Someone should use a decompiler and try and see if it has an IP, URL or email.
Or someone could just sandboxie it...
Or check if it connects to the internet once enabled...
EDIT : After examining his other videos, this guy is focused on making everything illegal. Most of his stuff look far fetched, but I haven't seen an outrageous amount of negative reviews (I can't trust comments, he might be deleting the negative ones). He also seems to be a guy sort of liked, german and has had his account for a few months.
AhnLab-V3 | 2011.01.06.00 | 2011.01.05 | Trojan/Win32.Chifrax |
AntiVir | 7.11.1.34 | 2011.01.05 | TR/Dropper.Gen |
Antiy-AVL | 2.0.3.7 | 2011.01.05 | - |
Avast | 4.8.1351.0 | 2011.01.05 | - |
Avast5 | 5.0.677.0 | 2011.01.05 | - |
AVG | 9.0.0.851 | 2011.01.05 | - |
BitDefender | 7.2 | 2011.01.05 | Gen:Trojan.Heur.MR.juZ@aGfj21CO |
CAT-QuickHeal | 11.00 | 2011.01.05 | - |
ClamAV | 0.96.4.0 | 2011.01.05 | - |
Command | 5.2.11.5 | 2011.01.05 | - |
Comodo | 7307 | 2011.01.05 | TrojWare.Win32.Agent.~Wrar |
DrWeb | 5.0.2.03300 | 2011.01.05 | - |
Emsisoft | 5.1.0.1 | 2011.01.05 | - |
eSafe | 7.0.17.0 | 2011.01.05 | - |
eTrust-Vet | 36.1.8083 | 2011.01.05 | - |
F-Prot | 4.6.2.117 | 2011.01.05 | - |
F-Secure | 9.0.16160.0 | 2011.01.05 | Gen:Trojan.Heur.MR.juZ@aGfj21CO |
Fortinet | 4.2.254.0 | 2011.01.05 | - |
GData | 21 | 2011.01.05 | Gen:Trojan.Heur.MR.juZ@aGfj21CO |
Ikarus | T3.1.1.90.0 | 2011.01.05 | - |
Jiangmin | 13.0.900 | 2011.01.05 | Heur:TrojanDropper.WinRar |
K7AntiVirus | 9.75.3448 | 2011.01.05 | - |
Kaspersky | 7.0.0.125 | 2011.01.05 | Trojan.Win32.Chifrax.a |
McAfee | 5.400.0.1158 | 2011.01.05 | Generic BackDoor!cur |
McAfee-GW-Edition | 2010.1C | 2011.01.05 | Artemis!DA82BA51BA30 |
Microsoft | 1.6402 | 2011.01.05 | Backdoor:Win32/Poisonivy.E |
NOD32 | 5763 | 2011.01.05 | - |
Norman | 6.06.12 | 2011.01.05 | - |
nProtect | 2011-01-05.01 | 2011.01.05 | - |
Panda | 10.0.2.7 | 2011.01.05 | Trj/Chifrax.A |
PCTools | 7.0.3.5 | 2011.01.04 | - |
Prevx | 3.0 | 2011.01.05 | - |
Rising | 22.81.02.03 | 2011.01.05 | Trojan.Win32.Patched-RARSFX.i |
Sophos | 4.60.0 | 2011.01.05 | Mal/Dropper-AE |
SUPERAntiSpyware | 4.40.0.1006 | 2011.01.05 | - |
Symantec | 20101.3.0.103 | 2011.01.05 | - |
TheHacker | 6.7.0.1.110 | 2011.01.03 | - |
TrendMicro | 9.120.0.1004 | 2011.01.05 | - |
TrendMicro-HouseCall | 9.120.0.1004 | 2011.01.05 | - |
VBA32 | 3.12.14.2 | 2011.01.05 | Trojan.Win32.Chifrax.a |
VIPRE | 7967 | 2011.01.05 | - |
ViRobot | 2011.1.5.4238 | 2011.01.05 | - |
VirusBuster | 13.6.130.0 | 2011.01.05 | - |
In conclusion, I'd give this guy a very high risk, even though the scan is 34%, but too many false positives to be sure and most results are for trojans, suggesting that if anything were to happen the program would backdoor you and why would anybody want to backdoor you...?
If anyone is willing to test on a noob account, that'd be awesome.