trojan horse in windows

Hello everybody,
Can someone please help me. For a few weeks now I've had a couple of viruses on my pc and cannot get rid of them. They appear everytime I boot up my pc. They are Trojan horse proxy EOD or EIY and Trojan horse downloader generic. They appear to be in a windows file.My anti virus software (AVG) detects them and I either delete them or heal them. Then I run my A-V program and it detects nothing. But when I reboot my PC later, they're back! I also somethimes get a warning that my Windows updates are not turned on and that my computer is at risk. But when I ckeck it out in the security centre it is switched on. I don't know if this is linked to the virus or not. I also have ad-aware free edition running on my computer and spybot search and destroy. I'm not very expirienced with computers so please bear this in mind when helping me out.
Please, please, please help me someone.

 

Hi,
Followed your instructions, but have come across a couple of problems. Firstly, I bought my pc from an old work mate 3 or 4 years ago. When I try to install Windows malicious softwsre removal tool or windows defender it says that my product key is not valid. What can i do about that?
Also, in the read and run me first directions, at stage 6 you tell me to run bitdefender. I click on the link but a message comes up saying that this page cannot be found. There is a link to www.bitedefender.com and I have gone there but I don't know what I'm looking for.
Could you please advise me as to what to do next.
Kind regards, Andy.

 

You've spelt bitdefender wrong there.

http://www.bitdefender.com/

Click on that link and click on Scan Now on the bottom left above the news letter sign up box.

 

H Matt,
Thanks for the info. Got the scan running now. I've edited my 2nd post since you contacted me. Could you help out with the other problem I've got?
Cheers.

 

For now skip the malicious removal tool and run counterspy instead of windows defender. (see alternate scans in the read and run me thread)

You WILL however need to contact Microsoft at some point to get a genuine serial as without it you won't be able to recieve updates and critical security patches which protect against future infection and you'lll just end up in this forum again!

Lets clean up your computer first and then you can start a new thread in the software forum where you can get advise on this issue.

 

Hi guys,
Here (at last) are the first 3 logs. Runkeys.txt, newfiles.txt and counterspy.txt. I'll let you know how i got on using all the programs you told me to and any problems I had.
Thanks.

 

Hello,
This is the 2nd part of the logs. bdscan.txt and counterspy.txt.
All the programs worked well. Didn't realise it took so long though. Counterspy worked really well and found alot of problems, as did Panda ActiveScan. Already had Spybot on my pc so i knew that would work.
The only problem I had ws that when i tried to install either windows malisious software remove tool or windows defender, I was told that my version of windows had an invalid product key. Having bought the pc from an old workmate I didn't realise. I still get all the uploads, so I thought it was genuine! I will be contacting Microsoft on how to put this problem right.

 

Uninstall the following programs using Add/Remove Programs if they are present

Download and install SpyBot-Search & Destroy 1.4 and rerun the scan. The version you had is out of date and as such will probably not be as useful as it could be. Make sure you update the definitions first.

Does this : 'Twister Anti-TrojanVirus 2005' have on access scanning ? you have AVG installed so if it does you should uninstall Twister Anti-TrojanVirus 2005 or at least disable the on access scanner.

STOP DOWNLOADING ILEGAL COPIES OF SOFTWARE AND GAMES ON YOUR COMPUTER OR YOU WILL CONSTANTLY BE REINFECTED.

As you can see from your counterspy scan many of the infections you have have come from so called cracks you have download for games such as Age of empires.

Do you still have Norton System Works installed ? The bitdefender scan is showing a lot of infected files in its quarentine file but I don't see it in the list of installed software.

I am going to need a Hijack This log before we can continue. Please follow the instructions in Step 7 or the 'Read & Run me' and upload a log.