I am having quite a bit of trouble removing virtumonde. I have run spybot, it detects it, I click fix the problem and see the Green check mark show that it is taken care of. I run Spybot again and it is still there with the same registry entry.
users\5-1-21-3639948096-6595113062-3876086479-1412\software\microsoft\aldd
I also have run CCleaner and the unwanted programs scan in McAfee. CCleaner detected it, looked like it cleaned it but when I ran spybot it was still there. I ran CCleaner again and it detected nothing. When I ran the McAfee scan it didn't pickup anything.

I also ran Vundofix.exe, it detected a number of things and hit remove Vundo. I ran spybot again and virtumonde is still detected. I didn't follow the directions from a previous post so I don't have a txt file to post.

I have tried to boot the laptop in safe mode to run spybot but not luck. I have an issue when I'm in safe mode; after I click Yes to the fact that I'm going in to safe mode ten seconds later the same message comes up again to click yes. It does that three or four times and stops, but I have no desktop once it does.

Any suggestions??

lbstech,

Welcome to Safer Networking, please read this link before you post.
http://forums.spybot.info/showthread.php?t=288

What I am mainly interested at this point is for you to download and install Trendmicros Hijackthis. It will give me information about whats going on on your system along with what operating system you are running.

http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php

Go to C:\ Program Files and create a folder and name it Hijackthis, then download the program from the above link to that folder.

Now go to the Hijackthis Icon and right click on it and rename it to Scanner.exe.

Then post the log this way.

Open HJT Scan and Save a Log File, it will open in Notepad
Go to Format and make sure Wordwrap is Unchecked
Go to Edit> Select All.....Edit > Copy and Paste the new log into this thread.

Ken545,
Thanks for the help. One of the other tech in my office came across a scan from ewido, we tried it and it got rid of virtumonde. Thank you very much for your fast reply.

It's totally your call but we use AVG ( Formally Ewido ) quite a bit for malware removal and its one of the better programs on the market, BUT it will not get rid of Vundo. I strongly urge you to post a HJT log.

Ken:)

I strongly urge you to post a HJT log.

I agree.

As member has not responded, this topic has been archived.

lbstech, If you need it re-opened, please send me a private message (pm) and provide a link to the thread. Applies only to the original poster, anyone else with similar problems please start a new topic.