home

adobe acrobat xi pro 11.0.09.exe

ProfitServis LLC

This is a bundle installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application adobe acrobat xi pro 11.0.09.exe by ProfitServis has been detected as adware by 22 anti-malware scanners. The program is a setup application that uses the ProfitServis Downloader installer.
Publisher:
ProfitServis LLC  (signed and verified)

Version:
1.0.0.0

MD5:
c3d44a43f24e29f81aa5e8fa75e8f0ee

SHA-1:
72e3fcafb9d85ffcfe0291182f3826c5444935e8

SHA-256:
fecf285f63fcc44cf60f751a7a6b08fc4bc1369decd69fdb145ed60e5a7989e8

Scanner detections:
22 / 68

Status:
Adware

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/26/2024 9:28:47 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Graftor.163423
6196279

Agnitum Outpost
Riskware.Agent
7.1.1

AhnLab V3 Security
PUP/Win32.InstallMonster
2014.12.19

Avira AntiVirus
APPL/InstallMon.enib
7.11.196.198

avast!
Win32:InstallMonstr-GC [PUP]
141214-1

AVG
Generic
2015.0.3256

Bitdefender
Gen:Variant.Graftor.163423
1.0.20.1765

Dr.Web
Trojan.InstallMonster.996
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Graftor.163423
9.0.0.4668

ESET NOD32
Win32/InstallMonstr.GC potentially unwanted application
7.0.302.0

F-Prot
W32/A-4193a7fa
v6.4.7.1.166

F-Secure
Gen:Variant.Graftor.163423
5.13.68

G Data
Gen:Variant.Graftor.163423
14.12.24

IKARUS anti.virus
PUA.Generic
t3scan.1.8.5.0

K7 AntiVirus
Unwanted-Program
13.188.14380

MicroWorld eScan
Gen:Variant.Graftor.163423
15.0.0.1059

NANO AntiVirus
Riskware.Win32.InstallMonster.dhwuia
0.28.6.64267

Norman
Gen:Variant.Graftor.163423
04.12.2014 14:30:06

Reason Heuristics
PUP.ProfitServis.AA
14.12.19.4

Sophos
PUA 'Install Monster'
5.09

Vba32 AntiVirus
TScope.Trojan.Delf
3.12.26.3

VIPRE Antivirus
Threat.4150696
35418

File size:
2.5 MB (2,668,896 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Bundler/Installer:
ProfitServis Downloader

Language:
English (United States)

Common path:
C:\users\{user}\downloads\programs\adobe acrobat xi pro 11.0.09.exe

Digital Signature
Signed by:
ProfitServis LLC

Authority:
Thawte, Inc.

Valid from:
5/21/2014 2:00:00 AM

Valid to:
5/22/2015 1:59:59 AM

Subject:
CN=ProfitServis LLC, O=ProfitServis LLC, L=Village of Kommunar, S="Kharkiv District, Kharkiv Region", C=UA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
259670E42586FCE460513727E39AB7DF

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:KQHLBlD/E4pgLuSaSJod7T8Cz4Ek2vpQUF55VmlJpVzjiSryq6s+A6oKclgNe:/Hv/7gaS67PxPr5ElJpky6k

Entry address:
0x4BC850

Entry point:
60, BE, 00, 20, 6F, 00, 8D, BE, 00, F0, D0, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Packer / compiler:
UPX 2.90LZMA

Code size:
1.8 MB (1,880,064 bytes)

Remove adobe acrobat xi pro 11.0.09.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.