TheKid
2008-07-06, 09:00
Iv been using Spybot-S&D and have deleted Virtumonde and virtumonde.dll about 12 times now and still it comes back. Thies are what it found on my last scan. Thank you for your time.
Virtumonde: [SBI $42352499] User settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-823518204-1220945662-725345543-1003\Software\Microsoft\rdfa
Virtumonde: [SBI $47E741CD] Settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws
Virtumonde.dll: [SBI $4DB0E149] Library (File, nothing done)
C:\WINDOWS\system32\yayywvss.dll
Virtumonde.dll: [SBI $5795EDCE] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40F440C3-39C5-444C-A9A4-BC840B9E3CAE}
Virtumonde.dll: [SBI $5795EDCE] Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40F440C3-39C5-444C-A9A4-BC840B9E3CAE}
Virtumonde: [SBI $42352499] User settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-823518204-1220945662-725345543-1003\Software\Microsoft\rdfa
Virtumonde: [SBI $47E741CD] Settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws
Virtumonde.dll: [SBI $4DB0E149] Library (File, nothing done)
C:\WINDOWS\system32\yayywvss.dll
Virtumonde.dll: [SBI $5795EDCE] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40F440C3-39C5-444C-A9A4-BC840B9E3CAE}
Virtumonde.dll: [SBI $5795EDCE] Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40F440C3-39C5-444C-A9A4-BC840B9E3CAE}