAfee’s removal tool, Combofix, TDSKiller, aswMBR 0.9.9 and Malwarebytes to try and rid a system of this little critter.
My recommendation is to use Combofix, this is likely to break your TCP/IP stack, I then ran a scan with TDSKILLER which found afd.sys to be infected in system32\drivers. It did a cure, rebooted and all working perfectly now.
Hope this helps.