home

pcsu_sl_3.1.2.exe

PC Speed Up

Speedchecker Ltd

This is the Performersoft setup installer. The application pcsu_sl_3.1.2.exe by Speedchecker has been detected as adware by 5 anti-malware scanners. The program is a setup application that uses the InstallBrain installer. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from www.pcspeedup.com and multiple other hosts.
Publisher:
Speedchecker Limited   (signed by Speedchecker Ltd)

Product:
PC Speed Up

Version:
3.1.2

MD5:
f6c3002b36987864a274407ed0ed6252

SHA-1:
e9c2205b9080833744afb005ad8b135df6797683

SHA-256:
82b37f33e6dde5dfe04ed42d772750e05b8d86e78992749b10998655623c5960

Scanner detections:
5 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/24/2024 1:11:00 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
RegOrganizer.D
2014.0.3615

ESET NOD32
Win32/Speedchecker (variant)
7.8769

herdProtect (fuzzy)
variant of copy1-pcspeedup101.exe (Adware)
2014.1.1.22

Reason Heuristics
PUP.Speedchecker.L
14.8.7.19

Trend Micro House Call
TROJ_GEN.F47V0521
7.2.358

File size:
2.6 MB (2,682,336 bytes)

Product version:
3.1.2

Copyright:
Copyright © Speedchecker Limited 2009-2011

File type:
Executable application (Win32 EXE)

Bundler/Installer:
InstallBrain

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\addons\pcsu_sl_3.1.2.exe

Digital Signature
Signed by:
Speedchecker Ltd

Authority:
The USERTRUST Network

Valid from:
1/10/2011 3:00:00 AM

Valid to:
1/10/2013 2:59:59 AM

Subject:
CN=Speedchecker Ltd, O=Speedchecker Ltd, STREET=2 high royd lane, L=Sheffield, S=Sheffield, PostalCode=S36 7JR, C=GB

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00F4384CEDE86AE94F0E52BBF94CD1E0B4

File PE Metadata
Compilation timestamp:
12/20/2011 5:16:50 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:FnkvvMThexx0cr0AjlPZX841TQzTnejBXQCA2t1GkJl7RJg:FkvvBrVvlPB91TfQC11GkT7Rq

Entry address:
0x16478

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B0, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 4E, EC, FF, FF, E8, F5, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01...
 
[+]

Entropy:
7.9788

Developed / compiled with:
Microsoft Visual C++

Code size:
84 KB (86,016 bytes)

The file pcsu_sl_3.1.2.exe has been seen being distributed by the following 4 URLs.

http://www.pcspeedup.com/.../download.aspx?affid=hoffers&k=10368bb5cec1bac19450f445e00bce&autocountry=1&heading=Free scan for PC speed loss issues&referencedWebsite=www.pcspeedup.ru&language=ru

http://www.pcspeedup.com/.../download.aspx?affid=janusz&k=tdv&referencedWebsite=www.velocidadedopc.com.br&language=pt

http://www.pcspeedup.com/.../download.aspx?affid=adld&k=newpl&referencedWebsite=www.przyspieszkomputer.pl&language=pl

http://www.pcspeedup.com/.../download.aspx?affid=hoffers&k=103c20c5f87276aaeca268da1b8b4b&referencedWebsite=www.zrychlenipocitace.cz&language=cs

Remove pcsu_sl_3.1.2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.