home

winfixcls.exe

WinFixPro

IMALI - N.I. MEDIA TD

The application winfixcls.exe, “WinFix Pro Scanner” by IMALI - N.I. MEDIA TD has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
winfixprofessionals.com  (signed by IMALI - N.I. MEDIA TD)

Product:
WinFixPro

Description:
WinFix Pro Scanner

Version:
1.8.1.5

MD5:
1a6e3dbbdd25dd619a3ace7b33c4d754

SHA-1:
1ff55e90d85c14158cd000c4c1255fbf7c34055c

SHA-256:
a79fd6267477b41e4ec4359bf710fbfff1a5fd06966c33b0ee0d20191b7b3f21

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
5/17/2024 4:58:08 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.IMALI (M)
16.12.17.2

File size:
105.3 KB (107,872 bytes)

Product version:
1.8.1.5

Copyright:
winfixprofessionals.com

Original file name:
WinFixScanner.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\winfix\winfix pro\winfixcls.exe

Digital Signature
Signed by:
IMALI - N.I. MEDIA TD

Authority:
DigiCert Inc

Valid from:
12/14/2014 1:00:00 AM

Valid to:
12/16/2015 1:00:00 PM

Subject:
CN=IMALI - N.I. MEDIA TD, O=IMALI - N.I. MEDIA TD, L=tel aviv, C=IL

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
017B4EC01F594ADE73E421BB2CDD9FE2

File PE Metadata
Compilation timestamp:
3/23/2015 3:26:58 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
10.0

Entry address:
0x731C

Entry point:
48, 83, EC, 28, E8, 0F, 54, 00, 00, 48, 83, C4, 28, E9, 76, FE, FF, FF, CC, CC, 48, 85, C9, 74, 37, 53, 48, 83, EC, 20, 4C, 8B, C1, 48, 8B, 0D, A4, 19, 01, 00, 33, D2, FF, 15, 6C, 9D, 00, 00, 85, C0, 75, 17, E8, 2F, 0B, 00, 00, 48, 8B, D8, FF, 15, 32, 9D, 00, 00, 8B, C8, E8, D7, 0A, 00, 00, 89, 03, 48, 83, C4, 20, 5B, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 8B, C1, 49, 83, F8, 08, 72, 53, 0F, B6, D2, 49, B9, 01, 01, 01, 01, 01, 01, 01, 01, 49, 0F, AF, D1, 49, 83...
 
[+]

Code size:
63.5 KB (65,024 bytes)

Remove winfixcls.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.