We Recommend: You Boost your PC today

Should I block it?

90%
90% of PCs block this file from running.
Possible reason:
Multiple malware detections

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
RegCloseKey, CryptDestroyKey, CryptDestroyHash, CryptDecrypt, CryptDeriveKey, CryptEncrypt, RegQueryValueExW, RegOpenKeyExW, RegEnumKeyExW, RegQueryInfoKeyW, RegSetValueExW, CryptSignHashW, CryptHashData, CryptCreateHash, CryptGenKey, CryptAcquireContextW, RegCreateKeyExW, CryptReleaseContext
crypt32.dll
CryptEncodeObject, CryptExportPublicKeyInfo
gdi32.dll
TextOutW
kernel32.dll
FindFirstFileW, FindNextFileW, FindClose, CreateDirectoryW, CopyFileW, GetPrivateProfileStringW, WritePrivateProfileStringW, GetModuleHandleA, lstrlenA, MultiByteToWideChar, WriteFile, ReadFile, ReleaseMutex, CreateMutexW, GetModuleFileNameW, Sleep, CreateProcessW, GetTempPathW, GetWindowsDirectoryW, GetFileAttributesW, GetSystemDirectoryW, lstrcpynW, GetFileTime, GetSystemTimeAsFileTime, CompareFileTime, RaiseException, GetFileSize, SetFilePointer, MapViewOfFile, CreateFileW, SystemTimeToFileTime, GetTickCount, FileTimeToSystemTime, GetLocalTime, CreateFileMappingW, GetFileInformationByHandle, GetCurrentDirectoryW, LCMapStringW, WriteConsoleW, CreateFileA, FlushFileBuffers, SetStdHandle, GetCurrentProcessId, QueryPerformanceCounter, GetFileType, SetHandleCount, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetStringTypeW, GetCurrentThreadId, SetLastError, UnmapViewOfFile, SetCurrentDirectoryW, LoadLibraryW, CloseHandle, GetModuleHandleW, FindResourceExW, GetProcAddress, FindResourceW, LoadResource, LockResource, SizeofResource, DeleteFileW, WideCharToMultiByte, lstrlenW, GetLastError, TlsFree, TlsSetValue, TlsGetValue, TlsAlloc, IsValidCodePage, GetOEMCP, GetACP, InterlockedDecrement, InterlockedIncrement, GetCPInfo, GetStdHandle, ExitProcess, HeapCreate, GetConsoleMode, GetConsoleCP, RtlUnwind, GetCurrentProcess, TerminateProcess, IsDebuggerPresent, SetUnhandledExceptionFilter, LoadLibraryA, FreeLibrary, UnhandledExceptionFilter, IsProcessorFeaturePresent, GetStartupInfoW, HeapSetInformation, HeapDestroy, HeapAlloc, HeapFree, HeapReAlloc, HeapSize, GetProcessHeap, EnterCriticalSection, LeaveCriticalSection, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, EncodePointer, DecodePointer, GetCommandLineW, SetEndOfFile
ole32.dll
CoTaskMemFree, CoInitialize, CoUninitialize, CoCreateInstance, CLSIDFromProgID
oleacc.dll
AccessibleObjectFromWindow
shell32.dll
SHGetFolderPathW
shlwapi.dll
SHCreateStreamOnFileW, SHGetValueA
user32.dll
GetMessageW, LoadCursorW, RegisterClassExW, GetClassNameW, DispatchMessageW, TranslateMessage, GetDesktopWindow, SendMessageW, InvalidateRect, PostQuitMessage, KillTimer, EndPaint, BeginPaint, DefWindowProcW, EnumChildWindows, PostMessageW, IsWindow, SetTimer, UpdateWindow, ShowWindow, CreateWindowExW, EnumWindows
wininet.dll
DeleteUrlCacheEntryW

tidynetwork009.exe

By TidyNetwork (Signed)

Version:   2.0.0.1266
MD5:   966f77a9b64a43693920710c8f462009
SHA1:   92f1b7423b2a4260f84c0d7d619e5d799d9cb77f
SHA256:   d1027e3154a9858c401c191bd40676619e9f7b3dcda381d82ed378aa5b08c445
Warning 4 antivirus scanners has detected malware.

Overview

tidynetwork009.exe is malware that executes as a process with the local user's privileges. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). This is typically installed with the program TidyNetwork.com published by TidyNetwork.com and is most likely removed by most users once installed (60% removed). The file is digitally signed by TidyNetwork which was issued by the VeriSign certificate authority (CA). This particular version is usually found on Microsoft Windows XP (5.1.2600.196608).

DetailsDetails

File name:tidynetwork009.exe
Publisher:Tidy Network
Typical file path:C:\Documents and Settings\user\Application data\tidynetwork.com\tidynetwork009.exe
Original name:tidynetw.exe
File version:2.0.0.1266
Size:194.35 KB (199,016 bytes)
Certificate
Issued to:TidyNetwork
Authority (CA):VeriSign
Effective date:Sunday, April 01, 2012
Expiration date:Wednesday, April 03, 2013
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
TidyNetwork.com
  60% remove
From the Terms of Service - "By accessing the Sites and downloading the Software, you hereby grant the Company permission to display promotional information, advertisements, and offers for third-party products, offers or services (collectively “Advertisements”) from Company’s advertising partners (collectively “Partners”). The Advertisements may include, without limitation, content, offers for products or services, data, links, articles...

BehaviorsBehaviors

Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'TidyNetwork.com' → "C:\Documents and Settings\user\Application Data\TidyNetwork.com\tidynetwork009.exe"
Network connections
  • [UDP] listens on port 1277

  • MalwareMalware detections

    Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
    Antivirus engineEngine versionDetection
    Comodo Internet Security 15778 Heur.Suspicious
    Malwarebytes 1.70.0.9 PUP.TidyNetwork
    Trend Micro 9.740.0.1012 TROJ_PAIDE.A
    Trend Micro HouseCall 9.700.0.1001 TROJ_PAIDE.A

    ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00010864%
    0.028634%
    Kernel CPU:0.00007775%
    0.013761%
    User CPU:0.00003090%
    0.014873%
    Kernel CPU time:188 ms/min
    100,923,805ms/min
    Context switches:4/sec
    284/sec
    Memory
    Private memory:1.7 MB
    21.59 MB
    Private (maximum):5.93 MB
    Private (minimum):5.84 MB
    Non-paged memory:1.7 MB
    21.59 MB
    Virtual memory:50.53 MB
    140.96 MB
    Virtual memory (peak):53.53 MB
    169.69 MB
    Working set:5.93 MB
    18.61 MB
    Working set (peak):5.97 MB
    37.95 MB
    Page faults:1,728/min
    2,039/min
    I/O
    I/O read transfer:12 Bytes/sec
    1.02 MB/min
    I/O read operations:1/sec
    343/min
    I/O write transfer:0 Bytes/sec
    274.99 KB/min
    I/O write operations:1/sec
    227/min
    I/O other transfer:92 Bytes/sec
    448.09 KB/min
    I/O other operations:6/sec
    1,671/min
    Resource allocations
    Threads:3
    12
    Handles:164
    600
    GUI GDI count:11
    103
    GUI USER count:8
    49

    BehaviorsProcess properties

    Integrety level:Undefined
    Platform:32-bit
    Command line:"C:\Documents and Settings\user\Application data\tidynetwork.com\tidynetwork009.exe"
    Owner:User

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Microsoft Windows XP 100.00%
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE