» cureit.9.0_07.06.2014.exe
Overview
Analysis
File Details

cureit.9.0_07.06.2014.exe

iDatix Corporation

The application cureit.9.0_07.06.2014.exe by iDatix has been detected as a potentially unwanted program by 22 anti-malware scanners.

File name:

Publisher:

iDatix Corporation (signed and verified)

MD5:

54ff2a4279882133138e6c6b28db7ba0

SHA-1:

3147819a48dcd86a532ea6806966cda3d59cfaa3

SHA-256:

e508ca832939a13ab9128aa3a5e0aac6166843ce141c1e806f71b5d68d7e8db7

Scanner detections:

22 / 68

Status:

Potentially unwanted

Analysis date:

4/23/2024 2:32:18 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.114680

778

Agnitum Outpost

PUA.Toolbar

7.1.1

Avira AntiVirus

ADWARE/Adware.Gen

7.11.196.12

avast!

Win32:PUP-gen [PUP]

2014.9-141219

AVG

Win.Threat.Medium

2015.0.3256

Bitdefender

Gen:Variant.Zusy.114680

1.0.20.1765

Comodo Security

ApplicUnwnt.Win32.Hoax.ArchSMS.GJB

20387

Dr.Web

Trojan.Packed.28612

9.0.1.0353

Emsisoft Anti-Malware

Gen:Variant.Zusy.114680

8.14.12.19.12

ESET NOD32

Win32/AdWare.Toolbar.Webalta.GK application

8.7.0.302.0

F-Secure

Gen:Variant.Zusy.114680

11.2014-19-12_6

G Data

Gen:Variant.Zusy.114680

14.12.24

IKARUS anti.virus

PUA.Toolbar.Webalta

t3scan.1.8.5.0

K7 AntiVirus

Adware

13.188.14354

MicroWorld eScan

Gen:Variant.Zusy.114680

15.0.0.1059

NANO AntiVirus

Riskware.Win32.Downware.desuzp

0.28.6.64267

Norman

Gen:Variant.Zusy.114680

11.20141219

Reason Heuristics

PUP.iDatixCorporation.R

14.8.12.15

Sophos

PUA 'WebAlta Toolbar' (of type Adware)

Vba32 AntiVirus

Downware.iDatix.gen

3.12.26.3

VIPRE Antivirus

Threat.4150696

35418

Zillya! Antivirus

Trojan.Black.Win32.17107

2.0.0.2007

File size:

1.2 MB (1,274,248 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\cureit.9.0_07.06.2014.exe

Digital Signature

Signed by:

iDatix Corporation

Authority:

VeriSign, Inc.

Valid from:

9/10/2012 7:00:00 AM

Valid to:

10/2/2015 6:59:59 AM

Subject:

CN=iDatix Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=iDatix Corporation, L=Clearwater, S=Florida, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

6A2BECD74BF6AAF73D2D909F5C4A93CD

File PE Metadata

Compilation timestamp:

6/20/1992 5:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:UpgZgSTaFcgZGMX0O/Cdg9nMy+3NEZnp4/GdBDyKKBei3ax5:RaTfJu4nMy+QpwGdB2dezx5

Entry address:

0x93760

Entry point:

55, 8B, EC, 83, C4, F0, B8, C8, 34, 49, 00, E8, F4, 33, F7, FF, A1, 50, 5C, 49, 00, 8B, 00, E8, 94, 7E, FC, FF, 8B, 0D, C8, 59, 49, 00, A1, 50, 5C, 49, 00, 8B, 00, 8B, 15, A4, 9F, 48, 00, E8, 94, 7E, FC, FF, 8B, 0D, 98, 59, 49, 00, A1, 50, 5C, 49, 00, 8B, 00, 8B, 15, 24, 9D, 48, 00, E8, 7C, 7E, FC, FF, 8B, 0D, F0, 5B, 49, 00, A1, 50, 5C, 49, 00, 8B, 00, 8B, 15, A4, 32, 49, 00, E8, 64, 7E, FC, FF, A1, 50, 5C, 49, 00, 8B, 00, E8, D8, 7E, FC, FF, E8, 4B, 0D, F7, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

586 KB (600,064 bytes)

Remove cureit.9.0_07.06.2014.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.