home

15.0.0.122rc5_nuesd_mui.exe

Norton Utilities 15

Symantec Corporation

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from s6407.chomikuj.pl and multiple other hosts.
Publisher:
Symantec Corporation   (signed by Symantec Corporation)

Product:
Norton Utilities 15

Description:
Norton Utilities 15 Setup

Version:
15.0.0.122

MD5:
bc6be37d887f942c6ca90bff2b7863fe

SHA-1:
b02ccbc6f01f3861eb80f0b6a4650e3f00a756da

SHA-256:
2edd166772f0830089a608f9352f6c51ad82984372890ff49993f1746d32c1fe

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 12:59:19 AM UTC  (today)

File size:
20.5 MB (21,460,432 bytes)

Product version:
15.0

Copyright:
Copyright © 2010 Symantec Corporation. All rights reserved.

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\15.0.0.122rc5_nuesd_mui.exe

Digital Signature
Signed by:
Symantec Corporation

Authority:
VeriSign, Inc.

Valid from:
9/8/2010 2:00:00 AM

Valid to:
11/24/2013 12:59:59 AM

Subject:
CN=Symantec Corporation, OU=Symantec Research Labs, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Symantec Corporation, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
66660552D465B31F429F7527EA6A93BF

File PE Metadata
Compilation timestamp:
6/10/2010 4:33:52 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:nmYQPwjM1629Tvos6YQh59yHOgoGXXS2LJEjDRwn8ldNEEq:NQPwjs6evx6EO7mdL2jD59EEq

Entry address:
0x163C4

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 54, 55, 41, 00, E8, 70, 04, FF, FF, 33, C0, 55, 68, 91, 6A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 4D, 6A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, A6, EF, FF, FF, E8, B1, EA, FF, FF, 8D, 55, EC, 33, C0, E8, FB, 87, FF, FF, 8B, 55, EC, B8, A8, D6, 41, 00, E8, A6, EA, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, A8, D6, 41, 00, B2, 01...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
85 KB (87,040 bytes)

The file 15.0.0.122rc5_nuesd_mui.exe has been discovered within the following program.

360Amigo System Speedup Free  by 360Amigo
360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file 15.0.0.122rc5_nuesd_mui.exe has been seen being distributed by the following 4 URLs.

http://s6407.chomikuj.pl/File.aspx?e=YaSFMly49fD56_hGbsxKEX0DparIcHRSL9xcekGXamXP3gm96lRrIcjKaxqCYiB_Sw_UD26iau6cX9NDNOx3ye4owNw-W6Gj_aDzanOFixVbBe5kL9zXjwbie7xdtd0PY2MpSqmRQ2xxnnNA5Ti4dw&pv=2

http://www.norton.com/nu15

http://external.comss.ru/url.php?url=http://buy-download.norton.com/akdlm/dm/downloads/NONCLT/NU/MUI/2011/15.0/.../15.0.0.122RC5_NUesd_MUI.exe

http://buy-download.norton.com/akdlm/dm/downloads/NONCLT/NU/MUI/2011/15.0/.../15.0.0.122RC5_NUesd_MUI.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.