FreeGamer Installer

Category: Adware and PUAs Protection available since:12 Jan 2013 17:06:36 (GMT)
Type: Unspecified PUA Last Updated:12 Jan 2013 17:06:36 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

FreeGamer Installer is an installer which bundles legitimate applications with offers for additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.

FreeGamer Installer exhibits the following characteristics:

File Information

Size
420K
SHA-1
b5d3d4a4099265109d77d797c30615cc469ab370
MD5
b28f55edba78ca7c040181c4cd966900
CRC-32
4bb16555
File type
Windows executable
First seen
2012-11-18

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\J\DA.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\modern-wizard.bmp
  • C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\S-1-5-21-1202660629-1454471165-1275210071-1003
  • c:\Documents and Settings\test user\Local Settings\Temp\rnsetup0.exe
    Size
    638K
    SHA-1
    cd6bbe130210d0c185a511011928187617a4299a
    MD5
    5817219b84888e402605d65c49957702
    CRC-32
    32cf8ba7
    File type
    Windows executable
    First seen
    2012-02-01
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\nsDialogs.dll
  • C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\S-1-5-18
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\System.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\bg.bmp
    Size
    38K
    SHA-1
    3f1b019e01381d228243750716d58721b3b20aa4
    MD5
    0a0e4aade93f2a100e8cb36e08161099
    CRC-32
    e4240c03
    File type
    Device-independent bitmap (DIB) file
    First seen
    2012-10-25
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\inetc.dll
    Size
    21K
    SHA-1
    4da9dd5427c0fdfa2cce3ee29ac5147b74ff3834
    MD5
    9a7d35d1e9e5dfb6a7872d49cf64db83
    CRC-32
    8ca124e7
    File type
    Windows executable
    First seen
    2011-05-22
Processes Created
  • c:\docume~1\support\locals~1\temp\nsm4.tmp\j\da.exe
  • c:\docume~1\support\locals~1\temp\rnsetup0.exe
HTTP Requests
  • http://firstrun.real.com/geoloc/extended
  • http://log.realone.com/rpinst/log.txt
  • http://www.freegamer.info/r2/
DNS Requests
  • firstrun.real.com
  • log.realone.com
  • www.freegamer.info

download Try Sophos products for free
Download now

© 1997 - 2013 Sophos Ltd. All rights reserved. Legal Privacy Cookie Information