home

convertfilesforfree_x64.dll

E & F Limited

The module convertfilesforfree_x64.dll by E & F Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Convert Files for Free by SoftSea.com which is a potentially unwanted software program.
Publisher:
E & F Limited  (signed and verified)

Version:
8.48.0.0

MD5:
8563173a64ef355a035a0ce9b259c857

SHA-1:
eedb2b8cfb8e287a622df9c01132327f306be04a

SHA-256:
f0854c66cb0cedc43cb755a5e964e0e4e58cd5ec9562f7921a178e291da239f7

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 6:30:03 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.EFLimited.X
14.10.15.0

File size:
134.6 KB (137,848 bytes)

Product version:
8.48.0.0

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\convert files for free\convertfilesforfree_x64.dll

Digital Signature
Signed by:
E & F Limited

Authority:
VeriSign, Inc.

Valid from:
3/5/2014 7:00:00 PM

Valid to:
3/5/2017 6:59:59 PM

Subject:
CN=E & F Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=E & F Limited, L=Hong Kong, S=Hong Kong, C=HK

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7DBC05F86288F5858494DE063D75ED47

Registration
CLSID:
{59A062A1-5ECA-4A1A-BC44-B2A9283A8ACB}

ProgID:
ConvertFilesforFree.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
9/19/2014 10:41:51 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:3/vvj5FoJ/Wn+PlmA9LsYepxXSdfZ8PUDzT/cl6KAVDhD+IFvR2Yu:3/Hj++MmA9ng0tZ8PU3T/afAL+IFvRXu

Entry address:
0xC678

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 27, 46, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, A7, FE, FF, FF, CC, CC, CC, 40, 55, 41, 54, 41, 55, 41, 56, 41, 57, 48, 83, EC, 50, 48, 8D, 6C, 24, 40, 48, 89, 5D, 40, 48, 89, 75, 48, 48, 89, 7D, 50, 48, 8B, 05, 32, 18, 01, 00, 48, 33, C5, 48, 89, 45, 08, 8B, 5D, 60, 33, FF, 4D, 8B, F1, 45, 8B, F8, 89, 55, 00, 85, DB, 7E, 2A, 44...
 
[+]

Entropy:
5.9020

Code size:
75 KB (76,800 bytes)

The file convertfilesforfree_x64.dll has been discovered within the following program.

Convert Files for Free  by SoftSea.com
The web browser extension will popup coupon ads when the user visits certain affiliate web sites. Within Internet Explorer the toolbar runs as a Browser Helper Object (BHO), in Google Chrome it is an extension and in Firefox it is an addon.
www.convertfilesforfree.com
70% remove it
 
Powered by Should I Remove It?

Remove convertfilesforfree_x64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.