home

tidynetwork.exe

Tidy Network

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The application tidynetwork.exe by Tidy Network has been detected as adware by 7 anti-malware scanners. This file is typically installed with the program TidyNetwork by TidyNetwork.com which is a potentially unwanted software program. It is also typically executed from an Internet Explorer cache folder. The file has been seen being downloaded from mirror.fastmirror4.com.
Publisher:
PETN  (signed by Tidy Network)

Version:
5.1829

MD5:
dd7043a9f0f83b86820ee69c595d0501

SHA-1:
22fdd515d3827cab0bc1cacc2094ee2782a6ef4a

SHA-256:
97155d9f42e18e0bba13459f987ea1e101d2eb4a4d4e0611f447a6189a3cae1c

Scanner detections:
7 / 68

Status:
Adware

Analysis date:
1/11/2025 11:42:15 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Dr.Web
Trojan.DownLoader9.15143
9.0.1.0176

Malwarebytes
PUP.Optional.TidyNetwork.A
v2014.06.25.08

McAfee
Artemis!DD7043A9F0F8
5600.7088

Reason Heuristics
PUP.TidyNetwork.L
14.8.8.2

Sophos
Tidy Network
4.98

Trend Micro House Call
Suspicious_GEN.F47V0622
7.2.176

VIPRE Antivirus
Tidy2Network
30540

File size:
1.2 MB (1,291,048 bytes)

Product version:
5.1829

Copyright:
Copyright (C) 2013

Original file name:
petn.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\tidynetwork.exe

Digital Signature
Signed by:
Tidy Network

Authority:
VeriSign, Inc.

Valid from:
3/19/2013 5:00:00 PM

Valid to:
3/19/2016 4:59:59 PM

Subject:
CN=Tidy Network, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Tidy Network, L=SAN FRANCISCO, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5B80FB156CAB4137B00AFF13BA26609D

File PE Metadata
Compilation timestamp:
6/12/2014 1:49:36 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:yBjXSms82pCEIuz/eAgmi+pBdXpdXct4ydoDGoI8FCiLvquK0uK8Zij2PJR:0FH2QEIg/eWimLXpdXU40oDllCikEjAT

Entry address:
0x860FD

Entry point:
E8, 15, 9E, 00, 00, E9, 89, FE, FF, FF, 6A, 0C, 68, 40, 80, 4A, 00, E8, 1D, 08, 00, 00, 6A, 0E, E8, 12, A0, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, 98, CC, 4A, 00, BA, 94, CC, 4A, 00, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, F0, DF, FF, FF, 59, FF, 76, 04, E8, E7, DF, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00, E8, 0C, 08, 00, 00, C3, 8B, D0, EB, C5, 6A, 0E, E8, DE, 9E, 00, 00, 59, C3, CC, CC, CC, CC, CC, CC...
 
[+]

Entropy:
7.4947

Code size:
603.5 KB (617,984 bytes)

The file tidynetwork.exe has been discovered within the following program.

TidyNetwork  by TidyNetwork.com
TidyNetwork is a potentially unwanted program that runs in the user's web browser as a toolbar and/or web extension depending on the browser.
www.tidynetwork.com/terms-of-use
77% remove it
 
Powered by Should I Remove It?

The file tidynetwork.exe has been seen being distributed by the following URL.

http://mirror.fastmirror4.com/.../TidyNetwork.exe

Remove tidynetwork.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.