HELP! (Log files included this time)

Hey there,

I went through and did everything in the "Read this first" posting. Attached are my logs from bitdefender, panda activescan, and HiJackThis. GetRunKey and ShowNew will appear in a second posting in the thread.

I am desperate for help. I can't get rid of these references to VirtuMonde no matter what I do. TrojanRemover finds a trace of it every time I restart. The DLL files, once deleted, appear under other names.

Even in safe mode, the files cannot be deleted, and if they can be, they are recreated in a second with a new .DLL name. Registry changes I make in safe mode are not saved. If I refresh the registry, the original references are back in there.

Any advice??

Brad

 

Here are the other two.

 

Before you begin this post you need to relocate HJT to a safer location such as C:\Program Files\HJT.

Please see the below thread on how to install and run VundoFix.

• Virtumonde aka Trojan Vundo Fix w/ Tool ...

Once you complete the scan above, attach the log from the scan, a fresh HJT log and a fresh Panda log.

 

Hey bjgarrick,

Thanks for the help. I actually followed what you wrote in another post because the other poster had similar symptoms on the computer.
http://208.101.7.150/forums/showthread.php?t=106720

Just wanted to let everyone know it worked in case they get the same virus, because it's a very persistent one.

Brad

 

If you still want to procede attach the requested logs so we can confirm you are clean. There is more to cleaning then just running a utility.