pdfconvironsrc03feb2015.exe

Polyanskaya Irina

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application pdfconvironsrc03feb2015.exe by Polyanskaya Irina has been detected as adware by 9 anti-malware scanners.
Publisher:
Polyanskaya Irina  (signed and verified)

MD5:
89e1dd36e0a3c8dca36a56c268f41f53

SHA-1:
1a247bf499f94163df37626cabf7be6d81e2656d

SHA-256:
cc72f729cc7f15e3cb899690d12de5ad57b582260c76d1ce47aa8c76bf1a8a60

Scanner detections:
9 / 68

Status:
Adware

Analysis date:
12/25/2024 1:43:23 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Agent.POP
5736492

Avira AntiVirus
ADWARE/Vonteera.156240
8.3.1.6

avast!
Win32:Adware-gen [Adw]
150602-1

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
ApplicUnwnt
22406

ESET NOD32
Win32/Adware.Vonteera.L application
7.0.302.0

IKARUS anti.virus
PUA.Vonteera
t3scan.1.9.5.0

MicroWorld eScan
Adware.Agent.POP
16.0.0.483

Reason Heuristics
PUP.WebPick.PolyanskayaIrina
15.6.10.15

File size:
2.3 MB (2,392,144 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\av check\old\pdfconvironsrc03feb2015.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
8/25/2014 3:00:00 AM

Valid to:
8/26/2015 2:59:59 AM

Subject:
CN=Polyanskaya Irina, O=Polyanskaya Irina, STREET="Suhata Reka, Bl. 225A, Ap. 42", L=Sofia, S=Sofia, PostalCode=1517, C=BG

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A4C6F876119E08B1C5FF63372D64B83F

File PE Metadata
Compilation timestamp:
2/3/2015 11:03:33 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:tLdnYK5Rd7wWuEXx3JyBrCEQM9f7Zh+2NWAIs/luYgr8rIdQM+xXnWUHKj/:TnNRd7wWuE3JyBgM9f7ZhvjtuYgr8rIV

Entry address:
0xF9A4D

Entry point:
E8, C6, 88, 00, 00, E9, 89, FE, FF, FF, 3B, 0D, 70, 15, 57, 00, 75, 02, F3, C3, E9, 4D, 89, 00, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, F1, C6, 46, 0C, 00, 85, C0, 75, 63, E8, 4A, 85, 00, 00, 89, 46, 08, 8B, 48, 6C, 89, 0E, 8B, 48, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, E0, 1E, 57, 00, 74, 12, 8B, 0D, 98, 1C, 57, 00, 85, 48, 70, 75, 07, E8, B7, 93, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, A0, 1B, 57, 00, 74, 16, 8B, 46, 08, 8B, 0D, 98, 1C, 57, 00, 85, 48, 70, 75, 08, E8, 16, 8C, 00, 00, 89, 46, 04, 8B, 46, 08, F6...
 
[+]

Entropy:
7.0518

Code size:
1.1 MB (1,196,544 bytes)

Remove pdfconvironsrc03feb2015.exe - Powered by Reason Core Security