Hey guys, yesterday i encountered this trojan and boy i got to say this is the nastiest piece of work i've seen!! The Problem: My desktop disappered it seems as though explorer.exe kept getting shut down. I tried safemode and even here the same problem, i was also getting some dll error msgs. I then used task manager to run firefox to do an online scan, this is what was picked up on the online scan: Trojware.win32.trojan.buzus.~gab (id=0x441a17) c:windows/system/xccef090131.exe Trojware.win32.rootkit.tdss.~y (id=0x67f211) win/sys32/drivers/uacaeawsmwr.sys Applicunwnt.win32.adware.vitrumonde~aag(id=0x4396e6) C:win/sys32/hgGywwvv.dll:upx Trojware.win32.trojan.buzus.~gab(id=0x441a17) c:win/sys32/inf/xccefb090131.scr Trojware.win32.rootkit.tdss~V(ID=0x67f1dz) Trojware.win32.rootkit.tdss~X(ID=0x67f??- sorry i can't read what i wrote down!!!) Trojware.win32.rootkit.tdss~ W(ID=0x67f??- sorry i can't read what i wrote down!!!) These are all found respectively here: win/sys32/uaccodcnmtb.dll " "/uacxnxatkmc.dll " "/uacxvssjmoo.dll Unclassified malware (id=0x43bf48) win/temp/veteo.tmp Before i could tell the online scan to do anything else firefox crashed and so did the rest of the pc!! Again in safemode comodo would not run nor any other malware progs. Thanksfully on my drive E i have an emergency installation of XP on there, so i just booted into drive E and started the clean up process. I started running these programs from my E drive and i also specifically made these progs check my c drive. After doing 3/4 of the tests i had to boot back into my c drive to run the combofix. It did its thing and then rebooted into drive c, however this time i now have all these errors pooping up at me! It says: RUNDLL Error loading c:/windows/xccdf6-090131a.dll (ONLY SHOWN ONCE ON NUMEROUS REBOOTS) Then i have Windows has encounterred a problem Run a dll as an app error error sig rundll32.exe appver 5.1.2600.3300 mod name rundll32.exe Then i have Drwatson Potmotem Debugger Encountered a problem app name drwatsn32.exe app ver 5.1.2600.0 mod name drwtsn32.exe When i try and close the above 2 error msgs the dr watson continously keeps coming back up and my desktop will not show at all. I then go to task manager and i kill the process tree for the dr watson and then my desktop will load. Within 10secs of this the dr watson error is back up and doen't go away no matter how many times you click don't send, even trying to kill the process tree doesn't stop it from coming back. I have also noticed some strange programs in my c drive that i have never had before. I will put screen shots of all these error msgs and stuff in my next post in case i am not describing myself properly. I tried to run the mgtools prog but it just hangs!! I have tried the fix recommended for xppro and that doesn't help. I only manage to get an 11kb log which to me doesn't seem correct. If i try to run mgtools again the cmd window pops up and then vanishes! I tird to install the .net framework and this fails, it just starts installing and then starts rolloing back and say failed!