Google chrome cache file detected by MBAM

[Coolmario88]

MBAM detected a cache file labeled as (HackTool.Agent.Gen) I let malwarebytes remove the cache file virus.. I am wondering do you have the file that is labeled as f_000339  in C:\Users\~Usernamehere~\AppData\Local\Google\Chrome\User Data\Default\Cache\  ?  should  I restore the file and report it to avast as a virus so avast can detect it?

[true indian]

I find that the file is worth uploading to www.virustotal.com ....will be interesting to see what will be the results  i searched my own chrome cache dont find any such file even scanned the cache folder comes up clean...also better if sent to avast virus lab for analysis 

[Coolmario88]

Virustotal says 4/43 antiviruses detects this file https://www.virustotal.com/file/acd95e012aea4776049358b33add5cfa5f5191337469245889fa07140beb8d8e/analysis/1330148458/

Also that is weird! It says Multiples of 12 and that was on my old weebly site.. maybe i should remove this file see pic for the info virustotal gave about the file

[true indian]

Interesting.....Hi sent the file to avast! virus lab via chest. also quarantine the file with MBAM.It seems to be the file is in someway related to Redirector type trojan.

Anyway,it would be better to send it to avast via chest...all other AV's wil get the sample from VT at the end of every week.

[Coolmario88]

The file is on hxxp://coolmariosprograms.weebly.com  Multiples of 12 is the file name. i own that weebly site and well i haven't updated for a very long time.. I'm going to turn it into a blog soon after a url change of the subdomain..

[true indian]

Please send the file to avast via the chest for analysis i would personally like that detected by avast.

[Coolmario88]

I just tried to make a new reply and the forum wouldn't load.. but here is the reply again

Google chrome says Multiples_of_12.exe appears malicious..  avast detected it with filerep which i told avast to avoid the download for me so i couldn't download it so i just disabled avast and downloaded the exe and I'm going to submit this file to avast through virus chest..

[true indian]

Thats good....atleast filerep is in action here...though since the file is sent to avast it should be detected soon...keep your fingers crossed. 



Best wishes from sunny india.

[Coolmario88]

Sometimes I wonder if avast gets the files I submit to them through the virus chest.

[true indian]

Well if u doubt it...u better password protect the file and send the file to virus@avast.com 

[Coolmario88]

I scanned the exe with Anubis here is the report http://anubis.iseclab.org/?action=result&task_id=145ee33fb02b715d47d89d4956d62ba90&format=html

I scanned it to see what Anubis says about the exe.

[Pondus]

guessing  False Positive

First seen by VirusTotal    2011-07-05 15:38:14 UTC ( 7 months, 3 weeks ago )

if you are curious....you may upload to Avira lab and see what they say?

[Coolmario88]

guessing  False Positive

First seen by VirusTotal    2011-07-05 15:38:14 UTC ( 7 months, 3 weeks ago )

if you are curious....you may upload to Avira lab and see what they say?

I'm going to do just that.

[Pondus]

Do you know where ?

if not it is here  http://analysis.avira.com/samples/index.php

and if you want to double check  Sophos here    https://secure.sophos.com/support/samples     usually quick to respond