» ActiverisAntiMalware.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

ActiverisAntiMalware.exe

Activeris AntiMalware

Fiorentino Media Inc.

The application ActiverisAntiMalware.exe by Fiorentino Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This file is typically installed with the program Activeris AntiMalware by Activeris Software LLC which is a potentially unwanted software program.

File name:

Publisher:

Activeris (signed by Fiorentino Media Inc.)

Product:

Activeris AntiMalware

Version:

1.0.0.1

MD5:

9954420455d68234c426f448ccabf379

SHA-1:

3eae3789367b4431dc8a913dae28dbe8a3f5d01c

SHA-256:

914a29d36c3947500889f621591feba44b46a7083d027fd45dead65d326dd608

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/5/2024 2:25:50 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic

16.10.28.5

File size:

6.3 MB (6,614,624 bytes)

Product version:

1.0.0.1

Original file name:

ActiverisAntiMalware.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\activeris antimalware\activerisantimalware.exe

Digital Signature

Signed by:

Fiorentino Media Inc.

Authority:

COMODO CA Limited

Valid from:

1/25/2012 12:00:00 AM

Valid to:

1/24/2013 11:59:59 PM

Subject:

CN=Fiorentino Media Inc., O=Fiorentino Media Inc., STREET=7904 E. Chaparral Road, STREET=STE A110-430, L=Scottsdale, S=AZ, PostalCode=85250, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

009CB8D8E313806C1914ADA02E4DB86602

File PE Metadata

Compilation timestamp:

10/16/2012 11:20:16 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

49152:sOmi6yU+rOsIfo9k3RQZrp24Rd7hvjRQHNO+u50:3r5If3QZrpENg0

Entry address:

0x64A14E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.9081

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

6.3 MB (6,586,880 bytes)

Scheduled Task

Task name:

Activeris AntiMalware_startup

Trigger:

Logon (Runs on logon)

The file ActiverisAntiMalware.exe has been discovered within the following program.

Activeris AntiMalware by Activeris Software LLC

Activeris AntiMalware is bundled with the FastAgain PC Booster program. In addition it is bundled through third party download managers such as AirInstaller which distributes ad-supported web browser toolbars.

www.activeris.com

73% remove it

Remove ActiverisAntiMalware.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.