New Trojan? SOLVED!

ZoneAlarm found win32.trojan.dialer.hz on my computer.

It has been quarantined...yet, I cannot find much info on it.

I have Norton's, ZA, Adaware, Spybot and Windows Defender. Only ZA found it.

Anyone with any info???

EDIT:

It turns out it is a ZA error.
ZA is detecting an entry from Spybot, which is placed into the restricted zone of IE.

ZA will fix it with the next update.

Bob

Re: New Trojan?

http://www.us.sophos.com/virusinfo/analyses/dialchiviob.html

also google on it, many hits

Re: New Trojan?



It thought this thread was gonna be about an amazing new lubricant! :lolsign:

Re: New Trojan?

PoliceScannerMan said:

It thought this thread was gonna be about an amazing new lubricant! :lolsign:

Click to expand...

LOL!!!!

I downloaded Spysweeper, and used the Pestpatrol online scanner...and they did not detect the bug.

I think ZA might have isolated it? It is in quarantine...should I try to delete it?

Boy, I hope I don't have to manually delete this thing.

Bob

Re: New Trojan?

http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453096242

Sounds like the same ole story just possibly a different author. Quite a few of these little critters get thrown in if you incorrectly type in a website address, next thing you know your bombarded with popups and your PC is grinding away... busy installing spyware,adware, and malware. Also on that note, some browsers are more prevalent than others (at least for now).

www.mozilla.org (firefox) is a good alternative to some.

Be careful though, some of those things really dig deep. Even with automated scanners they can still lag a PC down.

Sincerely,

Shaman

Re: New Trojan?

You ain't seen nuttin yet (With a tip of the hat to the grammar thread here.)
Rootkits promise to be the next big thing

Re: New Trojan?

Holy crap.

I am very careful, and keep things up to date. I also use the latest Firefox--very nice. I don't download anything, and have my security so tight, some pages won't even load.

BUT, my nephew was using my computer last night while I was at work...he is 17...
Hmmm...looks like it came from a porn site.

Odd that Pestpatrol has the definition, but didn't find the file.
Would that be because ZA has it quarantined?

Bob

Re: New Trojan?

LOL hahaha viewing porn site naturally gets you virus as everyone understands

some trojans can never be delete away from your computer as they will store themself so deep that even those program can't do anything to them. beware!

i recommend using spybot-search & destroy and ad-aware

Great! Glad to hear it was isolated. Firefox is good, but as soon as it grows it will be targeted as the other more prevalent ones are (that is unless they stricten their code).


Also regarding your question, it is quite possible that the way the spyware/trojan was created/code was just different enough that the virus signatures did not match. And of course since it did not match, nothing was done to stop it. This brings up a good example of why computer users should use 2 different virus/adware scanners to make sure that there is some overlap. There are a few scanners that try to be proactive in that they don't just scan the file but check other things that the file may be doing, thus being not tied down to just signatures. As good as signatures were a decade ago now they are easily circumvented. (Example: 2+2=4 may be a good signature but 3+1=4 would not match it, granted this is a VERY simple example to a complex real world scenario)
Sincerely,

Shaman

Thanks for the heads up. It remined me to update Ad-Aware and Spybot. It caught 2 data miners. :thanks: