home

setup_dfstd_exe_full.exe

Install Lab LTD.

The application setup_dfstd_exe_full.exe by Install Lab has been detected as adware by 9 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The setup installer will bundle multiple adware offers during download and setup (based on the user's geographical location) including toolbars, extensions and coupon utilities. The file has been seen being downloaded from www.torntv-dl.net and multiple other hosts.
Publisher:
Install Lab LTD.  (signed and verified)

MD5:
f0edaab9e6517779c713aace22047885

SHA-1:
0559b8b1dd23b3ade9c932c303a31e4e9ce6d8cf

SHA-256:
ef8a84b7e4868aa2c5d86d9c2f3dd4bb50356823511788f43bb2a77f7121be93

Scanner detections:
9 / 68

Status:
Adware

Explanation:
Bundles a number of adware programs in the installer.

Analysis date:
6/16/2024 11:06:40 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/CoolMirage.Gen
7.11.169.186

Baidu Antivirus
Adware.Win32.1ClickDownload
4.0.3.14828

Dr.Web
Adware.Downware.8319
9.0.1.0240

ESET NOD32
Win32/AdWare.1ClickDownload.AT
8.10331

G Data
NSIS.Application.OneClickDownloader
14.8.24

Malwarebytes
PUP.Optional.OneClickDownloader.A
v2014.08.28.03

NANO AntiVirus
Trojan.Nsis.Yotoon.deckrr
0.28.2.61861

Qihoo 360 Security
Win32/Virus.Adware.47b
1.0.0.1015

Reason Heuristics
PUP.Installer.InstallLab.R
14.8.28.15

File size:
425.9 KB (436,096 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\setup_dfstd_exe_full.exe

Digital Signature
Signed by:
Install Lab LTD.

Authority:
Thawte, Inc.

Valid from:
8/24/2014 3:00:00 AM

Valid to:
10/14/2015 2:59:59 AM

Subject:
CN=Install Lab LTD., O=Install Lab LTD., L=Tel Aviv, S=Tel Aviv, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
42F91281AFED9106E1C6980547DF3D40

File PE Metadata
Compilation timestamp:
12/6/2009 12:50:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:2mu8RMcAKZ47xsGqRrLrTyV2L831fmVJy:tYgkPMrL/yV88315

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.9016

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file setup_dfstd_exe_full.exe has been seen being distributed by the following 32 URLs.

http://www.torntv-dl.net/.../Tonal_Harmony_Workbook_7th_editon_7e_7_(chapters_1_-_15).exe

http://www.torntv-dl.net/.../Runescape_OSBot_v17_-_Free_Premium_Scripts_as_of_5_1_2013.exe

https://www.torntv-dl.net/.../300_2006_BRRip_480p_x264_PrIME.exe

http://www.torntv-dl.net/.../Browse_Movie_-_YTS.exe

https://www.torntv-dl.net/.../age_of_empires_age_of_mythology_the_titans_curse_Full.exe

http://www.torntv-dl.net/.../Ryo_Hoshi.exe

http://www.torntv-dl.net/.../Anno_1602_(1998)_iso.exe

https://www.torntv-dl.net/.../FIFA_14_CD_Key_Origin_Generator_rar.exe

http://www.torntv-dl.net/.../Les_Yeux_jaunes_des_crocodiles[2014]DVDRip_XviD[Film_Complet_French].exe

http://www.torntv-dl.net/.../product_download.exe

http://www.torntv-downloader-dl.info/.../Ravel_(Mother_Goose)_Bizet_(Synphony_In_C)_(FLAC).exe

http://www.torntv-dl.net/.../City_Bus_Simulator_2010_New_York_[English][PCDVD][WwW_GamesTorrents_CoM].exe

http://www.torntv-dl.net/.../Windows_8.1_Pro_VL_64_bit_English_-_Original.exe

http://www.torntv-dl.net/.../sci_gaj_z_youtube_Full.exe

http://www.torntv-dl.net/.../Roller_Coaster_Tycoon_3_Crack.exe

http://www.torntv-dl.net/.../Iberia_910.4892(GO).exe

https://www.torntv-dl.net/.../The_Water_Babies_[VOSE]..exe

https://www.torntv-dl.net/.../season_10_family_guy_Full.exe

https://www.torntv-dl.net/.../Singham_Returns_2014_Hindi_New_Source_V1_PreDVD_Rip_x264_xRG.exe

https://www.torntv-dl.net/.../Microsoft_Office_2013_Professional_Plus_activation_crack.exe

https://www.torntv-dl.net/.../Scott_Joplin_The_Complete_Works_Richard_Zimmerman_Piano_5_Discs_.exe

http://www.torntv-downloader-dl.info/.../Sherlock_S01_Season_1_1080p_5_1ch_BluRay_ReEnc-DeeJayAhmed.exe

http://www.torntv-dl.net/.../Outlander_S01E01_HDTV_x264-2HD.exe

http://www.torntv-dl.net/.../Farming_Simulator_2013_Update_2.1_and_Crack.exe

http://www.torntv-dl.net/.../Jim_Reeves_Overdubs(vinyl)_cd_2.exe

http://www.torntv-dl.net/.../Roller_Coaster_Tycoon_3.exe

https://www.torntv-dl.net/.../Kids&Us_-_mousy.exe

http://www.torntv-dl.net/.../VA_-_Greatest_Hits_New_Romantic_EMI_3CDsNew_Wave2005www_pctrecords_com.exe

http://www.torntv-dl.net/.../byjus_cat_classes_Full.exe

http://www.torntv-dl.net/.../Spartacus_Gods_Of_The_Arena_Part6_FiNAL_FRENCH_LD_HDTV_XviD_JMT.exe

Latest 30 of 32 download URLs

Remove setup_dfstd_exe_full.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.