home

SfpcUacHelper.exe

CSUACSelfElevation

1NSTALL (383 MEDIA, INC.)

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The application SfpcUacHelper.exe by 1NSTALL (383 MEDIA, INC.) has been detected as a potentially unwanted program by 2 anti-malware scanners.
Publisher:
Microsoft Corporation  (signed by 1NSTALL (383 MEDIA, INC.))

Product:
CSUACSelfElevation

Version:
1.0.0.0

MD5:
a02fd162cc573df7d76f126765a2eb5b

SHA-1:
c89d1474294b8574242d9af07af8dffc0683f3fd

SHA-256:
0b98b7efe1bb21aea8c557c92e9898efa3e449fd4484dddf387c7e3272d4de01

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 9:27:42 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
riskware program Program.Unwanted.90
9.0.1.025

Reason Heuristics
PUP.Optional.1NSTALL383MEDIA
16.1.25.8

File size:
72.1 KB (73,848 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Microsoft 2009

Original file name:
SfpcUacHelper.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\system optimizer pro\sfpcuachelper.exe

Digital Signature
Signed by:
1NSTALL (383 MEDIA, INC.)

Authority:
Symantec Corporation

Valid from:
7/30/2013 7:00:00 PM

Valid to:
5/24/2015 6:59:59 PM

Subject:
CN="1NSTALL (383 MEDIA, INC.)", O="1NSTALL (383 MEDIA, INC.)", L=Pleasanton, S=California, C=US, SERIALNUMBER=C3341789, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=California, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
059C2A47830CA2BB198B8CCF1DFBBA93

File PE Metadata
Compilation timestamp:
7/8/2014 5:39:10 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:9dS2P+GiJjYHwCvXIkwxFqzYcCeSo655D:hZOYBfIZam5

Entry address:
0x981E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.9035

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
30.5 KB (31,232 bytes)

Remove SfpcUacHelper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.