home

2570bd6c.ftf.ftf

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The file 2570bd6c.ftf.ftf by PC Utilities Software Limited has been detected as a potentially unwanted program by 14 anti-malware scanners. Also know as BrowserDefender, this bundled service will prevent various web browser toolbars and extensions from running as well as block changes to the search page and provider. It is also typically executed from the user's temporary directory.
Publisher:
PC Utilities Software Limited  (signed and verified)

MD5:
4c0985d5da5d549f943b049a8d08864d

SHA-1:
b0a80457f54c688f029df3be55a7a1851ac4819b

SHA-256:
6fcedee3331e87193054253945aabbeecabb6c87e3836b368580d1f0d78e3621

Scanner detections:
14 / 68

Status:
Potentially unwanted

Explanation:
Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:
4/26/2024 6:00:23 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Bprotector.5
5829361

Avira AntiVirus
TR/BProtector.Gen2
7.11.188.92

avast!
Win32:BProtect-J [Trj]
2014.9-141123

AVG
Adware Generic_r.HH
2014.0.4189

Bitdefender
Gen:Variant.Adware.Bprotector.5
1.0.20.1635

Comodo Security
Application.Win32.BProtect.COLC
20176

Emsisoft Anti-Malware
Gen:Variant.Adware.Bprotector
9.0.0.4570

ESET NOD32
Win32/SProtector.L potentially unwanted application
7.0.302.0

F-Secure
Gen:Variant.Adware.Bprotector.5
11.2014-23-11_1

G Data
Gen:Variant.Adware.Bprotector
14.11.24

K7 AntiVirus
Trojan
13.185.14098

MicroWorld eScan
Gen:Variant.Adware.Bprotector.5
15.0.0.981

Reason Heuristics
PUP.PCUtilities.O
14.11.23.20

Sophos
BProtector
4.98

File size:
3.8 MB (4,022,600 bytes)

Common path:
C:\users\{user}\appdata\local\temp\2570bd6c.ftf.ftf

Digital Signature
Signed by:
PC Utilities Software Limited

Authority:
GoDaddy.com, Inc.

Valid from:
4/5/2013 7:29:35 PM

Valid to:
4/3/2015 3:23:14 PM

Subject:
CN=PC Utilities Software Limited, O=PC Utilities Software Limited, L=London, S=UK, C=GB

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B239BABC97410

File PE Metadata
Compilation timestamp:
1/28/2014 7:11:05 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
98304:I8pgFiijbfAxv97Lb6EwRve16ax3df0QJjQOxJC:2iijbfwv976EwoIaTftxQOW

Entry address:
0x10A45C

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, AF, D0, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, D8, 0A, 25, 10, E8, 05, 5B, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, D4, 6D, 29, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, F8, EB, 23, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
7.1101

Developed / compiled with:
Microsoft Visual C++

Code size:
2.2 MB (2,341,888 bytes)

Remove 2570bd6c.ftf.ftf - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.