I am really struggling with getting rid of Virtumonde. As a background, I have been running Trend Micro VirusScan and SpywareDoctor and both are kept up-to-date with definition files. Neither seems to be helping my cause! When I run a full system scan in SpywareDoctor, nothing is detected.
I have tried running AdAware from Lavasoft and it detects it every time. It cleans it, and I appear to be fine until the next reboot. Then, upon reboot, it is back. All the popups, slowness, everything is there again! I run AdAware again, it detects it, I clean it, etc. I suppose I could just never reboot my machine, but think I have learned that it is somehow integrated with the WinLogon process because the reboot process is slow and boom, it is back each time. And also, I am not fully convinced it goes away. It still has to be there somewhere. Once it is "clean", though, SpywareDoctor kicks in and tells me it is protecting me against it. Gee thanks. The fact I can "make it come back" is helping me quickly determine which programs can detect it and which cannot. For example...
I have tried running VundoFix and it doesn't find anything at all after a reboot! I know it is still on here. Ad-Aware will find it 5 minutes later. There are 5-7 files that are picked up by AdAware each time. I downloaded a free trial of SpySweeper per the link in a posting in one of your message boards, but it is asking for a serial number, of which I do not have one.
Please help. One more thing. My taskbar shows that Automatic Updates are turned off, yet, I go into Control Panel|System and it says they are on. I am assuming this is the trojan again, messing with my mind!
I am more than willing to do a HijackThis log, but you must forgive me I need some instruction. I have never done one before!
Thanks in advance,
me