home

xvidsetup.exe

appbundler.com

This is a component for the Pinball ad-supported platform which may deliver advertisemenst to the web browser in the form of banner and text ads. The application xvidsetup.exe by appbundler.com has been detected as adware by 33 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
appbundler.com  (signed and verified)

Description:
Setup

Version:
3.0.113.3

MD5:
9ad04bbc21e8add47071e668a4b69974

SHA-1:
b5a9498896177848e865e7727adf9bcf0cbaa084

SHA-256:
4a7ea223f9ada086cddda46a15cce39dda03dbb5cb79d68eb581db20bb6e65d6

Scanner detections:
33 / 68

Status:
Adware

Analysis date:
4/19/2024 2:20:04 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Hotbar.14
840

Agnitum Outpost
PUA.ScreenSaver
7.1.1

AhnLab V3 Security
Adware/Win32.ScreenSaver
2014.10.18

Avira AntiVirus
ADWARE/Adware.Gen
7.11.30.172

avast!
Win32:Zango-AQ [PUP]
141003-0

AVG
Adware Skodna.Generic_r.EI
2014.0.4040

Bitdefender
Gen:Variant.Adware.Hotbar.14
1.0.20.1450

Comodo Security
ApplicUnwnt.Win32.AdWare.ScreenSaver.DI
19829

Dr.Web
Adware.Hotbar.700
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Adware.Hotbar.14
8.14.10.17.08

ESET NOD32
Win32/AdWare.HotBar.U application
7.0.302.0

Fortinet FortiGate
Riskware/Generic.AC.2130950
10/17/2014

F-Prot
W32/HotBar.O.gen
4.6.5.141

F-Secure
Gen:Variant.Adware.Hotbar.14
11.2014-17-10_6

G Data
Gen:Variant.Adware.Hotbar.14
14.10.24

IKARUS anti.virus
not-a-virus:AdWare.Win32
t3scan.1.7.8.0

K7 AntiVirus
Adware
13.184.13718

Kaspersky
not-a-virus:HEUR:WebToolbar.Win32.Zango.13644809
15.0.0.494

Malwarebytes
Adware.AdBundle
v2014.10.17.08

McAfee
Adware-HotBar.d
5600.6974

Microsoft Security Essentials
Threat.Undefined
1.185.3515.0

MicroWorld eScan
Gen:Variant.Adware.Hotbar.14
15.0.0.870

NANO AntiVirus
Trojan.Win32.Click2.bxnutx
0.28.2.62671

Norman
180Solutions.BSE
11.20141017

Qihoo 360 Security
Malware.QVM11.Gen
1.0.0.1015

Quick Heal
Adware.Hotbar.B5
10.14.14.00

Reason Heuristics
PUP.Installer.appbundler.J
14.10.17.20

Rising Antivirus
PE:Adware.HotBar!1.6AAD
23.00.65.141015

Sophos
Hotbar
4.98

Total Defense
Win32/Zango.Pinball.B[HOTBAR]
37.0.11233

Vba32 AntiVirus
AdWare.ScreenSaver
3.12.26.3

VIPRE Antivirus
Pinball Corporation.
34020

Zillya! Antivirus
Adware.HotBar.Win32.1102
2.0.0.1958

File size:
341.7 KB (349,872 bytes)

Product version:
3.0.113.3

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\xvidsetup.exe

Digital Signature
Signed by:
appbundler.com

Authority:
VeriSign, Inc.

Valid from:
12/10/2012 1:00:00 AM

Valid to:
1/10/2015 12:59:59 AM

Subject:
CN=appbundler.com, OU=Ops, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=appbundler.com, L=Bellevue, S=Washington, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
12E277DA6E659BFE14CD01F5A2AA95C5

File PE Metadata
Compilation timestamp:
2/22/2013 6:21:16 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:UfZ/nwzIhoZib9i0ju9BKVoEZUWxaA2qBF/EtLMza4xxXlTk8:UfpPOZiBiq3zxk2sYxxXl48

Entry address:
0xBC2E0

Entry point:
60, BE, 00, A0, 46, 00, 8D, BE, 00, 70, F9, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.8832

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
332 KB (339,968 bytes)

Remove xvidsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.