home

MFSSystemTray.exe

Max Spyware Detector

Max Secure Software India Pvt. Ltd.

The application MFSSystemTray.exe, “Max File Shredder System Tray” by Max Secure Software India Pvt has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘MaxFileShredder’.
Publisher:
Max Secure Software  (signed by Max Secure Software India Pvt. Ltd.)

Product:
Max Spyware Detector

Description:
Max File Shredder System Tray

Version:
2, 0, 0, 10

MD5:
087b5a08904498593b038fcd872443aa

SHA-1:
91b4e23f659d3f1e5b6ce9b64a78539254ead9f2

SHA-256:
dd9dbc90efd37084d2308e4584a4c4cb44abfddb26905495440f8d422b39f36b

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/24/2024 4:41:51 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MaxSecure.Optional.Meta (L)
16.1.5.20

File size:
474.6 KB (486,032 bytes)

Product version:
19, 0, 1, 14

Copyright:
(c) Max Secure Software. All rights reserved.

Original file name:
MFSSystemTray.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\max file shredder\mfssystemtray.exe

Digital Signature
Signed by:
Max Secure Software India Pvt. Ltd.

Authority:
GlobalSign nv-sa

Valid from:
6/29/2010 8:23:42 PM

Valid to:
6/23/2012 6:27:42 AM

Subject:
E=tech@maxpcsecure.com, CN=Max Secure Software India Pvt. Ltd., O=Max Secure Software India Pvt. Ltd., L=pune, S=MH, C=IN

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012985618846

File PE Metadata
Compilation timestamp:
2/18/2011 5:59:21 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:jtQ5soRNpLWG91utQV8ugVh2idppVWx/EdiqarAScAiRdf/20rYhYDuTz7zCctN:IsYNpCgctQVjgz2qAxUpEAEBhnzXN

Entry address:
0x32B04

Entry point:
48, 83, EC, 28, E8, EB, 93, 00, 00, 48, 83, C4, 28, E9, 12, FE, FF, FF, CC, CC, 48, 83, EC, 38, 48, 83, 64, 24, 20, 00, E8, 85, 94, 00, 00, 48, 83, C4, 38, C3, 48, 8B, C1, 0F, B7, 10, 48, 83, C0, 02, 66, 85, D2, 75, F4, 48, 2B, C1, 48, D1, F8, 48, FF, C8, C3, CC, CC, CC, 48, 89, 5C, 24, 08, 57, 48, 83, EC, 30, 33, FF, 48, 3B, CF, 74, 0D, 48, 3B, D7, 76, 08, 4C, 3B, C7, 75, 30, 66, 89, 39, E8, DD, 03, 00, 00, BB, 16, 00, 00, 00, 45, 33, C9, 45, 33, C0, 33, D2, 33, C9, 48, 89, 7C, 24, 20, 89, 18, E8, AA, 27...
 
[+]

Code size:
287.5 KB (294,400 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
MaxFileShredder

Command:
C:\Program Files\max file shredder\mfssystemtray.exe


Remove MFSSystemTray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.