3 replies to this topic

[Fatdcuk]

Well these *** clowns are ripping on your popularity

h_t_t_p://malware.bytescan.org/

The software seems to photo shy at the mo,it hides everytime i goto use my image capture software but they seem to have a f/p problem.

Upload of installer to VT yields 2/39 hits
http://www.virustotal.com/analisis/bdf0fa7...70494c862edc3be

Not 100% it is rogue but goddam sleazy at best.

[Jaxryley]

I see what you mean where you can't grab a screenie of the gui.

I fired up an XP vm where it installed no probs and tried to grab a screenie and it's gui disappeared.

So I thought ahh, Vista's snipping tool within the real system will be able to grab a screenie.

Even though the rogue's gui didn't disappear Vista's snipping tool just wouldn't work properly!

Go figure?

[sho-dan]

This one be around for a while, looks like a rogue, acts like a rouge but is it a rogue in the true sense.
MBAM and SAS doesnt pick it up
It does'nt control the computer with constent popups when closing, no force reboots, F/Ps are created and removal is done manually via Add/Remove, C:Programs, registry removal also removes the setupxv icon from the Control panel

HKEY_CURRENT_USER\Software\MalwareRemovalBot

This can be found in the Google ads on jotti, its only in a regional zone as jotti explain in email

Something odd about the name below I did email Igor about the name abuse, we shall see if I get an answer

setupxv Properties info: Version

• Company:Igor Pavlov
  
  
• File Version:4.42
  
  
• Internal Name:7zS.sfx
  
  
• Original File Name7zS.sfx.exe
  
  
• Product Name:7-Zip
  
  
• Product Name:4.42

[GT500]

* No option to save a log.

* You must purchase to remove detected items.

* At least one customer of theirs thinks she purchased MBAM.