home

pcleanpro.exe

Kemeda

The executable pcleanpro.exe has been detected as malware by 10 anti-virus scanners.
Publisher:
Kemeda  (signed and verified)

Version:
12.3.0.78

MD5:
755fe71916320264adaeabeb08ab6119

SHA-1:
4e72f074032862632ebc4b08dbbe908794cd7b09

SHA-256:
89973a92a49d05c294613857cdc6566055fd5d6b5dc29433fa5aa76975c294ea

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
5/14/2025 11:16:38 AM UTC  (today)

Scan engine
Detection
Engine version

Arcabit
Trojan.MSILPerseus.D5CC
1.0.0.593

avast!
Win32:Evo-gen [Susp]
2014.9-160317

AVG
MSIL9
2017.0.2801

Baidu Antivirus
Trojan.MSIL.Injector
4.0.3.16317

Bitdefender
Gen:Variant.MSILPerseus.1484
1.0.20.385

Dr.Web
BackDoor.Wirenet.9
9.0.1.077

Emsisoft Anti-Malware
Gen:Variant.MSILPerseus.1484
8.16.03.17.07

ESET NOD32
MSIL/Injector.MIX (variant)
10.12537

G Data
Gen:Variant.MSILPerseus.1484
16.3.25

Kaspersky
Trojan.MSIL.Inject
14.0.0.501

File size:
422.5 KB (432,616 bytes)

Product version:
12.3.0.78

Original file name:
zavx.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\pcleanpro.exe

Digital Signature
Signed by:
Kemeda

Authority:
Kemeda

Valid from:
10/22/2015 4:07:25 AM

Valid to:
10/22/2016 4:07:25 AM

Subject:
CN=www.kemeda.pt, O=Kemeda, L=Lisboa, S=Lisboa, C=PK

Issuer:
CN=www.kemeda.pt, O=Kemeda, L=Lisboa, S=Lisboa, C=PK

Serial number:
008C6590B70633A028

File PE Metadata
Compilation timestamp:
11/6/2015 1:25:56 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
80.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:69On37qOCAsxtmTgsOtu7ZV+avN/oGIC50cFeTlqvf:spcTxOtIzGGJ0cFeTlI

Entry address:
0x6A86E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.0495

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
418.5 KB (428,544 bytes)

Remove pcleanpro.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.