VCCodec/VideoCompressionCodec : ZLob/VirusBurster Installer

Discussion in 'malware problems & news' started by SUPERAntiSpy, Oct 18, 2006.

Thread Status:
Not open for further replies.
  1. SUPERAntiSpy

    SUPERAntiSpy Developer

    Joined:
    Mar 21, 2006
    Posts:
    1,088
  2. kjempen

    kjempen Registered Member

    Joined:
    May 6, 2004
    Posts:
    379
    At time of posting none of the antiviruses detects the installer (although Fortinet and Panda finds the file suspicious). After installing it, only a .tmp file and an .exe file are detected by Kaspersky ("not-virus:Hoax.Win32.Renos.dv" and "Trojan-Downloader.Win32.Adload.gw"). NOD32 performed better when scanning after having installed the "codec". NOD32 detected (amongst others) the VirusBurster program (NOD32 found 9 infected files in total), but missed the Trojan-Downloader that Kaspersky detected. AVG Anti-Spyware only detected the Hoax file.

    EDIT: Also tried scanning with Virus Chaser (same engine as Dr.Web) and it found 0 infected files.
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    Don't forget that NOD32 blocks access to all websites with Zlob so you are virtually protected against all new variants (the url mentioned in the blog was blocked on the same day the new Zlob appeared on the web).
     
  4. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    these Zlob-distributing websites change very fast. I had once about 7 different webpages. :( NOD32 is doing a good job blocking the url. :)
     
Loading...
Thread Status:
Not open for further replies.