Hello readers! Just wanted to let you know about a publisher called SAfe downlOAd gtL before going back to writing some code for FreeFixer.
The following screenshot shows the User Account Control dialog when running the SAfe downlOAd gtL file:
By examining the certificate, we can see that SAfe downlOAd gtL is located in Dublin, Ireland. The certificate is issued by thawte SHA256 Code Signing CA.
The reason I’m writing this blog post is that the SAfe downlOAd gtL file is detected by many of the anti-malwares at VirusTotal. ESET-NOD32 classifies Player.exe as a variant of Win32/OutBrowse.CB potentially unwanted, Malwarebytes detects it as PUP.Optional.Outbrowse and Sophos calls it Generic PUA OC.
Did you also find an SAfe downlOAd gtL? Do you remember the download link? Please post it in the comments below and I’ll upload it to VirusTotal to see if that one is also detected.
Thank you for reading.
I wanted to download a game for free but the publisher made me conclude that this could be a virus. I cant post the download link directly, because it’s somehow protected, but that’s the link to it: hxxp://www.pcgfd .com/poly-bridge-free-download-game/
Can you check if this is a virus or something similar?
Greetings
Felix Egbe
Hello Felix,
Thank you for posting the link to that file. I’ve added the file to the FreeFixer database here:
http://www.freefixer.com/library/file/Poly%20Bridge%20Free%20Download%20Game.exe-194883/
I’m still waiting for the results from VirusTotal. The scan result should be available in 5-10 minutes.