» unt6fcf.exe
Overview
Analysis
File Details

unt6fcf.exe

Install-Tech

The application unt6fcf.exe by Install-Tech has been detected as adware by 30 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup. It is also typically executed from the user's temporary directory.

File name:

unt6fcf.exe

Publisher:

Install-Tech (signed and verified)

MD5:

fd4611777d4f53b9de15cecb683de98b

SHA-1:

33e5c931d23194294cfbd35cfd69de7d812159e0

SHA-256:

5ee496636c74e160631484e543a6c42d188f8dbeeca6f6b6c748317cd19dbc93

Scanner detections:

30 / 68

Status:

Adware

Explanation:

This service will prevent resources from modifying the web browser's home and search pages as well as the search provider set by the product, an affiliate search engine partner.

Analysis date:

4/26/2024 6:52:00 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Bprotector.I

987

Agnitum Outpost

Trojan.Badur

7.1.1

AhnLab V3 Security

Trojan/Win32.Downloader

2014.05.15

Avira AntiVirus

Adware/BProtector.I.1

7.11.149.178

AVG

Downloader.Agent2

2015.0.3465

Baidu Antivirus

Trojan.Win32.Generic

4.0.3.14524

Bitdefender

Adware.Bprotector.I

1.0.20.720

Comodo Security

TrojWare.Win32.TrojanDownloader.Agent.AOB

18274

Dr.Web

Trojan.Siggen4.41297

9.0.1.0144

Emsisoft Anti-Malware

Adware.Bprotector

8.14.05.24.11

ESET NOD32

Win32/TrojanDownloader.Agent.AOB

8.9801

Fortinet FortiGate

W32/Genome.ALF!tr.dldr

5/24/2014

F-Secure

Adware.Bprotector.I

11.2014-24-05_7

G Data

Adware.Bprotector

14.5.24

IKARUS anti.virus

AdWare.Bprotector

t3scan.1.6.1.0

K7 AntiVirus

Trojan-Downloader

13.177.12080

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3818

Malwarebytes

Trojan.Downloader

v2014.05.24.11

McAfee

Artemis!FD4611777D4F

5600.7121

MicroWorld eScan

Adware.Bprotector.I

15.0.0.432

NANO AntiVirus

Trojan.Win32.Genome.cxhrhg

0.28.0.59826

Norman

Genome.CERT

11.20140524

Panda Antivirus

Generic Malware

14.05.24.11

Qihoo 360 Security

Win32/Virus.Adware.117

1.0.0.1015

Reason Heuristics

PUP.InstallTech.H

14.5.24.11

Sophos

Mal/Generic-S

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Badur

10586

Trend Micro House Call

TROJ_GEN.R0C1B01ED14

7.2.144

Vba32 AntiVirus

TrojanDownloader.Genome

3.12.26.0

VIPRE Antivirus

Trojan.Win32.Generic

29218

File size:

305.1 KB (312,392 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\unt6fcf.exe

Digital Signature

Signed by:

Install-Tech

Authority:

Install-Tech CA

Valid from:

4/28/2014 9:02:20 AM

Valid to:

12/31/2039 3:59:59 PM

Subject:

CN=Install-Tech

Issuer:

CN=Install-Tech CA

Serial number:

D5C9E948FB65E39646E0D90E4FE17BF6

File PE Metadata

Compilation timestamp:

5/12/2014 12:23:47 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:qUAkCAVTvDi+O2mwbEueavSHp+M/+g6IEAU4fb4Kjj+AdGR+3egHP4IDji+:qUA7AlvowEueySHm4fbb++ueP4IDji+

Entry address:

0x1CB88

Entry point:

E8, 0E, 80, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, 9C, 15, 44, 00, 75, 02, F3, C3, E9, B9, 81, 00, 00, 55, 8B, EC, 8B, 45, 0C, 83, EC, 20, 56, 57, 6A, 08, 59, BE, AC, 67, 43, 00, 8D, 7D, E0, F3, A5, 8B, 4D, 08, 5F, 5E, 85, C0, 74, 0D, F6, 00, 10, 74, 08, 8B, 01, 8B, 40, FC, 8B, 40, 18, 89, 4D, F8, 89, 45, FC, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, C4, 50, 43, 00, C9, C2, 08, 00, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F... 
[+]

Entropy:

5.9297

Code size:

205.5 KB (210,432 bytes)

Remove unt6fcf.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.