We have discovered a new ZLob/VirusBurster Installer:
http://superantispyware.blogspot.com
Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com
http://forums.superantispyware.com
We have discovered a new ZLob/VirusBurster Installer:
http://superantispyware.blogspot.com
Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com
http://forums.superantispyware.com
Two things:
A: Noone cares about updates, they'll hit the "Update Program" button.
B: xDDD
You use BLOGGER? Nothing on your SUPERAntiSpyware server? Not even
WordPress?
Nick Skrepetos wrote:
> We have discovered a new ZLob/VirusBurster Installer:
> http://superantispyware.blogspot.com
>
> Nick Skrepetos
> SUPERAntiSpyware.com
> http://www.superantispyware.com
> http://forums.superantispyware.com
From: "Ze Muffinman" <truemuffinman@poetictimes.com>
| Two things:
| A: Noone cares about updates, they'll hit the "Update Program" button.
| B: xDDD
You miss the point. This is a new supposed CODEC site which purports to be a video codec
but is in reality a ZLob/Puper/Popuper Trojan installer.
The site was just registered three days ago.
Additionally you should have noticed that this is another malware site where the Registrar
is Estdomains.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
Spyerase removes this threat.
This tool is free but won't be for long. First read
this http://www.pcbutts1.com/downloads then download Spyerase at
http://www.pcbutts1.com/downloads/spyerasesetup.zip
--
The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com
"Nick Skrepetos" <nskrepetos@yahoo.com> wrote in message
news:1161191499.763806.106070@i42g2000cwa.googlegr oups.com...
> We have discovered a new ZLob/VirusBurster Installer:
> http://superantispyware.blogspot.com
>
> Nick Skrepetos
> SUPERAntiSpyware.com
> http://www.superantispyware.com
> http://forums.superantispyware.com
>
pcbutts1 wrote:
> Spyerase removes this threat.
> This tool is free but won't be for long. First read
> this http://www.pcbutts1.com/downloads then download Spyerase at
> http://www.pcbutts1.com/downloads/spyerasesetup.zip
>
>
> --
Why not let us test your software? Stolen perhaps?
From: "Ze Muffinman" <truemuffinman@poetictimes.com>
| Two things:
| A: Noone cares about updates, they'll hit the "Update Program" button.
| B: xDDD
I should also add...
If you look at Nick's Blog and the Registration picture you'll see the registrant address.
jmr@mmcodec.com
The mmcodec.com web page looks the SAME as vccodec.com
Registration Service Provided By: ESTDOMAINS INC
Contact: +1.3027224217
Website: http://www.estdomains.com
Domain Name: MMCODEC.COM
Registrant:
MediaHolding inc
Jean-Marc Rennes (jmr@mmcodec.com)
Et 3 Em Porte Gauche 11 pl Gambetta
Paris
,75020
FR
Tel. +033.08717357
Creation Date: 09-Oct-2006
Expiration Date: 09-Oct-2007
vccodec.107.exe -- 49.0 KB (50,253 bytes)
mmcodec.595.exe -- 51.7 KB (52,973 bytes)
-------------
Complete scanning result of "vccodec.107.exe", processed in VirusTotal at 10/19/2006
01:47:16 (CET).
[ file data ]
* name: vccodec.107.exe
* size: 50253
* md5.: 33c8995c06b34a3b9da42495fd049303
* sha1: c16a2a2181b3ed68d0b5f53d9f17bbdf02067d28
[ scan result ]
AntiVir 7.2.0.30/20061018 found nothing
Authentium 4.93.8/20061019 found nothing
Avast 4.7.892.0/20061018 found nothing
AVG 386/20061018 found nothing
BitDefender 7.2/20061018 found nothing
CAT-QuickHeal 8.00/20061018 found nothing
ClamAV devel-20060426/20061019 found nothing
DrWeb 4.33/20061018 found nothing
eTrust-InoculateIT 23.73.26/20061019 found nothing
eTrust-Vet 30.3.3141/20061018 found nothing
Ewido 4.0/20061018 found nothing
F-Prot 3.16f/20061019 found nothing
F-Prot4 4.2.1.29/20061019 found nothing
Fortinet 2.82.0.0/20061018 found [suspicious]
Ikarus 0.2.65.0/20061018 found nothing
Kaspersky 4.0.2.24/20061019 found nothing
McAfee 4876/20061018 found nothing
Microsoft 1.1603/20061018 found nothing
NOD32v2 1.1810/20061018 found nothing
Norman 5.80.02/20061018 found nothing
Panda 9.0.0.4/20061018 found [Suspicious file]
Sophos 4.10.0/20061015 found nothing
TheHacker 6.0.1.100/20061018 found nothing
UNA 1.83/20061018 found nothing
VBA32 3.11.1/20061018 found nothing
VirusBuster 4.3.7:9/20061018 found nothing
[ notes ]
packers: UPX
packers: UPX, BINARYRES, BINARYRES
packers: UPX
-------------
Complete scanning result of "mmcodec.595.exe", processed in VirusTotal at 10/19/2006
01:46:09 (CET).
[ file data ]
* name: mmcodec.595.exe
* size: 52973
* md5.: af9e0a01c7eb8ad30edcb8ce76151998
* sha1: 7c866d405239d1fdfa3eb979f79bda6aa3a24554
[ scan result ]
AntiVir 7.2.0.30/20061018 found [TR/Zlob.65745.3]
Authentium 4.93.8/20061019 found nothing
Avast 4.7.892.0/20061018 found nothing
AVG 386/20061018 found nothing
BitDefender 7.2/20061018 found [Trojan.Downloader.Zlob.AAW]
CAT-QuickHeal 8.00/20061018 found nothing
ClamAV devel-20060426/20061019 found nothing
DrWeb 4.33/20061018 found [Trojan.Popuper]
eTrust-InoculateIT 23.73.26/20061019 found nothing
eTrust-Vet 30.3.3141/20061018 found nothing
Ewido 4.0/20061018 found nothing
F-Prot 3.16f/20061019 found nothing
F-Prot4 4.2.1.29/20061019 found nothing
Fortinet 2.82.0.0/20061018 found [suspicious]
Ikarus 0.2.65.0/20061018 found nothing
Kaspersky 4.0.2.24/20061019 found [Trojan-Downloader.Win32.Zlob.aqe]
McAfee 4876/20061018 found nothing
Microsoft 1.1603/20061018 found nothing
NOD32v2 1.1810/20061018 found [Win32/TrojanDownloader.Zlob]
Norman 5.80.02/20061018 found nothing
Panda 9.0.0.4/20061018 found [Suspicious file]
Sophos 4.10.0/20061015 found nothing
TheHacker 6.0.1.100/20061018 found nothing
UNA 1.83/20061018 found nothing
VBA32 3.11.1/20061018 found nothing
VirusBuster 4.3.7:9/20061018 found nothing
[ notes ]
packers: UPX
packers: UPX, BINARYRES, BINARYRES
packers: UPX
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
Like I said before Nick, you believe the trolls as evident by your posts and
the fact that you call me Chris. I don't give the password out to trolls or
anyone who believe their lies.
--
The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com
"Nick Skrepetos" <nskrepetos@yahoo.com> wrote in message
news:1161209352.315266.293040@i3g2000cwc.googlegro ups.com...
>
> pcbutts1 wrote:
>> Spyerase removes this threat.
>> This tool is free but won't be for long. First read
>> this http://www.pcbutts1.com/downloads then download Spyerase at
>> http://www.pcbutts1.com/downloads/spyerasesetup.zip
>>
>>
>> --
>
> Why not let us test your software? Stolen perhaps?
>
David H. Lipman wrote:
>
> [ file data ]
> * name: vccodec.107.exe
> * size: 50253
> * md5.: 33c8995c06b34a3b9da42495fd049303
> * sha1: c16a2a2181b3ed68d0b5f53d9f17bbdf02067d28
>
> [ scan result ]
> AntiVir 7.2.0.30/20061018 found nothing
> Authentium 4.93.8/20061019 found nothing
> Avast 4.7.892.0/20061018 found nothing
> AVG 386/20061018 found nothing
> BitDefender 7.2/20061018 found nothing
> CAT-QuickHeal 8.00/20061018 found nothing
> ClamAV devel-20060426/20061019 found nothing
> DrWeb 4.33/20061018 found nothing
> eTrust-InoculateIT 23.73.26/20061019 found nothing
> eTrust-Vet 30.3.3141/20061018 found nothing
> Ewido 4.0/20061018 found nothing
> F-Prot 3.16f/20061019 found nothing
> F-Prot4 4.2.1.29/20061019 found nothing
> Fortinet 2.82.0.0/20061018 found [suspicious]
> Ikarus 0.2.65.0/20061018 found nothing
> Kaspersky 4.0.2.24/20061019 found nothing
> McAfee 4876/20061018 found nothing
> Microsoft 1.1603/20061018 found nothing
> NOD32v2 1.1810/20061018 found nothing
> Norman 5.80.02/20061018 found nothing
> Panda 9.0.0.4/20061018 found [Suspicious file]
> Sophos 4.10.0/20061015 found nothing
> TheHacker 6.0.1.100/20061018 found nothing
> UNA 1.83/20061018 found nothing
> VBA32 3.11.1/20061018 found nothing
> VirusBuster 4.3.7:9/20061018 found nothing
>
<snip>
FYI - SUPERAntiSpyware gets all of these with our latest definition
set.
Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com
pcbutts1 wrote:
> Like I said before Nick, you believe the trolls as evident by your posts and
> the fact that you call me Chris. I don't give the password out to trolls or
> anyone who believe their lies.
>
Why don't you call me on the phone and let me give you a little
technical quiz and let's see exactly how much you know about spyware
and technology in general - if you pass, I'll post publicly that you
passed and people will stop acusing you........
Something tells me you won't accept this challenge!
-Nick
Ze Muffinman wrote:
> Two things:
> A: Noone cares about updates, they'll hit the "Update Program" button.
> B: xDDD
> You use BLOGGER? Nothing on your SUPERAntiSpyware server? Not even
> WordPress?
> Nick Skrepetos wrote:
> > We have discovered a new ZLob/VirusBurster Installer:
> > http://superantispyware.blogspot.com
> >
This has nothing to do with an "update" - it is a new variant of the
Zlob family of spyware/adware - if you look at my blog, you can see
that.
I use blogger as it gets great exposure since it's highly indexed into
Google - we replicate all the blog posts on our forum.
Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com
http://forums.superantispyware.com
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote