@cassery: This is good advice, but it is not enough. Where a compromise has occurred, the best recourse is to reformat/reinstall/restore. If just the rogue account is removed, there is no guarantee that any malicious software has also been removed. And, if the malicious software is a zero-day threat it will not be picked up by traditional anti-virus solutions.
This is why creating a backup of your data and storing it on removable media that is not connected to your network is the single most important thing you can do.