home

SfpcUacHelper.exe

CSUACSelfElevation

1NSTALL (383 MEDIA, INC.)

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The application SfpcUacHelper.exe by 1NSTALL (383 MEDIA, INC.) has been detected as a potentially unwanted program by 2 anti-malware scanners.
Publisher:
Microsoft Corporation  (signed by 1NSTALL (383 MEDIA, INC.))

Product:
CSUACSelfElevation

Version:
1.0.0.0

MD5:
83918ae00105fca0afdc1d88e813554a

SHA-1:
74e7b7cc9a4911fb9f91dfa4594a695f5d3c379f

SHA-256:
8480363a63bee2e7606e05fba3df0d3e3436274719abf787b3515f397d6ad4f7

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 3:22:18 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
riskware program Program.Unwanted.90
9.0.1.039

Reason Heuristics
PUP.Optional.1NSTALL383MEDIA
16.2.8.11

File size:
71.6 KB (73,336 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Microsoft 2009

Original file name:
SfpcUacHelper.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\system optimizer pro\sfpcuachelper.exe

Digital Signature
Signed by:
1NSTALL (383 MEDIA, INC.)

Authority:
Symantec Corporation

Valid from:
7/30/2013 7:00:00 PM

Valid to:
5/24/2015 6:59:59 PM

Subject:
CN="1NSTALL (383 MEDIA, INC.)", O="1NSTALL (383 MEDIA, INC.)", L=Pleasanton, S=California, C=US, SERIALNUMBER=C3341789, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=California, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
059C2A47830CA2BB198B8CCF1DFBBA93

File PE Metadata
Compilation timestamp:
4/1/2014 3:55:32 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:J8dG8hxvP96uW0ldJ5Ybepj6qSnJORoJAiKYWPNjjcw/FVewxW8fyC/CzYcCewE3:GdGWKidJ5Yyc8XVewjFqzYcCeio65

Entry address:
0x966E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.9040

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
30 KB (30,720 bytes)

Remove SfpcUacHelper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.