Please Help Remove Virtumonde
I got my laptop about 5 months ago, and virtumonde has been on here as long as i can remember. Im constantly getting rid of it, but it just keeps coming back because i cant completely destroy it. I used search and destroy to get rid of it before posting here. It removed 2 out of 3 virtumonde items. The third could not be removed. It appears to be in the registry. One of the others that was removed was in the registry too, so im not sure why it cant remove it. Anyway, im posting search and destroy results here. Get back to me if you have any information! :laugh:
Virtumonde: [SBI $1B1C4D25] Executable (File, fixed)
C:\Documents and Settings\Owner\Local Settings\Temp\removalfile.bat
Virtumonde: [SBI $F3FA0F85] Uninstall settings (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo
Virtumonde: [SBI $F3FA0F85] Uninstall settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo
Win32.Small.azl: [SBI $2EBDADF4] Settings (Registry key, fixed)
HKEY_USERS\S-1-5-21-417682724-2757141335-2312730193-1005\Software\WinAble
--- Spybot - Search & Destroy version: 1.5 (build: 20070830) ---
2007-10-13 unins000.exe (51.46.0.0)
2007-08-31 blindman.exe (1.0.0.6)
2007-08-31 SDMain.exe (1.0.0.4)
2007-08-31 SDUpdate.exe (1.0.6.4)
2007-08-31 SDWinSec.exe (1.0.0.8)
2007-08-31 SpybotSD.exe (1.5.1.15)
2007-08-31 TeaTimer.exe (1.5.0.9)
2007-08-31 Update.exe (1.4.0.5)
2007-08-31 advcheck.dll (1.5.3.0)
2007-04-02 aports.dll (2.1.0.0)
2007-04-02 DelZip179.dll (1.79.5.3)
2007-08-31 SDHelper.dll (1.5.0.8)
2007-08-31 Tools.dll (2.1.2.0)
2007-07-25 Includes\Dialer.sbi (*)
2007-08-29 Includes\Hijackers.sbi (*)
2007-10-04 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-10-24 Includes\Malware.sbi (*)
2007-10-24 Includes\PUPS.sbi (*)
2007-10-24 Includes\Spybots.sbi (*)
2007-10-24 Includes\Trojans.sbi (*)
2007-10-24 Includes\Cookies.sbi (*)
2007-10-24 Includes\Revision.sbi (*)
2007-08-21 Includes\Tracks.uti
2007-10-24 Includes\TrojansC.sbi (*)
2007-10-24 Includes\SpybotsC.sbi (*)
2007-10-24 Includes\SecurityC.sbi (*)
2007-10-24 Includes\PUPSC.sbi (*)
2007-10-24 Includes\MalwareC.sbi (*)
2007-10-24 Includes\KeyloggersC.sbi (*)
2007-10-24 Includes\HijackersC.sbi (*)
2007-10-24 Includes\DialerC.sbi (*)
2008-12-24 Plugins\TCPIPAddress.dll
Need Help Removing Viruses From D: Volume
I performed an in depth scan using panda antivirus '08 and found many viruses. 3 of which could not be disinfected. They are in the D:\ System Volume Information.
I can locate them and delete them, i know how to do that. But id just like to make sure that if i were to delete the files in the volume that it would not cause harm to my computer. Im posting a copy of the results which show the file names that are infected.
Please get back to me if it is safe.
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00371752 Adware/Yazzle Adware No 0 Yes Yes C:\system volume information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP78\A0054172.EXE
00506844 Adware/WinAntivirus2006 Adware No 0 Yes Yes C:\system volume information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP81\A0054300.DLL
00531547 Trj/Downloader.OLY Virus/Trojan No 0 Yes Yes C:\system volume information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP78\A0054171.EXE
00788689 Generic Trojan Virus/Trojan No 0 Yes Yes C:\system volume information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP81\A0054301.EXE
00788689 Generic Trojan Virus/Trojan No 0 Yes Yes C:\system volume information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP48\A0033215.EXE
00988749 Generic Malware Virus/Trojan No 0 Yes Yes C:\system volume information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP57\A0037055.DLL
01048936 Generic Malware Virus/Trojan No 0 Yes Yes C:\system volume information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP81\A0054302.DLL
01166293 Spyware/Virtumonde Spyware No 1 No No D:\System Volume Information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP51\A0034635.exe[kasp_activator.exe]
01166293 Spyware/Virtumonde Spyware No 1 No No D:\System Volume Information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP64\A0047098.exe[kasp_activator.exe]
01343045 Trj/Downloader.PUT Virus/Trojan No 0 No No D:\System Volume Information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP51\A0034635.exe[kasp_vista_compatibilator.exe]
01343045 Trj/Downloader.PUT Virus/Trojan No 0 No No D:\System Volume Information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP64\A0047098.exe[kasp_vista_compatibilator.exe]
02242231 Trj/Downloader.MDW Virus/Trojan No 1 No No D:\System Volume Information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP51\A0034635.exe[kasp_vista_compatibilator.exe][o01PrEz1064.exe]
02242231 Trj/Downloader.MDW Virus/Trojan No 1 No No D:\System Volume Information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP64\A0047098.exe[kasp_vista_compatibilator.exe][o01PrEz1064.exe]
02559865 Adware/Yazzle Adware No 0 Yes Yes C:\system volume information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP83\A0057481.EXE
02570052 Trj/Downloader.MDW Virus/Trojan No 1 Yes Yes C:\system volume information\_restore{099D30DC-C26B-4E90-9285-C34D0601D32B}\RP83\A0058946.EXE
A few of these appear to be virtumonde, which i posted another threat trying to get rid of. Thanks.