tuneup shield 2014.exe

TuneUp Shield 2014

D10N4

The executable tuneup shield 2014.exe, “Registrator & Shield for TuneUp 2014” has been detected as malware by 8 anti-virus scanners. This is a setup program which is used to install the application. Additionally, the file is typically installed by a number of programs including TuneUp Utilities 2014 by TuneUp Software and AVG PC TuneUp 2014 by AVG Technologies. The file has been seen being downloaded from download1225.mediafire.com and multiple other hosts.
Publisher:
D10N4

Product:
TuneUp Shield 2014

Description:
Registrator & Shield for TuneUp 2014

Version:
14. 0. 0. 0

MD5:
1192cf3923406b78e561175181ba1ecb

SHA-1:
2274c20afb29e54756b06190b3b04c90fa914f8d

SHA-256:
1aaf119531471925a8d349034196aefd4cea8c24d260075f768d4b38e33003b3

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
11/5/2024 5:37:28 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/ATRAPS.Gen
7.11.125.226

Bkav FE
W32.Clodbd9.Trojan
1.3.0.4923

Dr.Web
Trojan.StartPage.56940
9.0.1.0358

McAfee
Artemis!1192CF392340
5600.7272

NANO AntiVirus
Trojan.Win32.StartPage.cqzxpg
0.28.0.57029

Norman
Suspicious_Gen4.FQICB
11.20140120

SUPERAntiSpyware
Trojan.Agent/Gen-FalComp
10888

Trend Micro House Call
TROJ_GEN.R047H0AI613
7.2.358

File size:
603 KB (617,472 bytes)

Product version:
14. 0. 0. 0

Original file name:
tup2014kajla.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\tuneup shield 2014.exe

File PE Metadata
Compilation timestamp:
3/30/2013 2:01:21 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.25

CTPH (ssdeep):
12288:hB9BwB6l2de0gacFOX4HRDT33DCtEA3+svCWf4EukM9to:xD19acFhhbzuEA3+KukM9t

Entry address:
0xB0520

Entry point:
60, BE, 00, 60, 47, 00, 8D, BE, 00, B0, F8, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
236 KB (241,664 bytes)

The file tuneup shield 2014.exe has been discovered within the following programs.

AVG PC TuneUp 2014  by AVG Technologies
Publisher's description - “It’s a bit like having a doctor and cleaner permanently on hand. We’ll help find and fix the gaps and errors that cause your PC problems and clean up as we go.”
www.avg.com/us-en/avg-pctuneup
47% remove it
TuneUp Utilities 2014  by TuneUp Software
Publisher's description - “TuneUp Utilities 2014 takes PC optimization to the next level to keep your Windows® PC, laptop, and tablet in top shape. With Duplicate Finder, you’ll easily find duplicate files across your entire hard disk.”
www.tune-up.com/download
50% remove it
 
Powered by Should I Remove It?

The file tuneup shield 2014.exe has been seen being distributed by the following 6 URLs.

http://download1225.mediafire.com/bqs5cz9xdqig/.../TuneUp Shield 2014.exe

http://download1225.mediafire.com/kukty4o628bg/.../TuneUp Shield 2014.exe

http://download1225.mediafire.com/g9dq646b7xig/.../TuneUp Shield 2014.exe

http://download1225.mediafire.com/95vtxkr336cg/.../TuneUp Shield 2014.exe

Remove tuneup shield 2014.exe - Powered by Reason Core Security