» Setup.exe
Overview
Analysis
File Details
Downloads (65)

Setup.exe

US System Care

pc speedup pro

The file Setup.exe by pc speedup pro has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser. The file has been seen being downloaded from www.uspcworks.com and multiple other hosts.

File name:

Setup.exe

Publisher:

uspcworks.com (signed by pc speedup pro)

Product:

US System Care

Version:

US System Care

MD5:

44e324d528744c1be6c008d86baa5c24

SHA-1:

a62b6728c9cfc9ce771dd289790d1511751346ef

SHA-256:

7c8643588be959d7ca511905d0f0d4d866c3ee9fa6a2db80dad64d42fcf2c909

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

1/15/2025 11:40:33 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.PCSeepdupPro (L)

16.7.21.9

File size:

4.4 MB (4,593,720 bytes)

Product version:

1.0.0.5742

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\setup.exe

Digital Signature

Signed by:

pc speedup pro

Authority:

COMODO CA Limited

Valid from:

2/28/2016 5:00:00 PM

Valid to:

2/28/2017 4:59:59 PM

Subject:

CN=pc speedup pro, OU=management, O=pc speedup pro, STREET=104 Surya Nagar, STREET=MURLIPURA, L=Jaipur, S=Rajasthan, PostalCode=302039, C=IN

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

009CC01DDB723B1B1F926A2A1AEE6744B0

File PE Metadata

Compilation timestamp:

7/9/2014 1:58:13 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:O2m2yeJKXaFqxoyjPfna9vNI1TL+DVUMCc0csqkC3swLIOzIz/ZOvbZ:O298aFqx1jPfnd1QypdqkDovbZ

Entry address:

0x113BC

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86... 
[+]

Entropy:

7.9885

Developed / compiled with:

Microsoft Visual C++

Code size:

63.5 KB (65,024 bytes)

The file Setup.exe has been seen being distributed by the following 50 URLs.

http://www.uspcworks.com/download_ip_ad.asp?x-context=AOTsp_O20wgAA_-G8AhVM7uTUT1yRYudiU7b27Qj_XbqAQAAAAABAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=631029&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AIB1AdWx0wgAA_-LJQ0Uu5ApTiyDS4uOHmDRHkWfqa0XCQAAAAAJAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AABEf3HB0wgAA_-G6l_bNL_HzyiYT7lU16O3dqlCDvdBAAAAAAAGAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AAgkXErJ0wgAA_-G6l_bNL_HzyiYT7lU16O3dqlCvyMdBQAAAAAFAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=666357&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AJiFpiO00wgAA_-G98r8MeZZ08tJQbId3D1FyVN8otUoAAAAAAAAAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=631029&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AAxhmsrJ0wgAA_-LJSxZCRa1dhI3QKOJtTWFv9VDUvlhBQAAAAAIAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AIbUcCfH0wgAA_-LF3RhW1f-HGKaQrpmnpWkrNO28C3XAwAAAAAIAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=ACJ-GYLJ0wgAA_-LJwuS7iLido5eQ6gWawJHSO-g7qZMBQAAAAAAAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AJ4lAqTX0wgAA_-LF3RB2DEAH0JPRYpwXI06MGhvRGKDBwAAAAAEAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=666357&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AB6VtwXC0wgAA_-G98paSh2wnJ5wR6OvS4tlcymFsNmZAAAAAAAGAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AM4vXXi50wgAA_-LJwvqCpq0WTQkT6iW8pmiIcvnbZ91AwAAAAADAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=ANiw523M0wgAA_-LMMgBk0K4GoAMTaWyanyxYhNNE8r8AAAAAAADAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AFizAXi80wgAA_-LJwvC70-UGcbRQI3Gwllj4RQs_il0AQAAAAACAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AMDDUkDB0wgAA_-LF3RhW1f-HGKaQrpmnpWkrNO2BYokAAAAAAAJAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AIKxo7_I0wgAA_-LF3RhW1f-HGKaQrpmnpWkrNO2V_fQBAAAAAABAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=1395210&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=ANwT7z7Y0wgAA_-LF3RB2DEAH0JPRYpwXI06MGhvmSjXBwAAAAAFAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=666357&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AJzF-vG20wgAA_-LMMjQmUTsVq91QafPXh1J_WK_ELriAQAAAAAEAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AJgiolzT0wgAA_-LBBJKF07me8MOTIfAb4esBBrvw_vfBAAAAAADAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=666357&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AOSsEGy70wgAA_-G98qkLMISlGiLTY4Tc_yXaqwLdRTLAAAAAAAFAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=49785&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=ADiCfMfZ0wgAA_-G98pwD_Dhz4HAQ4N0guYFlvn2PAm-CAAAAAACAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=464547&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AJhUIATW0wgAA_-G6l6BKpPMWIKTSZ_F3eSmJVxNeHSRBgAAAAACAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=96259&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AJBEhiu70wgAA_9ZzVDuzUnA8QM2TLguZ890LwDC635zBAAAAAAFAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=675347&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=ANo33q6x0wgAA_-G7Bko5cviHzF1SqfIqC9x1KAuEbMKCQAAAAAFAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=ADYaK7PW0wgAA_-LJwsE2eKl4xo3SZzRvRCy8kGa2pUCBwAAAAAGAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=666357&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AMyvobbH0wgAA_-LMMjSMjl_91pYRKJPJQIC5o_RqVMcBAAAAAAJAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=666357&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AKxoLT3C0wgAA_-LBBLJ35V5xY_1Q6nz_hvByPF2lPW_AAAAAAAEAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=ADpb64K20wgAA_-LJSxcscNtjFEsSKvujTdS58KjmsOhAQAAAAAGAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AGp6g1u60wgAA_-G6l5CH-NJI-vxRJWyuEdRZWgMoT4eAAAAAAADAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AMDY7GLR0wgAA_9yOWnsadgtpahjR4dJ-kmMrSxakrVWAgAAAAAAAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=96259&x-at=XXXX

http://www.uspcworks.com/download_ip_ad.asp?x-context=AA4yHEKy0wgAA_-G7Bko5cviHzF1SqfIqC9x1KAujLNcCQAAAAAAAAE&utm_source=unwadn2&utm_campaign=ADL&pxl=UNW422_UNW406_RUNT&utm_pubid=304427&x-at=XXXX

Latest 30 of 65 download URLs

Remove Setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.