» ActiverisAntiMalware.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

ActiverisAntiMalware.exe

Activeris AntiMalware

Fiorentino Media Inc.

The application ActiverisAntiMalware.exe by Fiorentino Media has been detected as a potentially unwanted program by 6 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This file is typically installed with the program Activeris AntiMalware by Activeris Software LLC which is a potentially unwanted software program.

File name:

Publisher:

Activeris (signed by Fiorentino Media Inc.)

Product:

Activeris AntiMalware

Version:

1.0.0.1

MD5:

9954420455d68234c426f448ccabf379

SHA-1:

7a058ca88eb42c44f5d175d1197fbd7b58a88e7e

SHA-256:

914a29d36c3947500889f621591feba44b46a7083d027fd45dead65d326dd608

Scanner detections:

6 / 68

Status:

Potentially unwanted

Analysis date:

5/10/2024 10:05:45 PM UTC (today)

Scan engine

Detection

Engine version

Comodo Security

ApplicUnwnt

17562

ESET NOD32

MSIL/AdvancedSystemProtector (variant)

8.9255

McAfee

Artemis!9954420455D6

5600.7244

Reason Heuristics

PUP.Optional.Task.FiorentinoMedia.U

14.2.22.23

Rising Antivirus

PE:Worm.Autorun!1.9EE3

23.00.65.14118

XVirus List

Win.Detected

2.3.31

File size:

6.3 MB (6,614,624 bytes)

Product version:

1.0.0.1

Original file name:

ActiverisAntiMalware.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\activeris antimalware\activerisantimalware.exe

Digital Signature

Signed by:

Fiorentino Media Inc.

Authority:

COMODO CA Limited

Valid from:

1/24/2012 4:00:00 PM

Valid to:

1/24/2013 3:59:59 PM

Subject:

CN=Fiorentino Media Inc., O=Fiorentino Media Inc., STREET=7904 E. Chaparral Road, STREET=STE A110-430, L=Scottsdale, S=AZ, PostalCode=85250, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

009CB8D8E313806C1914ADA02E4DB86602

File PE Metadata

Compilation timestamp:

10/16/2012 3:20:16 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

49152:sOmi6yU+rOsIfo9k3RQZrp24Rd7hvjRQHNO+u50:3r5If3QZrpENg0

Entry address:

0x64A14E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.9081

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

6.3 MB (6,586,880 bytes)

Scheduled Task

Task name:

Activeris AntiMalware_startup

Trigger:

Logon (Runs on logon)

The file ActiverisAntiMalware.exe has been discovered within the following program.

Activeris AntiMalware by Activeris Software LLC

Activeris AntiMalware is bundled with the FastAgain PC Booster program. In addition it is bundled through third party download managers such as AirInstaller which distributes ad-supported web browser toolbars.

www.activeris.com

73% remove it

Remove ActiverisAntiMalware.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.