I have a virtumonde and virtumonde.dll that keeps making it's way into my system even after Spybot says it gone. After "fixing" the problem 3 times, firefox still gets stuck everytime I run a query.

Worse still an Important registry entry has been changed and there is nothing I can do about it

Category: Browser Helper Object
Change: Value deleted

Entry: {4dd6a8f1-58f6-4c11-998c-ec801603481d}

old data: none
new data: none

I have the option to "Allow Change"
Unfortunatly...
The "DENY CHANGE" button is not active

This happened the first time I ran spybot and I allowed the change as there was little else I could do.

Can anyone help me?
p.s. also help me fully remove virtumonde?

I allowed the change.:clown:

:red:Duh, it was to delete the .dll bastard!:mad:

:spider:yet after I did the thing tried to rewrite itself:nono:

eventually I got the idea and hit the check box to repeat that action:cool:

the virtumunde went so crazy trying to rewrite itself:fear: that my monitor was overwhelmed with denials... until I started running :police:Search & Destroy again this time on highest priority in settings...

when the search finished the attack started again until I OKed it be destroyed the attack stopped

for now...:fear:


Edit: http://forums.spybot.info/showthread.php?t=29180

Hello,

In order for one of our volunteer helpers to advise you, please follow the procedure in this sticky:

"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Start a new topic providing the log/s requested, I will close this one as helpers look for threads without a response.

Regards. :)