» pcspeedmaximizer_aqit_ppc_co_banner.exe
Overview
Analysis
File Details
Downloads (2)

pcspeedmaximizer_aqit_ppc_co_banner.exe

PC Speed Maximizer

Smart PC Solutions, Inc.

The application pcspeedmaximizer_aqit_ppc_co_banner.exe by Smart PC Solutions has been detected as a potentially unwanted program by 3 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. It is also typically executed from an Internet Explorer cache folder. The file has been seen being downloaded from web.avanquest.com and multiple other hosts.

File name:

Publisher:

Smart PC Solutions (signed by Smart PC Solutions, Inc.)

Product:

PC Speed Maximizer

Version:

3.2

MD5:

7e6b18cf43ba3c8e94845230688e6515

SHA-1:

f5069b3e432899be1b480ed3d936c98e56a72f52

SHA-256:

ae347ab8aee1ac05c82c277d35b06a7454417e49753273c0f9a35420cb00a091

Scanner detections:

3 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 6:47:46 AM UTC (today)

Scan engine

Detection

Engine version

Comodo Security

UnclassifiedMalware

17139

ESET NOD32

Win32/SpeedingUpMyPC (variant)

8.8945

Reason Heuristics

PUP.Optional.SmartPCSolutions.d

14.6.10.14

File size:

3.2 MB (3,403,616 bytes)

Product version:

3.2

Smart PC Solutions

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\pcspeedmaximizer_aqit_ppc_co_banner.exe

Digital Signature

Signed by:

Smart PC Solutions, Inc.

Authority:

VeriSign, Inc.

Valid from:

4/5/2011 2:00:00 AM

Valid to:

5/30/2014 1:59:59 AM

Subject:

CN="Smart PC Solutions, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Smart PC Solutions, Inc.", L=Alexandria, S=Virginia, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

502E76B6ACDCDE4F3336BF9286946063

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:H297ZdmfdmSuDlovHZKqFq/MEss4RVzYi97y2rkAcAWKSaawdYqauvsqrDLCtj:WtmVH8UEX0R9WMIjKSMdAVa/m

Entry address:

0x9B24

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, A2, 95, FF, FF, E8, A9, A7, FF, FF, E8, D4, C9, FF, FF, E8, 1B, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, DB, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, A4, A1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 04, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 53, 96, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file pcspeedmaximizer_aqit_ppc_co_banner.exe has been seen being distributed by the following 2 URLs.

http://web.avanquest.com/download/download.cfm?go=http://filecdn2.avanquest.com/ppc/PCSpeedMaximizer/.../PCSpeedMaximizer_AQIT_PPC_CO_Banner.exe

http://filecdn2.avanquest.com/ppc/PCSpeedMaximizer/.../PCSpeedMaximizer_AQIT_PPC_CO_Banner.exe

Remove pcspeedmaximizer_aqit_ppc_co_banner.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.