ptprofiler-setup.exe

Karen's Power Tools

KarenWare.com

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This file is installed with the program Karen's Computer Profiler. The file has been seen being downloaded from www.karenware.com.
Publisher:
Karen Kenworthy  (signed by KarenWare.com)

Product:
Karen's Power Tools

Description:
Karen's Computer Profiler Installer

Version:
2.5.0.3

MD5:
6401eb9ebf0d8bd46eff120f3d18726d

SHA-1:
ecacea74e8b9ae9e110775a193cf771354f11e6d

SHA-256:
d5dd6eb17cdc8d9c09fe7dd7faf15a9cd913bdeff5bc3317925c54c9d11340fd

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/4/2024 8:30:19 AM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.24.3

File size:
803.7 KB (822,952 bytes)

Copyright:
Copyright © 2001-2003, 2007 Karen Kenworthy All Rights Reserved

Trademarks:
'Karen's Power Tools' and 'Karen's Computer Profiler' are trademarks of Karen Kenworthy

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\ptprofiler-setup.exe

Digital Signature
Signed by:

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
3/28/2007 3:18:51 PM

Valid to:
2/27/2008 5:52:56 PM

Subject:
CN=KarenWare.com, OU=Secure Application Development, O=KarenWare.com, L=Broken Arrow, S=Oklahoma, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
39A4BE53C3FCE1867408F41F82207F7A

File PE Metadata
Compilation timestamp:
9/29/2007 8:50:37 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:P5QAd6yIZ1/NpI1iaA7XFu3Lpg6Mc/s+cp9aO:PtdyZ1XIwaARu3Lpgdc/s7EO

Entry address:
0x30F3

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, C8, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, D8, EC, 42, 00, E8, D4, 2A, 00, 00, A3, 24, EC, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 40, 90, 42, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, 20, E4, 42, 00, E8, 8B, 27, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 79, 27, 00, 00...
 
[+]

Entropy:
7.9784

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file ptprofiler-setup.exe has been discovered within the following program.

Karen's Computer Profiler  by Karen Kenworthy
Publisher's description - “Learn more than 200 interesting facts about your computer. Details about your CPU, memory, operating system, even your computer's power source, are all displayed. You can also copy the information to the Windows clipboard, and paste it into a document for permanent storage.”
www.karenware.com
4% remove it
 
Powered by Should I Remove It?

The file ptprofiler-setup.exe has been seen being distributed by the following URL.

Scan ptprofiler-setup.exe - Powered by Reason Core Security