PDA

View Full Version : Virtumonde



behind_blue_eyes
2008-12-24, 20:05
OK, we have run S&D several times to come up with the same results. We clean as instructed and to no avail it still generates the same several versions of virtumonde. We need some help as we have followed S&D instructions to the "T"

Virtumonde: [ SBI $2F10E03B]
Virtumonde.generic: [SBI $8F2A4A7E]
Virtumonde.generic: [SBI $1BB1339D]
Virtumonde.generic: [SBI $6C003E72] after last scan, not showing up
Virtumonde: [SBI $779C9C0D]
Virtumonde: [SBI $FD08B4B7]
Virtumonde: [SBI $2A2DCEAC]
Virtumonde.dll: [SBI $AAFAEA2E] after last scan, not showing up
Virtumonde.sci: [SBI $D87CA6BD]

Smitfraud-C: [SBI $99619F8C] has been removed as of now after the last scan.

The last scan told us that it fixed file on all of these but after a rescan we received the same ones again except for the notes attached to the files above. To be honest I think we have scanned it several times today with S&D as well as Ad-Aware. We are also disconnected from Our network on the pc in question. So sending a file from the pc in question would be difficult for this reason. All the other pc's tied to the network as well as my laptop I am working from have all been scanned and are clean.

Shaba
2008-12-26, 13:35
Hello behind_blue_eyes

Please see this (http://forums.spybot.info/showthread.php?t=288) next

Please follow the instructions in the above thread and then start a fresh topic with the logs required.

Regards.