im looking forward to fix these computers once comprimised ..or not..but then again i usually like hackers n virus makers since they create work for us even thought removing viruses and exploits aint that much my favorite but moneys is moneys

Anyways time to update your flash ppls!

It's actually notably worse than a number of places will credit.

I've had a number of machines recently succumb to this particular exploit. Between Java, Flash, and Adobe Reader.

Any one of the 3 above are a potential infection vector right now, and one of the more popular bugs caught in this fashion is good 'ol Virtumonde. Occasionally you'll catch a search redirect or popup app on top of it.

Malware is easy enough to clean, but virtumonde annoys the !#$% out of me. Academically, it's a tenacious bug, but it's a tough one to protect against and reinfection is all but guaranteed. I've had strains of this bug go so far as to pose as a legitimate cached windows update, being almost indetectable until you reboot and find yourself reinfected. On top of that, if you get one of the particularly nasty ones, it will also disables any and all antivirus software, as well as updates, and even the domains associated with useful removal tools.

FYI, I believe there was a remote infection exploit involving this as well, allowing a 3rd party to infect ads and the like.

Could not agree more.  Virtumonde is the second most irritating virus I've ever encountered, and it seems to be all over people's computers.

The only virus more agitating (to me at least) really doesn't have a name.  The only file that it always has, though, is ... udxfytw.sys.  Now, to be fair, I believe the thing I encountered was actually a variant of the "normal" one, since absolutely none of the removal software could get rid of it.  I think only one thing could remove it temporarily (which means it wasn't fully removed).

My own methods were better (I think the computer lasted a full week before it came back), but in the end the only way to get rid of it (this is after checking the boot sector, looking for rootkits, restoring all system files from a backup, etc) was to do a format.

Very sad, since, for the most part, I'm able to remove viruses without having to resort to that method (although sometimes the damage done is too great and the system ends up needing a format anyway).

I know all about virtumonde since i can't even count all the computers i've disinfected from that shit. However its not that hard to kill really, use the tools combofix, then scan with malwarebytes anti malware and after that use trend micros hijackthis! and delete any registry key refering to (no file) and delete keys pointing onto winlogon process.

Of course you use the tools on your own risk

so far most virtumonde infected computer has been infected due to lack off updating java so if you have java installed (which most do) keep it updated!