pcspeedcleansetups.exe

PC Speed Clean

Downloadius S.a.r.l

The application pcspeedcleansetups.exe, “This installer database contains the logic and data required to install PC Speed Clean.” by Downloadius S.a.r.l has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. It is also typically executed from the user's temporary directory.
Publisher:
Downloadius S.a.r.l  (signed and verified)

Product:
PC Speed Clean

Description:
This installer database contains the logic and data required to install PC Speed Clean.

Version:
2.5.5

MD5:
13055f8d5981c7a0737050372317dfd5

SHA-1:
d33e35f91ede1abd7dd2a07c71da1456abe7d4f1

SHA-256:
a2a08941c022f3478d0b436b321848b231986d9139a20dc382588d4623cd1d1a

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/5/2024 7:28:26 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Downloadius (M)
16.7.31.16

File size:
5.3 MB (5,558,760 bytes)

Product version:
2.5.5

Copyright:
Copyright (C) 2014 Downloadius S.A.R.L

Original file name:
PCSpeedCleanSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\pcspeedcleansetups.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
7/25/2013 5:00:00 PM

Valid to:
7/25/2016 4:59:59 PM

Subject:
CN=Downloadius S.a.r.l, O=Downloadius S.a.r.l, STREET="7, Avenue Gaston Diderich", L=Luxembourg, S=Luxembourg, PostalCode=L-1420, C=LU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
516E4C889E15D413F8CD7F3121095139

File PE Metadata
Compilation timestamp:
5/21/2014 2:03:40 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:g2BxX/sFFsoWHKeZz35jVqTQokDLS5qXjLVH8VX1j9kWnRP9oZOPl8TxFz5m7bb:gWPt5jVqTQoWXXjx8VX1j9VJe8l8Ts7n

Entry address:
0xC4C6B

Entry point:
E8, 42, CC, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, F0, 33, DB, 3B, F3, 75, 1E, E8, 5E, 4E, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, C6, D5, FF, FF, 83, C4, 14, 8B, C6, E9, C2, 00, 00, 00, 57, 39, 5D, 0C, 77, 1E, E8, 3A, 4E, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, A2, D5, FF, FF, 83, C4, 14, 8B, C6, E9, 9D, 00, 00, 00, 33, C0, 39, 5D, 14, 66, 89, 06, 0F, 95, C0, 40, 39, 45, 0C, 77, 09, E8, 0B, 4E, 00, 00, 6A, 22, EB, CF, 8B, 45, 10, 83, C0, FE, 83, F8, 22, 77...
 
[+]

Entropy:
7.7191  (probably packed)

Code size:
1004 KB (1,028,096 bytes)

Remove pcspeedcleansetups.exe - Powered by Reason Core Security