Sign In
Create Account
0
This looks like a fun one. Caught it analyzing a virus.
http://storageprotector.com/clean/index.php?03500-80815-45166-c0517-5a576-e474a-6d550-83904-5d071-75d0a-5f095-40b57-55110-35007-08164-23901-53520-50106-070e0-b0440-03040-40717-5d160-b0c5a-1f110-e0a57-01475-60b0f-57
Back to top
#2
Posted 13 November 2007 - 06:47 AM
-
- Experts
-
- 162 posts
Advanced Member
- Gender:Male
- Location:Netherlands
It's 100% free of viruses, adware and spyware.
See?
Direct download at 00089 in this list;
File setup_en.exe received on 11.13.2007 07:28:14 (CET)Antivirus Version Last Update Result
AhnLab-V3 2007.11.13.0 2007.11.13 Win-Trojan/Downloader.199696
AntiVir 7.6.0.34 2007.11.13 -
Authentium 4.93.8 2007.11.13 -
Avast 4.7.1074.0 2007.11.12 -
AVG 7.5.0.503 2007.11.12 Potentially harmful program WinFixer.AJH
BitDefender 7.2 2007.11.13 Adware.Winfixer.Y
CAT-QuickHeal 9.00 2007.11.12 Downloader.WinFixer.au (Not a Virus)
ClamAV 0.91.2 2007.11.13 -
DrWeb 4.44.0.09170 2007.11.12 Trojan.DownLoader.36408
eSafe 7.0.15.0 2007.11.08 Downloader.MisleadAp
eTrust-Vet 31.2.5290 2007.11.12 -
Ewido 4.0 2007.11.12 -
FileAdvisor 1 2007.11.13 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.13 -
F-Secure 6.70.13030.0 2007.11.13 -
Ikarus T3.1.1.12 2007.11.13 not-a-virus:Downloader.Win32.WinFixer.au
Kaspersky 7.0.0.125 2007.11.13 not-a-virus:Downloader.Win32.WinFixer.au
McAfee 5161 2007.11.12 -
Microsoft 1.3007 2007.11.12 Program:Win32/WinFixer
NOD32v2 2654 2007.11.13 -
Norman 5.80.02 2007.11.12 W32/WinFixer.AMU
Panda 9.0.0.4 2007.11.13 Application/AVSystemCare
Prevx1 V2 2007.11.13 Malware.Gen
Rising 20.18.02.00 2007.11.12 -
Sophos 4.23.0 2007.11.13 SysKontroller System Repairer Downloader
Sunbelt 2.2.907.0 2007.11.13 -
Symantec 10 2007.11.13 Downloader.MisleadApp
TheHacker 6.2.9.124 2007.11.13 -
VBA32 3.12.2.4 2007.11.11 Downloader.Win32.WinFixer.au
VirusBuster 4.3.26:9 2007.11.12 -
Webwasher-Gateway 6.0.1 2007.11.13 Riskware.Fake.Syscontrol
Additional information
File size: 195616 bytes
MD5: f9be49d2313f3e92b0f9f6a2b83029ea
SHA1: d1f215d2a11e9f7dcf960727b29b43859dce9f48
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PX5...0B5CB0038CFF998
ThreatExpert; http://www.threatexpert.com/report.aspx?md...0f9f6a2b83029ea
A few days ago i noticed a Dutch variant. (and a German one on diskretter.com)
hxxp://schijfbewaker.com/fix/installer.php?555a0-00f0d-564c0-a5f6b-5a5f6-65c08-68505-c0a15-52580-f5b58-061b0-b0f69-07576-e0751-07536-c0457-060d6-b020f-0b5d6-85557-67155-2445b-55004-50306-05425-b0801-06030-25503-0c525-00506-035f0-25502-0c0c0-b060f-05575-05156-5a520-50303-08080-25502-07070-25350-04060-60802-05060-10d0f-03020-15153-07550-05754-06560-d0706-59040-20307-56060-10c03-5a035-0020d-095b
direct download hxxp://bsa.safetydownload.com/schijfbewaker.com/SchijfBewaker/setup_nl.exe
Virustotal (few days ago)
File setup_nl.exe received on 11.10.2007 14:50:39 (CET)Antivirus Version Last Update Result
AhnLab-V3 2007.11.10.0 2007.11.09 -
AntiVir 7.6.0.34 2007.11.09 -
Authentium 4.93.8 2007.11.10 -
Avast 4.7.1074.0 2007.11.09 -
AVG 7.5.0.503 2007.11.10 Potentially harmful program WinFixer.AJM
BitDefender 7.2 2007.11.10 -
CAT-QuickHeal 9.00 2007.11.10 -
ClamAV 0.91.2 2007.11.10 -
DrWeb 4.44.0.09170 2007.11.10 Trojan.DownLoader.36408
eSafe 7.0.15.0 2007.11.08 -
eTrust-Vet 31.2.5284 2007.11.09 -
Ewido 4.0 2007.11.10 -
FileAdvisor 1 2007.11.10 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.09 -
F-Secure 6.70.13030.0 2007.11.09 -
Ikarus T3.1.1.12 2007.11.10 not-a-virus:Downloader.Win32.WinFixer.au
Kaspersky 7.0.0.125 2007.11.10 not-a-virus:Downloader.Win32.WinFixer.au
McAfee 5160 2007.11.09 -
Microsoft 1.3007 2007.11.10 TrojanDownloader:Win32/Renos
NOD32v2 2651 2007.11.10 -
Norman 5.80.02 2007.11.09 W32/WinFixer.ANF
Panda 9.0.0.4 2007.11.10 Application/AVSystemCare
Prevx1 V2 2007.11.10 Heuristic: Suspicious Mailer
Rising 20.17.52.00 2007.11.10 -
Sophos 4.23.0 2007.11.10 SysKontroller System Repairer Downloader
Sunbelt 2.2.907.0 2007.11.09 -
Symantec 10 2007.11.10 Downloader.MisleadApp
TheHacker 6.2.9.122 2007.11.09 -
VBA32 3.12.2.4 2007.11.08 Downloader.Win32.WinFixer.au
VirusBuster 4.3.26:9 2007.11.10 -
Webwasher-Gateway 6.0.1 2007.11.10 Riskware.Fake.Syscontrol
Additional information
File size: 196624 bytes
MD5: c0f9bb85077cff37000d15b860f6f7f6
SHA1: 8e676d475028ef85c24ae832803ad94d2e8d0d6b
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PX5...61264006A37AD85
http://research.sunbelt-software.com/ViewM...aspx?id=2058738
http://www.threatexpert.com/report.aspx?md...00d15b860f6f7f6
The file header from the Dutch file contains the following information;
Vendor : Magic Gloves Lab <-- funny name
Product: Magic Installer <-- it sure is
Version: 1.3.122.
See?
Direct download at 00089 in this list;
File setup_en.exe received on 11.13.2007 07:28:14 (CET)Antivirus Version Last Update Result
AhnLab-V3 2007.11.13.0 2007.11.13 Win-Trojan/Downloader.199696
AntiVir 7.6.0.34 2007.11.13 -
Authentium 4.93.8 2007.11.13 -
Avast 4.7.1074.0 2007.11.12 -
AVG 7.5.0.503 2007.11.12 Potentially harmful program WinFixer.AJH
BitDefender 7.2 2007.11.13 Adware.Winfixer.Y
CAT-QuickHeal 9.00 2007.11.12 Downloader.WinFixer.au (Not a Virus)
ClamAV 0.91.2 2007.11.13 -
DrWeb 4.44.0.09170 2007.11.12 Trojan.DownLoader.36408
eSafe 7.0.15.0 2007.11.08 Downloader.MisleadAp
eTrust-Vet 31.2.5290 2007.11.12 -
Ewido 4.0 2007.11.12 -
FileAdvisor 1 2007.11.13 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.13 -
F-Secure 6.70.13030.0 2007.11.13 -
Ikarus T3.1.1.12 2007.11.13 not-a-virus:Downloader.Win32.WinFixer.au
Kaspersky 7.0.0.125 2007.11.13 not-a-virus:Downloader.Win32.WinFixer.au
McAfee 5161 2007.11.12 -
Microsoft 1.3007 2007.11.12 Program:Win32/WinFixer
NOD32v2 2654 2007.11.13 -
Norman 5.80.02 2007.11.12 W32/WinFixer.AMU
Panda 9.0.0.4 2007.11.13 Application/AVSystemCare
Prevx1 V2 2007.11.13 Malware.Gen
Rising 20.18.02.00 2007.11.12 -
Sophos 4.23.0 2007.11.13 SysKontroller System Repairer Downloader
Sunbelt 2.2.907.0 2007.11.13 -
Symantec 10 2007.11.13 Downloader.MisleadApp
TheHacker 6.2.9.124 2007.11.13 -
VBA32 3.12.2.4 2007.11.11 Downloader.Win32.WinFixer.au
VirusBuster 4.3.26:9 2007.11.12 -
Webwasher-Gateway 6.0.1 2007.11.13 Riskware.Fake.Syscontrol
Additional information
File size: 195616 bytes
MD5: f9be49d2313f3e92b0f9f6a2b83029ea
SHA1: d1f215d2a11e9f7dcf960727b29b43859dce9f48
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PX5...0B5CB0038CFF998
ThreatExpert; http://www.threatexpert.com/report.aspx?md...0f9f6a2b83029ea
A few days ago i noticed a Dutch variant. (and a German one on diskretter.com)
hxxp://schijfbewaker.com/fix/installer.php?555a0-00f0d-564c0-a5f6b-5a5f6-65c08-68505-c0a15-52580-f5b58-061b0-b0f69-07576-e0751-07536-c0457-060d6-b020f-0b5d6-85557-67155-2445b-55004-50306-05425-b0801-06030-25503-0c525-00506-035f0-25502-0c0c0-b060f-05575-05156-5a520-50303-08080-25502-07070-25350-04060-60802-05060-10d0f-03020-15153-07550-05754-06560-d0706-59040-20307-56060-10c03-5a035-0020d-095b
direct download hxxp://bsa.safetydownload.com/schijfbewaker.com/SchijfBewaker/setup_nl.exe
Virustotal (few days ago)
File setup_nl.exe received on 11.10.2007 14:50:39 (CET)Antivirus Version Last Update Result
AhnLab-V3 2007.11.10.0 2007.11.09 -
AntiVir 7.6.0.34 2007.11.09 -
Authentium 4.93.8 2007.11.10 -
Avast 4.7.1074.0 2007.11.09 -
AVG 7.5.0.503 2007.11.10 Potentially harmful program WinFixer.AJM
BitDefender 7.2 2007.11.10 -
CAT-QuickHeal 9.00 2007.11.10 -
ClamAV 0.91.2 2007.11.10 -
DrWeb 4.44.0.09170 2007.11.10 Trojan.DownLoader.36408
eSafe 7.0.15.0 2007.11.08 -
eTrust-Vet 31.2.5284 2007.11.09 -
Ewido 4.0 2007.11.10 -
FileAdvisor 1 2007.11.10 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.09 -
F-Secure 6.70.13030.0 2007.11.09 -
Ikarus T3.1.1.12 2007.11.10 not-a-virus:Downloader.Win32.WinFixer.au
Kaspersky 7.0.0.125 2007.11.10 not-a-virus:Downloader.Win32.WinFixer.au
McAfee 5160 2007.11.09 -
Microsoft 1.3007 2007.11.10 TrojanDownloader:Win32/Renos
NOD32v2 2651 2007.11.10 -
Norman 5.80.02 2007.11.09 W32/WinFixer.ANF
Panda 9.0.0.4 2007.11.10 Application/AVSystemCare
Prevx1 V2 2007.11.10 Heuristic: Suspicious Mailer
Rising 20.17.52.00 2007.11.10 -
Sophos 4.23.0 2007.11.10 SysKontroller System Repairer Downloader
Sunbelt 2.2.907.0 2007.11.09 -
Symantec 10 2007.11.10 Downloader.MisleadApp
TheHacker 6.2.9.122 2007.11.09 -
VBA32 3.12.2.4 2007.11.08 Downloader.Win32.WinFixer.au
VirusBuster 4.3.26:9 2007.11.10 -
Webwasher-Gateway 6.0.1 2007.11.10 Riskware.Fake.Syscontrol
Additional information
File size: 196624 bytes
MD5: c0f9bb85077cff37000d15b860f6f7f6
SHA1: 8e676d475028ef85c24ae832803ad94d2e8d0d6b
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PX5...61264006A37AD85
http://research.sunbelt-software.com/ViewM...aspx?id=2058738
http://www.threatexpert.com/report.aspx?md...00d15b860f6f7f6
The file header from the Dutch file contains the following information;
Vendor : Magic Gloves Lab <-- funny name
Product: Magic Installer <-- it sure is
Version: 1.3.122.
#3
Posted 14 November 2007 - 12:03 PM
-
- Experts
-
- 162 posts
Advanced Member
- Gender:Male
- Location:Netherlands
#4
Posted 07 December 2007 - 12:17 AM
-
- Experts
-
- 419 posts
True Member
- Location:The Internets
Added to newest database.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
