Well.

Spybot picked this up the other day and after a scan, remove, reboot it was still present on the next round.

Thinking "oh well, it was about time anyway" I formatted my OS partition and did a fresh install of XP.

Still there on the next scan.

Since then I've tried nailing the little fucker down, but here my woes begin.

When I scan my system with Avast (free), Malwarebytes, SuperAntiSpyware, Rootrepeal and MGTools nothing is showing up. Zero. Nada.

But it's still showing up in Spybot.

I've spent the whole day watching scanning status bars so tell me:

WHO DO I TRUST, WHAT CAN I BELIEVE, WHO IS TELLING THE TRUTH?!

Nasty thing, had it once, spread via the network.
Remove Version A with : http://www.atribune.org/ccount/click.php?id=4
Remove Version B with : http://www.symantec.com/business/securi ... 10-3747-99

More info: http://hubpages.com/hub/Virtumonde-Removal-Tools

lol im having a similar problem, not tried spybot but my os is behaving strangely as of late and again avast picks up nothing. as soon as i see firefox opening on its own and loading bollox i know somethings amiss.also avast is unable to update since this has started. if i find out what kills it ill let you know

Did it!

Booted into safe mode, ran spybot once again, it killed the files and they haven't returned on a normal reboot.

Created new system restore point, cleaned all the shit.

Sorted.

Spybot is an awesome program, I do recommend it to anyone with problems - just run it in safe mode if you are definitely sure you are infected (especially with trojans, which constantly change file/registery names).

dude, linky the tool you used

http://www.safer-networking.org/en/index.html

I guess you meant Spybot Search & Destroy right?

Oh bo, you are so lazy

hmm id go with not having a partition tbh

Weeeell, having a partition means I've list no data from formatting and doing a fresh install.

It's useful.

And yes, fluffs link is the one bo.

didnt work, installed sophos rootkit and found 8 files but it wont remove them...

the reason i didn't look for that myself is that iv not used it before and couldn't tell the genuine from the fake AV tool. the amount of fakes out there are incredible

Another one to try is a program called 'Malware bytes'. It can spot some things that spybot won't.

http://www.malwarebytes.org/