Virtumonde problems

The scans took care of most of it, so lets just do this:

Please disable all anti-virus and anti-spyware programs while we do the following ( be sure to re-enable when we are finished):


Run C:\MGtools\analyse.exe by double clicking on it. (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

NOTE: HJT may popup an error about the AppInit_DLLs line. Ignore it and click OK to continue.

After clicking Fix, exit HJT.

Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now use windows explorer to find and delete:
c:\documents and settings\All Users\Application Data\Viewpoint
c:\documents and settings\All Users\Application Data\avg7
c:\documents and settings\Kyle\Application Data\AVG7
c:\program files\Viewpoint\Viewpoint Media Player

I am not seeing Viewpoint in your add/remove list, but it is in your system.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip and be sure to tell me how things are running.

 

Sweet....your logs are clean.

Run this: Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

If you are not having any other malware issues, then: