Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: New trojan

09 Nov 2009   #1
Dinesh

Windows® 8 Pro (64-bit)
 
 
New trojan

Hi, there's this new trojan which I found on a website.
Its filename is Bookmark.exe.
Strange is that only 22/40 anti malware engines were able to detect it.
Currently, I was trying Norton 360 beta 4 which has failed to detect it.
So far, this trojan has changed my IE8 homepage. Not sure what else it will do.

Here's the Virustotal link about the file analysis :
Virustotal. MD5: edc631287a36a3b91990ec4f90fd7dc2 Trojan.Pasta.dyq Generic.Malware.sp!.20613D67 Generic.Malware.sp!.20613D67


Edit: I ran a quick scan from Vipre AV and it has detected everything of this trojan.
Also, this trojan tried to execute itself and Vipre deteted it.
New trojan-capture.png




My System SpecsSystem Spec
.
09 Nov 2009   #2
Creer

Windows 7 Home Premium x32 SP1
 
 

Quote   Quote: Originally Posted by Dinesh View Post
Hi, there's this new trojan which I found on a website.
Its filename is Bookmark.exe.
Strange is that only 22/40 anti malware engines were able to detect it.
Currently, I was trying Norton 360 beta 4 which has failed to detect it.
So far, this trojan has changed my IE8 homepage. Not sure what else it will do.

Here's the Virustotal link about the file analysis :
Virustotal. MD5: edc631287a36a3b91990ec4f90fd7dc2 Trojan.Pasta.dyq Generic.Malware.sp!.20613D67 Generic.Malware.sp!.20613D67


Edit: I ran a quick scan from Vipre AV and it has detected everything of this trojan.
Also, this trojan tried to execute itself and Vipre deteted it.
Attachment 35882
Yes you see now why AV never reach 100% in detection of new malware - this is also what I was talking about in this post: https://www.sevenforums.com/366139-post8.html

BTW. score 22/40 isn't so bad, what if you catch virus which was created few hours/weeks ago with AV detection rate equal... 0/40 or 4/39... like in this example: Virustotal. MD5: 5a34fd85bdac65d50a56a2c69228a726 Packed.Generic.187 VirTool:Win32/Obfuscator.EF High Risk Fraudulent Security Program

Your protection should start from first very important layer:
1. Prevention
then... detection and then cure.
My System SpecsSystem Spec
09 Nov 2009   #3
Dinesh

Windows® 8 Pro (64-bit)
 
 

Quote   Quote: Originally Posted by Creer View Post
Quote   Quote: Originally Posted by Dinesh View Post
Hi, there's this new trojan which I found on a website.
Its filename is Bookmark.exe.
Strange is that only 22/40 anti malware engines were able to detect it.
Currently, I was trying Norton 360 beta 4 which has failed to detect it.
So far, this trojan has changed my IE8 homepage. Not sure what else it will do.

Here's the Virustotal link about the file analysis :
Virustotal. MD5: edc631287a36a3b91990ec4f90fd7dc2 Trojan.Pasta.dyq Generic.Malware.sp!.20613D67 Generic.Malware.sp!.20613D67


Edit: I ran a quick scan from Vipre AV and it has detected everything of this trojan.
Also, this trojan tried to execute itself and Vipre deteted it.
Attachment 35882
Yes you see now why AV never reach 100% in detection of new malware - this is also what I was talking about in this post: https://www.sevenforums.com/366139-post8.html

BTW. score 22/40 isn't so bad, what if you catch virus which was created few hours/weeks ago with AV detection rate equal... 0/40 or 4/39... like in this example: Virustotal. MD5: 5a34fd85bdac65d50a56a2c69228a726 Packed.Generic.187 VirTool:Win32/Obfuscator.EF High Risk Fraudulent Security Program

Your protection should start from first very important layer:
1. Prevention
then... detection and then cure.
very well stated.
My System SpecsSystem Spec
.

09 Nov 2009   #4
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 

Quote   Quote: Originally Posted by Dinesh View Post
Hi, there's this new trojan which I found on a website.
Its filename is Bookmark.exe.
Strange is that only 22/40 anti malware engines were able to detect it.
Currently, I was trying Norton 360 beta 4 which has failed to detect it.
So far, this trojan has changed my IE8 homepage. Not sure what else it will do.

Here's the Virustotal link about the file analysis :
Virustotal. MD5: edc631287a36a3b91990ec4f90fd7dc2 Trojan.Pasta.dyq Generic.Malware.sp!.20613D67 Generic.Malware.sp!.20613D67


Edit: I ran a quick scan from Vipre AV and it has detected everything of this trojan.
Also, this trojan tried to execute itself and Vipre deteted it.
Attachment 35882
Hi there
How about publishing the website so this can either be Blacklisted or checked with other programs (or both) or even better to see if one's own computer is resistant against the infection.

Publishing that trojan xxxx can or cannot be detected isn't of any use to man or beast unless you can give some indications as to where and how the infection arose.

Some of the analyses on the Security forum are just like asking the question "How long is a piece of String".

Cheers
jimbo
My System SpecsSystem Spec
09 Nov 2009   #5
RichFrogg

Windows 7 Ultimate 64 Bit
 
 

Dinesh,

Have you tried detecting it with MSE?
My System SpecsSystem Spec
09 Nov 2009   #6
Barman58

Windows 10 Pro x64 x2 Windows 10 Enterprise x64, Ubuntu
 
 

Jimbo, Dinesh,

I would prefer if this was not posted in the open - no problem to send it via a PM but things in the open could cause problems to less experienced users
My System SpecsSystem Spec
10 Nov 2009   #7
Dinesh

Windows® 8 Pro (64-bit)
 
 

Quote   Quote: Originally Posted by Barman58 View Post
Jimbo, Dinesh,

I would prefer if this was not posted in the open - no problem to send it via a PM but things in the open could cause problems to less experienced users
I agree hence i didnt post the link in the forum.

@richfrogg:
I have tried scanning it with MSE and it didnt detect it.
My System SpecsSystem Spec
10 Nov 2009   #8
Crispy

Windows 7 Ultimate x64 Service Pack 1 (Build 6.1.7601)
 
 

No Anti-Virus software out there is 100% full proof no matter what they say, its just to with sales.
Its just a endless cycle that will never end.
My System SpecsSystem Spec
10 Nov 2009   #9
z3r010

 

Quote   Quote: Originally Posted by Barman58 View Post
Jimbo, Dinesh,

I would prefer if this was not posted in the open - no problem to send it via a PM but things in the open could cause problems to less experienced users

Just to make this completely clear - ANYBODY that posts a link to any form of Virus/malware will get an instant life ban on all our sites.

Where viruses etc are concerned we have a zero tolerance policy.
My System SpecsSystem Spec
10 Nov 2009   #10
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

This has now been re-named to Trojan.StartPage.SSSPP ... This is a 'start page' hijacking.

URL's are changed all the time so this infection could be just about anywhere the site owner doesn't keep up with good surveillance and security.
My System SpecsSystem Spec
Reply

 New trojan




Thread Tools




Similar help and support threads
Thread Forum
Trojan called 'Trojan.Generic.2582177' on my system
Hi, I have Window7 Ultimate 64 bit on my system. I use Bitfender as my antivirus software. This morning it informed me that it has found a file infected with a virus called 'Trojan.Generic.2582177' which it cannot clean. I've contacted Bitfender to see if they know what I should do but haven't...
System Security
Need some help got a trojan
Hello, First off sorry if this is in wrong area. My parents have got a trojan ( Smart internet protection) even tho they was protected using Mcafee internet security. Anyways, when i tried to open mcafee to run a system scan it would not let me. I don't know any thing about what to do, i have...
System Security
Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro
A little help,please.Got this trojan earlier.It disabled MSE,MBAM,Internet,CCleaner,and pretty much anything .exe.Claimed everything was infected...so says whatever fake AV program that came with it.(I wish I could figure out how to use the indention tool here)I had to restart,open task manager...
System Security
Trojan, Please HELP!!!
Well, I’m a little embarrassed to say, I’ve been hit with a rather nasty Trojan. McAfee detected it right away, and I told it to quarantine the junk, and I assumed it had… until IE kept opening with random junk pages I didn’t prompt it to open. :mad: I therefore, did not write down the name of...
System Security
Trojan
Hi, This other day I downloaded a file that raped my system, causing me to lose access to any .exe file aswell as the task manager. My internet was also terminated. How do I remove this menace? I scanned with AVG Free and Superantispyware but to no avail. I have DDS and HiJackThis, but...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 12:44.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App