Jump to content

F\P...videocore.dll (Trojan.Vundo)

TeMerc

By TeMerc
in File Detections

 Share

Recommended Posts

  • Staff
TeMerc

TeMerc

Posted
  • Staff
Posted

Reported by MS-MVP via helpdesk:

Malwarebytes' Anti-Malware 1.36Database version: 2045Windows 6.0.6001 Service Pack 1
4/26/2009 10:50:52 PMmbam-log-2009-04-26 (22-50-25).txt
Scan type: Quick ScanObjects scanned: 69779Time elapsed: 2 minute(s), 37 second(s)
Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1
Memory Processes Infected:(No malicious items detected)
Memory Modules Infected:(No malicious items detected)
Registry Keys Infected:(No malicious items detected)
Registry Values Infected:(No malicious items detected)
Registry Data Items Infected:(No malicious items detected)
Folders Infected:(No malicious items detected)
Files Infected:C:\Windows\System32\videocore.dll (Trojan.Vundo) -> No action taken. [385753513430362761567479698088846184908485707820196187746970806880837015697777]
Link to post
Share on other sites
  • Staff
miekiemoes

miekiemoes

Posted
  • Staff
Posted

Tom, Can you ask what program installs this + ask the file?

This detection appears to be in the database for more than 6 months already. So it is strange that no one ever reported it. Also, I cannot tell either if this is a FP or not since the "legit looking" name is no guarantee that it is legit.

Link to post
Share on other sites
  • Staff
TeMerc

TeMerc

Posted
  • Author
  • Staff
Posted
Tom, Can you ask what program installs this + ask the file?

This detection appears to be in the database for more than 6 months already. So it is strange that no one ever reported it. Also, I cannot tell either if this is a FP or not since the "legit looking" name is no guarantee that it is legit.

User is MS-MVP, claimed it was scanned by VT, I trust that, but will ask for more info.
Link to post
Share on other sites
  • Staff
miekiemoes

miekiemoes

Posted
  • Staff
Posted
User is MS-MVP, claimed it was scanned by VT, I trust that, but will ask for more info.
Ok, but we have malicious samples here where there's no detection on VT either. We don't really use that as a reference - we analyse the files and then determine whether they are malicious or not.

That's why it would be great to have a sample. :P

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.