» idleprofile.exe
Overview
Analysis
File Details
Programs (1)

idleprofile.exe

The application idleprofile.exe has been detected as a potentially unwanted program by 28 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. This file is typically installed with the program IdleCrawler by GigaClicks LP which is a potentially unwanted software program.

File name:

idleprofile.exe

MD5:

25b9e807685af48c4fbca8133468a85c

SHA-1:

8e773c30580d4669511a3518599e49db2fc86676

SHA-256:

3b72377afdc36122cea9872f44eba01f0b929e8d446febc9dc71c1d0ddac732b

Scanner detections:

28 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 12:38:40 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1618449

1022

Avira AntiVirus

TR/Click.Clikug.A.34

7.11.142.94

avast!

Win32:Dropper-gen [Drp]

2014.9-140418

AVG

Clicker

2015.0.3500

Baidu Antivirus

Trojan.Win32.Clikug

4.0.3.14418

Bitdefender

Trojan.GenericKD.1618449

1.0.20.540

Dr.Web

infected with Trojan.Click3.7742

9.0.1.05190

Emsisoft Anti-Malware

Trojan.GenericKD.1618449

8.14.04.18.03

Fortinet FortiGate

W32/Malware_fam.NB

4/18/2014

F-Secure

Trojan.GenericKD.1618449

11.2014-18-04_6

G Data

Trojan.GenericKD.1618449

14.4.24

IKARUS anti.virus

Trojan-Clicker.BFNI

t3scan.1.6.1.0

K7 AntiVirus

Riskware

13.176.11711

Kaspersky

Trojan-Clicker.JS.Agent

15.0.0.543

Malwarebytes

PUP.Optional.GigaClicks.A

v2014.04.18.03

McAfee

Trojan.Artemis!25B9E807685A

18.0.204.0

Microsoft Security Essentials

TrojanClicker:Win32/Clikug.A

1.10401

MicroWorld eScan

Trojan.GenericKD.1618449

15.0.0.324

NANO AntiVirus

Trojan.Win32.Agent.defczj

0.28.2.61861

nProtect

Trojan.GenericKD.1618449

14.04.10.01

Panda Antivirus

Trj/NsisDownloader.A

15.10.07.09

Qihoo 360 Security

Win32/Trojan.Dropper.c9f

1.0.0.1015

Quick Heal

(Suspicious) - DNAScan

4.14.12.00

Reason Heuristics

Threat.Win.Reputation.IMP

14.4.18.15

Sophos

Virus 'Mal/Generic-L'

5.15

Trend Micro House Call

TROJ_CLIKUG.A

7.2.108

Trend Micro

TROJ_CLIKUG.A

10.465.18

VIPRE Antivirus

Trojan.Win32.Clicker

28188

File size:

363.8 KB (372,538 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\appdata\local\idlecrawler\idleprofile.exe

File PE Metadata

Compilation timestamp:

12/25/2013 5:01:44 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6144:ZbUTp1ri5zLU4h/SxfrcCY3LamEV9S9yZbjLpdCwaT714XQBQ3WygQ5oT1cCj:ZIbi53h/DCY3hE/0ObfvaTuXFWygDmCj

Entry address:

0x3229

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 14, C7, 44, 24, 10, D8, A2, 40, 00, 89, 6C, 24, 1C, FF, 15, 34, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, 34, 81, 40, 00, 55, FF, 15, AC, 82, 40, 00, 6A, 08, A3, 58, 4F, 43, 00, E8, 9F, 2E, 00, 00, A3, A4, 4E, 43, 00, 55, 8D, 44, 24, 34, 68, B4, 02, 00, 00, 50, 55, 68, B8, B1, 42, 00, FF, 15, 7C, 81, 40, 00, 68, C0, A2, 40, 00, 68, A0, 3E, 43, 00, E8, 0A, 2B, 00, 00, FF, 15, 38, 81, 40, 00, BB, 00, F0, 43, 00, 50, 53, E8, F8, 2A, 00, 00... 
[+]

Entropy:

7.9397

Packer / compiler:

Nullsoft install system v2.x

Code size:

24.5 KB (25,088 bytes)

The file idleprofile.exe has been discovered within the following program.

IdleCrawler by GigaClicks LP

According to the company, this software runs in the background of the user's PC and collects browsing habits and advertising data.

IdleCrawler.com/help

82% remove it

Remove idleprofile.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.