wmcodec_update.exe

显示全部楼层 · 发表于 2008-7-23 14:16:51

这是第三次上传....

再不行不发了...~

显示全部楼层 · 发表于 2008-7-23 14:17:55

The file 'wmcodec_update.exe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Zlob.pao.The term "TR/" denotes a trojan horse that is able to spy out data, toviolate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

[ 本帖最后由 Kitman 于 2008-7-23 15:49 编辑 ]

显示全部楼层 · 发表于 2008-7-23 14:18:16

晕.....
~~~~~~~
传了二次全不行...
第三次居然....~
调戏偶!

显示全部楼层 · 发表于 2008-7-23 14:18:46

显示全部楼层 · 发表于 2008-7-23 14:19:59

2008-7-23 14:17:21 c:\documents and settings\administrator\桌面\wmcodec_update.exe 创建文件 C:\WINDOWS\system32\RichVideoCodec.dll 允许
2008-7-23 14:17:25 c:\documents and settings\administrator\桌面\wmcodec_update.exe 写文件 C:\WINDOWS\system32\RichVideoCodec.dll 允许
2008-7-23 14:17:28 c:\documents and settings\administrator\桌面\wmcodec_update.exe 创建注册表项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{098716A9-0310-4CBE-BD64-B790A9761158} 拒绝
2008-7-23 14:17:31 c:\documents and settings\administrator\桌面\wmcodec_update.exe 创建注册表项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{098716A9-0310-4CBE-BD64-B790A9761158} 拒绝
2008-7-23 14:17:48 c:\documents and settings\administrator\桌面\wmcodec_update.exe 创建新进程 c:\program files\richvideocodec\escan.exe 拒绝

在网吧不好继续回家弄好了沙盘规则跑个全程看看

显示全部楼层 · 发表于 2008-7-23 14:20:59

不用多看....
ZLOB....
20日出来的...~
用卡巴的试试...~
我觉得应该有人给它上报~

显示全部楼层 · 发表于 2008-7-23 14:22:49

过的还真多

VirSCAN.org Scanned Report :
Scanned time : 2008/07/23 14:20:51 (CST)
Scanner results: 8%的杀软(3/36)报告发现病毒
File Name    : wmcodec_update.exe
File Size    : 266881 byte
File Type    : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5          : a9b968554b7f792cd1ea06b52e964ef1
SHA1          : edc12614ec52be7d055bf182e5bf6c3258f32c50
Online report  : http://virscan.org/report/10920ac4664ab6320d1af2f478cd282d.html

Scanner       Engine Ver    Sig Ver          Sig Date Time Scan result
a-squared    3.5.0.22       2008.07.22       2008-07-22  2.37 -
安博士V3    2008.07.23.00 2008.07.23       2008-07-23  0.87 -
AntiVir       7.8.1.11       7.0.5.153       2008-07-22  2.17 -
Arcavir       1.0.5          200807221650    2008-07-22  1.27 -
AVAST!       3.0.1          080722-1       2008-07-22  0.02 -
AVG          7.5.51.442    270.5.4/1567    2008-07-22  1.48 -
BitDefender 7.60825.1383082 7.20153          2008-07-23  2.91 Trojan.Zlob.CQO
CA (VET)    9.0.0.143    31.6.5975       2008-07-22  0.60 -
ClamAV       0.93.3       7795             2008-07-23  0.12 -
Comodo       2.11          2.0.0.594       2008-07-23  0.42 -
CP Secure    1.1.0.715    2008.07.23       2008-07-23  5.93 -
Dr.Web       4.44.0.9170    2008.07.22       2008-07-22  3.02 -
ewido       4.0.0.2       2008.07.22       2008-07-22  2.33 -
F-Prot       4.4.4.56       20080722       2008-07-22  0.97 -
F-Secure    5.51.6100    2008.07.22.11    2008-07-22  0.13 -
飞塔          2.81-3.11    9.347          2008-07-23  1.62 -
ViRobot       20080722       2008.07.22       2008-07-22  0.41 -
Ikarus       T3.1.01.34    2008.07.23.71143  2008-07-23  3.27 Virus.Trojan.Win32.BHO.egw
江民杀毒    11.0.706       2008.07.23       2008-07-23  1.15 -
卡巴斯基    5.5.10       2008.07.23       2008-07-23  0.12 -
金山毒霸    2008.1.14.15 2008.7.23.14    2008-07-23  0.64 -
迈克菲       5.2.00       5344             2008-07-22  2.10 -
Microsoft    1.3704       2008.07.23       2008-07-23  7.21 -
mks_vir       2.01          2008.07.22       2008-07-22  2.52 -
Norman       5.93.01       5.93.00          2008-07-22  4.58 Malware.DDGL
熊猫卫士    9.05.01       2008.07.22       2008-07-22  1.87 -
趋势科技    8.700-1004    5.425.00       2008-07-22  0.08 -
Quick Heal    9.50          2008.07.22       2008-07-22  1.61 -
瑞星          20.0          20.54.20.00    2008-07-23  0.82 -
Sophos       2.75.4       4.31             2008-07-23  1.96 -
Sunbelt       3.1.1536.1    2156             2008-07-18  0.40 -
赛门铁克    1.3.0.24       20080722.003    2008-07-22  0.06 -
nProtect    2008-07-23.00 1697660          2008-07-23  3.21 -
The Hacker    6.2.96       v00387          2008-07-22  0.39 -
VBA32       3.12.8.1       20080722.1403    2008-07-22  1.65 -
VirusBuster 4.5.11.10    10.82.19/596243 2008-07-22  0.93 -

显示全部楼层 · 发表于 2008-7-23 14:26:24

晕了...
3天了.....
外国人没有一个家伙给卡巴上报的....~

显示全部楼层 · 发表于 2008-7-23 14:27:44

刚刚得到的新的zlob，过clamav了

A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found Injector.AD
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

显示全部楼层 · 发表于 2008-7-23 14:29:27

AVG出了个风头~....

EQ2...

发个强大点的dnschange上来~

[病毒样本] wmcodec_update.exe

本帖子中包含更多资源

NOD32 痿掉

回复 6楼电影结束了的帖子

浏览过的版块

[病毒样本] wmcodec_update.exe

本帖子中包含更多资源

NOD32 痿掉

回复 6楼 电影结束了 的帖子

浏览过的版块

回复 6楼电影结束了的帖子