home

Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com

Publisher Information

Authority:
Apple Inc.

Valid from:
7/15/2012 10:25:00 PM

Valid to:
7/15/2013 10:25:00 PM

Subject:
C=FR, CN=Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com, OID.0.9.2342.19200300.100.1.1=3MV9W8EA58

Issuer:
CN=Apple Worldwide Developer Relations Certification Authority, OU=Apple Worldwide Developer Relations, O=Apple Inc., C=US

Serial number:
24a43ee61f285a43

Scanner detections:
Malware distribution  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.Browser.Crossrider.BHO.Meta (M), PUP.SafariDeveloperZMLURJCR77duvalaugustingmail.Reputation, PUP.Crossrider.Browser (M), Adware.Crossrider (M)
95.83%

ESET NOD32
Win32/Toolbar.CrossRider (variant), Win32/Packed.ScrambleWrapper, Win32/Toolbar.CrossRider.G potentially unwanted (variant)
18.75%

Dr.Web
Adware.Plugin.88, Adware.Plugin.22, Trojan.AVKill.27950, Trojan.Crossrider.5, Trojan.Crossrider1.53186, Adware.Allgo.9
16.67%

Trend Micro House Call
TROJ_GEN.F47V0328, TROJ_GEN.F47V0402, TROJ_GEN.R0C1H05L813, TROJ_GEN.F47V0215, TROJ_GEN.F47V0126, TROJ_GEN.RC1H1CG, TROJ_GEN.F47V0201
14.58%

Comodo Security
Heur.Suspicious
8.33%

Baidu Antivirus
Adware.Win32.CrossRider, Adware.Win32.CrossAd, Adware.Win32.ScrambleWrapper
8.33%

Emsisoft Anti-Malware
Riskware.Win32.Toolbar.CrossRider.AMN, Packed.Win32.ScrambleWrapper.AMN
6.25%

NANO AntiVirus
Trojan.Win32.Plugin.cqzpgj, Trojan.Win32.Crossrider.deinrb
6.25%

Agnitum Outpost
PUA.Toolbar.CrossRider, Riskware.ScrambleWrapper
6.25%

VIPRE Antivirus
GamePlayLabs, Crossrider, Adware.Crossid
6.25%

1 / 68      (Malware)
38511604_setup.exe (Hosqqish by Ohbzelyxotkz)  (a2ce0e3306de5e403ce4fa71bf33793c)

1 / 68      (Malware)
270335_setup.exe (Color My Facebook by Duval)  (e4f7de13fbd0e8ee10af8c0fbd93dd84)

1 / 68      (Malware)
color my facebook-helper.exe  (867bdbfdd049c3fbe7f050b0253a9f6a)

1 / 68      (Adware)
color my facebook-codedownloader.exe (Color My Facebook by Duval)  (4aba8c47559aabaf6e8f4a3aaa3582fe)

1 / 68      (Adware)
color my facebook-buttonutil.exe (Color My Facebook by Duval)  (0b40a3e8b1c693bb336a990e01bba4fc)

1 / 68      (Adware)
color my facebook-buttonutil.dll  (91c0ac01c194a700a33994c3e2a7c427)

1 / 68      (Adware)
color my facebook-bho.dll (Color My Facebook by Duval)  (6384028abc2239cfec66c2929f991ec0)

1 / 68      (Adware)
color my facebook-bg.exe (Color My Facebook by Duval)  (9ffdc9792a45dc4c68d0371b35b6bead)

1 / 68      (Malware)
color-my-facebook.exe (Color My Facebook by Duval)  (d2e863c23c59396fc2239452cc587c4f)

1 / 68      (Malware)
348206478_setup.exe (Dqulvkba by Smtqbrruegzy)  (ee93875097f65152a8ffe86e65b3ae9f)

1 / 68      (Malware)
208382953_setup.exe (Dylsooanztdcl by Dxdnlyimeky)  (b1dfe9cadfd9d5e13fb52c3a104c64fa)

5 / 68      (PUP)
hwghsc.exe (Color My Facebook by Duval)  (a1e12c69c0c84653337bc295b58d24f6)

1 / 68      (Adware)
color my facebook-chromeinstaller.exe (Color My Facebook by Duval)  (83a289c9f249130c6045de0ee60f40d0)

1 / 68      (Malware)
updater3847.exe (Color My Facebook by Duval)  (f3425120248ba2a17daf3d21b04eb9a0)

1 / 68      (Malware)
updater3847.exe (Color My Facebook by Duval)  (2d83ca7e5653054832fccb3c5d43563c)

2 / 68      (PUP)
5691599_setup.exe (Color My Facebook by Duval)  (d50c94d9217bc26dc4a923d43cd858ce)

1 / 68      (Malware)
color my facebook64.exe (Color My Facebook by Duval)  (74e39c1a201e59a4aaa6b15da4e85084)

1 / 68      (Malware)
color my facebook-bg.exe (Color My Facebook by Duval)  (8093ce4075ef8e7291b1b84e8804ac9b)

1 / 68      (Malware)
buttonutil64.dll  (b54d879d4619eb43e5533487329081a7)

1 / 68      (Malware)
buttonutil.dll  (4bc851a0b98372bdf51ab36439d992f0)

1 / 68      (PUP)
Color My Facebook.dll (Color My Facebook by Duval)  (a5b69443f89b350ab742fdc4b7d1ff4a)

1 / 68      (Malware)
buttonutil.dll  (46dd4bec43094814c51ace84d1cfe1cc)

1 / 68      (PUP)
Color My Facebook.dll (Color My Facebook by Duval)  (69bcc1f90a97aa5dee63ec26b94a7511)

1 / 68      (Malware)
color my facebook-bg.exe (Color My Facebook by Duval)  (fc23a0172eca7161d7672e6ca51373f5)

1 / 68      (Malware)
updater3847.exe (Color My Facebook by Duval)  (312866e082763051d6464531988240d6)

1 / 68      (Malware)
Color My Facebook.dll (Color My Facebook by Duval)  (bd1a29b1a45045ac27ae3dad6f37fd7e)

19 / 68    (PUP)
chrome_enabler_color_my_facebook.exe  (2c5ea428957b188adc3224296384df45)

12 / 68    (PUP)
25857995_setup.exe (Zcqoltcolbk by Jdwkwamc)  (1e971b6a4de5992825ac158ae6ba3b2b)

3 / 68      (PUP)
color-my-facebook.exe (Color My Facebook by Duval)  (a02b7f84252023cfcb5e6680172d1864)

1 / 68      (Malware)
color my facebook-bg.exe (Color My Facebook by Duval)  (e101a6f86c77017f40f9ce9014b8e333)

 
Latest 30 of 48 files

* Note, the details and description above are based on the code signing digital signature issued to Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com by Apple Inc. on July 15, 2012 with the serial number '24a43ee61f285a43'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.