home

pdfreadersetup_v3.exe

The application pdfreadersetup_v3.exe has been detected as a potentially unwanted program by 29 anti-malware scanners. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
MD5:
b4364914674332b8ce3aa809b0e28ff7

SHA-1:
9e18d11e31a964dd04570e7543fa33b984c21f6b

SHA-256:
dca87e230700535f2f486dee9f9d20b05e1d99a294594baf6c78a3bb21fccd9c

Scanner detections:
29 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/18/2024 11:35:28 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Generic.358709
922

Agnitum Outpost
Adware.Generic
7.1.1

AhnLab V3 Security
PUP/Win32.InstallCore
2014.07.28

Avira AntiVirus
Adware/InstallCore.5.57
7.11.30.172

avast!
Win32:InstallCore-HF [PUP]
140617-1

Bitdefender
Adware.Generic.358709
1.0.20.1045

Bkav FE
W32.HfsAutoA
1.3.0.4959

Clam AntiVirus
W32.Adware.InstallCore
0.98/19185

Comodo Security
ApplicUnwnt.Win32.AdWare.InstallCore.2
18997

Dr.Web
Adware.InstallCore.53
9.0.1.05190

Emsisoft Anti-Malware
Adware.Generic.358709
8.14.07.28.12

ESET NOD32
Win32/InstallCore.AO potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/InstallCore.AAAA
7/28/2014

F-Prot
W32/InstallCore.C.gen
4.6.5.141

F-Secure
Adware.Generic.358709
11.2014-28-07_2

G Data
Adware.Generic.358709
14.7.24

K7 AntiVirus
Unwanted-Program
13.183.13333

Malwarebytes
PUP.Adware.InstallCore
v2014.07.28.12

MicroWorld eScan
Adware.Generic.358709
15.0.0.627

NANO AntiVirus
Trojan.Win32.InstallCore.bbwrny
0.28.2.60990

Norman
InstallCore.BD
11.20140728

Panda Antivirus
PUP/MultiToolbar.A
14.07.28.12

Reason Heuristics
Threat.Win.Reputation.IMP
14.9.15.1

Rising Antivirus
PE:Malware.InstallCore!6.B99
23.00.65.14726

Sophos
Install Core
4.98

SUPERAntiSpyware
Adware.InstallCore
10457

Total Defense
Win32/InstallCore!Adware
37.0.11085

Vba32 AntiVirus
Adware.InstallCore.gen
3.12.26.3

VIPRE Antivirus
Threat.4150696
31208

File size:
1 MB (1,099,144 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\pdfreadersetup_v3.exe

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:g2QHB7fggYr56QCM6Na0jTiqIJmxT+cggtuA42v5H:gFHxftYr56QsNaGBIJmxTRLg

Entry address:
0xC15D1

Entry point:
55, 8B, EC, 83, C4, F0, B8, 5F, 93, 4F, 00, E8, 9D, FC, FF, FF, 63, B0, F7, 4F, FD, 59, 74, D8, D8, BB, 65, 0F, 5D, 98, BF, 76, B1, 0B, A1, 52, 1B, 2D, F7, F8, B5, 4A, D8, E2, 9B, 73, F3, E4, 02, 9C, 85, 56, DC, 9A, C0, 1B, 09, 9A, 93, CE, 20, F5, 2F, 97, 62, 71, D5, 43, 64, 5B, B0, C9, 6E, 06, CC, 5B, B0, 95, 80, 78, C7, 2D, BC, DD, 2C, DE, 2B, 2F, 85, F4, 11, A7, 08, 75, 51, 47, 48, F9, 11, 3A, 36, 38, CB, 79, 21, D1, E9, D7, FA, 55, 18, 03, 40, 7C, 00, 2C, 3B, 0D, 13, 56, 77, F4, 94, 89, AF, 7F, 0A, 60...
 
[+]

Entropy:
6.8006

Developed / compiled with:
Microsoft Visual C++

Code size:
786.5 KB (805,376 bytes)

Remove pdfreadersetup_v3.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.