» desktopstart_86.exe
Overview
Analysis
File Details

desktopstart_86.exe

The application desktopstart_86.exe has been detected as a potentially unwanted program by 28 anti-malware scanners.

File name:

desktopstart_86.exe

MD5:

b70ee6c58d43dad29cc8688c8956899a

SHA-1:

29bad94c4ed007583827922b37e5a1d6587e2527

SHA-256:

cf84614a75ddb70b5b4ff1928f4dbb570128b98a1280be55c4f7ecbcce6e9a35

Scanner detections:

28 / 68

Status:

Potentially unwanted

Analysis date:

4/16/2024 7:28:14 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.129792

583

Agnitum Outpost

PUA.Tirrip

7.1.1

AhnLab V3 Security

Adware/Win32.Tirrip

2015.03.14

Avira AntiVirus

Adware/Tirrip.452096

7.11.217.16

avast!

Win32:Adware-gen [Adw]

2014.9-150701

AVG

Generic6

2016.0.3061

Bitdefender

Gen:Variant.Zusy.129792

1.0.20.910

Clam AntiVirus

Win.Adware.Agent-40093

0.98/21511

Emsisoft Anti-Malware

Gen:Variant.Zusy.129792

8.15.07.01.10

ESET NOD32

Win32/Adware.Pirrit

9.11317

Fortinet FortiGate

Adware/Tirrip

7/1/2015

F-Prot

W32/S-b71f1a7a

v6.4.7.1.166

F-Secure

Gen:Variant.Zusy.129792

11.2015-01-07_4

G Data

Gen:Variant.Zusy.129792

15.7.25

IKARUS anti.virus

PUA.Pirrit

t3scan.1.8.6.0

K7 AntiVirus

Adware

13.200.15259

Kaspersky

not-a-virus:AdWare.Win32.Tirrip

14.0.0.1800

Malwarebytes

PUP.Optional.Pirrit.A

v2015.07.01.10

McAfee

Artemis!B70EE6C58D43

5600.6717

MicroWorld eScan

Gen:Variant.Zusy.129792

16.0.0.546

NANO AntiVirus

Trojan.Win32.Generic.dorcyv

0.30.0.296

Panda Antivirus

Trj/Genetic.gen

15.07.01.10

Qihoo 360 Security

Win32/Virus.Adware.198

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

15.7.1.22

Sophos

Generic PUA CJ

4.98

Vba32 AntiVirus

AdWare.Tirrip

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

38402

Zillya! Antivirus

Adware.Tirrip.Win32.81

2.0.0.2098

File size:

441.5 KB (452,096 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\desktopstart_86.exe

File PE Metadata

Compilation timestamp:

2/24/2015 4:10:30 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:U+sLfIBvOWMlkakUsxCjUeX3QOdMds+Bx:rB4kakUsxCYzs+Bx

Entry address:

0x15DB6

Entry point:

E8, 98, 04, 00, 00, E9, 63, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 78, 64, 46, 00, 89, 0D, 74, 64, 46, 00, 89, 15, 70, 64, 46, 00, 89, 1D, 6C, 64, 46, 00, 89, 35, 68, 64, 46, 00, 89, 3D, 64, 64, 46, 00, 66, 8C, 15, 90, 64, 46, 00, 66, 8C, 0D, 84, 64, 46, 00, 66, 8C, 1D, 60, 64, 46, 00, 66, 8C, 05, 5C, 64, 46, 00, 66, 8C, 25, 58, 64, 46, 00, 66, 8C, 2D, 54, 64, 46, 00, 9C, 8F, 05, 88, 64, 46, 00, 8B, 45, 00, A3, 7C, 64, 46, 00, 8B, 45, 04, A3, 80, 64, 46, 00, 8D, 45, 08, A3, 8C, 64, 46... 
[+]

Entropy:

6.4352

Code size:

337.5 KB (345,600 bytes)

Remove desktopstart_86.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.