mypctuneup64.exe

MYPCTuneUp

MY SECURITY CENTER LTD

The application mypctuneup64.exe, “MYPCTuneUp for MySecurityCenter” by MY SECURITY CENTER has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This file is typically installed with the program MYPCTuneUp by MYSecurityCenter Ltd.. While running, it connects to the Internet address web30.cluster.spamfighter.com on port 80 using the HTTP protocol.
Publisher:
MYSecurityCenter Ltd.  (signed by MY SECURITY CENTER LTD)

Product:
MYPCTuneUp

Description:
MYPCTuneUp for MySecurityCenter

Version:
2.3.125.59

MD5:
8f6ee961e124581b2104dfdf0fe2e794

SHA-1:
879cd74d5b79d648d3160e2036360d517810746a

SHA-256:
728f8c1ebdc653967e211f1a5f62e3b5d23f72c477eb1a75bff52eb51319414e

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/24/2024 11:22:08 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.Task
15.1.12.12

File size:
12.8 MB (13,458,600 bytes)

Product version:
2.3.125.59

Copyright:
(c) MYSecurityCenter Ltd.. All rights reserved.

Original file name:
MYPCTuneUp.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\my security center\mypctuneup\mypctuneup64.exe

Digital Signature
Authority:
DigiCert Inc

Valid from:
5/16/2012 5:00:00 PM

Valid to:
7/21/2015 5:00:00 AM

Subject:
CN=MY SECURITY CENTER LTD, O=MY SECURITY CENTER LTD, L=West Drayton, C=GB

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
02B405245A6E01DE7848F7C55FC3BCC7

File PE Metadata
Compilation timestamp:
5/15/2013 6:07:51 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:Gwp5HtNccccccccccccccccccccccccccccccFcccccccccccccccccccccccccU:Gwntyq

Entry address:
0x156060

Entry point:
48, 83, EC, 28, E8, C3, 82, 00, 00, 48, 83, C4, 28, E9, 1A, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, 89, 0D, 18, 00, 75, 11, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 02, F3, C3, 48, C1, C9, 10, E9, 31, 83, 00, 00, CC, E9, EB, 84, 00, 00, CC, CC, CC, 48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8D, 05, 0F, 44, 0B, 00, 8B, DA, 48, 8B, F9, 48, 89, 01, E8, 56, 84, 00, 00, F6, C3, 01, 74, 08, 48, 8B, CF, E8, B9...
 
[+]

Entropy:
4.3018

Code size:
2 MB (2,091,008 bytes)

Scheduled Task
Task name:
MYPCTuneUp64-Fabricia-Startup

Trigger:
Logon (Runs on logon)

Action:
mypctuneup64.exe \delay 180


The file mypctuneup64.exe has been discovered within the following program.

MYPCTuneUp  by MYSecurityCenter Ltd.
Publisher's description - “Breathe new life into your PC and Increase overall performance. Can increase your PC performance by up to 200%, drastically stabilize the PC and reduce the need to re-start. MYPCTuneUp uses the most advanced technologies available to analyze PC errors and speed up a slow PC.”
www.mysecuritycenter.com
39% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to web40.cluster.spamfighter.com  (91.192.52.195:80)

TCP (HTTP):
Connects to web30.cluster.spamfighter.com  (91.192.52.205:80)

TCP (HTTP):
Connects to web20.cluster.spamfighter.com  (91.192.52.198:80)

Remove mypctuneup64.exe - Powered by Reason Core Security