{"id":2292,"date":"2014-10-23T09:04:08","date_gmt":"2014-10-23T09:04:08","guid":{"rendered":"http:\/\/www.freefixer.com\/b\/?p=2292"},"modified":"2018-05-29T12:01:57","modified_gmt":"2018-05-29T12:01:57","slug":"fileangels-publisher","status":"publish","type":"post","link":"https:\/\/www.freefixer.com\/b\/fileangels-publisher\/","title":{"rendered":"Fileangels – Detected as IBryte and OptimunInstaller"},"content":{"rendered":"

Welcome! Just a note on a publisher called Fileangels<\/strong>. The Fileangels download – setup.exe – was detected when I uploaded it to VirusTotal. Did you also find a download by Fileangels? Was it also detected when you uploaded it to VirusTotal?<\/p>\n

This is how Fileangels<\/strong> appears when running the file:<\/p>\n

\"fileangels<\/a><\/p>\n

By looking at the certificate we can see that Fileangels appears to be located in Kansas City, USA.<\/p>\n

\"Fileangels<\/a><\/p>\n

The reason I’m writing this blog post is that the Fileangels file is detected by some of the anti-malware scanners at VirusTotal<\/a>. AVG detects setup.exe as AdPlugin.BNR<\/strong>, Fortinet detects it as W32\/Zbot.AAN!tr<\/strong>, Kaspersky detects it as Trojan.Win32.Badur.jukw<\/strong>, Malwarebytes reports PUP.Optional.OptimunInstaller<\/strong> and McAfee detects it as IBryte-FRT<\/strong>. In addition, the Fileangels download was also promoted as a “Java Update”.<\/p>\n

\"fileangels<\/a><\/p>\n

Did you also find a file digitally signed by Fileangels? Where did you find it and are the anti-virus programs detecting it? Please share in the comments below.<\/p>\n

Thanks for reading.<\/p>\n","protected":false},"excerpt":{"rendered":"

Welcome! Just a note on a publisher called Fileangels. The Fileangels download – setup.exe – was detected when I uploaded it to VirusTotal. Did you also find a download by Fileangels? Was it also detected when you uploaded it to VirusTotal? This is how Fileangels appears when running the file: By looking at the certificate … Continue reading Fileangels – Detected as IBryte and OptimunInstaller<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[54],"tags":[152,184,199],"_links":{"self":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/2292"}],"collection":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/comments?post=2292"}],"version-history":[{"count":5,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/2292\/revisions"}],"predecessor-version":[{"id":2727,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/2292\/revisions\/2727"}],"wp:attachment":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/media?parent=2292"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/categories?post=2292"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/tags?post=2292"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}