home

dfx11setup.exe

DFX

Power Technology

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is installed with DFX. The file has been seen being downloaded from s5883.chomikuj.pl and multiple other hosts.
Publisher:
Power Technology  (signed and verified)

Product:
DFX

Version:
11.109.0.0

MD5:
d043b41f9b110e4c85d0575dea15d90b

SHA-1:
5752fb65b6c11007b0f8a4f834e29e4f3e3e29fc

SHA-256:
416ca08e7fae077241ab05a989b95941ad3131029da1cdcc4e6cc5c97f6170d1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 7:06:19 PM UTC  (today)

File size:
5.9 MB (6,143,984 bytes)

Copyright:
© Power Technology

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\dfx11setup.exe

Digital Signature
Signed by:
Power Technology

Authority:
VeriSign, Inc.

Valid from:
4/27/2012 3:00:00 AM

Valid to:
5/11/2013 2:59:59 AM

Subject:
CN=Power Technology, OU=www.fxsound.com, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Power Technology, L=Brisbane, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2E8573FEC17028570C352D7AE5247517

File PE Metadata
Compilation timestamp:
2/24/2012 9:19:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:jBcwxdPcN1s2LUrwUYq1wkJe3aqwfb75nosI99Z1Sp2Guf:2oPc4KUf/wkJya/z7RE/q2Xf

Entry address:
0x39E3

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
28 KB (28,672 bytes)

The file dfx11setup.exe has been discovered within the following program.

DFX  by Power Technology
Publisher's description - “DFX Audio Enhancer brings better sound to all of your music, videos, Internet radio, games, video chats, and other programs. New DFX 11 now enhances all PC audio playback, providing system-wide HD quality sound for all your entertainment.”
www.fxsound.com
24% remove it
 
Powered by Should I Remove It?

The file dfx11setup.exe has been seen being distributed by the following 2 URLs.

http://s5883.chomikuj.pl/File.aspx?e=J8_k35OhRlOI8KqirxuPN0TK2ORxPWE8J9T61MNnMYGo2a1oLSJfukuXXulFIQ7_HuLLOaFYVfihueNzc-6-gs13utJ94CvNWMDC2183zbP8kTh7z1IxZ1Jv1fq8VrJ6TnAprTXJBxXdgwB9T_HUhvViSseAMD-pboCFGQLJqQs&pv=2

http://downloads.fxsound.com/0990769bd233255d308a2f2137e95214/dfx/dfx11/.../dfx11Setup.exe

Scan dfx11setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.