Stubborn Trojan Help:

Hello,

I'm hoping you can help me with a stubborn trojan. I don't know how I got it as I'm very careful and always visit the same safe sites. I hadn't been doing anything - just watching a video I've watched (and is clean) many times and the PC restarted on its own. It continued to restart again and again, telling me "Windows has encountered a critical problem and will restart in one minute". The only thing I had done recently is run Windows Update and updated Microsoft Security Essentials.

So at this point I uninstalled MSE and that stopped the restarting issue. I tried reinstalling it and the restarting issue began again. So I once again uninstalled it and grabbed Anti-Malware. I ran that and it found a trojan in two places in the registry. It would not, however, remove them.

I then ran ESET online scan and that also found the trojan but could not remove it.

I have now uninstalled all virus software and am hoping you can help me remove this.

The infected file is:

800000cb.@

And I believe it is the Zero Access trojan.

If anyone could give me a hand it would be much appreciated.

Thank you!

 

I've tried posting a log from TDSSkiller but it is too big to post as an attachment so I'll copy and paste it here I suppose........

 

Oh, and also when I run TDSSkiller it gives me a message "couldn't load driver" but continues on anyway. I right-clicked TDSSK and ran as admin.

 

RogueKiller report

 

HitmanPro log

 

MGLog

 

Anti-Malware log......

 

Hey all,

Just got ComboFix to run (wouldn't before) in safe mode and it seemed to work. It removed the offending files (that I know of - 800000cb.@ and 800000.@) and now scans by Anti-Malware come up clean. If there is anything else you think I should do, let me know. And thanks either way.......great forum you've got here for helping people......

 

Or not.......everything seemed to be coming up clean but I now tried reinstalling and running Security Essentials and while it doesn't constantly restart like before, something is preventing me from turning on real-time protection as well as from downloading updates. I ran a scan with it without the updates and it is seeing a trojan. Said it removed it ok, but upon restart it is back. Nothing else seems to be finding it.......

 

Yeah, now MSE is reading:

TrojanDownloader:Win32/Cutwail.BE

Combofix doesn't seem to find it, nor does Anti-Malware.......

 

Ok, so I removed the other one now with HitmanPro. I reinstalled MSE, however, I still cannot turn on real-time protection. I've also noticed I am now denied access to my Documents and Setting folder among other thaings - it says I do not have permission. I tried changing the permissions in the properties, but it doesn't allow me to.

At this point MSE, Anti-Malware, HitmaPro, and ComboFix are all coming up completely clean.

Just keeping you updated on my progress while I wait.....

 

Well it seems that everything is clean at this point but I'm left with some problems.

Windows Update is gone from the services and because of this obviously won't update.

Security Essentials installs and scans fine, but will not turn on real-time protection.

I DID get the firewall on and working again by replacing registry entries, then turning the service back on. Working fine now.

If anyone could assist me in getting update and MSE running again it would be most helpful........

 

Well this was.......ummm......helpful. Hmmm.........