Welcome! If you are a regular here on the FreeFixer blog you know that I’ve been looking on the certificates used to sign files that bundled various types of unwanted software. Today I found another certificate, used by a publisher called Trusted Download LLC.
This is how Trusted Download LLC appears when running the file:
It is also possible to check a digital signature by looking at a file’s properties. Here’s a screenshot of the Trusted Download LLC certificate.
So, why am I writing about the Trusted Download LLC file? Check out what the anti-malware scanners report about the file:
Avira classifies Setup(1).exe as PUA/Softpulse.Gen, Kaspersky reports not-a-virus:Downloader.Win32.DriverUpd.lqs and Qihoo-360 detects it as HEUR/QVM18.1.Malware.Gen are a few of the detection names for Setup(1).exe.
Did you also find a Trusted Download LLC file? What kind of download was it? If you remember the download link, please post it in the comments below.
Thanks for reading.
hxxp://download.cnet .com/Revealer-Keylogger-Free/3000-2162_4-10586804.html?part=dl-6287137&subj=dl&tag=button
pls check it for heur/malware.qvm18.1.gen
VirusTotal: 10/57
Agnitum Riskware.RevealKeylogger! 20150316
AhnLab-V3 Unwanted/Win32.Keylogger 20150317
Comodo UnclassifiedMalware 20150317
DrWeb Tool.Keylog.220 20150317
ESET-NOD32 Win32/KeyLogger.RevealerKeylogger.NAB 20150317
Ikarus PUA.KeyLogger.RevealerKeylogger 20150317
Kingsoft Win32.Troj.Generic.a.(kcloud) 20150317
Malwarebytes Keylogger.Logixoft 20150317
NANO-Antivirus Trojan.Win32.XPACK.czfvpv 20150317
Sophos Revealer Keylogger Installer 20150317