» MaxComputerCleaner.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)
Network (1)

MaxComputerCleaner.exe

CONCEPTION SELECTION DISTRIBUTION INTERNATIONALE

The application MaxComputerCleaner.exe by CONCEPTION SELECTION DISTRIBUTION INTERNATIONALE has been detected as a potentially unwanted program by 9 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This file is typically installed with the program Max Computer Cleaner. While running, it connects to the Internet address box1290.bluehost.com on port 80 using the HTTP protocol.

File name:

Publisher:

Max Computer Cleaner (signed by CONCEPTION SELECTION DISTRIBUTION INTERNATIONALE)

Product:

Max Computer Cleaner

Version:

2.7.2.0

MD5:

159c2eaf290071b0be1563246de42027

SHA-1:

936109b987a6040a1b23d46ab5e9b0705f9046fc

SHA-256:

78f15184317c78038e1d2fe0df34c3b0fce9c130c3dc39616825ee2a89753f5c

Scanner detections:

9 / 68

Status:

Potentially unwanted

Analysis date:

6/29/2025 1:13:51 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Malware-gen

2014.9-150611

AVG

Generic

2016.0.3081

Baidu Antivirus

PUA.MSIL.LittleRegClean

4.0.3.15611

ESET NOD32

MSIL/Rebrand.LittleRegClean.A potentially unwanted (variant)

9.11586

IKARUS anti.virus

PUA.MSIL.Rebrand

t3scan.1.8.9.0

K7 AntiVirus

Adware

13.203.15826

McAfee

Artemis!159C2EAF2900

5600.6737

Trend Micro House Call

Suspicious_GEN.F47V0419

7.2.162

VIPRE Antivirus

Trojan.Win32.Generic

40002

File size:

4.5 MB (4,726,464 bytes)

Product version:

2.7.2.0

Original file name:

MaxComputerCleaner.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\max computer cleaner\maxcomputercleaner.exe

Digital Signature

Signed by:

CONCEPTION SELECTION DISTRIBUTION INTERNATIONALE

Authority:

GlobalSign nv-sa

Valid from:

12/16/2014 11:36:07 AM

Valid to:

12/17/2015 11:36:07 AM

Subject:

CN=CONCEPTION SELECTION DISTRIBUTION INTERNATIONALE, OU=Xhopever, O=CONCEPTION SELECTION DISTRIBUTION INTERNATIONALE, L=Paris, C=FR

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

112106B28CB2E4D8370E3EC157B3C5B3FF12

File PE Metadata

Compilation timestamp:

3/27/2015 8:57:32 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

49152:+5RULO5x/wnpi9P3PQ9hpQQ4pq7bwKeK8c7JM:+nUKWnpxDCp6bwKeK/7q

Entry address:

0x4690AE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

4.4 MB (4,616,704 bytes)

Scheduled Task

Task name:

MaxComputerCleaner_Start

Trigger:

Logon (Runs on logon)

The file MaxComputerCleaner.exe has been discovered within the following program.

Max Computer Cleaner by Max Computer Cleaner

About 1% of users remove it

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to box1290.bluehost.com (50.87.249.90:80)

Remove MaxComputerCleaner.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.