Jump to content
Login new information ×
Login new information

Is it windows 8 RTM leak 9200 infected or just false positives?

Mr.M

By Mr.M
in Security & Privacy Center

Recommended Posts

Mr.M

Mr.M

Posted
Posted

Is it windows 8 RTM leak 9200 infected or just false positives? Posted Image

MICROSOFT.WINDOWS.8.PROFESSIONAL.RTM.X64.ENGLISH.D VD-WZT

BUILD: 6.2.9200.16384.WIN8_RTM.120725-1247

FILE: Windows_8_Pro_EN-US_x64.ISO

SIZE: 3,581,853,696 byte

SHA-1: E63C1D3733532ABC7AB28F3D61526E361E80271A

MD5: 7A10316A79A543F2BF4953A4332B4323

CRC: 5D7BB5F4

Custom scan with Malwarebytes Anti-Malware last version

Files infected :

atl.dll

iccvid.dll

x86_microsoft-windows-atl_31bf3856ad364e35_6.2.9200.16384_none_a7cb4ba72b1931a8_atl.dll_0c7220db

Paths :

C:\Windows\WinSxS\Backup\x86_microsoft-windows-atl_31bf3856ad364e35_6.2.9200.16384_none_a7cb4ba72b1931a8_atl.dll_0c7220db (Trojan.FakeMS) -> No action taken.

C:\Windows\WinSxS\x86_microsoft-windows-atl_31bf3856ad364e35_6.2.9200.16384_none_a7cb4ba72b1931a8\atl.dll (Trojan.FakeMS) -> No action taken.

C:\Windows\WinSxS\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.2.9200.16384_none_694dccf2a9d68eb9\iccvid.dll (Trojan.FakeAlert) -> No action taken.

Posted Image

Link to comment
Share on other sites
  • Replies 13
  • Views 3.1k
  • Created
  • Last Reply
Seojinist

Seojinist

Posted
Posted

:wtf:

guys before confirming infected or not do a custom scan for this path C:\Windows\WinSxS

..I did a Flash and Quick Scan with Malwarebytes, and a FULL Scan with AVG.. None. Really.

Link to comment
Share on other sites
madeinheaven

madeinheaven

Posted
Posted

Let me tell you something guys WZOR is a trustable place and has been around many years. He was the first person leaking Windows 7 too. The link you can see in that topic originally from his side. i suggest everyone use trustable download link i know many people uploading Windows 8 all over the net and you should be carefully downloading them.

What is WZOR?

WZOR is a Russian site that has a history of leaking information that has helped developers in the past to understand the activation process. It is now an invite only forum. Linking to that site here has been frowned upon in the past, so use a little Google-fu. We suspect WZOR to be the providers of the first KMS activation server. It has also been speculated that they may release a Mini-KMS server. This is pure speculation.

Wzor Home Page - http://soft-forum.ws/
You need invitation to be registered to access the page.

Or

http://wzor.net/
User Name: Ky!

Password: Ky!

Link to comment
Share on other sites
Nima

Nima

Posted
Posted

You might have been downloaded the first leak which was fake and rapidly removed from this forum and TPB, otherwise, WZOR release is completely safe and not infected at all. :)

Link to comment
Share on other sites
dcs18

dcs18

Posted
Posted

As much as I've been hammering Windows 8, I don't believe that's an infection (at least not if a link from reputed members has been used.)

BTW, couldn't help noticing that MBAM classifies one of the flagged items as 'Fake Alert.' :huh:

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...