mfpchelper.exe

My Faster PC Helper App

Consumer Software International

The application mfpchelper.exe by Consumer Software International has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘My Faster PC’.
Publisher:
ConsumerSoft  (signed by Consumer Software International)

Product:
My Faster PC Helper App

Version:
1.2.3.1

MD5:
026101336bddfbfa4976655322e8d0d9

SHA-1:
14da47bd314b4ddf205f1a466420c21045d8a3f0

SHA-256:
3cd9a25d56bb444c9438d759f1eabde8f8feceec50f6e6b594066c5bc823ae36

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 5:10:36 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.5.23.5

File size:
1.2 MB (1,256,312 bytes)

Product version:
1.2

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\consumersoft\my faster pc\mfpchelper.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
5/27/2010 5:30:00 AM

Valid to:
7/17/2012 5:29:59 AM

Subject:
CN=Consumer Software International, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Consumer Software International, L=New York, S=NewYork, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5AC1FF3159B2CD73557715E37E36B63A

File PE Metadata
Compilation timestamp:
3/29/2012 1:24:17 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:Y1ilmUS1Z87Oiffci4yKw0ltXprPqnTye5Jp4xdoUm+l4:2ZxjaYk0ltZ2Tye5Jp4xdo6l4

Entry address:
0xC2B04

Entry point:
55, 8B, EC, B9, 0A, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, B8, 3C, 18, 4C, 00, E8, 3D, 65, F4, FF, 33, C0, 55, 68, 4E, 33, 4C, 00, 64, FF, 30, 64, 89, 20, E8, 4A, A0, FB, FF, A2, A0, 17, 4D, 00, E8, D8, A0, FB, FF, A2, A1, 17, 4D, 00, C6, 05, BC, 17, 4D, 00, 00, A1, 14, B0, 4C, 00, 8B, 00, E8, C4, 58, F9, FF, A1, 14, B0, 4C, 00, 8B, 00, B2, 01, E8, 2A, 74, F9, FF, A1, 14, B0, 4C, 00, 8B, 00, BA, 68, 33, 4C, 00, E8, 21, 53, F9, FF, C6, 05, AC, 17, 4D, 00, 00, 8D, 55, D4, A1, 14, B0, 4C, 00, 8B, 00...
 
[+]

Entropy:
6.7917

Developed / compiled with:
Microsoft Visual C++

Code size:
777 KB (795,648 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
My Faster PC

Command:
C:\Program Files\consumersoft\my faster pc\mfpchelper.exe


Remove mfpchelper.exe - Powered by Reason Core Security