{"id":3930,"date":"2015-01-15T21:06:18","date_gmt":"2015-01-15T21:06:18","guid":{"rendered":"http:\/\/www.freefixer.com\/b\/?p=3930"},"modified":"2018-05-29T12:01:03","modified_gmt":"2018-05-29T12:01:03","slug":"rational-thought-solutions-18-detection-rate-msil-adware-pullupdate","status":"publish","type":"post","link":"https:\/\/www.freefixer.com\/b\/rational-thought-solutions-18-detection-rate-msil-adware-pullupdate\/","title":{"rendered":"Rational Thought Solutions – 18% Detection Rate – MSIL.Adware.PullUpdate"},"content":{"rendered":"

Found another publisher that appears to be signing adware related files while checking out the new files added to FreeFixer’s database. The publisher is called\u00a0Rational Thought Solutions<\/strong>.<\/p>\n

When I uploaded the Rational Thought Solutions file to VirusTotal<\/a>, it came up with a 18% detection rate. The file is detected as Downloader.CBD<\/strong> by AVG, a variant of MSIL\/Adware.PullUpdate.G.gen<\/strong> by ESET-NOD32, PUP.Optional.StormAlert.A<\/strong> by Malwarebytes, Artemis!707FECAF8B22<\/strong> by McAfee and MSIL.Adware.PullUpdate<\/strong> by VIPRE.<\/p>\n

\"Rational<\/a><\/p>\n

From what I can tell from the\u00a0Rational Thought Solutions files added to the FreeFixer database, the file names seems to be randomly generated. The files are located at\u00a0C:\\ProgramData\\%random%\\%random%.exe.<\/p>\n

Did you also stumble upon a download that was signed by Rational Thought Solutions? What kind of download was it and was it reported by the anti-virus scanners at VirusTotal<\/a>? Please share in posting comments below.<\/p>\n

Thanks for reading.<\/p>\n","protected":false},"excerpt":{"rendered":"

Found another publisher that appears to be signing adware related files while checking out the new files added to FreeFixer’s database. The publisher is called\u00a0Rational Thought Solutions. When I uploaded the Rational Thought Solutions file to VirusTotal, it came up with a 18% detection rate. The file is detected as Downloader.CBD by AVG, a variant … Continue reading Rational Thought Solutions – 18% Detection Rate – MSIL.Adware.PullUpdate<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[54],"tags":[362],"_links":{"self":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/3930"}],"collection":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/comments?post=3930"}],"version-history":[{"count":3,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/3930\/revisions"}],"predecessor-version":[{"id":3934,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/3930\/revisions\/3934"}],"wp:attachment":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/media?parent=3930"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/categories?post=3930"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/tags?post=3930"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}