home

baidu pc faster.exe

I-LIV nonnullus auxilium quid

POPELER SYSTEM, S.L.

The setup program uses the Firseria/Solimba AppInstaller (DownloadMR) which is a monetization download manager that bundles additional adware offers, typically by wrapping legitimate applications. The application baidu pc faster.exe, “contemplor arceo moveo pudeo” by POPELER SYSTEM, S.L has been detected as adware by 22 anti-malware scanners. The program is a setup application that uses the Solimba DownloadMR installer. It uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars.
Publisher:
laetans  (signed by POPELER SYSTEM, S.L.)

Product:
I-LIV nonnullus auxilium quid

Description:
contemplor arceo moveo pudeo

Version:
52.12.15.33

MD5:
58d11347812f02a90cab5bd0ccd4ce90

SHA-1:
ae7496c5e2c73802dbbe8d61f6408e2d88dd7318

SHA-256:
66d90da31f8b9606d61176a217299eaf9a138c0b4ae2f6e91cc876d3889b97e1

Scanner detections:
22 / 68

Status:
Adware

Explanation:
Uses the Solimba installer to bundle adware offers.

Description:
This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:
4/24/2024 10:34:45 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.12053046
827

Avira AntiVirus
APPL/Solimba.Gen4
7.11.182.126

avast!
Win32:Malware-gen
141025-0

AVG
Adware BundleApp_r.AV
2014.0.4040

Bitdefender
Trojan.Generic.12053046
1.0.20.1515

Comodo Security
Application.Win32.Solimba.LSW
19948

Dr.Web
Adware.Downware.8808
9.0.1.05190

Emsisoft Anti-Malware
Trojan.Generic.12053046
8.14.10.30.10

ESET NOD32
MSIL/Solimba.AH potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/Morstars
10/30/2014

F-Prot
W32/A-a1e0d357
v6.4.7.1.166

F-Secure
Trojan.Generic.12053046
11.2014-30-10_5

G Data
Trojan.Generic.12053046
14.10.24

K7 AntiVirus
Unwanted-Program
13.185.13853

Malwarebytes
PUP.Optional.Solimba
v2014.10.30.10

MicroWorld eScan
Gen:Variant.Application.Bundler.Kazy.132995
15.0.0.909

NANO AntiVirus
Riskware.Win32.Downware.dhcnhs
0.28.6.62995

nProtect
Trojan.Generic.12053046
14.10.30.01

Reason Heuristics
PUP.POPELERSYSTEMSL.P
14.10.30.20

Sophos
Solimba Installer
4.98

Vba32 AntiVirus
Downware.Morstar
3.12.26.3

VIPRE Antivirus
DownloadMR
34384

File size:
538.2 KB (551,136 bytes)

Product version:
80.50.17.31

Copyright:
Copyright 2014 lacus dux audax aut

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Solimba DownloadMR

Common path:
C:\users\{user}\downloads\baidu pc faster.exe

Digital Signature
Signed by:
POPELER SYSTEM, S.L.

Authority:
Thawte, Inc.

Valid from:
7/25/2014 1:00:00 AM

Valid to:
8/29/2016 12:59:59 AM

Subject:
CN="POPELER SYSTEM, S.L.", OU=IT, O="POPELER SYSTEM, S.L.", L=Badalona, S=Barcelona, C=ES

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7D4509F01375B349F2DE66BF15A48CD7

File PE Metadata
Compilation timestamp:
10/27/2014 12:01:17 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:KnZTnRX2FXF4TAN0D/rdJNadLzyk9dx5ZLZ5UIqF8PvqrDOY7:Kn7u4Tw0nElWk9dxjLHUIq+U3

Entry address:
0xDE2C

Entry point:
E8, A3, 6C, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 18, 70, 42, 00, E8, FE, 15, 00, 00, E8, 74, 6E, 00, 00, 0F, B7, F0, 6A, 02, E8, 36, 6C, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, FF, 64, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Code size:
113.5 KB (116,224 bytes)

Remove baidu pc faster.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.