Malware shutsdown Counterspy

Posting Logs Quick -

3rd attempt - won't let me UPLOAD - think its the Malware blocking upload.

I will send in short post reply with more info after logs ...

 

Symptoms...

Qwest DSL Modem


At Comp start up -

MSN Mess and Windows Mess access internet (previously these were disabled to be used only if clicked on purposely)

REALPLAYER starts and tries to access internet.

Pop Ups appear when not logged into IE explorer

When Logging into IE -
MSN money 2002 startup and tries to access net

When logged on to internet...

Pop up galore -
Error - IE must shut down sorry for the inconvienience...

Streaming audio comes on - sounds like radio and voices talking...

Will post another reply with Bit Defender info...

 

Bit defender -

Shut down with IE error message each time I ran it.

Here is the final scan - found MUCH less junk the final run.
I could only get these few lines before shut down - there were more that were supposedly DELETED.

C:\Doc & Settings Trojan.Downloader.Agent.AMN
C:\Windows\System32\etobp.dll infected with Trojan.Vqten.AMN
C:\Windows\System32\JGSDIT.dll infected with Trojan.Vqten.AMN

I will post a HIJACK THIS log next reply ...

New Developement
Now the pop ups have all turned to Porn type dating services...

 

Ok on Friday 4/13 Ran this......Virtumonde aka Trojan Vundo Removal

Bad things occured- CounterSpy wanted to block it saying it was installing a trojan ie_updater.

Now IE is completely incapacitated (I am on work computer loaned out).

I will try to move a hijackthis Log to post here and try the Panda item you mentioned.

What about dumping IE and starting over with Firefox?
Would the infection/virus affect firefox?