home

2570bd6c.ftf.ftf

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The file 2570bd6c.ftf.ftf by PC Utilities Software Limited has been detected as a potentially unwanted program by 16 anti-malware scanners. Also know as BrowserDefender, this bundled service will prevent various web browser toolbars and extensions from running as well as block changes to the search page and provider.
Publisher:
PC Utilities Software Limited  (signed and verified)

MD5:
65c32ca9a7d6c3e1ef563dd2d9ac35ef

SHA-1:
2b8341411937a484d8058d53c2d4e8714e1f1fc4

SHA-256:
03ceb64870b52bcadd65d1b259ab0e6740af536fa02b8649055ce7cd8db5981a

Scanner detections:
16 / 68

Status:
Potentially unwanted

Explanation:
Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:
4/25/2024 7:54:28 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Bprotector.5
833

AegisLab AV Signature
Troj.W32.Gen
2.1.4+

Avira AntiVirus
TR/BProtector.Gen2
7.11.181.44

avast!
Win32:BProtect-J [Trj]
141025-0

AVG
Adware Generic_r.HH
2014.0.4040

Baidu Antivirus
PUA.Win32.SProtector
4.0.3.141025

Bitdefender
Gen:Variant.Adware.Bprotector.5
1.0.20.1490

Comodo Security
Application.Win32.BProtect.COLC
19896

Emsisoft Anti-Malware
Gen:Variant.Adware.Bprotector
14.10.25

ESET NOD32
Win32/SProtector.D potentially unwanted application
7.0.302.0

F-Secure
Gen:Variant.Adware.Bprotector.5
11.2014-25-10_7

G Data
Gen:Variant.Adware.Bprotector
14.10.24

K7 AntiVirus
Trojan
13.185.13805

MicroWorld eScan
Gen:Variant.Adware.Bprotector.5
15.0.0.894

Reason Heuristics
PUP.PCUtilities.O
14.10.25.7

Sophos
BProtector
4.98

File size:
4 MB (4,235,080 bytes)

Common path:
C:\windows\temp\2570bd6c.ftf.ftf

Digital Signature
Signed by:
PC Utilities Software Limited

Authority:
GoDaddy.com, Inc.

Valid from:
4/5/2013 8:29:35 PM

Valid to:
4/3/2015 4:23:14 PM

Subject:
CN=PC Utilities Software Limited, O=PC Utilities Software Limited, L=London, S=UK, C=GB

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B239BABC97410

File PE Metadata
Compilation timestamp:
12/22/2013 2:48:49 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
98304:F711bMk80mJWkzjxezsYsFjuOEAZUNnG28ZAI+kgmHbk4smapC7:p11g5jx6sYsFuOlUM9AWgmHbP

Entry address:
0x1909F6

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 87, D1, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 80, 6B, 27, 10, E8, 4B, 50, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, D4, BD, 2B, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 48, 4C, 26, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2.4 MB (2,498,560 bytes)

Remove 2570bd6c.ftf.ftf - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.