Win32.BHO.df

[pawan_musale]

Hello...
My laptop is infected with Win32.BHO.df. After running spybot, it detected Win32.BHO.df and Virtumonde. It was not able to remove these malwares. Then I used Vundofix. After that spybot now detectes only Win32.BHO.df but not Virtumonde. Win32.BHO.df is not able to be deleted. Please help.

OS- XP Sp2

[pawan_musale]

Here is the log generated after running Spybot S&D

Win32.BHO.df: [SBI $BCBE3835] Autorun settings (Registry value, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs=...C:\WINDOWS\system32\__c00?????.dat...
DoubleClick: Tracking cookie (Internet Explorer: E287119) (Cookie, fixed)
BlueStreak: Tracking cookie (Internet Explorer: E287119) (Cookie, fixed)
Zedo: Tracking cookie (Internet Explorer: E287119) (Cookie, fixed)
FastClick: Tracking cookie (Internet Explorer: E287119) (Cookie, fixed)
MediaPlex: Tracking cookie (Internet Explorer: E287119) (Cookie, fixed)
Common Dialogs: History (25 files) (Registry key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Log: Activity: SchedLgU.Txt (Backup file, nothing done)
C:\WINDOWS\SchedLgU.Txt
Log: Activity: ntbtlog.txt (Backup file, nothing done)
C:\WINDOWS\ntbtlog.txt
Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log
Log: Shutdown: System32\wbem\logs\wbemess.lo_ (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.lo_
Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log
Log: Shutdown: System32\wbem\logs\wbemprox.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemprox.log
Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log
Cookie: Cookie (132) (Cookie, nothing done)
Cache: Cache (284) (Cache, nothing done)
History: History (199) (History, nothing done)
--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---
2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2007-10-07 SDShred.exe (1.0.1.2)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2008-02-16 unins000.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2008-02-20 Includes\Beta.sbi (*)
2007-11-06 Includes\Beta.uti (*)
2008-03-05 Includes\Cookies.sbi (*)
2007-12-26 Includes\Dialer.sbi (*)
2008-03-05 Includes\DialerC.sbi (*)
2008-03-05 Includes\HeavyDuty.sbi (*)
2008-03-05 Includes\Hijackers.sbi (*)
2008-03-05 Includes\HijackersC.sbi (*)
2008-02-27 Includes\Keyloggers.sbi (*)
2008-03-05 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-02-27 Includes\Malware.sbi (*)
2008-03-05 Includes\MalwareC.sbi (*)
2008-02-20 Includes\PUPS.sbi (*)
2008-03-05 Includes\PUPSC.sbi (*)
2008-03-05 Includes\Revision.sbi (*)
2008-01-09 Includes\Security.sbi (*)
2008-03-05 Includes\SecurityC.sbi (*)
2008-02-20 Includes\Spybots.sbi (*)
2008-03-05 Includes\SpybotsC.sbi (*)
2007-11-06 Includes\Tracks.uti
2008-02-27 Includes\Trojans.sbi (*)
2008-03-05 Includes\TrojansC.sbi (*)
2008-12-24 Plugins\TCPIPAddress.dll

[tashi]

Hello.

Please see the stickied procedure for this forum: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)

Then start a new topic and I will close this one as helpers look for zero response.

Cheers.