SystemCleaner.exe

System Cleaner

Pointstone Software, LLC

The application SystemCleaner.exe, “It is time to give your computer a good cleaning on the inside!” by Pointstone Software has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program System Cleaner 5 by Pointstone Software, LLC. While running, it connects to the Internet address pointstone.com on port 80 using the HTTP protocol.
Publisher:
Pointstone Software, LLC  (signed and verified)

Product:
System Cleaner

Description:
It is time to give your computer a good cleaning on the inside!

Version:
5.5.3.160

MD5:
54427b9b38fc39799f3858fca1599674

SHA-1:
ebba2988add4bd3cd6581ce2144849cb20e5d248

SHA-256:
0e437026728344fba5e9defe52ff4f1fbff3a4c879667ffd5b0dce66064b3c43

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 3:26:40 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.Pointstone
16.2.9.5

File size:
2.4 MB (2,540,736 bytes)

Product version:
5.5.0.0

Copyright:
Copyright © 1997 - 2007 Pointstone Software, LLC

Trademarks:
System Cleaner and Pointstone are either trademarks or registered trademarks of Pointstone Software, LLC

Original file name:
SystemCleaner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\pointstone\system cleaner 5\systemcleaner.exe

Digital Signature
Authority:
The USERTRUST Network

Valid from:
1/26/2007 5:30:00 AM

Valid to:
1/27/2008 5:29:59 AM

Subject:
CN="Pointstone Software, LLC", O="Pointstone Software, LLC", STREET=220 E. Delaware Avenue, L=Newark, S=Delaware, PostalCode=19711, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
74ABDB326011DE81F887A75A52477F85

File PE Metadata
Compilation timestamp:
2/22/2007 8:41:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:xtaf74w9DR4Gv/59ErcgdfJCAscX0rberFQwRcEe3OlKVW:Dafcw9DyGH5Cgg7CiXUbeCwI3E

Entry address:
0x1000

Entry point:
68, 01, 40, 99, 00, E8, 01, 00, 00, 00, C3, C3, 3A, 6A, F9, 48, 92, C2, D7, 03, BD, 60, 3F, FF, BC, FD, 2A, A1, 30, CF, 95, 1C, 0E, 02, 3E, 97, 2F, 9E, B4, AF, 77, C8, 4F, A0, 09, 75, 37, 9B, 45, 6B, C4, 30, E1, F7, F0, D1, 57, 48, 15, 77, 7F, AD, AF, 1C, E5, CE, B3, 6A, 60, E9, A7, E4, 32, 18, 7C, 3A, 18, 49, E2, 75, 5F, 7A, 08, 9C, 42, 8E, F0, 68, B8, BB, AF, B4, 35, 88, 1F, 2E, BC, 18, 34, 6F, 04, 35, 5D, 28, 4D, 69, EE, 22, 7D, 56, 6A, 83, 47, 83, 96, 62, D6, 87, 76, 27, 06, 6C, AE, 35, 96, 23, 19, 8C...
 
[+]

Entropy:
7.9821

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
3 MB (3,093,504 bytes)

The file SystemCleaner.exe has been discovered within the following program.

System Cleaner 5  by Pointstone Software, LLC
Publisher's description - “Your PC is slowing down. Programs don't run as fast as they used to; it takes longer to boot up in the morning and sometimes it takes forever to shut down at the end of the day. Don't worry, you're not alone. These kinds of things happen to all PCs eventually. It's not your fault.”
www.systemcleaner.com
45% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to pointstone.com  (108.61.26.20:80)

Remove SystemCleaner.exe - Powered by Reason Core Security