hi. good day. i first did a spybot scan and found virtumonde in my system. i chose fix selected problems and said it was successful. i rebooted my system and did again a spybot scan and found the same virus again. then i used spydoctor. it did found virtumonde and another virus, the trojan-pws.transpy. i tried to fix the said viruses by clicking "fix checked". and i rebooted my pc and did another scan. it found again the same viruses. help me please...

Can you try it in safe mode please, and see what happens then.

To get into the Windows 2000 / XP Safe mode, as the computer is booting press and hold your "F8 Key" which should bring up the "Windows Advanced Options Menu". Use your arrow keys to move to "Safe Mode" and press your Enter key.

Regards

this service needs to be stopped, Trojan-Downloader.Win32.Agent
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
then you can click fix then look for and delete if there. npkcsvc.exe

download vundofix from HERE
download VirtumundoBegone from HERE

i tried running vundofix and virtumundobegone but both found nothing.

how do i stop the service? should i use hjt to fix it?

control panel/performance and maintenance/admin tools/services, right click and disable. you can also get information on the programme and any other software that depends on it., probably none!

ok, i still don't get how to stop the said service. sorry. avast alerted me that i am infected now with a different trojan. something called win32.tratbho. waaahh. i still did nothing to my pc

i found the services in the admin tools. i looked for npkcsvc and found out that it is already stopped. what should i do next

follow the path delete what is in bold C:\WINDOWS\system32\npkcsvc.exe
download COMBOFIX to desktop. do not run any other programmes. do not click mouse while it is running. then post log and new hjt log