mymusictubesetup_ch.exe

NCIS Technologies Ltd.

The application mymusictubesetup_ch.exe by NCIS Technologies has been detected as a potentially unwanted program by 25 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer.
Publisher:
NCIS Technologies Ltd.  (signed and verified)

MD5:
ecf9ad9f0d38dbe53aa2cdad0f2df48b

SHA-1:
6047e87c57952a439eccfd5e67c74d28c6ea694a

SHA-256:
31ebfd79117a1a5cec88ec04e493a3c9f6204457752ef097c5581e5219e09e47

Scanner detections:
25 / 68

Status:
Potentially unwanted

Explanation:
Bundles the Conduit Toolbar and/or Conduit Search Protect.

Analysis date:
11/24/2024 2:31:05 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Relevant.BH
-24

Avira AntiVirus
ADWARE/Adware.Gen
8.3.3.4

Arcabit
Adware.Relevant.BH
1.0.0.688

avast!
Win32:PUP-gen [PUP]
2014.9-170228

AVG
Skodna.Generic_c
2018.0.2454

Bitdefender
Adware.Relevant.BH
1.0.20.295

Clam AntiVirus
W32S.Adware.RelevantKnowledge-6
0.98/21511

Comodo Security
ApplicUnwnt.Win32.AdWare.RK.~E
25111

Dr.Web
Adware.Conduit.350
9.0.1.059

Emsisoft Anti-Malware
Adware.Relevant.BH
8.17.02.28.04

ESET NOD32
Win32/WrapApp.A potentially unwanted
11.13556

F-Secure
Adware.Relevant.BH
11.2017-28-02_3

G Data
Adware.Relevant.BH
17.2.25

IKARUS anti.virus
PUA.ClientConnect
t3scan.2.0.9.0

K7 AntiVirus
Unwanted-Program
13.226.19733

Malwarebytes
PUP.Optional.Conduit
v2017.02.28.04

Microsoft Security Essentials
SoftwareBundler:Win32/Stallmonitz
1.1.12804.0

MicroWorld eScan
Adware.Relevant.BH
18.0.0.177

NANO AntiVirus
Riskware.Win32.Conduit.dyxdte
1.0.30.8482

nProtect
Adware.Relevant.BH
16.05.27.01

Quick Heal
PUA.Conduitltd.Gen
2.17.14.00

Reason Heuristics
Adware.Conduit (M)
17.2.28.4

Sophos
RelevantKnowledge (PUA)
4.98

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.4

VIPRE Antivirus
Wajam
49682

File size:
718.2 KB (735,392 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\mymusictubesetup_ch.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
12/18/2012 1:00:00 AM

Valid to:
12/19/2013 12:59:59 AM

Subject:
CN=NCIS Technologies Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=NCIS Technologies Ltd., L=New York, S=New York, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
585C0AB9FDA6AAF250B85A01CC89A67D

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Remove mymusictubesetup_ch.exe - Powered by Reason Core Security