Virtumonde detected (again) with Spybot
Virtumonde.sdn: [SBI $70056CE6] Data (File, nothing done)
C:\WINDOWS\system32\dufebubo
Properties.size=6456
...
Type: Posts; User: jeffmeunier; Keyword(s):
virtumonde detection with S&D
Virtumonde detected (again) with Spybot
Virtumonde.sdn: [SBI $70056CE6] Data (File, nothing done)
C:\WINDOWS\system32\dufebubo
Properties.size=6456
...
ok ready for any final instructions
ok, ready for any final instructions you may have.
Looks good. How bad were the infections I had?
No further messages of concern from various scanners I'm running. Thanks!
How nasty were the infections you did find? Should I be strongly considering a full hard drive wipe for security purposes,...
--------------------------------------------------...
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, March 17, 2009
Operating System: Microsoft Windows XP Professional...
update w/ combofix and HJT logs
ComboFix 09-03-14.02 - Jeff 2009-03-15 16:27:04.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2148 [GMT -5:00]
Running from: c:\documents and...
Virtumonde (Spybot), SHEUR2.SLJ (AVG), Dropper (XsoftspySE)
I had some browser hijacks start over the weekend, so I updated several packages but they all tell me different things.
Trend PCcillin (current version/update): could not locate anything
...
One more AVG find
forgot one,
AVG also found some instances of Trojan Horse Generic12.BZNG (and some other variants). Also appears to be cleaned.
Virtumonde (Spybot), SHEUR2.SLJ (AVG), Dropper (XsoftspySE)
I had some browser hijacks start over the weekend, so I updated several packages but they all tell me different things.
Trend PCcillin (current version/update): could not locate anything
...