home

2570bd6c.ftf.ftf

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The file 2570bd6c.ftf.ftf by PC Utilities Software Limited has been detected as a potentially unwanted program by 16 anti-malware scanners. Also know as BrowserDefender, this bundled service will prevent various web browser toolbars and extensions from running as well as block changes to the search page and provider.
Publisher:
PC Utilities Software Limited  (signed and verified)

MD5:
f2ee1d722926268f84e8bbc330cfba9b

SHA-1:
ee36d5181aad8caa331c83d3b0c664fc76e452cf

SHA-256:
fa697a299cca675cf0a1beacbbf4e162ad80632709d6e0d6fd3248d6c3215c33

Scanner detections:
16 / 68

Status:
Potentially unwanted

Explanation:
Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:
4/24/2024 11:31:33 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Adware.BProtector.1
678

Agnitum Outpost
Riskware.Agent
7.1.1

Avira AntiVirus
TR/BProtector.Gen2
7.11.144.142

AVG
Dropper.Generic_r
2016.0.3156

Bitdefender
Gen:Adware.BProtector.1
1.0.20.435

Dr.Web
Trojan.WebPick.13
9.0.1.087

Emsisoft Anti-Malware
Gen:Adware.BProtector
8.15.03.28.09

ESET NOD32
Win32/SProtector (variant)
9.9701

F-Secure
Gen:Adware.BProtector.1
11.2015-28-03_7

G Data
Gen:Adware.BProtector
15.3.24

IKARUS anti.virus
AdWare.Bprotector
t3scan.1.6.1.0

McAfee
Artemis!F2EE1D722926
5600.6812

MicroWorld eScan
Gen:Adware.BProtector.1
16.0.0.261

Reason Heuristics
PUP.PC Utilities
15.3.28.21

Sophos
BProtector
4.98

VIPRE Antivirus
Trojan.Win32.Generic
28426

File size:
3.8 MB (4,015,432 bytes)

Common path:
C:\windows\temp\2570bd6c.ftf.ftf

Digital Signature
Signed by:
PC Utilities Software Limited

Authority:
GoDaddy.com, Inc.

Valid from:
4/5/2013 1:29:35 PM

Valid to:
4/3/2015 9:23:14 AM

Subject:
CN=PC Utilities Software Limited, O=PC Utilities Software Limited, L=London, S=UK, C=GB

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B239BABC97410

File PE Metadata
Compilation timestamp:
1/28/2014 8:15:54 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
98304:p8c/GkHxBm6wDMP9MWEeSybcx9vlbGK2PGnNUq80HGa7OkU85G:4MPiWEeSyE9bkeNBTOkU85G

Entry address:
0x13677E

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 0F, BF, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 40, C3, 24, 10, E8, 53, 27, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 0C, 0C, 29, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 58, 86, 23, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
7.1393

Developed / compiled with:
Microsoft Visual C++

Code size:
2.2 MB (2,322,432 bytes)

Remove 2570bd6c.ftf.ftf - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.