Tidy Network

Category: Adware and PUAs Protection available since:26 Sep 2012 20:54:58 (GMT)
Type: Adware Last Updated:14 Dec 2013 23:49:09 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Tidy Network include:

Example 1

File Information

Size
197K
SHA-1
10c3d8a253fb9bc57041002c6f8ca77b1413e570
MD5
4517f4183d7da278937ca18f0bf823b3
CRC-32
39680f49
File type
Windows executable
First seen
2012-10-23

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Application Data\TidyNetwork.com\test_item.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Application Data\TidyNetwork.com\tidy.crx
  • c:\Documents and Settings\test user\Application Data\Microsoft\Protect\S-1-5-21-1202660629-1454471165-1275210071-1003\e40a0076-1110-45a9-8ab5-29dfa375754d
  • c:\Documents and Settings\test user\Local Settings\Application Data\TidyNetwork.com\spmonk.dll
  • c:\Documents and Settings\test user\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1202660629-1454471165-1275210071-1003\69605f97a1f45089b2b096002193ee18_26c19984-2a01-45b5-a7b3-a568af60c200
Modified Files
  • %PROFILE%\Application Data\Microsoft\Protect\S-1-5-21-1202660629-1454471165-1275210071-1003\Preferred
Registry Keys Created
  • HKLM\SOFTWARE\Google\Chrome\Extensions\ndjgoneibkihplnffgmlbccpgaahpkak
    version
    1.0.0.0
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    TidyNetwork.com
    "c:\Documents and Settings\test user\Local Settings\Application Data\TidyNetwork.com\test_item.exe"
  • HKCU\Software\Microsoft\Windows\CurrentVersion\uninstall\TidyNetwork.com
    UninstallString
    "c:\Documents and Settings\test user\Local Settings\Application Data\TidyNetwork.com\test_item.exe" /uninstall
HTTP Requests
  • http://srv.tidynetwork.com/pubjs
DNS Requests
  • srv.tidynetwork.com

Example 2

File Information

Size
73K
SHA-1
3e3fe9d0d910b2a2b15adfcfab468b58e2b5fac8
MD5
0cb2429bf353489c7bda4fa5bc5b033c
CRC-32
9ac860c1
File type
Windows executable
First seen
2012-06-12

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Application Data\TidyNetwork.com\test_item.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    TidyNetwork.com
    "c:\Documents and Settings\test user\Local Settings\Application Data\TidyNetwork.com\test_item.exe"
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\TidyNetwork.com
    UninstallString
    "c:\Documents and Settings\test user\Local Settings\Application Data\TidyNetwork.com\test_item.exe" /uninstall
HTTP Requests
  • http://srv.tidynetwork.com/pubjs
DNS Requests
  • srv.tidynetwork.com

Example 3

File Information

Size
76K
SHA-1
40c4b2d3720330aaa83c713b540955f253ab9823
MD5
8d5393f6a68f247ca4f9934b48b55b7d
CRC-32
5c5b7eea
File type
Windows executable
First seen
2013-09-13

Runtime Analysis

HTTP Requests
  • http://files.tidynetwork.com/download/tidyconf.ini
DNS Requests
  • files.tidynetwork.com

download Try Sophos products for free
Download now