home

Even Balance, Inc.

Publisher Information

Even Balance, Inc. is a software publisher located in Magnolia, Texas in the United States*. Thre are 7 additional code signing certificates issued to this publisher.
Authority:
VeriSign, Inc.

Valid from:
1/17/2013 1:00:00 AM

Valid to:
2/17/2014 12:59:59 AM

Subject:
CN="Even Balance, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Even Balance, Inc.", L=Magnolia, S=Texas, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1c9525fc3bbefaee68fa17ce8cbadca5

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

Dr.Web
Trojan.PWS.Stealer.13025, Trojan.PWS.Spy.19759
92.86%

Kaspersky
Trojan-Spy.MSIL.Agent, HEUR:Trojan.Win32.Generic
78.57%

Baidu Antivirus
Win32.Trojan.WisdomEyes.16070401.9500
64.29%

F-Prot
W32/MSIL_Injector.DX.gen
64.29%

ESET NOD32
MSIL/GenKryptik.MPP (variant), MSIL/Injector.QTQ (variant), MSIL/Injector.QVG (variant), MSIL/Injector.QII (variant)
57.14%

McAfee
Artemis!05A3989A26B3, RDN/Generic.bfg, Artemis!E278F8BD88FD, Artemis!E49F5F290A43, Artemis!CD35BBCD6838, Artemis!EB4A798D0A6C
57.14%

Fortinet FortiGate
MSIL/Injector.QTQ!tr, W32/Agent.KIP!tr, MSIL/Injector.QII!tr
57.14%

Avira AntiVirus
TR/Dropper.MSIL.zwbrt, TR/Dropper.MSIL.zmpac, TR/Dropper.MSIL.swtve, TR/Dropper.MSIL.odsfh, TR/Dropper.Gen2, TR/Spy.Agent.cikqo
50.00%

Qihoo 360 Security
HEUR/QVM03.0.0000.Malware.Gen, HEUR/QVM03.0.A9C5.Malware.Gen, HEUR/QVM03.0.A7AF.Malware.Gen
50.00%

AVG
MSIL10, Generic38, Atros4
50.00%

0 / 68
pbag.dll  (eff479e0c4d398595b45dd2656e0f50f)

0 / 68
wc002327.dll  (eafe3e2e586dd443b46c33cdf8106326)

30 / 68    (Malware)
svr.exe (Microsoft Windows Operating System by Microsoft)  (2feb0f6a386a0604269fa6507d50cb4f)

0 / 68
net.exe (Microsoft Windows Operating System by Microsoft)  (0fd07d2f739689d696f22aef44f27f52)

0 / 68
pnkbstrb.ex0  (43cb60ce6e345f0f097d07b85db70f81)

2 / 68      (inconclusive)
jhone books.exe  (e17e22a5f0a5fe8f15a68b8256a54edb)

17 / 68    (Malware)
windowsupdate.exe (SourceTree by Atlassian)  (350d2d8da2a70bdb7316a097025ef9b6)

0 / 68
pbcl.dll  (620fdddcffe54f6bde183cacfbcffb9b)

25 / 68    (Malware)
Order-48458-4854.exe (SourceTree by Atlassian)  (eb4a798d0a6cf96a6a63ed47a51eec35)

0 / 68
pnkbstrk.sys  (c71b8f6d47031740d5592db158fcd513)

0 / 68
pnkbstrb.exe  (9ba3266d40500787c9b85ce5c9050b2c)

0 / 68
wc002329.dll  (5873b930e116effb2336d7d30009fa3c)

0 / 68
pnkbstrk.sys  (03203773e7c95d0295c9bda249d1ffd7)

0 / 68
DOWNLOAD FILE.exe (SourceTree by Atlassian)  (1683fe27352b9945ae5517cf662d1041)

0 / 68
PAYMENT RECEIPT.exe (SourceTree by Atlassian)  (1eec6c2d1f7b38fdfe622f71c96e0bbc)

0 / 68
air conditioner for room.exe (SourceTree by Atlassian)  (579dc3a10e76f25dacc334f03b7d56a4)

3 / 68      (Malware)
P.O INVOICE.exe (SourceTree by Atlassian)  (259d00d60524a6a7c6e08a8c64e37679)

0 / 68
rchhhyyfvggfzz.exe (SourceTree by Atlassian)  (85268f5f2c335bbeaa1b0e9263605cc9)

2 / 68      (inconclusive)
midlaj np building project.exe (SourceTree by Atlassian)  (9bb1487eea906b92990f47578717a838)

28 / 68    (Malware)
windowsupdate.exe (SourceTree by Atlassian)  (cd35bbcd683885d02b468a56a638b622)

0 / 68
pbclold.dll  (c7b898da989c02e5d2ed5561a5cbaa70)

0 / 68
TT_SLIP.exe (SourceTree by Atlassian)  (d3ff7124b5d15f490123c5ebf2b81266)

3 / 68      (Malware)
quotation request price kb938443mhb.exe (Sandboxie by Sandboxie Holdings)  (2a8685f6c60deea3e38071be546aa95d)

0 / 68
swift-copy-947586.exe (SourceTree by Atlassian)  (b7b93a43060f0a06d0c7d517818eb8fa)

0 / 68
po-bene4497696.exe (SourceTree by Atlassian)  (935360ac115ffe0286d0960cb56870af)

0 / 68
Setup.exe (SourceTree by Atlassian)  (e00bbd3f431e741a2e99c93788856b21)

3 / 68      (Malware)
bank payment slip.exe (SourceTree by Atlassian)  (241a4932cc980b803062fc78be6ba59a)

0 / 68
pnkbstrk.sys  (ab9ee11737ac4888d164c220fe8b9d4b)

12 / 68    (Malware)
bank payslip.exe (SourceTree by Atlassian)  (e49f5f290a4312b650c27207e410ab9a)

0 / 68
Setup.exe (SourceTree by Atlassian)  (fe163a8c1aaf04e36cf4bff94c374ef4)

 
Latest 30 of 148 files

Downloads URLs for files signed by Even Balance, Inc..

0 / 68
https://www.google.com/url?hl=en&q=http://alwadi.com.sa/aldwsari/.../Internet-security6.exe&source=gmail&ust=1481316753691000&usg=AFQjCNHXVR3cH4KYYKEuY-3RJGkjPZSnSA  (bbdf9e84a759d506df4f621aa0d27e48)

0 / 68
http://alwadi.com.sa/aldwsari/.../Internet-security6.exe  (bbdf9e84a759d506df4f621aa0d27e48)

0 / 68
http://quallpac.com/know/.../Order-37392-3792.exe  (3eb84c59c693db10cfd56ba5e1522b18)

0 / 68
https://fs01n5.sendspace.com/dl/b2582f4e63bd76fd806202ef703c89e0/5849da0d25a72dec/.../PO-48395394.exe  (7f7ede3b1e2e84254f783645c9c69c06)

0 / 68
http://alwadi.com.sa/images/blocks/.../sales ?slx.exe  (f1455c0f2e713e543ac236f1e8bc1911)

The certificates below are also signed by Even Balance, Inc..

272B52DFE9CF0246032738CEE81C3C17  (Feb 13, 2014 to Mar 11, 2017)

146BEBEE63F637FC8ADD56E76D131CB4  (Jan 07, 2012 to Jan 23, 2013)

779269AB55280C74DCE6B7C1A05F8DF1  (Jan 19, 2011 to Jan 24, 2012)

3345AD33E2918DAC3C5BDB675544895D  (Jan 22, 2010 to Jan 23, 2011)

421F62D12DD37A0BD13B4B9FCAC9164E  (Jan 15, 2009 to Jan 23, 2010)

2E1655DB731BCD9CD5DBC79CBAAC3FEC  (Jan 14, 2008 to Jan 24, 2009)

0D2354036437C5895F959DDC9CF89AA7  (Jan 23, 2007 to Jan 24, 2008)

* Note, the details and description above are based on the code signing digital signature issued to Even Balance, Inc. by VeriSign, Inc. on January 17, 2013 with the serial number '1c9525fc3bbefaee68fa17ce8cbadca5'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.