PCSpeedCleanSetup.exe

PC Speed Clean

Downloadius S.a.r.l

The file PCSpeedCleanSetup.exe, “This installer database contains the logic and data required to install PC Speed Clean.” by Downloadius S.a.r.l has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
Downloadius S.a.r.l  (signed and verified)

Product:
PC Speed Clean

Description:
This installer database contains the logic and data required to install PC Speed Clean.

Version:
2.5.5

MD5:
9ecdc335bc150d4e55387df5957d65f0

SHA-1:
ed7e00b766983d88ea4236faea2a6984b791e03c

SHA-256:
f9d486b20fb00e363dd0d4f52747bb12584d7bf71ff9db5a576070aa2c71e046

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/5/2024 7:40:42 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Downloadius.Installer (M)
16.6.23.23

File size:
5.3 MB (5,585,832 bytes)

Product version:
2.5.5

Copyright:
Copyright (C) 2014 Downloadius S.A.R.L

Original file name:
PCSpeedCleanSetup.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\awhb51a.tmp

Digital Signature
Authority:
COMODO CA Limited

Valid from:
7/25/2013 8:00:00 PM

Valid to:
7/25/2016 7:59:59 PM

Subject:
CN=Downloadius S.a.r.l, O=Downloadius S.a.r.l, STREET="7, Avenue Gaston Diderich", L=Luxembourg, S=Luxembourg, PostalCode=L-1420, C=LU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
516E4C889E15D413F8CD7F3121095139

File PE Metadata
Compilation timestamp:
6/17/2014 10:05:48 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:0aDlJ3b3GPzDmY8TI5T+ZlScA/Ve8p0f2AbIs7WYkzGJxHOlMuhJIKsZ3P:FDQSY8s5T+XScYVeic22rYiGCP

Entry address:
0xC831C

Entry point:
E8, 41, CC, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, F0, 33, DB, 3B, F3, 75, 1E, E8, 5D, 4E, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, C5, D5, FF, FF, 83, C4, 14, 8B, C6, E9, C2, 00, 00, 00, 57, 39, 5D, 0C, 77, 1E, E8, 39, 4E, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, A1, D5, FF, FF, 83, C4, 14, 8B, C6, E9, 9D, 00, 00, 00, 33, C0, 39, 5D, 14, 66, 89, 06, 0F, 95, C0, 40, 39, 45, 0C, 77, 09, E8, 0A, 4E, 00, 00, 6A, 22, EB, CF, 8B, 45, 10, 83, C0, FE, 83, F8, 22, 77...
 
[+]

Entropy:
7.7140  (probably packed)

Code size:
1020.5 KB (1,044,992 bytes)

Remove PCSpeedCleanSetup.exe - Powered by Reason Core Security