Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Relationships
PrivitizeVPN.exe
PrivitizeVPN by OOO Industry (Signed)
Version: | 1.0.0.1 |
MD5: | 430739f114507dd2ea78d180a34ff9f3 |
SHA1: | 7c6198902e0bc567da6eced92ed461acf1f72688 |
SHA256: | b3d5e6eafdc7c72254b1c898f8b9f452149bd6c1b938304cfbdded6c949450cf |
Warning 3 antivirus scanners has detected malware.
About PrivitizeVPN.exe (from OOO Industry)
“Privitize is a VPN – virtual private network – that makes sure that all your internet connections go through our super fast servers located world wide – now your privacy is protected all the time whil”
Overview
privitizevpn.exe is malware that executes as a process with the local user's privileges. It is set to be start when the PC boots and any user logs into Windows (added to the Run registry key for the all users under the local machine). This is typically installed with the program PrivitizeVPN published by OOO Industry and is most likely removed by most users once installed (62% removed). The file is digitally signed by OOO Industry which was issued by the COMODO CA Limited certificate authority (CA).
Details
File name: | privitizevpn.exe |
Publisher: | OOO Industry |
Product name: | PrivitizeVPN |
Description: | PrivitizeVPN Client |
Typical file path: | C:\Program Files\privitizevpn\privitizevpn.exe |
File version: | 1.0.0.1 |
Size: | 192.17 KB (196,784 bytes) |
Certificate |
Issued to: | OOO Industry |
Authority (CA): | COMODO CA Limited |
Effective date: | Wednesday, August 1, 2012 |
Expiration date: | Sunday, August 2, 2015 |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following program will install this file
Privitize VPN is an advertsing supported VPN client for home computer users that provides anonymous Internet browsing through a free VPN service, yet displays 3rd party advertisements and bundles various potentially unwanted software during installation including a toolbar (Searchtab, which modifies the users web browser home page and search settings) as well as MagnPic, an aware program. During installation, if the user does not select...
Behaviors
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'PrivitizeVPN' → C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe /autorun
Network connections
[TCP] 141.101.124.36:80
[TCP] 108.162.196.87:80
[TCP] 108.162.197.87:80
Malware detections
Based on 40+ industry antivirus scanners, 3 of them detected the following malware.
Antivirus engine | Engine version | Detection |
Dr.Web |
8.13.4.20 |
Adware.Siggen.25462 |
Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.RCBH1CN |
VIPRE Antivirus |
16786 |
Adware.Privitize (fs) |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00014702% | |
Kernel CPU: | 0.00006507% | |
User CPU: | 0.00008196% | |
Kernel CPU time: | 179 ms/min | |
CPU cycles: | 78,277/sec | |
Context switches: | 8/sec | |
Memory |
Private memory: | 4.14 MB | |
Private (maximum): | 13.9 MB | |
Private (minimum): | 5.12 MB | |
Non-paged memory: | 4.14 MB | |
Virtual memory: | 97.87 MB | |
Virtual memory (peak): | 106.12 MB | |
Working set: | 9.3 MB | |
Working set (peak): | 15.27 MB | |
Page faults: | 12,883/min | |
I/O |
I/O read transfer: | 38 Bytes/sec | |
I/O read operations: | 1/sec | |
I/O write transfer: | 0 Bytes/sec | |
I/O write operations: | 1/sec | |
I/O other transfer: | 4 Bytes/sec | |
I/O other operations: | 1/sec | |
Resource allocations |
Threads: | 6 | |
Handles: | 232 | |
GUI GDI count: | 27 | |
GUI GDI peak: | 25 | |
GUI USER count: | 23 | |
GUI USER peak: | 22 | |
Process properties
Threads
Averages
PrivitizeVPN.exe (main module) |
Total CPU: | 0.00026654% | |
Kernel CPU: | 0.00012752% | |
User CPU: | 0.00013902% | |
CPU cycles: | 153,796/sec | |
Context switches: | 2/sec | |
Memory: | 200 KB | |
ntdll.dll |
Total CPU: | 0.00004820% | |
Kernel CPU: | 0.00004820% | |
User CPU: | 0.00000000% | |
CPU cycles: | 1,630/sec | |
Memory: | 1.52 MB | |
wow64.dll |
Total CPU: | 0.00004820% | |
Kernel CPU: | 0.00000000% | |
User CPU: | 0.00004820% | |
CPU cycles: | 936/sec | |
Memory: | 276 KB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
OS version | distribution |
Windows Vista Home Premium |
23.81% |
|
Windows 7 Home Premium |
23.81% |
|
Windows 7 Ultimate |
14.29% |
|
Windows 8 Pro |
9.52% |
|
Windows 7 Professional |
9.52% |
|
Windows 8 |
9.52% |
|
Microsoft Windows XP |
4.76% |
|
Windows 8 Pro with Media Center |
4.76% |
|
Distribution by country
Canada installs about 23.81% of PrivitizeVPN.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Sony |
33.33% |
|
Toshiba |
22.22% |
|
Acer |
16.67% |
|
Dell |
11.11% |
|
Packard Bell |
5.56% |
|
Samsung |
5.56% |
|
Hewlett-Packard |
5.56% |
|