Tuesday, January 15, 2008

WinErrorFixer 2007







WinErrorFixer 2007 is described as potentially unwanted application by some of them, as shown in the VirusTotal Result.



VirusTotal Result: 7/32 (21.88%)

AVG -------> SHeur.KTO
eSafe -------> suspicious Trojan/Worm
FileAdvisor -------> Low threat detected
McAfee 5206 -------> potentially unwanted program Winfixer
Panda 9.0.0.4 -------> Application/WinErrorFixer
Prevx1 V2 -------> Suspicious File With Persistence
Webwasher-Gateway 6.0.1 -------> Worm.Win32.ModifiedUPX.gen!84 (suspicious)
----------------------------------------------------------------------------------------
File size: 54552 bytes
MD5: e89ee5276da753dc98571f39119f4265
SHA1: 92f9111440e85e68bc880bd03f8cb0dcf89531c5
PEiD: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
packers: UPX
Bit9 info: http://fileadvisor.bit9.com/services/extinfo.aspx?md5=e89ee5276da753dc98571f39119f4265
packers: UPX
packers: PE_Patch.UPX, UPX
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=123001F018A318BFD5D60079156D15002616DA17


Screenshots:






Additional information :

Domain Name: winerrorfixer.com
Status: clientDeleteProhibited, clientRenewProhibited, clientTransferProhibited, clientUpdateProhibited

Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com
Expiration Date: 2008-12-07
Creation Date: 2005-12-07
Last Update Date: 2007-10-29

Name Servers:
ns29.domaincontrol.com
ns30.domaincontrol.com

IP Address: 64.46.38.133
IP Location: Canada
Website Status: active
Server Type: Apache/2.0.58 (Unix) mod_ssl/2.0.58 OpenSSL/0.9.7f PHP/4.4.7
Alexa Trend/Rank: 1 Month: 44,539 3 Month: 49,706
Page Views per Visit: 1 Month: 1.7 3 Month: 1.8
Cache Date: 2008-01-15 03:22:48 MST
Compare Archived Data: 2007-09-15

No comments: