Has anyone heard of "voblaizdupla"? Malware?

Discussion in 'Windows Desktop Systems' started by DSLavictoire, Mar 22, 2006.

  1. DSLavictoire

    DSLavictoire OSNN Non Member?

    Messages:
    3
    Location:
    Canada
    Does anyone know anything about something called volbaizdupla? It popped up in system32 folder and tried to access the internet when I logged on to a network. File name voblaizdupla.exe. Search engines give out absolutely nothing, Symantec says its not a virus and Spybot, along with a battery of other small anti-spyware and etc, doesnt recognize it.

    Doesnt seem super dangerous, I got it quarantined.. I find it interesting that no one nowhere has anything posted on it.
     
  2. Mainframeguy

    Mainframeguy Debiant by way of Ubuntu Folding Team

    Messages:
    3,763
    Location:
    London, UK
    Re: voblaizdupla

    ah, but that no longer holds true now, does it? :p
     
  3. Electronic Punk

    Electronic Punk Administrator Staff Member Political User Folding Team

    Messages:
    18,590
    Location:
    Copenhagen, Denmark
    Re: voblaizdupla

    Is that the correct spelling?
    Maybe get us some screenshots or run this Hjiackthis and post the log:
    http://www.spywareinfo.com/~merijn/

    There was nothing on Google.
     
    DSLavictoire likes this.
  4. DSLavictoire

    DSLavictoire OSNN Non Member?

    Messages:
    3
    Location:
    Canada
    Re: voblaizdupla

    spelling is good on the filename :lick:

    heres more info on what it did:

    It tried to access the internet twice, once to no specified destination and then again at the very same time to destination IP 81.177.3.175:80 (says ZoneAlarm)

    Nothing in the file properties seems relevant other than its 6.92 KB, The date only indicates when I unquarantined it (I should have noted it before - and 6.92 KB seems pretty small to me).

    I would have to run let the program run again in order for hijackthis to tell me anything and I would rather wait for a miracle answer. :) If it gets to that though, Ill do it. I am tempted to submit it to symantec or other corps.
     
  5. falconguard

    falconguard Carbon based lifeform Political User Folding Team

    Messages:
    3,406
    Location:
    SoCal
    DSLavictoire likes this.
  6. DSLavictoire

    DSLavictoire OSNN Non Member?

    Messages:
    3
    Location:
    Canada
    Re: voblaizdupla

    Its starting to pop up over other forums too now, seems like its a trojan and definitions are coming out for it, already have on some anti-viruses and anti-whatevers. Not too efficient a trojan though since you only have to stop and delete it... Thanks all! The ppl at ripe.net are, um, am I allowed to swear?
     
  7. Mainframeguy

    Mainframeguy Debiant by way of Ubuntu Folding Team

    Messages:
    3,763
    Location:
    London, UK
    Re: voblaizdupla

    yes and no.....

    I shall demonstrate:- "The man that should not have been there felt like a spare prick at the wedding" - "I turned the air blue after I dropped the ****ing brick on my bloody toe"

    See? ;)
     
    Last edited: Mar 23, 2006
  8. falconguard

    falconguard Carbon based lifeform Political User Folding Team

    Messages:
    3,406
    Location:
    SoCal
    another lesson in the "Using English in a colorful, and alliterative way."

    Thank you MFG :D
    DLavictoire-thanks for the heads up