Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > downloader.vb.5.au

Reply
Thread Tools

downloader.vb.5.au

 
 
lsj7
Guest
Posts: n/a
 
      12-26-2004
Downloade avg7 free today and it found this trojan. Nothing on Google about
Trojan downloader.VB.5.AU

There are some links in Spanish and German about Downloader.VB.5

I think the German site recommended to run HIjackthis.

I (winxp) turned off System Restore. Finished running AVG 7 Free and once
the trojan was in the quarantine vault I deleted it. AVG info on the trojan
indicated it was located in a Hijackthis directory in a backup.
Question: Is this part of HIjackthis program or no ? Was this a false
positive?

I still cannot find anything on the ".AU" at the end of the identification
of the trojan. Possible P2P from Australia? uh, fishing here...........

Any comments?

P.s I have read much about problems with the AVG7 issue with email and so
far no problems with my OE6. FYI

--

Cherish, therefore, the spirit of our people, and keep alive their
attention. .If once they become inattentive to the public affairs, you and
I, and congress and Assemblies, Judges and governors, shall all become
wolves.

_________Jefferson to Carrington 1787

lsj7



 
Reply With Quote
 
 
 
 
Boomer
Guest
Posts: n/a
 
      12-26-2004
"lsj7" <(E-Mail Removed)> wrote message
news:dduzd.4014$(E-Mail Removed):

> Downloade avg7 free today and it found this trojan. Nothing
> on Google about Trojan downloader.VB.5.AU
>
> There are some links in Spanish and German about
> Downloader.VB.5
>
> I think the German site recommended to run HIjackthis.
>
> I (winxp) turned off System Restore. Finished running AVG 7
> Free and once the trojan was in the quarantine vault I deleted
> it. AVG info on the trojan indicated it was located in a
> Hijackthis directory in a backup. Question: Is this part of
> HIjackthis program or no ? Was this a false positive?
>
> I still cannot find anything on the ".AU" at the end of the
> identification of the trojan. Possible P2P from Australia?
> uh, fishing here...........
>
> Any comments?
>
> P.s I have read much about problems with the AVG7 issue with
> email and so far no problems with my OE6. FYI


Does this help? http://filext.com/detaillist.php?extdetail=AU
 
Reply With Quote
 
 
 
 
Richard
Guest
Posts: n/a
 
      12-26-2004
Boomer wrote:

> "lsj7" <(E-Mail Removed)> wrote message
> news:dduzd.4014$(E-Mail Removed):


>> Downloade avg7 free today and it found this trojan. Nothing
>> on Google about Trojan downloader.VB.5.AU
>>
>> There are some links in Spanish and German about
>> Downloader.VB.5
>>
>> I think the German site recommended to run HIjackthis.
>>
>> I (winxp) turned off System Restore. Finished running AVG 7
>> Free and once the trojan was in the quarantine vault I deleted
>> it. AVG info on the trojan indicated it was located in a
>> Hijackthis directory in a backup. Question: Is this part of
>> HIjackthis program or no ? Was this a false positive?
>>
>> I still cannot find anything on the ".AU" at the end of the
>> identification of the trojan. Possible P2P from Australia?
>> uh, fishing here...........
>>
>> Any comments?
>>
>> P.s I have read much about problems with the AVG7 issue with
>> email and so far no problems with my OE6. FYI


> Does this help? http://filext.com/detaillist.php?extdetail=AU


Dude, file extensions don't mean a damn thing except only to those who wrote
the item.
I can literally use any file extension I want for any given item.
filename.jpg is an image right?
To me, it could be pure text.
normally, a certain extension is associated with a certain program to "open
with", but that is not always true.
If I choose a file in my folder, and click it on it, the registered
associate program opens it.
I can over ride that by using "open with" and choosing which program I want.

Autodialers often use extensions which are not commonly associated so that
no other program will open them.



 
Reply With Quote
 
Richard
Guest
Posts: n/a
 
      12-26-2004
lsj7 wrote:

> Downloade avg7 free today and it found this trojan. Nothing on Google
> about Trojan downloader.VB.5.AU


> There are some links in Spanish and German about Downloader.VB.5


> I think the German site recommended to run HIjackthis.


> I (winxp) turned off System Restore. Finished running AVG 7 Free and once
> the trojan was in the quarantine vault I deleted it. AVG info on the
> trojan indicated it was located in a Hijackthis directory in a backup.
> Question: Is this part of HIjackthis program or no ? Was this a false
> positive?


It may be that the trojan implanted itself in this directory hoping you
wouldn't notice it so easily.



 
Reply With Quote
 
Scraggy
Guest
Posts: n/a
 
      12-26-2004
Richard wrote:
> Boomer wrote:
>
>>> Any comments?
>>>
>>> P.s I have read much about problems with the AVG7 issue with
>>> email and so far no problems with my OE6. FYI

>
>> Does this help? http://filext.com/detaillist.php?extdetail=AU

>
> Dude, file extensions don't mean a damn thing except only to those
> who wrote the item.
> I can literally use any file extension I want for any given item.
> filename.jpg is an image right?
> To me, it could be pure text.
> normally, a certain extension is associated with a certain program to
> "open with", but that is not always true.
> If I choose a file in my folder, and click it on it, the registered
> associate program opens it.
> I can over ride that by using "open with" and choosing which program
> I want.
>
> Autodialers often use extensions which are not commonly associated so
> that no other program will open them.


1. That would be dude(ette)
2. Which part of '?' is giving you the most trouble?
3.Are you Bullis?




 
Reply With Quote
 
Ralph W. Phillips
Guest
Posts: n/a
 
      12-26-2004
Howdy!

"lsj7" <(E-Mail Removed)> wrote in message
news:dduzd.4014$(E-Mail Removed)...

> I (winxp) turned off System Restore. Finished running AVG 7 Free and once
> the trojan was in the quarantine vault I deleted it. AVG info on the

trojan
> indicated it was located in a Hijackthis directory in a backup.
> Question: Is this part of HIjackthis program or no ? Was this a false
> positive?


It's not - it was removed by HijackThis earlier.

Hence the fact that it was in a backup ...

Mmm ... I suggest next time before you panic, you think carefully
about where something was found. If in a quarantine or backup directory for
a clean up utility, it's normally perfectly safe there.

RwP


 
Reply With Quote
 
lsj7
Guest
Posts: n/a
 
      12-27-2004
Ralph W. Phillips wrote:
> Howdy!
>
> "lsj7" <(E-Mail Removed)> wrote in message
> news:dduzd.4014$(E-Mail Removed)...
>
>> I (winxp) turned off System Restore. Finished running AVG 7 Free
>> and once the trojan was in the quarantine vault I deleted it. AVG
>> info on the trojan indicated it was located in a Hijackthis
>> directory in a backup.
>> Question: Is this part of HIjackthis program or no ? Was this a
>> false positive?

>
> It's not - it was removed by HijackThis earlier.


Been a couple weeks since I ran HJT. I do not recall putting a check mark in
the box to remove any such trojan then or any time. I run A2, Ewido
Security, Housecall, Bazooka, SPybot S&D, Winpatrol, SPywareinfo scanner,
McAfee Stinger, AVG7.
I ran scheduled task run of AVG6 that morning and it found nothing. During
the day I uninstalled AVG6-saved it in a folder in case AVG7 was too
buggy-and downloaded AVG7 Free from Majorgeeks dot com. On first running
the trojan was found. If it had been hiding in the directory for awhile
nothing found it til the first test of AVG7. Or the trojan was downloaded
after the scheduled test at 101am of AVG6, and I don't think that happened.



>
> Hence the fact that it was in a backup ...


It should have been discovered by other means, don't you think?



>
> Mmm ... I suggest next time before you panic, you think
> carefully about where something was found.


No panic here, sir.




> If in a quarantine or
> backup directory for a clean up utility, it's normally perfectly safe
> there.
>
> RwP



Thanx.

--

Cherish, therefore, the spirit of our people, and keep alive their
attention. .If once they become inattentive to the public affairs, you
and I, and congress and Assemblies, Judges and governors, shall all
become wolves.

_________Jefferson to Carrington 1787

lsj7



 
Reply With Quote
 
lsj7
Guest
Posts: n/a
 
      12-27-2004
Richard wrote:
> lsj7 wrote:
>
>> Downloade avg7 free today and it found this trojan. Nothing on
>> Google about Trojan downloader.VB.5.AU

>
>> There are some links in Spanish and German about Downloader.VB.5

>
>> I think the German site recommended to run HIjackthis.

>
>> I (winxp) turned off System Restore. Finished running AVG 7 Free
>> and once the trojan was in the quarantine vault I deleted it. AVG
>> info on the trojan indicated it was located in a Hijackthis
>> directory in a backup. Question: Is this part of HIjackthis program
>> or no ? Was this a false positive?

>



> It may be that the trojan implanted itself in this directory hoping
> you wouldn't notice it so easily.


Possible. Lot of traffic on this computer with my teens home for the
holidays.

--

Cherish, therefore, the spirit of our people, and keep alive their
attention. .If once they become inattentive to the public affairs, you
and I, and congress and Assemblies, Judges and governors, shall all
become wolves.

_________Jefferson to Carrington 1787

lsj7



 
Reply With Quote
 
dazzy
Guest
Posts: n/a
 
      01-20-2005

H

I have also found downloader.vb.5.au when scanning with new AV viru
scan. It says that it cannot remove trojan as it is located in th
archive and cannot be healed or removed. Any suggestions please? An
is it harmful

--
dazz
-----------------------------------------------------------------------
dazzy's Profile: http://www.iamnotageek.com/member.php?userid=933
View this thread: http://www.iamnotageek.com/showthread.php?t=47300

 
Reply With Quote
 
bennie
Guest
Posts: n/a
 
      02-14-2005

Is there anyone who has more information about this threat and how t
remove it

--
benni
-----------------------------------------------------------------------
bennie's Profile: http://www.iamnotageek.com/member.php?userid=993
View this thread: http://www.iamnotageek.com/showthread.php?t=47300

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Advertisments