Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Trojan.Win32.Vilsel.utk

  1. #1
    Splinterd1 Guest

    Default Trojan.Win32.Vilsel.utk

    I'm running an E machines computer with XP, with zonealarm extreme security 2010 (9.1.008.000) and it's been finding this virus (Trojan.Win32.Vilsel.utk) and quarantining it. it finds it on my "D" drive where Emachines store all the files for restoring my computer to it's original state.
    When I hit the "more info" button, the search does not find any info on this virus.
    Also did a search on Symantecs website for this virus and nothing came up. Was this a false positive or is it just a newer virus.

    It has quarantined files infected with this virus twice now on 2 different scans.
    Anysuggestions would be appreciated
    (it's in D:\i386\Apps\app*****\oobeconfig.exe) The "***'s represent different 5 digit #'s
    Thanks

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,289

    Default Re: Trojan.Win32.Vilsel.utk

    To check for false positives see here:
    How to report antivirus/antispyware false positives

    Goggling that file does not give conforting news:
    http://www.prevx.com/filenames/X2472...ONFIG.EXE.html

    Cheers,
    Fax
    Last edited by fax; March 6th, 2010 at 01:40 AM.

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    Splinterd1 Guest

    Default Re: Trojan.Win32.Vilsel.utk

    I downloaded that Prevx 3.0 in the link you supplied.
    Zonealarm did an advanced scan on it and recommended that it should not be opened. Says the file is malicious.
    Do I open it or what??

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,289

    Default Re: Trojan.Win32.Vilsel.utk

    Hi!
    please do not pile up security tools, they may generate conflicts and possible problems. Remove them. Moreover Prevx does not clean most infections, you have to pay for it.

    Instead follow the cleaning procedure as suggested here below (follow all steps): Malware Clean-up Guidance

    If you can't follow the guideline then better you get dedicated malware support from experts from spywahammer or bleepingcomputer. Links to the web sites are contained in the malware clean-up guidance.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    joecheese Guest

    Default Re: Trojan.Win32.Vilsel.utk

    Dear Splinterd

    I had the same Trojan on my computer
    and on my mom's.

    It seems as though i had more infections
    than my mom did and they both were
    deleted thank God.


    Now my question is do you get this from
    an email or downloading a page? I do recall
    getting an email from my sister-in-law and i
    opened it to see what it was and it had a link
    which i did not open.

    Now i know I'm not the only one who got this
    nasty Trojan.


    Windows XP
    Firefox 3.6
    Internet Explorer 8
    Zone Alarm Internet Security Suite 9.0


    I may try to investigate this and if i come across
    anything i will post here for all to see.

  6. #6
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,465

    Smile Re: Trojan.Win32.Vilsel.utk

    Quote Originally Posted by joecheese View Post
    Dear Splinterd

    I had the same Trojan on my computer
    and on my mom's.

    It seems as though i had more infections
    than my mom did and they both were
    deleted thank God.


    Now my question is do you get this from
    an email or downloading a page? I do recall
    getting an email from my sister-in-law and i
    opened it to see what it was and it had a link
    which i did not open.

    Now i know I'm not the only one who got this
    nasty Trojan.


    Windows XP
    Firefox 3.6
    Internet Explorer 8
    Zone Alarm Internet Security Suite 9.0


    I may try to investigate this and if i come across
    anything i will post here for all to see.

    Thank you for your Feedback..

    It is hard to say,
    There are 1000's of ways that you and your Mom could have been Infected..

    Here are just a few ways..

    1.) Visiting Web-sites is always risky, even Repriable, well known sites,
    so some sites you don't even need to Click on anything or Click on pop-
    ups, simply moving the Mouse over certain areas of the page or changing from one page to another could be enough to get infected, without you knowing you were just infected...

    Zone Alarm Extreme Security 9.1 now includes "Virtualized Browsing Protection" for use with IE8 and FireFox.. Part of the ForceField feature that Allowes you to Brows the internet within a "Sandbox", that mean even if your infected, the Virus/Trojan or infection will not be able to get out of the Virtualized Sandbox, which deletes all contens of the sandbox, when the Browser is closed..

    2.) Email is another, danger, clicking on Attachments, or clicking links in the Email can infect you, especially if you have a friend, co-worker or Family member that has gotten infected, the infection will try to Look up all the contact addresses on the infected computer and mass maikl a copy of the infection to everybody in the contact list, and many people will trust Email with attachments that come from a friend or Family member..?

    3.) a good way to protect you and your Mom's Compters, is to ALWAYS
    Keep yoor Computers Fand Security Programs FULLY UPDATED..

    Windows XP Service Pack 3, plus over 60 more Updates released my Microsoft after Service Pack 3..

    Update Zone Alarn Security Suite Fully Updated, the current version is 9.1.008.000

    ZoneAlarm Security Suite version:9.1.008.000
    TrueVector version:9.1.008.000
    Driver version:9.1.008.000
    Anti-virus engine version:8.0.2.42
    Anti-virus signature DAT file version:1013348160 <== New
    AntiSpam version:6.0.0.2383
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  7. #7
    kaliesnanny Guest

    Default Re: Trojan.Win32.Vilsel.utk

    This Trojan showed up today on my weekly scan. I was able to remove it using ZA repair option of Delete file upon reboot. I rescanned my D: Drive with ZA and MBAM, file was not found. I again rebooted and rescanned D: Drive with ZA and MBAM, file not found.

    E machine T5246
    Vista Home Premium SP2
    ZASS 9.1.008.000

  8. #8
    joecheese Guest

    Default Re: Trojan.Win32.Vilsel.utk

    I know George

    However the thing was I didn't click on the
    "link" in the email i received.

    Yes I have the current version of Zone Alarm
    Internet Security Suite.

    I did however do research on the Trojan and
    there is at least 6 different versions out there
    but couldn't find anything on utk.

    My best guess is it is a fairly new copy of the
    same virus but probably likely no sites has been
    updated about it as of a day ago when i searched
    Yahoo & Google for it and also Symataec or something.

    Sounds kinda like it is trying to hit E-Machine PC'S because
    I got one too.
    Last edited by joecheese; March 7th, 2010 at 06:05 PM. Reason: left out information about my computer.

  9. #9
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,465

    Smile Re: Trojan.Win32.Vilsel.utk

    Please Contact ZA Tech Support Live Chat with Full details of your Computer Hardware and software, and discribe what you have done to Resolve the problem..

    Click Tech Support link in my signature..

    Please Post back here with your Progress Report..
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  10. #10
    docbrown Guest

    Default Re: Trojan.Win32.Vilsel.utk

    I'm no expert on this and I'm just guessing.... But given that my reported instances of this virus was in multiple files of the i386 files for an OS installation, I'm pretty confident that this is a false positive. I wouldn't delete those files unless you don't want to be able to use them to reinstall the OS install any longer.

    I just did some checking and the files in question have the following stats:
    - multiple folders of D:\My Data Disk\My Data\Support\Gateway\i386\Apps
    Names: oobeconfig.exe.*
    Created: Dec 03,2009, (when I copied them to my system)
    Modified: July 26,2004,
    Accessed: Dec 25,2009

    These just started showing up as infected and have been sitting on the system for months. So, in my non-expert opinion: False Positive.
    Last edited by docbrown; March 8th, 2010 at 02:08 PM. Reason: Add more data.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 5
    Last Post: June 28th, 2009, 11:59 AM
  2. Trojan-GameThief.Win32.OnlineGames.ywg / Worm.Win32.AutoRun.dgt
    By lateralus in forum Malware Discussion
    Replies: 4
    Last Post: October 20th, 2008, 11:03 AM
  3. trojan-downloader.win32.fraudload.vadn & trojan-downloader.win32.agent.vur
    By kspartsman in forum ZoneAlarm Anti-virus & Anti-spyware
    Replies: 1
    Last Post: July 10th, 2008, 06:21 PM
  4. Trojan keeps coming back - Trojan-PSW.Win32
    By ecotom in forum Malware Discussion
    Replies: 3
    Last Post: March 18th, 2008, 05:58 AM
  5. ZASS found trojan.win32.pakes.aws and trojan.win32.pakes.awt
    By michaeljb in forum Malware Discussion
    Replies: 1
    Last Post: November 17th, 2007, 12:28 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •