Ran Spybot last night and found I had Virtumonde.dll infection. Tried removing it using spybot but its still there.

Here is DDS.txt

Edit
Sorry, removed. Please don't post Malware logs in the Spybot forum, thanks :-) (http://forums.spybot.info/showthread.php?t=1266)

Hello,

That could be a false positive.
Please do another scan with Spybot S&D, once the scan is finished right click the scan results list and choose to save a full report to your desktop.
Send us that report to: detections(at)spybot.info

If you can please send us also a copy of the file that is being found on your pc.

Thanks. :)

Best regards
Sandra
Team Spybot

Hi sandra, Thanks for quick response.
Have ran Spybot as requested. Results file attached. Also copy of files found during scan.

Hi Ricardo4,



Send us that report to: detections(at)spybot.info

If you can please send us also a copy of the file that is being found on your pc.


Cheers,

After updating yesterday and running scan - reports as a "Virtumonde.dll" in C:\Windows\System 32\mfc40.dll. ( SB1$DB0322C4) Heuristic - Trojan c-05.

Spybot - offers to refix - and reboot ....but after doing that, on re-scan it show up again.

None of my other malware programs show it.

I have the exact same thing happening as the poster above me. It only appeared after I updated and scanned today. It has me quite worried but as stated by others, no other detection software detects it. Should I send in a report as well or wait for a response or update as to whether or not this is a false positive?

Has anyone been able to resolve this issue

Hello,

There is a thread in the false positives forum regarding mfc40.dll.

http://forums.spybot.info/showthread.php?t=60587

A detective will respond there when on-line. :)

Hello,

There is a thread in the false positives forum regarding mfc40.dll.

http://forums.spybot.info/showthread.php?t=60587

A detective will respond there when on-line. :)

Does that mean that S&D discoveries of VIRTUMONDE.DLL in MFC40.DLL should be ignored until the next update?

Hi there,

Does that mean that S&D discoveries of VIRTUMONDE.DLL in MFC40.DLL should be ignored until the next update?



There is a thread in the false positives forum regarding mfc40.dll.

http://forums.spybot.info/showthread.php?t=60587

A detective will respond there when on-line. :)

Hello,
I can confirm that this is a false positive that will be fixed with our next update scheduled for Wednesday

Best regards,
Markus
Team Spybot

Best regards. :)

...same issue here!Thanks for info,... I wait for the next Update!SpyBot is the best in spy detection!Tony from Romania!Best regards to all SpyBot team!
:thanks:

No issues after update!Well Done SpyBot Team!Regards!

Hi,

I've been lurking on the sidelines.
I was also having the same problem with Virtumonde.

It is gone!

Thank you!
Andrew