Worm.VBS.Dunihi.W

Viruses and worms
21

Thats a bad list of things what this worm is doing. >:(

22

Hi Steven Winderlich,

In a sense this worm is infecting files and also in the registry with a random name to start up every time Windows starts.
In a sense it is nasty spyware and therefore detected by Emisoft’s.

pol

23

I know what RAT is. Scares the * out of me. Jeez. I’ve cleaned my Host Machine up. THanks Magna86 for those instructions.

Polonus, you said it opens a backdoor correct? Even if the file and the reg keys are gone, is it still there?

24

@Polonus: Its not Emsisoft which is detecting this. Its Bitdefender.
Almost every AV in that list is using a engine from Bitdefender (Emsisoft, GDtata,F-Secure)

25

Hi Steven Winderlich,

Thanks for that precision. Bitdefender has a wide detection array and sometimes still flags when malcode has already been closed or is dead.
In this case Bitdefender’s detection ha helped us to detect a blind spot with other av. My experience is that DrWeb and avast are also complementary. That is why I also check with Dr. Webs URL scanner. What avast! detects DrWeb may be missing, what avast! misses DrWeb may flag. For the reason you mentioned I still have Bitdefender’s TrafficLight extension both in firefox and Google Chrome browser for the search engine results etc… Comes with an Internet Tracker for web analytics and social network plug-ins blocking and flash off by default) and ads blocking now.

polonus

26

The VBS-Script is now detected as VBS:Malware-Gen. ;D

27

Malwarebytes still won’t detect it. Has someone reported it to them?

28

You can report it in their forums: https://forums.malwarebytes.org/index.php?s=66a1706d6127bc63b0a32c2ac10b7c4a&showforum=51

29

It is now … reported

30

Didn’t have that. Thanks Steven

31

That link is dead.

Found, Mod answered to “Will look at it shortly”

Topic Locked.

32

That link works for me here. Weird. ???

33

I’m having issues talking to any MBAM site… Must just be me

34

Thats weird.

35

Whilst the link didn’t appear dead, it is taking an eternity to load with the waiting for malwarebytes… etc. displayed at the bottom of the screen.

EDIT: Just been back and it has loaded, there must be some issues with the site.

36

I had some 403 error saying the site was having Capacity Issues or down for Maintence. Are they under attack or something? I’ve never had an issue on MBAM’s website.

37

They could be attacked or maybe they are doing some maintenance, maybe they need to shutdown the server or parts from them
so they have less capacity then usual.

It takes forever here to load too.
Maybe they are being attacked at the moment, or the hoster is being attacked.

http://www.downforeveryoneorjustme.com/forums.malwarebytes.org

Now i cannot even reach the website, it ends up with an error.

38

Given what they do, I’d guess it’s an attack. Dang it

Steven, if you’re on the MBAM forums, what class (If any at all) are you in?

39

Im not on the Malwarebytes forums, sorry. :slight_smile:

I had seen a livestream some months ago from a youtuber called Markiplier.
And 30 minutes after beginning the livestream someone found out his IP and DDossed his home router.

And what has he done? He got his laptop and his equipment and got over to his brothers house and continued there. :smiley:

40

Lol. Way to get the guy back. Basically saying try me.