Avast Community

Does avast! detect this executable? Scareware?

Viruses and worms

polonus October 27, 2013, 9:37pm 1

See: https://www.virustotal.com/nl/url/b60de77c1616b207a931a5e79b7354ce8afa73815e8aa0ec32ec26f5ef575833/analysis/1382908880/
and https://www.virustotal.com/nl/file/3487045fe79491b901f09646835f30aaea6419cd268bdb1e2524bf10e501fe4f/analysis/1382874085/
IDS alerts here: http://urlquery.net/report.php?id=7219507
Server redirect Code: 404, Content cannot be read!
See: http://support.clean-mx.de/clean-mx/viruses.php?ip=66.7.217.40&sort=id%20DESC
htxp://www.securitystronghold.com/files/go-remove-malware/InterpolRansomwareVirusRemovalTool.exe is in Dr.Web malicious sites list!
The WOT web rep status: http://www.mywot.com/en/scorecard/securitystronghold.com?utm_source=addon&utm_content=popup-donuts
→ http://www.mywot.com/en/scorecard/go-remove-malware.com?utm_source=addon&utm_content=popup-donuts
Quttera’s scanner detects:
/rss
Severity: Potentially Suspicious
Reason: Detected procedure that is commonly used in suspicious activity.
Details: Detected abnormal use of [iframe] elements. Treat it as suspicious.
File size[byte]: 27986
File type: ASCII
MD5: 18C8729CEEB41F234B06E42F401A317A
Scan duration[sec]: 0.021000
Anubis analysis: http://anubis.iseclab.org/?action=result&task_id=1a696b88c61f499a40984dc32c9beddd4&format=html
Verdict unknown,

pol

Secondmineboy October 27, 2013, 9:40pm 2

Avast is not detecting it on download and Scan.

I will test it in a VM now.

Secondmineboy October 27, 2013, 9:52pm 3

The file is also installing RegCleanPro, which is Junkware.

The Program actually looks good.

And its signed by Security Stronghold.

But i would consider this as junk.

Pondus October 27, 2013, 9:58pm 4

old file…
First submission 2013-07-16 00:39:25 UTC ( 3 months, 1 week ago )

polonus October 27, 2013, 9:58pm 5

Hi Steven Winderlich,

Can you confirm this is coming with Flipora Search ad-junk, detected as PUP?
See: http://www.removepcthreat.com/remove-flipora-search-flipora-search-removal-flipora-search-how-to-remove-flipora-search-delete-flipora-search-uninstall-flipora-search-how-to-delete-flipora-search-how-to-uninstall-flipora-sea/

Damian

Secondmineboy October 27, 2013, 10:01pm 6

I will restart the VM and will see what is going on.

Secondmineboy October 27, 2013, 10:08pm 7

Nothing in IE, Firefox or Chrome either.

Also no startup key set, just RegCleanPro starting up(and crashing).

Thera was something in Firefox and Chrome, about that just RegClean Stuff, ADW Log attached.

Secondmineboy October 27, 2013, 10:18pm 8

OTL Logs

Secondmineboy October 27, 2013, 10:53pm 9

Malwarebytes Log

polonus October 27, 2013, 11:03pm 10

There the PUP detection for Flipora is being confirmed,

pol

Secondmineboy October 27, 2013, 11:53pm 11

OK.

Im not that good on ADWCleaner Logs with this preferences things.

Announcements