cancel
Showing results for 
Search instead for 
Did you mean: 
rdw
Level 7
Report Inappropriate Content
Message 1 of 2

Zeus bot not detected

Hello,

On our corparate network we use mcafee enterpise 8.8 with epo 4.6.1 fully updated but we discovered that  computers are infected with a zeus bot which mcafee doesn not recognize.

When people have the bot thay can't use special characters on their computer like ë even if the language settings are good.

Is their any way to get a new dat or do i have to chaneg some settings to detect this virus we now install antimallwarebytes to remove it but this is a lot of work

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.04.04.08

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

e.vreeling :: DT0196 [limited]

26-6-2012 9:49:10

mbam-log-2012-06-26 (09-49-10).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 202644

Time elapsed: 6 minute(s), 29 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 2

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Yzfiiqo (Heuristics.Shuriken) -> Data: "C:\Documents and Settings\e.vreeling\Application Data\Vubyyb\nipi.exe" -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Data: 1 -> Delete on reboot.

Registry Data Items Detected: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoPropertiesMyComputer (PUM.Disable.MCProperties) -> Bad: (1) Good: (0) -> Delete on reboot.

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Documents and Settings\e.vreeling\Application Data\Vubyyb\nipi.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.

(end)

1 Reply
exbrit
Level 21
Report Inappropriate Content
Message 2 of 2

Re: Zeus bot not detected

Moved to Corporate User Assistance for better attention.