» microsoft fix it center.exe
Overview
Analysis
File Details

microsoft fix it center.exe

uredo II-VI cubicularius clibanus

POPELER SYSTEM, S.L.

The setup program uses the Firseria/Solimba AppInstaller (DownloadMR) which is a monetization download manager that bundles additional adware offers, typically by wrapping legitimate applications. The application microsoft fix it center.exe by POPELER SYSTEM, S.L has been detected as adware by 26 anti-malware scanners. The program is a setup application that uses the Solimba DownloadMR installer. It uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars.

File name:

Publisher:

mica diruo (signed by POPELER SYSTEM, S.L.)

Product:

uredo II-VI cubicularius clibanus

Description:

potens transfero

Version:

53.23.4.63

MD5:

3bb29431ba3df239c14c7cfc6e93d41d

SHA-1:

7e4875ab5f296806aa2c9d9fe046cd5f6573e9f1

SHA-256:

4f231b26531685f637cbc5614984ed375679bb5c304a8d53c84d039457945d33

Scanner detections:

26 / 68

Status:

Adware

Explanation:

Uses the Solimba installer to bundle adware offers.

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

4/20/2024 2:11:12 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Generic.924113

5843186

Agnitum Outpost

PUA.Solimba

7.1.1

AhnLab V3 Security

PUP/Win32.Firseria

2014.11.25

Avira AntiVirus

APPL/Firseria.Gen8

7.11.187.128

avast!

Win32:Solimba-S [PUP]

141119-1

AVG

Found Win32/DH{gRKBDxMXADWBE0F8fS4gIls}

2014.0.4189

Baidu Antivirus

Adware.Win32.Solimba

4.0.3.141126

Bitdefender

Application.Generic.922577

1.0.20.1650

Comodo Security

Application.Win32.Firseria.AFGH

20133

Dr.Web

Adware.Downware.9205

9.0.1.05190

Emsisoft Anti-Malware

Application.Generic.924113

9.0.0.4570

ESET NOD32

MSIL/Solimba.AJ potentially unwanted application

7.0.302.0

F-Prot

W32/A-3c9b1bf2

v6.4.7.1.166

F-Secure

Application.Generic.922577

11.2014-26-11_4

G Data

Win32.Application.FirseriaInstaller

14.11.24

K7 AntiVirus

Unwanted-Program

13.185.14071

Kaspersky

not-a-virus:Downloader.Win32.Morstar

15.0.0.463

Malwarebytes

PUP.Optional.Popeler

v2014.11.26.12

MicroWorld eScan

Application.Generic.922577

15.0.0.990

NANO AntiVirus

Trojan.Win32.Morstar.djgxiu

0.28.6.63726

Panda Antivirus

Adware/Firseria

14.11.26.12

Quick Heal

Adware.Firseria.A5

11.14.14.00

Reason Heuristics

PUP.POPELERSYSTEMSL.X

14.11.26.12

Sophos

Solimba Installer

4.98

Vba32 AntiVirus

Downware.Morstar

3.12.26.3

VIPRE Antivirus

Threat.4782980

34232

File size:

547.7 KB (560,864 bytes)

Product version:

33.13.59.27

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Solimba DownloadMR

Common path:

C:\users\{user}\downloads\microsoft fix it center.exe

Digital Signature

Signed by:

POPELER SYSTEM, S.L.

Authority:

Thawte, Inc.

Valid from:

7/25/2014 2:00:00 AM

Valid to:

8/29/2016 1:59:59 AM

Subject:

CN="POPELER SYSTEM, S.L.", OU=IT, O="POPELER SYSTEM, S.L.", L=Badalona, S=Barcelona, C=ES

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

7D4509F01375B349F2DE66BF15A48CD7

File PE Metadata

Compilation timestamp:

11/19/2014 11:35:36 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

12288:BZynNs+44UTU3Q5DOpNmbCLOgekry2jqEu+CpPDm9DYNnH:BZyCgUTXAk6OgekryWU+ycY9H

Entry address:

0xD9CC

Entry point:

E8, B5, 6C, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, A8, 71, 42, 00, E8, 0E, 16, 00, 00, E8, 86, 6E, 00, 00, 0F, B7, F0, 6A, 02, E8, 48, 6C, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 11, 65, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Code size:

112.5 KB (115,200 bytes)

Remove microsoft fix it center.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.