I am new here and moderately knowledgeable person with respect to computers. Knowledge I have, lots of time I do not. I use this PC for my Accounting and Tax business and it is tax season.
I run AVG spyware and virus protection (free version), Ad aware, and Spybot. For the past few days, I have been battling trojans from hadees.
The virus is reviving itself by adding an entry in the system startup as follows:
Located: HK_LM:Run, BMd3877471
command: Rundll32.exe "C:\WINDOWS\system32\btoyfsdb.dll",s
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
I ran all the virus/spyware tools in both safe mode and in regular mode. The following viruses were found:
Trojan horse generic9.BHWU
Trojan Obfuscated mu
virtumonde.dll
Each time, I choose to clean the system and it appears to. Then, spybot keeps popping up the message that entry BMd3877471 is trying to change a system startup global entry (even though the change has already been made). Each time I get rid of the DLL file referenced in the spybot warning message (in safe mode or not), it comes back....this time with a different DLL name.
I am at the point where I am ready to reformat the entire system, start from scratch, and proceed. I spent all weekend chasing my tail and I am no further along. I could have rebuilt the system by now. I am not confident in working with client data or transmitting e-file returns while this is on my system.
Can someone please help?
Thanks,
New