imf.exe

IObit Malware Fighter

IObit Information Technology

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘IObit Malware Fighter’. This file is installed with multiple programs including IObit Malware Fighter 3 and IObit Malware Fighter.
Publisher:
IObit  (signed by IObit Information Technology)

Product:
IObit Malware Fighter

Version:
2.3.0.13

MD5:
1bdab8a2ad5080027dda901465803bd7

SHA-1:
a2867e1c230e59c35d18a92de3b3dc7140759c0d

SHA-256:
fa4d2148f0322d875d267064b8b1e98f2fa53e909a734d833cacad1bdf3126ec

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
7/18/2018 9:55:14 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Gen:Heur.SEPhish
8.14.03.03.12

File size:
1.5 MB (1,592,640 bytes)

Product version:
2.0.0.0

Copyright:
Copyright (c) 2005-2013

Trademarks:
IObit.com

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\iobit\iobit malware fighter\imf.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
1/14/2013 7:00:00 PM

Valid to:
2/14/2016 6:59:59 PM

Subject:
CN=IObit Information Technology, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IObit Information Technology, L=Chengdu, S=Sichuan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
11CADAF29DA4C3CB113BF1877B120103

File PE Metadata
Compilation timestamp:
2/26/2014 9:20:11 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:IRXXjnEzUrs8hy0LQpgVkA1BXSWZGgYk/TK+u/sDTc93YEn:7UY4VfxBxT9bD49IEn

Entry address:
0xF0CA8

Entry point:
55, 8B, EC, 81, C4, C8, FE, FF, FF, 33, C0, 89, 85, CC, FE, FF, FF, 89, 85, C8, FE, FF, FF, 89, 85, D0, FE, FF, FF, 89, 85, D4, FE, FF, FF, 89, 45, EC, B8, AC, E6, 4E, 00, E8, 24, 08, F1, FF, 33, C0, 55, 68, 43, 11, 4F, 00, 64, FF, 30, 64, 89, 20, B8, 5C, 11, 4F, 00, E8, B0, E9, F4, FF, 84, C0, 74, 2E, C7, 05, 5C, EA, 4F, 00, 88, 13, 00, 00, E8, 71, 0A, F1, FF, 25, FF, 00, 00, 00, 83, F8, 05, 75, 0A, C7, 05, 5C, EA, 4F, 00, 20, 4E, 00, 00, A1, 5C, EA, 4F, 00, 50, E8, 42, 1A, F1, FF, B8, 80, 11, 4F, 00, E8...
 
[+]

Entropy:
6.4679

Developed / compiled with:
Microsoft Visual C++

Code size:
961.5 KB (984,576 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
IObit Malware Fighter

Command:
"C:\Program Files\iobit\iobit malware fighter\imf.exe" \autostart


The file imf.exe has been discovered within the following programs.

Publisher's description - “IObit Malware Fighter is an advanced malware & spyware removal utility that detects, removes the deepest infections, and protects your PC from various potential spyware, adware, trojans, keyloggers, bots, worms, and hijackers.”
www.iobit.com/malware-fighter.html
22% remove it
Publisher's description - “With unique "Dual-Core" anti-malware engine, IObit Malware Fighter is able to detect and remove various kinds of malware, like spyware, adware, trojans, keyloggers, bots, worms, and hijackers, ensuring you a safer PC.”
www.IObit.com
52% remove it
 
Powered by Should I Remove It?

Scan imf.exe - Powered by Reason Core Security