Re: http://zulu.zscaler.com/submission/show/0162181b6b32dbe490c74929ef24a827-1341052869 (missed there and reported);
See: https://www.virustotal.com/file/460022f47907ee5a08c4863f5d64c1526685a0a245410418204d9323abe51f1f/analysis/

DrWeb’s URL check results:
htxp://protectiondetectinspector.in/e8b3b3ddeb3a6799/setup.exe
Engine version: 7.0.2.4281
Total virus-finding records: 2967258
File size: 2.17 MB
File MD5: a43f2c30c13e94fceaa2b727caf890c5

htxp://protectiondetectinspector.in/e8b3b3ddeb3a6799/setup.exe packed by ASPROTECT

htxp://protectiondetectinspector.in/e8b3b3ddeb3a6799/setup.exe - Ok

Could the detection be an ASPROTECT conflict? All files packed by AsProtect v1.5 then are recognized as trojans by some av, so this could be a FP detection.
What is the status of this executable?

polonus

detection is correct or was correct…the link You posted…leads to the rogue varients of windows personal detective…

i know this since i have been reporting a lot of rogues and malwares to avast lately

however,this link u posted is dead and it leads to no executable but resolves to google.com so basically a dog that barks but doesnt bite or it because chrome warning on the site ;D…

Many fakeAV’s on this IP: 96.44.181.171

so same baddie from same IP

Confirmed…site is alive the redirect to google in chrome is due to the chrome warning…

see: http://urlquery.net/report.php?id=79339

Hi true indian,

As that IP has been found risky on so many occasions, this could be reason for an IP block for 96.44.181.171,

polonus

Yep! its a IP block…

I will report the executable to avast for detection…thanks