» 1eb62cd6.ftf.ftf
Overview
Analysis
File Details
Programs (1)

1eb62cd6.ftf.ftf

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The file 1eb62cd6.ftf.ftf by PC Utilities Software Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Optimizer Pro v3.2 by PC Utilities Software Limited which is a potentially unwanted software program.

File name:

1eb62cd6.ftf.ftf

Publisher:

PC Utilities Software Limited (signed and verified)

MD5:

1a1924a4d177347082b5d7161b055e0d

SHA-1:

e362e7c98de3b8ede5712bc81858a60a4cfc45eb

SHA-256:

4f9d6695bab63572ce8b46248cbd24ce362f3a4f21a4c8f6b79751a7b773b621

Scanner detections:

1 / 68

Status:

Potentially unwanted

Explanation:

Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:

4/26/2024 6:56:47 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.PC Utilities.PCUtilities (M)

16.2.15.11

File size:

4 MB (4,234,568 bytes)

Common path:

C:\users\{user}\appdata\local\temp\1eb62cd6.ftf.ftf

Digital Signature

Signed by:

PC Utilities Software Limited

Authority:

GoDaddy.com, Inc.

Valid from:

4/5/2013 2:29:35 PM

Valid to:

4/3/2015 10:23:14 AM

Subject:

CN=PC Utilities Software Limited, O=PC Utilities Software Limited, L=London, S=UK, C=GB

Issuer:

SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

2B239BABC97410

File PE Metadata

Compilation timestamp:

12/23/2013 12:06:32 AM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

98304:QqUCxPrGdLjjgE2nL94hEOdxBDxahooh5MGU:6LjkEyBqEeMlnMGU

Entry address:

0xD9153

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, BD, DE, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 48, 66, 27, 10, E8, 3E, 50, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, BC, CD, 2B, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 50, 3C, 26, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Entropy:

7.1057

Developed / compiled with:

Microsoft Visual C++

Code size:

2.4 MB (2,492,416 bytes)

The file 1eb62cd6.ftf.ftf has been discovered within the following program.

Optimizer Pro v3.2 by PC Utilities Software Limited

This program is bundled with various modified monetization installers and 3rd party freeware programs. "Offer your users a free PC scan to help them find registry errors, junk files, incorrect system & security settings, plus much more.

www.pcutilitiespro.com

75% remove it

Remove 1eb62cd6.ftf.ftf - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.