worm/vb.dw cannot remove

I have this worm called worm/vb.dw (symantec calls it w32.alcra.f) and cannot get rid of it.

I have run numerous antivirus programs in safe mode. the bitdefender.com scan deletes all it finds except two files: one which is detected with Adware.Virtumonde.GFH, the other with Trojan.Vundo.CG.

It says it deleted all with Win32.Worm.VB.DW, but I am still afraid I have this worm, or another worm due to the files that cannot be deleted.

any suggestions would be most helpful. Until then, i'll be running another scan

here is the long version of what i have done so far:

I tried symantec's repair solutions at http://www.symantec.com/security_response/writeup.jsp?docid=2006-021712-3034-99 but cannot get step 3 to work. after scanning, I try to run cmd, but typing in "cd %system%" only yeilds the response: "the system cannot find the file specified".

Then I went into safe mode to scan, but I started it, the usual dialog box asking if I am sure I want to run safe mode pops up, but then disappears before I have had time to make a selection. Then the screen is black with
"safe mode" in the 4 corners and does not load any further. I have to hold down the space bar in order to pause the dialog box so I can select "yes" to enter safe mode and load windows.

After getting in to safe mode (this was last night) I ran numerous antivirus programs, the first of which was the online program bitdefender. It found some 17 viruses and 500 infected files, but was unable to delete one file infected with the worm. After more scans, I hoped the problem was gone, but today I started up in normal mode, and one of the antivirus programs discovered another file.

so, back in safe mode, I scanned again with bitdefender. This time only 4 viruses, 11 infected files. But those 2 with Adware.Virtumonde.GFH and Trojan.Vundo.CG. were un-deletable.

Thanks for any suggestions!

 

Hello and Welcome to the forum !

Wilders no longer provide malware cleaning services . Since you have Vundo/Virtumonde infection , your computer will need further cleaning (not only scanning with antivirus softwares) . You need to run several other utilities and post a log of HijackThis in a forum which supports HJT services . I personally recommend you register and post in Aumha.

Please , let us know the results when the cleaning is done