home

codec-c.exe

Setup

Artua Vladislav

This is a WebPick installer that bundles (with very minimal user consent) a number of adware browser extensions using the JustPlug.it browser framework. The application codec-c.exe by Artua Vladislav has been detected as adware by 23 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Premium  (signed by Artua Vladislav)

Product:
Setup

Description:
Installer

Version:
2011.12.20.1925

MD5:
5d20d4907272c3ccef287796b7648227

SHA-1:
9031899c55b7857d16a277d9c02186e2a69cfd22

Scanner detections:
23 / 68

Status:
Adware

Analysis date:
4/26/2024 3:13:43 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.InstallMate
7.1.1

Avira AntiVirus
TR/Kazy.33482.16
7.11.30.172

avast!
Win32:InstallMate-CI [PUP]
2014.9-160213

AVG
Adware Agent.E
2017.0.2834

Bkav FE
HW32.CDB
1.3.0.4959

Clam AntiVirus
Win.Trojan.10236275
0.98/20177

Comodo Security
Application.Win32.Bundledz.C
18723

Dr.Web
Adware.Downware.97
9.0.1.044

ESET NOD32
Win32/InstallMate potentially unwanted application
10.7.0.302.0

F-Secure
Riskware.Gen:Variant.Application.Bundler
11.2016-13-02_7

IKARUS anti.virus
AdWare.Allpremiumsoft
t3scan.1.6.1.0

K7 AntiVirus
Backdoor
13.177.12095

McAfee
Trojan.Artemis!7CEFFC506F5C
5600.6490

NANO AntiVirus
Riskware.Win32.Downware.cvbrbc
0.28.0.60577

Panda Antivirus
PUP/TSUploader
16.02.13.04

Qihoo 360 Security
Malware.QVM20.Gen
1.0.0.1015

Quick Heal
PUA.Artuavladi.Gen
2.16.14.00

Reason Heuristics
PUP.WebPick.ArtuaVladislav.Installer (M)
16.2.13.16

Rising Antivirus
PE:Trojan.Dropper!6.12F0
23.00.65.16211

Sophos
PUA 'InstallRex'
5.12

SUPERAntiSpyware
Trojan.Agent/Gen-Comisproc
9326

Trend Micro House Call
TROJ_DIGI_0000008.TOMA
7.2.44

VIPRE Antivirus
Threat.4753027
29708

File size:
240.1 KB (245,816 bytes)

Product version:
1.0

Copyright:
Copyright © 2010 Premium

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Documents and Settings\{user}\My documents\downloads\codec-c.exe

Digital Signature
Signed by:
Artua Vladislav

Authority:
The USERTRUST Network

Valid from:
3/15/2011 5:30:00 AM

Valid to:
3/15/2012 5:29:59 AM

Subject:
CN=Artua Vladislav, O=Artua Vladislav, STREET=haRav Dangur 22, L=Bnei Braq, S=Israel, PostalCode=51281, C=IL

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
302242B18FB354EA399140DBBA22B786

File PE Metadata
Compilation timestamp:
12/17/2011 9:39:32 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:pV+OKpQ0ZNZ8QMgOAFqUu7FqQAC+QpDt6MdHh3:pV4ZNZlOyqB7szCjZB3

Entry address:
0x149F

Entry point:
55, 8B, EC, 81, EC, 24, 06, 00, 00, 53, 56, 33, F6, 57, 66, 89, B5, E4, FB, FF, FF, 89, 75, F4, 89, 75, FC, FF, 15, 68, 30, 40, 00, A3, 08, 44, 40, 00, FF, 15, 64, 30, 40, 00, 89, 45, F8, 68, 04, 01, 00, 00, 8D, 85, DC, F9, FF, FF, 50, 56, FF, 15, 60, 30, 40, 00, 85, C0, 75, 22, FF, 15, 5C, 30, 40, 00, 50, 68, A0, 32, 40, 00, E8, 8A, FB, FF, FF, 59, 59, C7, 05, 0C, 44, 40, 00, FF, 00, 00, 00, E9, F7, 01, 00, 00, 56, FF, 15, 58, 30, 40, 00, 8B, 48, 3C, 03, C8, 66, 81, 38, 4D, 5A, 0F, 85, BC, 01, 00, 00, 81...
 
[+]

Entropy:
7.9429

Developed / compiled with:
Microsoft Visual C++

Code size:
7.5 KB (7,680 bytes)

Remove codec-c.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.