OUTbrowse Ltd – 13% Detection rate: Trojan.Win32.OutBrowse and Adware.Win32.OutBrowse

adware, digital signature, ,

If you’ve been following me for the last months you know that I’ve been examining many software publishers that put a digital signature on their downloads. Yesterday I found another publisher called OUTbrowse Ltd. This is how it appears when running the file:

outbrowse ltd

 

To get more details on the publisher, you can view the certificate by right-clicking on the file, and looking under the Digital Signatures tab:

outbrowse ltd Digital Signature

 

According to the certificate information, OUTbrowse Ltd appears to be located in Israel. The certificate is about two weeks old.

When running the OUTbrowse file, it displayed a link to the OUTbrowse Terms and Conditions, which were located on www.mixi.dj.

outbrowse web site - www.mixi.dj

So, why did I put up this blog post? Well, the thing is that the OUTbrowse file is detected by some anti-virus programs, according to VirusTotal:

OUTBrowse virus total report - 7/54

PUP.Optional.OutBrowse, Trojan.Win32.OutBrowse and Adware.Win32.OutBrowse are a few of the detection names. The detection rate is 7/54, that is 13%.

Hope this blog post helped you avoid some unwanted software on your machine.

Did you also find an OUTbrowse file? Do you remember the download link? Please post it in the comments below and I’ll upload it to VirusTotal to see if that one is also detected.

 

 

 

 

 

3 thoughts on “OUTbrowse Ltd – 13% Detection rate: Trojan.Win32.OutBrowse and Adware.Win32.OutBrowse

  1. Pingback: Remove Ads by CheckMeUp | The FreeFixer Blog

  2. I found this file on link updatecodec.placeofentertainment.org
    When I download video i have message:
    This Video Play in Windows Media Player.

    If you face any problem playing this video in Windows Media Players update it for latest codecs.
    It may ask for CODEC update if needed. Download and Install it.

    If the Windows Media player fails to update the codec then visit the below link and install the missing CODEC.

    Visit:- updatecodec.placeofentertainment.org

    I tested Codec_Premium_2015.exe by drweb online and found trojan.

  3. This is being used on YouTube, purporting to be the Setup of 303 different Software Apps on this channel:
    https://www.youtube. com/channel/UCbeW4JuiNeB6_thrkDwwSjw
    303 Videos were uploaded in 1 day, with this as part of the recommended download.

    Checkout:
    http://www.herdprotect.com/setup.exe-4ff6592f31734554ad660d373ac8f424d00ae9c8.aspx

    and:

    https://www.virustotal.com/en/file/7febe0efa3c551193b99d9414e7d7f44cab14621c3f4be71ee6bd7af80f97881/analysis/1424731551/

    Of course the videos are pretending to offer Illegal Keygens (self-updating ones at that) and the KeyGen is in reality a variation of the same Trojan:
    https://www.virustotal.com/en/file/14a17e6c5c456c64f32a13343a0014afd608f785aba87f35a011242330f9f619/analysis/1424738976/

Comments are closed.