ProxyBlocker.zip

schyzosoft · June 3, 2010

ProxyBlocker.zip

VT 1/41 https://www.virustotal.com/analisis/40a9fbe...5ba1-1274432091

Attached File(s)

Attached File ProxyBlocker.zip ( 1.11MB ) Number of downloads: 24

Attached File LINKS.rar ( 124bytes ) Number of downloads: 2

Hi, I'm arief from schyzosoft, I'm the one who make proxyblocker beta.

Just wana inform, the file is not contain any malware, it just packed by UPX compressor. I'm sure that is juts false alarm of your AV.

Regards,

Arief

sUBs · June 3, 2010

Hello Arief, I'm moving your thread to the False Positive subforum where it can be addressed

sUBs · June 3, 2010

Arief, please upload the file again.

Thanks.

schyzosoft · June 16, 2010

Arief, please upload the file again.
Thanks.

I have check the file in softpedia site, its still clean and safe.

Regards,

Arief

sUBs · June 16, 2010

I have check the file in softpedia site, its still clean and safe.

Arief, which file from Softpedia are we talking about? I can't help you if you don't give us a file or at least the link to the file in question.

schyzosoft · August 25, 2010

Arief, which file from Softpedia are we talking about? I can't help you if you don't give us a file or at least the link to the file in question.

here's the link dude..

http://www.softpedia.com/get/Security/Fire...xyBlocker.shtml

thanks

regards,

arief

nosirrah · August 25, 2010

This file?

File name: ProxyBlocker.exe

Result: 30/ 41 (73.2%)

AhnLab-V3 2010.08.25.00 2010.08.24 Dropper/Agent.2006339

AntiVir 8.2.4.38 2010.08.24 TR/Drop.Agent.bmzm

Antiy-AVL 2.0.3.7 2010.08.23 Trojan/Win32.Agent.gen

Authentium 5.2.0.5 2010.08.24 W32/MalwareF.SFS

Avast 4.8.1351.0 2010.08.24 Win32:Malware-gen

Avast5 5.0.594.0 2010.08.24 Win32:Malware-gen

CAT-QuickHeal 11.00 2010.08.24 TrojanDropper.Agent.bmzm

Comodo 5848 2010.08.24 TrojWare.Win32.TrojanDropper.Agent.bmzm

eSafe 7.0.17.0 2010.08.24 Win32.TRDrop.Agent.B

F-Prot 4.6.1.107 2010.08.24 W32/MalwareF.SFS

GData 21 2010.08.24 Win32:Malware-gen

Ikarus T3.1.1.88.0 2010.08.24 Trojan-Dropper.Agent

Jiangmin 13.0.900 2010.08.23 TrojanDropper.Agent.anre

Kaspersky 7.0.0.125 2010.08.25 Trojan-Dropper.Win32.Agent.bmzm

McAfee 5.400.0.1158 2010.08.25 Artemis!1027068E03A3

McAfee-GW-Edition 2010.1B 2010.08.24 Artemis!1027068E03A3

NOD32 5394 2010.08.24 probably a variant of Win32/TrojanDropper.Agent.BNKWXEF

Norman 6.05.11 2010.08.24 Suspicious_Gen2.ATIKR

nProtect 2010-08-24.01 2010.08.24 Trojan-Dropper/W32.Agent_Packed.2006339

Panda 10.0.2.7 2010.08.25 Trj/CI.A

PCTools 7.0.3.5 2010.08.25 Trojan.ADH

Rising 22.62.01.04 2010.08.24 Trojan.Win32.Generic.5205C53C

Sophos 4.56.0 2010.08.25 Mal/Generic-A

Sunbelt 6787 2010.08.25 Trojan-Dropper.Win32.Agent

Symantec 20101.1.1.7 2010.08.25 Trojan.ADH

TheHacker 6.5.2.1.355 2010.08.24 Trojan/Dropper.Agent.bmzm

TrendMicro 9.120.0.1004 2010.08.24 TROJ_GEN.R23C3GE

TrendMicro-HouseCall 9.120.0.1004 2010.08.25 TROJ_GEN.R23C3GE

VBA32 3.12.14.0 2010.08.24 Trojan-Dropper.Win32.Agent.bmzm

ViRobot 2010.8.24.4005 2010.08.24 Dropper.S.Agent.2006339

MD5 : 1027068e03a3a9c8329b51770760fe58

We will check this out to see if this is a FP but it is not looking good at this point.

schyzosoft · October 16, 2010

This file?
File name: ProxyBlocker.exe
Result: 30/ 41 (73.2%)
AhnLab-V3 2010.08.25.00 2010.08.24 Dropper/Agent.2006339
AntiVir 8.2.4.38 2010.08.24 TR/Drop.Agent.bmzm
Antiy-AVL 2.0.3.7 2010.08.23 Trojan/Win32.Agent.gen
Authentium 5.2.0.5 2010.08.24 W32/MalwareF.SFS
Avast 4.8.1351.0 2010.08.24 Win32:Malware-gen
Avast5 5.0.594.0 2010.08.24 Win32:Malware-gen
CAT-QuickHeal 11.00 2010.08.24 TrojanDropper.Agent.bmzm
Comodo 5848 2010.08.24 TrojWare.Win32.TrojanDropper.Agent.bmzm
eSafe 7.0.17.0 2010.08.24 Win32.TRDrop.Agent.B
F-Prot 4.6.1.107 2010.08.24 W32/MalwareF.SFS
GData 21 2010.08.24 Win32:Malware-gen
Ikarus T3.1.1.88.0 2010.08.24 Trojan-Dropper.Agent
Jiangmin 13.0.900 2010.08.23 TrojanDropper.Agent.anre
Kaspersky 7.0.0.125 2010.08.25 Trojan-Dropper.Win32.Agent.bmzm
McAfee 5.400.0.1158 2010.08.25 Artemis!1027068E03A3
McAfee-GW-Edition 2010.1B 2010.08.24 Artemis!1027068E03A3
NOD32 5394 2010.08.24 probably a variant of Win32/TrojanDropper.Agent.BNKWXEF
Norman 6.05.11 2010.08.24 Suspicious_Gen2.ATIKR
nProtect 2010-08-24.01 2010.08.24 Trojan-Dropper/W32.Agent_Packed.2006339
Panda 10.0.2.7 2010.08.25 Trj/CI.A
PCTools 7.0.3.5 2010.08.25 Trojan.ADH
Rising 22.62.01.04 2010.08.24 Trojan.Win32.Generic.5205C53C
Sophos 4.56.0 2010.08.25 Mal/Generic-A
Sunbelt 6787 2010.08.25 Trojan-Dropper.Win32.Agent
Symantec 20101.1.1.7 2010.08.25 Trojan.ADH
TheHacker 6.5.2.1.355 2010.08.24 Trojan/Dropper.Agent.bmzm
TrendMicro 9.120.0.1004 2010.08.24 TROJ_GEN.R23C3GE
TrendMicro-HouseCall 9.120.0.1004 2010.08.25 TROJ_GEN.R23C3GE
VBA32 3.12.14.0 2010.08.24 Trojan-Dropper.Win32.Agent.bmzm
ViRobot 2010.8.24.4005 2010.08.24 Dropper.S.Agent.2006339
MD5 : 1027068e03a3a9c8329b51770760fe58
We will check this out to see if this is a FP but it is not looking good at this point.

Wow, thanks for the research checking the file.

Finally I found the problem, PE Header problem which is caused by custom packer with scramble..

I apologize for this mess...

Regards,

Arief

ProxyBlocker.zip

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Important Information