Should I block it?
90% of PCs block this file from running.
Possible reason:
Multiple malware detections
Relationships
tidynetwork009.exe
By TidyNetwork (Signed)
Version: | 2.0.0.1266 |
MD5: | 966f77a9b64a43693920710c8f462009 |
SHA1: | 92f1b7423b2a4260f84c0d7d619e5d799d9cb77f |
SHA256: | d1027e3154a9858c401c191bd40676619e9f7b3dcda381d82ed378aa5b08c445 |
Warning 4 antivirus scanners has detected malware.
Overview
tidynetwork009.exe is malware that executes as a process with the local user's privileges. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). This is typically installed with the program TidyNetwork.com published by TidyNetwork.com and is most likely removed by most users once installed (83% removed). The file is digitally signed by TidyNetwork which was issued by the VeriSign certificate authority (CA). This particular version is usually found on Microsoft Windows XP (5.1.2600.196608).
Details
File name: | tidynetwork009.exe |
Publisher: | Tidy Network |
Typical file path: | C:\Documents and Settings\user\Application data\tidynetwork.com\tidynetwork009.exe |
Original name: | tidynetw.exe |
File version: | 2.0.0.1266 |
Size: | 194.35 KB (199,016 bytes) |
Certificate |
Issued to: | TidyNetwork |
Authority (CA): | VeriSign |
Effective date: | Sunday, April 1, 2012 |
Expiration date: | Wednesday, April 3, 2013 |
Digital DNA |
PE subsystem: | Windows GUI |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following program will install this file
From the Terms of Service - "By accessing the Sites and downloading the Software, you hereby grant the Company permission to display promotional information, advertisements, and offers for third-party products, offers or services (collectively “Advertisements”) from Company’s advertising partners (collectively “Partners”). The Advertisements may include, without limitation, content, offers for products or services, data, links, articles...
Behaviors
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'TidyNetwork.com' → "C:\Documents and Settings\user\Application Data\TidyNetwork.com\tidynetwork009.exe"
Network connections
[UDP] listens on port 1277
Malware detections
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
Antivirus engine | Engine version | Detection |
Comodo Internet Security |
15778 |
Heur.Suspicious |
Malwarebytes |
1.70.0.9 |
PUP.TidyNetwork |
Trend Micro |
9.740.0.1012 |
TROJ_PAIDE.A |
Trend Micro HouseCall |
9.700.0.1001 |
TROJ_PAIDE.A |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00010864% | |
Kernel CPU: | 0.00007775% | |
User CPU: | 0.00003090% | |
Kernel CPU time: | 188 ms/min | |
Context switches: | 4/sec | |
Memory |
Private memory: | 1.7 MB | |
Private (maximum): | 5.93 MB | |
Private (minimum): | 5.84 MB | |
Non-paged memory: | 1.7 MB | |
Virtual memory: | 50.53 MB | |
Virtual memory (peak): | 53.53 MB | |
Working set: | 5.93 MB | |
Working set (peak): | 5.97 MB | |
Page faults: | 1,728/min | |
I/O |
I/O read transfer: | 12 Bytes/sec | |
I/O read operations: | 1/sec | |
I/O write transfer: | 0 Bytes/sec | |
I/O write operations: | 1/sec | |
I/O other transfer: | 92 Bytes/sec | |
I/O other operations: | 6/sec | |
Resource allocations |
Threads: | 3 | |
Handles: | 164 | |
GUI GDI count: | 11 | |
GUI USER count: | 8 | |
Process properties
Integrety level: | Undefined |
Platform: | 32-bit |
Command line: | "C:\Documents and Settings\user\Application data\tidynetwork.com\tidynetwork009.exe" |
Owner: | User |
Distribution by Windows OS
OS version | distribution |
Microsoft Windows XP |
100.00% |
|