system
1
malware?? :o
hxxp://down.zonavirus.com/programas/bitdefender-internet-security/2011/bitdefender_isecurity.exe
Norton DNS block page! Thanks…
http://zulu.zscaler.com/submission/show/8a40604aecf6c4842d4da949828eb5ab-1334432633
Virustotal:
https://www.virustotal.com/file/fd46180ee50df6e7edf9ee43c3f40cf4119cc8d9811a6e2ec2ade37b3122d794/analysis/1334432452/
[tr][td]SHA256:[/td][/tr]fd46180ee50df6e7edf9ee43c3f40cf4119cc8d9811a6e2ec2ade37b3122d794SHA1:90082f53048b88065d3e24fa609581c05b0eaf36MD5:10077580679df1d20755b1a66b185193File size:1.3 MB ( 1351320 bytes )File name:bitdefender_isecurity.exeFile type:Win32 EXEDetection ratio:0 / 41Analysis date:2012-04-14 19:40:52 UTC ( 1 minute ago )
I checked some more and found this:
http://www.browserdefender.com/site/zonavirus.com/
So I decided to check the source code.
I believe the browserdefender’s exploit block is due to the link to satinfo. See:
http://urlvoid.com/scan/satinfo.es/
Norton says Drive-By Exploit but Sucuri doesn’t find.
http://safeweb.norton.com/report/show?url=zonavirus.com
http://sitecheck.sucuri.net/results/zonavirus.com
You can try sending the executable to avast! to see what they think of it.
Pondus
4
First seen by VirusTotal
2010-12-07 01:39:19 UTC ( 1 år, 4 måneder ago )
Sigcheck
signers…: BitDefender SRL
VeriSign Class 3 Code Signing 2009-2 CA
Class 3 Public Primary Certification Authority
signing date…: 3:19 PM 9/9/2010
Not malware. 
Malware was given for that IP 212.34.128.10 but is has been closed since since 2012-02-11 04:47:43
where it came accompanied by TR/Dldr.IstBar.gx it was being detected by avast
The only one that flagged the URL was TrendMicro: and the file analysis was detected as WS.Reputation.1 by Symantec,
which is a generic web rep flag, so I woukd say possibly a FP,
Anubis analysis: http://anubis.iseclab.org/?action=result&task_id=124c4bd9f848b3a94892e2f32d8428fee
See: http://www.backgroundtask.eu/Systeemtaken/taakinfo/52684/bitdefender_isecurity.exe/A1A24D436A87F0209BA2D5AA52428913/
polonus
system
6
thanks false positive norton! 