» afocal_system.exe
Overview
Analysis
File Details

afocal_system.exe

Deep Freeze

Faronics Corporation

The executable afocal_system.exe, “Deep Freeze service” has been detected as malware by 11 anti-virus scanners.

File name:

afocal_system.exe

Publisher:

Faronics Corporation

Product:

Deep Freeze

Description:

Deep Freeze service

Version:

7,72,20,4535

MD5:

9d7e7bfc36390207085f45abd3e2b7f1

SHA-1:

14ebb7ebb0967180711a0cbe8deddc5665755996

SHA-256:

23e4e8d0971e8b1437fb8c993ff4099db6d963614334891610a534b6e4dc871a

Scanner detections:

11 / 68

Status:

Malware

Analysis date:

4/20/2024 1:50:53 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Malware-gen

2014.9-150522

AVG

Crypt4

2016.0.3130

Baidu Antivirus

Trojan.Win32.Yakes

4.0.3.15423

Kaspersky

Trojan.Win32.Yakes

14.0.0.2146

Malwarebytes

Trojan.Agent.ED

v2015.04.23.06

Microsoft Security Essentials

Ransom:Win32/Nymaim.F

1.1.11602.0

Qihoo 360 Security

HEUR/QVM20.1.Malware.Gen

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

15.5.22.10

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

Suspicious_GEN.F47V0421

7.2.113

VIPRE Antivirus

Trojan.Win32.Generic

40014

File size:

215 KB (220,160 bytes)

Product version:

7.72.020.4535

Original file name:

DFServAx.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\ProgramData\adobe\arm\reader_10.1.11\probability\afocal_system.exe

File PE Metadata

Compilation timestamp:

4/21/2015 8:11:04 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

3072:ljr0cwuwfbfgq2AuY2VukjV6M+gMZv6zBjCeZtPwnqeQuKha/ck:ljr0fuq2AuY2Vuc6JpZemEPwqeUQ7

Entry address:

0xE35C

Entry point:

E8, 25, 5B, FF, FF, E9, 12, 5B, FF, FF, 24, 63, F6, 2C, 17, 6F, 38, 0C, 78, 9F, 80, C2, 6C, 50, 70, 89, BA, 5A, 6D, 54, DD, 6B, 8A, F6, FB, D3, 5F, EE, 53, EA, 76, CF, 0C, 45, B2, B2, CB, 40, D8, E9, 99, C9, 08, 9B, 21, 0D, 72, 1A, 4E, 90, BA, DB, B0, 84, 1E, 87, 15, 18, 29, 3B, 53, F2, FF, 83, 43, 3B, 16, 38, 35, 46, A0, 3C, ED, 6E, 99, 85, 07, D4, FA, 20, B1, 05, 00, 08, 48, 45, 6A, 30, 96, C6, 66, E2, F2, DA, 68, 18, FC, 5B, 63, AD, 64, 0C, E5, A0, 21, F6, 93, 9B, 5F, 3D, 8F, E2, 8C, 1F, 3C, 1E, 59, 92... 
[+]

Entropy:

6.8661

Code size:

90.5 KB (92,672 bytes)

Remove afocal_system.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.