home

dsi.exe

Fast Downloads

The Adlogica setup manager, an installer that bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application dsi.exe by Fast Downloads has been detected as adware by 12 anti-malware scanners. The program is a setup application that uses the Adlogica Downloader installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Publisher:
Fast Downloads  (signed and verified)

MD5:
a5d25be523dda46a8bbd17d2110a9780

SHA-1:
951c2c45043fe8e54986079b8cff70a5b998f23b

Scanner detections:
12 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
5/10/2024 8:30:40 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
InstallC
2015.0.3384

Baidu Antivirus
Adware.Win32.Agent
4.0.3.14822

ESET NOD32
Win32/OutBrowse.AB (variant)
8.10242

herdProtect (fuzzy)
variant of sd.exe (Adware)
2014.10.23.14

K7 AntiVirus
Trojan
13.183.13014

Kaspersky
not-a-virus:HEUR:AdWare.Win32.OutBrowse
14.0.0.3416

McAfee
Artemis!2080470E8DD8
5600.7030

Qihoo 360 Security
Win32/Virus.Adware.ec4
1.0.0.1015

Reason Heuristics
PUP.FastDownloads.D
14.8.12.19

Sophos
Generic PUA HO
4.98

Trend Micro House Call
Suspicious_GEN.F47V0807
7.2.234

VIPRE Antivirus
InstallCore
32150

File size:
796.4 KB (815,536 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adlogica Downloader

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\dsi.exe

Digital Signature
Signed by:
Fast Downloads

Authority:
COMODO CA Limited

Valid from:
8/13/2013 8:00:00 PM

Valid to:
8/14/2014 7:59:59 PM

Subject:
CN=Fast Downloads, O=Fast Downloads, STREET=96 Jessie st 4th floor, L=San Francisco, S=CA, PostalCode=94105, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D9726FD3E4B9094351093A3495F1FE97

File PE Metadata
Compilation timestamp:
8/12/2014 4:56:46 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:VsFjmb68fjCooMUdfdrhHmAvpUfH2zbNkb6Hj6xZ:iFjmb68edMMfdrhH9vpUH8bNkb6Hj6xZ

Entry address:
0x7F242

Entry point:
E8, F8, A8, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 8B, 73, 08, 33, 35, F0, 99, 4B, 00, 57, 8B, 06, C6, 45, FF, 00, C7, 45, F4, 01, 00, 00, 00, 8D, 7B, 10, 83, F8, FE, 74, 0D, 8B, 4E, 04, 03, CF, 33, 0C, 38, E8, 8C, AB, FF, FF, 8B, 4E, 0C, 8B, 46, 08, 03, CF, 33, 0C, 38, E8, 7C, AB, FF, FF, 8B, 45, 08, F6, 40, 04, 66, 0F, 85, 19, 01, 00, 00, 8B, 4D, 10, 8D, 55, E8, 89, 53, FC, 8B, 5B, 0C, 89, 45, E8, 89, 4D, EC, 83, FB, FE, 74, 5F, 8D, 49, 00, 8D, 04...
 
[+]

Entropy:
6.6221

Code size:
610.5 KB (625,152 bytes)

Remove dsi.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.