Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Trojan.VB.VZO

23 Jul 2009   #1
DJG

 
Trojan.VB.VZO

Anybody know anything about Trojan.VB.VZO? Couldn't get anything useful from Bing or Google other than a couple of "i seen it"s. It's suddenly now being flagged in an installation Zip archive for Next Up!'s Natural Voices' Audrey (yes, my car's MP3 player is a gorgeous British Lass, so sue me!). Thing is, Ive installed this from Winzip several times over many years. Only now I got a hit on a scan.

What is the potential damage? I guess I'm about to reload everything over again (except this!) .


My System SpecsSystem Spec
.

23 Jul 2009   #2
Antman

 

On the case with no solution yet. But I did find this one and thought it was "cute".

Trojan.VB.Zu blocks access to pornographic web pages based on the sites keywords. Upon visiting one of these sites, Internet Explorer is minimized and a message from the Koran is displayed.
My System SpecsSystem Spec
23 Jul 2009   #3
Antman

 

And, duh. If your scanner got a hit, your AV provider has a definition at their site.
My System SpecsSystem Spec
.


23 Jul 2009   #4
mickey megabyte

ultimate 64 sp1
 
 

hopefully a false positive as it comes from a commercial software company?

have you tried submitting zip file to any online scanners?

(sorry if i'm stating the obvious...)
My System SpecsSystem Spec
23 Jul 2009   #5
DJG

 

Quote   Quote: Originally Posted by Antman View Post
And, duh. If your scanner got a hit, your AV provider has a definition at their site.
And zero info other than "it's a trojan!" Gee, thanks! I did Bing & Google - got a hit for Trojan condoms!

Oh no! My porno life is ruined! OK, let me test that one out, see if it's a pseudonym.

Typically, while I understand the backdoor paradigm, how do they normally get activated and used? Is it mostly annoyanceware? I haven't had any unusual behavior, other than some BSODs attributable to shifting OC parameters in the hardware.

The firewall hasn't reported anything like "Trojan.VB.VZO is asking to trash your C: drive [DENY] [ALLOW]".

I always set my FW to no auto rules and no auto training. I get prompted 1st time for everything and it creates the rule based on my response.

I started to upload but it's a 654MB Zip archive, and I have 800Kbs upstream - would take forever ... I'm waiting to get a little more info if possible.
My System SpecsSystem Spec
23 Jul 2009   #6
Antman

 

Quote   Quote: Originally Posted by DJG View Post
I did Bing & Google...
I would not do that without a Trojan.

Quote   Quote: Originally Posted by DJG View Post
But I DO have one! HE-LLOOO! Read the title!
You are free to Bing & Google your brains out.
My System SpecsSystem Spec
23 Jul 2009   #7
DJG

 

But I DO have one! HE-LLOOO! Read the title!
My System SpecsSystem Spec
23 Jul 2009   #8
DJG

 

OK, I just rebooted from my 7232 install, which hasn't been up in a few days. Also I have an earlier beta of OSS. I immediately scanned the file and - no hit. So it's either new heuristics in the released version, or new def. I run the update cycle & re-scan- Bingo! Trojan hit.

I'm scratching my head. If it's a new ware, what's it doing in an old file? Maybe injected recently? It's a huge zip file, so probably tempting place to hide crappola in. I suppose they can do it without altering size & dates. The file is originally from 2005. I extracted from an image backup from 6/22 and it's there too.

Or maybe it's a false positive? I have installed this thing many times, several in the past three months . If it is indeed infected, wonder what it's doing? I hope they get really bored, fall asleep on the keyboard, hit the DEL key and delete their main data bank ...

OMG! Antman used a wormhole post!
My System SpecsSystem Spec
23 Jul 2009   #9
Antman

 

Quote   Quote: Originally Posted by DJG View Post
...OMG! Antman used a wormhole post!
I can find ref's to Trojan.Downloader.VB.VZO, circa 2005-2006. No good def's though.

At a minimum, write protect your compressed files. I find it odd that someting would inject a payload into a single archive. Transient malware. Hit one file and leave before detection, with the payload undetected? That is one clever worm.

Speaking of clever worms, I have a court date at 10 a.m.
My System SpecsSystem Spec
24 Jul 2009   #10
DJG

 

Well, I'm on a new fairly bare clean install. I think it may be a false positive. When I have time I'll ship it upstream to Agnitum and let them check it out. Now I'm re-installing and putting things back in order, again, minus the one. Sigh ...

OTOH, that install was an upgrade, so I don't feel as bad .

Thanks for the scouting. Have a fine day in court ...
My System SpecsSystem Spec
Reply

 Trojan.VB.VZO




Thread Tools





Similar help and support threads
Thread Forum
Trojan called 'Trojan.Generic.2582177' on my system
Hi, I have Window7 Ultimate 64 bit on my system. I use Bitfender as my antivirus software. This morning it informed me that it has found a file infected with a virus called 'Trojan.Generic.2582177' which it cannot clean. I've contacted Bitfender to see if they know what I should do but haven't...
System Security
Need some help got a trojan
Hello, First off sorry if this is in wrong area. My parents have got a trojan ( Smart internet protection) even tho they was protected using Mcafee internet security. Anyways, when i tried to open mcafee to run a system scan it would not let me. I don't know any thing about what to do, i have...
System Security
Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro
A little help,please.Got this trojan earlier.It disabled MSE,MBAM,Internet,CCleaner,and pretty much anything .exe.Claimed everything was infected...so says whatever fake AV program that came with it.(I wish I could figure out how to use the indention tool here)I had to restart,open task manager...
System Security
Trojan, Please HELP!!!
Well, I’m a little embarrassed to say, I’ve been hit with a rather nasty Trojan. McAfee detected it right away, and I told it to quarantine the junk, and I assumed it had… until IE kept opening with random junk pages I didn’t prompt it to open. :mad: I therefore, did not write down the name of...
System Security
Trojan
Hi, This other day I downloaded a file that raped my system, causing me to lose access to any .exe file aswell as the task manager. My internet was also terminated. How do I remove this menace? I scanned with AVG Free and Superantispyware but to no avail. I have DDS and HiJackThis, but...
System Security
New trojan
Hi, there's this new trojan which I found on a website. Its filename is Bookmark.exe. Strange is that only 22/40 anti malware engines were able to detect it. Currently, I was trying Norton 360 beta 4 which has failed to detect it. :shock: So far, this trojan has changed my IE8 homepage. Not...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 19:14.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App