home

protectium.exe

PINWID LTD

The application protectium.exe by PINWID has been detected as adware by 22 anti-malware scanners.
Publisher:
Packer Framework  (signed by PINWID LTD)

Product:
Packer Framework

Version:
2.1.1358.1125

MD5:
b88810716efcb7980e38074a8dedfde8

SHA-1:
065072ac4331ae543aaad2c6822a1c24b3b39e58

SHA-256:
182aa555eb306df061556aaca69f9ac190686fecf53a3058b8f1938ed5ecddf0

Scanner detections:
22 / 68

Status:
Adware

Analysis date:
11/23/2024 6:01:32 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Smartbar.V
490

Agnitum Outpost
PUA.SmartBar
7.1.1

Avira AntiVirus
PUA/Linkury.Gen
8.3.2.2

Arcabit
Adware.Smartbar.V
1.0.0.425

avast!
Win32:Adware-gen [Adw]
2014.9-151002

AVG
Pindi
2016.0.2968

Baidu Antivirus
Adware.Win32.Linkury
4.0.3.15102

Bitdefender
Adware.Smartbar.V
1.0.20.1375

Dr.Web
Trojan.Revizer.765
9.0.1.0275

Emsisoft Anti-Malware
Adware.Smartbar.V
8.15.10.02.10

ESET NOD32
Win32/Toolbar.Linkury.M potentially unwanted (variant)
9.12173

F-Secure
Adware.Smartbar.V
11.2015-02-10_6

G Data
Adware.Smartbar
15.10.25

K7 AntiVirus
Adware
13.2017055

Malwarebytes
PUP.Optional.Protectium
v2015.10.02.10

McAfee
Artemis!B88810716EFC
5600.6624

MicroWorld eScan
Adware.Smartbar.V
16.0.0.825

nProtect
Adware.Smartbar.V
15.08.28.01

Reason Heuristics
PUP.Resoft.PINWID (M)
15.10.2.22

Sophos
Generic PUA AG (PUA)
4.98

VIPRE Antivirus
Smartbar
43314

Zillya! Antivirus
Adware.Toolbar.Win32.1005
2.0.0.2380

File size:
1.6 MB (1,730,080 bytes)

Product version:
2.1.1358.1125

Copyright:
Copyright (C) 2014

Original file name:
PackerV2.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\protectium.exe

Digital Signature
Signed by:
PINWID LTD

Authority:
COMODO CA Limited

Valid from:
2/5/2014 4:00:00 AM

Valid to:
2/6/2015 3:59:59 AM

Subject:
CN=PINWID LTD, O=PINWID LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46733, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D9AC9FC9A1B1E8FD63013E3CCE7B0578

File PE Metadata
Compilation timestamp:
11/25/2014 3:58:31 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:BRJd2LTbQSRp0s6QnGRE2KQfbm9YBwvD4QsvftExRF7dz3VBA2:tdgTbQSRys6QnGRE2KL9YivDb2O

Entry address:
0xDBC86

Entry point:
E8, 00, C1, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 48, F4, 55, 00, 00, 75, 18, E8, A9, 88, 00, 00, 6A, 1E, E8, F3, 86, 00, 00, 68, FF, 00, 00, 00, E8, B6, EC, FF, FF, 59, 59, 85, DB, 74, 04, 8B, C3, EB, 03, 33, C0, 40, 50, 6A, 00, FF, 35, 48, F4, 55, 00, FF, 15, 20, 71, 51, 00, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5E, 39, 05, 58, F5, 55, 00, 74, 0D, 53, E8, 58, 7F, 00, 00, 59, 85, C0, 75, A9, EB, 07, E8, 5B, 60, 00, 00, 89, 30, E8, 54, 60, 00, 00, 89...
 
[+]

Entropy:
6.8699

Code size:
1.1 MB (1,136,640 bytes)

Remove protectium.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.