Windows 7 / Malwarebytes, latest version and updates

Malwarebytes' detects the items in the attachment. I click "Remove Selected", reboot, run again and Malwarebytes' detects them again. How to get rid of them ? - Thanks for your help, IM

Hello Imageman. Welcome to Malwarebytes.org

Scan and post logs - read note at bottom in green
If you're having Malware related issues with your computer that you're unable to resolve.

1. Please read and follow the instructions provided here: I'm infected - What do I do now?
2. If needed please post your logs in a NEW topic here: Malware Removal - HijackThis Logs
3. When posting logs please do not use any Quote, Code, or other tags. Please copy/paste directly into your post and do not attach files unless requested.

• Please do not post any logs in the General forum. We do not work on any logs posted in the General forum.
• Please do not install any software or use any removal/scanning tool except for those you're requested to run by the Helper that will assist you.
• Using these other tools often makes the cleanup task more difficult and time consuming.
• If you have already submitted for assistance at one of the other support sites on the Internet then you should not post a new log here, you should stay working with the Helper from that site until the issue is resolved.
• Do not assume you're clean because you don't see something in the logs. Please wait until the person assisting you provides feedback.
• There are often many others that require asistance as well, so please be patient. If no one has responded within 48 hours then please go ahead and post a request for review

NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.

Zombie processes (terminated but still resident in memory)

The TDSS rootkit is probably protecting them. Please follow these instructions (skipping any steps you are unable to complete) for posting in our Malware Removal - HijackThis Logs forum. If you cannot follow any of those steps, then please create a new topic in that forum explaining what happened when you tried to run each of the tools in the instructions, and the expert who helps you will be able to suggest steps to take to get the tools working.

Edit: Looks like I was a minute too slow.

Hope this makes sense, I'm bushed . . . Thank you both for your help, and I apologize for posting this in the wrong forum element. I've been using the free version of Malwarebytes for eons, but just now purchased it and registered. Then I ran it again and quarantined the offenders, rebooted, ran the deep scan which came up clean, so I'm probably clear. Now I'll go do a lot of reading :-) - IM

Wait a minute... I just took a second look at that screenshot, and I saw Virut as a detection. If that's true, then you need to reformat and reinstall. There is no way to recover from a Virut infection.

To verify the presence of Virut, please run a Kaspersky Online Virus Scan.

@ GT500

I see two in that screenshot !!!!

As did I. I was surprised that those were the only detections of Virut though, so if that's it then he may be lucky, and it's just a couple of infectors that were never executed. If the Kaspersky scan detects more than that, then reformat and reinstall is the only hope.

Man that Virut seems to be brutal on PC's

Yea, it's a real killer. You can never trust a computer again once it's been infected with Virut, unless you reformat the hard drives and reinstall Windows.

I have had luck cleaning up virut infected exe files w/ Dr. Web Cureit and sometimes the old Norton Prescan. Html iframe infections are a bit more of a hassle. CA seems to be able to clean the html files as opposed to most AVs just deleting them. Only problem is all the exe files will have date and time of when they were cleaned instead of their normal timestamp.

The computers may have seemed clean, but it isn't possible to completely clean it up. Like I said, no computer infected with Virut can ever be trusted again, unless you reformat the hard drives.

Why would that be? Can you give details or any links to support this? I have done probably a dozen ever since Jan/Feb and never heard any complaints from those people. If I am not cleaning up peoples PCs properly, I want to know. Thanks!

Check post number 5 in this topic. I'd repost the link, but I still haven't figured out how to copy and paste on this Palm Pre.