Virtumonde

By doing the following: READ & RUN ME FIRST. Malware Removal Guide

 

Please read this:
How to attach items to your post.

Your MGTools log should be at C:\MGlogs.zip.

 

Can you please run COmbofix and attach that log.

Where do you have MGTools.exe saved to? If running Vista, did you turn off the UAC? Did you right click it and choose to run it as administrator?

 

There is absolutely no need to do this because the actual logs are automatically zipped for you, you should look for the C:\Mglogs.zip file created from running MGTools.exe and attach it for Tim into your next reply.

 

I am not seeing any malware in your logs as yet. Please attach the latest MBAM log which is here:

What issues are you having?

 

You are fine. I have not seen any malware and probably Spybot removed what it found.

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     
     • Notes: The space between the combofix" and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
     
     
   
   
3. Go back to step 6 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
   related to MGtools and some other items from our cleaning procedures.
9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   
   • Refer to the cleaning procedures pointed to by step 7 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
   
   
10. After doing the above, you should work thru the below link:
    
    • How to Protect yourself from malware!
    
    

 

According to your logs there is:

Code:

C:\MGtools\"
mgclean.bat   Mar 29 2010        4836  "MGclean.bat

 

No problem!! Safe surfing.

 

LOL....you are most welcome. Any one of the malware helpers would have done the same!!