Posted 27 April 2009 - 04:37 PM
Got a "malicious page" warning from AVG during a net session on Friday last. After accepting AVG's warning and closing the tab, I also got a warning from Spybot.
Now, every time I go to boot, Spybot tries to install one of the "eight random character dll files" into windows\system32. Spybot TRIES to stop it. The Spybot "popups" on bootup give me the ability to say, "NO! Don't allow this change." Doing so results in a sequence of a dozen or so repeat popups.
I've run Malwarebytes at least a dozen times, twice in Safe Mode. It found Smitfraud AND Vundo.h the first time through. I downloaded and ran Smitfraudfix, and that SEEMS to have gone away from subsequent Malwarebytes reports. But I can't seem to get past 2 infected memory modules, 1 registry key, 4 registry values, 1 registry item, and 3 files being infected. MWB finds them every reboot, but they come back.
I've also downloaded and run ATF cleaner. Still no dice.