home

pwhe75.exe

MiniTool Partition Wizard Home Edition

MiniTool Solution Ltd

This is a self-extracting archive and installer. The file has been seen being downloaded from www.filepuma.com and multiple other hosts.
Publisher:
MiniTool Solution Ltd.   (signed by MiniTool Solution Ltd)

Product:
MiniTool Partition Wizard Home Edition

Description:
MiniTool Partition Wizard Home Edition Setup

Version:
7.5.0

MD5:
d317567694b25b3d64f003c05fd08f3b

SHA-1:
798bb00588c4e859e20f4d84eb364e1cb62356f6

SHA-256:
de8601aa04766b196fe872dc6022c21d3269da9e967596cfeaca55bd99c39826

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 6:41:15 PM UTC  (today)

File size:
11.2 MB (11,724,064 bytes)

Product version:
7.5.0

Copyright:
Copyright © 2009 - 2012 MiniTool Solution Ltd., all rights reserved.

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\pwhe75.exe

Digital Signature
Signed by:
MiniTool Solution Ltd

Authority:
GlobalSign nv-sa

Valid from:
5/22/2012 1:18:09 AM

Valid to:
5/23/2015 1:18:09 AM

Subject:
E=support@minitool.ca, CN=MiniTool Solution Ltd, O=MiniTool Solution Ltd, L=SURREY, S=British Columbia, C=CA

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121CB5D7302C7544C0407CB59FFDE7FB180

File PE Metadata
Compilation timestamp:
5/29/2012 7:51:48 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:R991O3XkWHDssQhEecJpEGcEF2AE2vK+qzICZ47h2eBPa48mnMpqaf0XwGKUR2k4:2Eg17XciE2vKzUCZ6h2eBi2ncmwG6pk2

Entry address:
0x16478

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B8, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 56, EC, FF, FF, E8, FD, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, E8, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, D6, 41, 00, B2, 01...
 
[+]

Entropy:
7.9789

Developed / compiled with:
Microsoft Visual C++

Code size:
84 KB (86,016 bytes)

The file pwhe75.exe has been discovered within the following program.

360Amigo System Speedup Free  by 360Amigo
360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file pwhe75.exe has been seen being distributed by the following 7 URLs.

http://www.filepuma.com/file/1474768959c996/minitool_partition_wizard_home_edition_7.5/.../0/

http://www.filepuma.com/file/1480828875c996/minitool_partition_wizard_home_edition_7.5/.../0/

https://www.edmodo.com/file?id=863399e9369a9c338f822dd54e260e06

http://dc595.4shared.com/download/.../Partition_Wizard.exe

http://s10751.chomikuj.pl/File.aspx?e=wPmmdw3H-ASigMTlUdLJEfBs9n3NUFLZdq6dmkGQvw98zG-mrtitYsJrEDu8K4-vtBED2XUXlsC0MalHa1ojJcr4UF0byg5pEkpOyp_ZAb7s61okDH9lhL-ACSzG0KNfkIAr0BafuRvqKHy7jOnzzjK6ZvFzspsgw_ApXJ3-JDk&pv=2

http://dc455.4shared.com/download/.../Partition_Wizard.exe

http://software-files-a.cnet.com/s/software/12/61/92/.../pwhe75.exe

Scan pwhe75.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.