home

speedfixtool-setup.exe

Speed Fix Tool

Fixbliss

The application speedfixtool-setup.exe, “This installer database contains the logic and data required to install Speed Fix Tool.” by Fixbliss has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from RevenueWire's SafeCart distribution platform adformula.speedfixtool.safecart.com and multiple other hosts.
Publisher:
Fixbliss  (signed and verified)

Product:
Speed Fix Tool

Description:
This installer database contains the logic and data required to install Speed Fix Tool.

Version:
2.6.4

MD5:
191c20eb0e5142594987aa44b8b28d63

SHA-1:
0e9bb5a41f398fbe72acf1a12e916f97c57daded

SHA-256:
7e696118f7231a9ddc54032a6d0042e5c9a10664e417e50c6b8992b8ead461bb

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 6:52:20 PM UTC  (today)

Scan engine
Detection
Engine version

G Data
Win32.Application.SpeedFix
14.11.24

Reason Heuristics
PUP.FixBliss.Optional.Installer.Meta (L)
15.8.26.16

File size:
5.9 MB (6,168,176 bytes)

Product version:
2.6.4

Copyright:
Copyright (C) 2014 FixBliss

Original file name:
SpeedFixToolSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\speedfixtool-setup.exe

Digital Signature
Signed by:
Fixbliss

Authority:
COMODO CA Limited

Valid from:
11/25/2013 7:00:00 PM

Valid to:
11/26/2014 6:59:59 PM

Subject:
CN=Fixbliss, O=Fixbliss, STREET="K. Donelaičio g. 62, Kauno m", L=Kupiskis, S=Kupiskis, PostalCode=40113, C=LT

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0081D31A0F55D47E5F29A0AD98D6DC5D0F

File PE Metadata
Compilation timestamp:
10/30/2014 7:49:05 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:Aw2HABm85fX4RtW+sQStrfcNrnx5JhI12JyJ5w6y5K0rbVelx+eObiUv5:12Gh5foR/Slfqz7JWJJqrrpQ+esik

Entry address:
0x324C7

Entry point:
E8, C1, 9F, 00, 00, E9, 79, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 04, 8B, 4C, 24, 08, F7, C2, 03, 00, 00, 00, 75, 3C, 8B, 02, 3A, 01, 75, 2E, 0A, C0, 74, 26, 3A, 61, 01, 75, 25, 0A, E4, 74, 1D, C1, E8, 10, 3A, 41, 02, 75, 19, 0A, C0, 74, 11, 3A, 61, 03, 75, 10, 83, C1, 04, 83, C2, 04, 0A, E4, 75, D2, 8B, FF, 33, C0, C3, 90, 1B, C0, D1, E0, 83, C0, 01, C3, F7, C2, 01, 00, 00, 00, 74, 18, 8A, 02, 83, C2, 01, 3A, 01, 75, E7, 83, C1, 01, 0A, C0, 74, DC, F7, C2, 02...
 
[+]

Entropy:
7.9434  (probably packed)

Code size:
280.5 KB (287,232 bytes)

The file speedfixtool-setup.exe has been seen being distributed by the following 6 URLs.

http://adformula.speedfixtool.safecart.com/.../download?omx9mxwm_123_4933639

http://adformula.speedfixtool.revenuewire.net/.../download?omx9mxwm_123_4933639

http://speedfixtool.com/.../SpeedFixTool-Setup.exe

http://adformula.speedfixtool.safecart.com/.../download?omx9mxwm_123_4920623

http://adformula.speedfixtool.revenuewire.net/.../download?omx9mxwm_123_4920623

http://securejump.net/base2.php?id=2

Remove speedfixtool-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.