home

csqswchpfxd.exe

TV Wizard

Small Island Development

The application csqswchpfxd.exe has been detected as a potentially unwanted program by 2 anti-malware scanners.
Publisher:
Small Island Development

Product:
TV Wizard

Description:
TVWizard Service

Version:
1.0.0.0

MD5:
49ee466c9a7209ba183625bcda31244c

SHA-1:
bd03606bc9f8098d0ec938b6ae7f43e75b45a981

SHA-256:
80c62fba7e353fecea0b1c4066330ad54cc4606379ffb2c469e90acc058c13a1

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/20/2024 12:16:11 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Adware.PullUpdate (variant)
8.10300

Malwarebytes
PUP.Optional.TVWizard.A
v2014.08.23.09

File size:
2.2 MB (2,319,728 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Small Island Development 2014

Original file name:
TVWizardService.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\ProgramData\exljvm\csqswchpfxd.exe

File PE Metadata
Compilation timestamp:
8/8/2014 2:45:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:6H/EzKE7edwX+2yAIaJJ3uvxJNUTPy87svNMnDolAdo:6fEzr7edwXTyiJQvzNVOL86e

Entry address:
0x2360FE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9994

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
2.2 MB (2,310,656 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-54-76-91-10.eu-west-1.compute.amazonaws.com  (54.76.91.10:80)

TCP (HTTP):
Connects to ec2-34-250-194-62.eu-west-1.compute.amazonaws.com  (34.250.194.62:80)

Remove csqswchpfxd.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.