« previous next »
Pages: [1]   Go Down

Author Topic: win32.vb.mit [drp] - cve number?  (Read 4441 times)

0 Members and 1 Guest are viewing this topic.

Robw

  • Guest
win32.vb.mit [drp] - cve number?
« on: October 04, 2010, 07:53:52 PM »
Hello,

I'm trying to help a friend with a virus discovered by Avast.
He had an old computer with no AV on it.  He inserted a USB drive and returned to  his newer computer where Avast reported the usb drive infected with "win32:vb-mit [drp]".

We installed Avast on the old one and cleaned the infection.  I'm trying to learn some things about win32:vb-mit [drp] but cant find anything in the knowledgebase. Googling variations of win32:vb-mit has not been much help. 

Can someone point me to an Avast resource where I might I go backward to a CVE number and find info about this virus?

Thanks -

Rob
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89670
  • No support PMs thanks
Re: win32.vb.mit [drp] - cve number?
« Reply #1 on: October 04, 2010, 08:23:10 PM »
It is difficult to get information based on only a malware name as there is no convention or standard malware naming policy. In this case the [drp] is another indication of what it (a dropper) is designed to download/drop files on to the system to further infect it.

This is normally achieved by an autorun.inf file on the USB that tries to run files on the USB, dropping them onto the main system, this malware would be set to run and possibly download more malware. This is a generalisation of what it may be attempting to do.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD - 27" external monitor 1440p 2560x1440 resolution - avast! free  24.9.6130 (build 24.9.9452.762) UI 1.0.818/ Firefox, uBlock Origin Lite, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37698
Re: win32.vb.mit [drp] - cve number?
« Reply #2 on: October 04, 2010, 08:31:06 PM »
Logged

Robw

  • Guest
Re: win32.vb.mit [drp] - cve number?
« Reply #3 on: October 04, 2010, 08:52:24 PM »
Thanks David and Pondus!

I searched virustotal and got no results - Can I ask, what query did you use there?

Rob
Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37698
Re: win32.vb.mit [drp] - cve number?
« Reply #4 on: October 04, 2010, 09:05:39 PM »
Search Google " win32:vb-mit " hit #3 from top Clean MX

Scroll all the way down, and then scroll sideways  to the right to " avast! " and see detection #4 Win32:VB-MIT
Then scroll all the way to the left and find the MD5: 664fd7eff59be612d9799bc013c63156
Then copy the md5 go to VirusTotal, click searc and put in the md5 and you have the detection....if the bug have been uploaded to VT
then copy the microsoft detection name ( without the version ending ) and search it at the microsoft website

You should then have the info on a similar bug(s), but without the md5 from your detection....not 100%
« Last Edit: October 04, 2010, 09:20:47 PM by Pondus »
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89670
  • No support PMs thanks
Re: win32.vb.mit [drp] - cve number?
« Reply #5 on: October 04, 2010, 09:59:11 PM »
Quote from: Robw on October 04, 2010, 08:52:24 PM
Thanks David and Pondus!
<snip>

No problem, welcome to the forums.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD - 27" external monitor 1440p 2560x1440 resolution - avast! free  24.9.6130 (build 24.9.9452.762) UI 1.0.818/ Firefox, uBlock Origin Lite, uMatrix/ MailWasher Pro/ Avast! Mobile Security
Pages: [1]   Go Up
« previous next »