Downloader.VB.R...

I was browsing the web for lyrics to a song, I opened a site, and all of the sudden a download window comes up in firefox (I forget which site, I closed everything very fast.) it downloads a file default.exe to my desktop, I scanned it with AVG, nothing, so I deleted it (Stupid I know, I should have kept it for analysis.) anyways, this was all after AVG warned me of a Downloader.VB.R trojan horse, so I scanned my PC with AVG, found it, and it now resides in the virus vault, I then scanned with AntiVir PE, and eScans antivirus utility, they found nothing, I scanned with Ewido Security Suite and a2 they found nothing as well, then scanned with adaware and spybot s&d and they found nothing, I am wondering if I should asusme that my PC is clean or not? The infected file was found in Firefox's browser cache folder, but after scanning with everything I have, nothing was found, I checked auto start entries, and nothing has been added, and I checked all services (In the service control panel) and nothing, I am wondering also if it is ok to put a Hijack This log up? - But mostly I want to make sure that my PC is clean.

 

Wilders Security Forums no longer provides HijackThis log cleaning services.
https://www.wilderssecurity.com/showthread.php?p=222776#post222776

 

you should get the current ver of NOD32 anti virus, it has a HTTP scanner and Imon [internet monitor] that will warn you of these types of things by blocking the force download.

unfortunatly this is becoming more common, and somewhat of a problem as not all PC users have a good AV or the current updates.

 

An http scanner isn't really necessary. As long as your AV is capable of detecting the malware it doesn't matter if it detects it once the file has been created on the HD, or before it's downloaded, as long as it's detected.

NOD32,s IMON module can't scan within self extracting archives anyway so the http scanner is often useless, and you end up relying on the real-time monitor scanning the files as they're extracted.

 

NOD32 will not let an infected file transfer from a web site to your computer.
so you are protected before it even installs. if you relying on detection after the malicious file has installed itself on ur pc then ur taking a big chance.

 

It will if it's in a self extracting archive. You can test this yourself with the eicar test file.

What do you mean by installed? If you virus scanner scans all files that are created then you are just as protected as you would be by http scanning.

 

same thing happened to me, except that i told firefox to cancel...

wierd..maybe security through obscurity (using firefox) is finally over!

 

No, my son picked up this same virus and he uses IE.

I just found it on mine. Do I go ahead and delete the default.exe?

 

Never mind, my anti-virus cleaned it. But I keep picking it up from somewhere and I can't tell where it's coming from.

 

Like Ronjor posted, that General Cleaning Guide should set your mind at ease. You already have used some very good programs, I would suggest following through each of the steps found in the link provided by Ronjor. At the end are further links to threads discussing securing your PC and what is sensible...

Hope this helps...

Cheers

 

Where is this virus picked up, does anyone know? I know it would be hard to pinpoint exactly, but maybe there's a 'typical norm' out there as to where it comes from.