home

TotalPrivacy.exe

Total Privacy

Pointstone Software, LLC

The application TotalPrivacy.exe, “You know what you've been doing with your computer, but that doesn't mean that anyone else has to!” by Pointstone Software has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.
Publisher:
Pointstone Software, LLC  (signed and verified)

Product:
Total Privacy

Description:
You know what you've been doing with your computer, but that doesn't mean that anyone else has to!

Version:
5.7.1.370

MD5:
40448cdb3c6858e1bd814df9c2125ba7

SHA-1:
1e6d899f4f8d5fc31185ceda4449fb07611d4916

SHA-256:
26893f14f55320990d3b0b24c48bec3625f73ae316c1fd371cb443db7b1e5cc8

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 11:46:29 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.Pointstone.Task
16.2.4.4

File size:
1.6 MB (1,696,984 bytes)

Product version:
5.7.0.0

Copyright:
Copyright © 2002-2009 Pointstone Software, LLC

Trademarks:
Total Privacy and Pointstone are either trademarks or registered trademarks of Pointstone Software, LLC

Original file name:
TotalPrivacy.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\pointstone\total privacy 5\totalprivacy.exe

Digital Signature
Signed by:
Pointstone Software, LLC

Authority:
The USERTRUST Network

Valid from:
3/5/2008 5:30:00 AM

Valid to:
3/6/2010 5:29:59 AM

Subject:
CN="Pointstone Software, LLC", O="Pointstone Software, LLC", STREET=220 E. Delaware Avenue, L=Newark, S=Delaware, PostalCode=19711, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
0A38CECD27D24D5BABCE0D05DC3CDAF9

File PE Metadata
Compilation timestamp:
12/15/2008 6:56:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:8K6ehMxOEdijslTEyh1X2nYIOZrJDSYz6jV2g21:8nehduiIph1Gni0YLD1

Entry address:
0x1000

Entry point:
68, 01, 10, 70, 00, E8, 01, 00, 00, 00, C3, C3, 40, 87, E3, 50, 15, 05, 99, 35, B6, 16, 8E, C3, 5A, 3F, 24, BF, FF, C6, 76, D8, 3B, 3F, BB, F4, BA, AC, F6, 16, 98, 82, 59, 9A, EA, AE, 7E, 56, C8, B5, 79, 49, 94, 88, 7A, B3, 3F, 23, CB, 53, 67, 13, EB, 91, E2, 83, 68, 63, 23, 65, 44, 3E, F0, 82, D5, A8, 88, 65, 92, BE, 48, EB, 7A, 78, 2E, B0, 40, 96, F8, D3, D8, 4E, 95, 84, E3, 0F, 9D, 4F, 72, 9F, CB, 1D, 6B, 01, 57, 4A, CD, 45, 3F, D3, CA, 6C, CC, F0, C5, 87, 0A, 93, 75, 38, DB, 22, 30, 5F, 6A, 63, 41, 8F...
 
[+]

Entropy:
7.9791

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
1.8 MB (1,846,784 bytes)

Scheduled Task
Task name:
Total Privacy Startup

Path:
\Pointstone\Total Privacy\Total Privacy Startup

Trigger:
Logon (Runs on logon)

Description:
Load Total Privacy at windows startup.


Remove TotalPrivacy.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.