Zeroaccess rootkit and Win32/Small.CA

I've been having problems with my computer, applications hanging, cpu and memory will climb up to 90%, and sometimes when I try installing a program it fails or tells me I don't have administrative rights. My Norton Antivirus says my computer is clean, but Windows Action Center tells me it has detected Win32/Small.CA on my computer. I scanned my Windows drive using a Linux LiveCD (avast) and it found Win32:Zeroot-B [Rtk].

I've followed the instructions in READ ME FIRST and am attaching the logfiles except for RootRepeal and Combofix. Combofix got up to stage 4 and then stopped working.

Thanks in advance

 

Hi and welcome to Major Geeks, ddoll!

http://img196.imageshack.us/img196/3557/tdsskiller.gif I want you to read and follow these instructions: TDSSKiller - How to run


http://img707.imageshack.us/img707/6703/generalxpicon.gif Please download MBRCheck by clicking here and save it to your desktop.

• Double-click on the file to run it. (Vista/7 right-click and select Run as Administrator)
• A window will open on your desktop.
• If an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
• If nothing unusual is found just press Enter.
• A .txt file named MBRCheck_mm.dd.yy_hh.mm.txt should appear on your desktop.
• Attach this file to your next message. (How to attach)

 

Thanks for your help thisisu. I don't know if this is relevant or not, but both scans completed in less than a minute. Here are the logs.

 

All of your logs have been clean so far. And yes, those scans run very quickly.
Can you provide me a screenshot / log of what is being reported as infected?

You can also do this:

http://img205.imageshack.us/img205/4783/regeditb.gif Open Notepad and copy everything in the code box below into it.

Code:

REGEDIT4

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}]

• File -> Save As -> Save as type: "All Files" -> File Name: fixme.reg > Save to the desktop.

Now merge this into the registry by double-clicking it.
Let me know if the merge was successful or not.