» PCConfidential.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

PCConfidential.exe

PC Confidential

Capital Intellect Inc

The application PCConfidential.exe by Capital Intellect Inc has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program PC Confidential 2013 by Winferno.com.

File name:

PCConfidential.exe

Publisher:

Capital Intellect, Inc (signed by Capital Intellect Inc)

Product:

PC Confidential

Version:

2013.01.0048

MD5:

a0e23d72ea48281934c860b505aa7ef1

SHA-1:

8b57b1cd56413dd60f404d2b5cf2c2883e0705d5

SHA-256:

d179cc83403db77065505c71b3da17d877574365ff048168303135e9ff9264a9

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/24/2024 6:18:29 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic

16.7.20.12

File size:

57.3 MB (60,082,152 bytes)

Product version:

2013.01.0048

Trademarks:

Original file name:

PCConfidential.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\winferno\pc confidential\pcconfidential.exe

Digital Signature

Signed by:

Capital Intellect Inc

Authority:

VeriSign, Inc.

Valid from:

7/19/2011 7:00:00 PM

Valid to:

7/20/2014 6:59:59 PM

Subject:

CN=Capital Intellect Inc, OU=Winferno Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Capital Intellect Inc, L=Boston, S=Massachusetts, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

197FCA08FE62EEB9A434DA3987E23171

File PE Metadata

Compilation timestamp:

6/21/2012 9:12:12 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:2mkHGgfDCmsYOdWvnhfc2E5E1mjDfSHYXN2D7Er:2kWau4XkDwr

Entry address:

0x19048

Entry point:

68, 64, 9D, 41, 00, E8, EE, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 76, 63, 44, 9E, F1, 80, 47, 47, 8D, 83, F4, 34, 67, CD, 72, 86, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 48, 00, 06, 50, B2, 02, 50, 43, 43, 6F, 6E, 66, 69, 64, 65, 6E, 74, 69, 61, 6C, 00, 01, 00, 00, 00, 00, 38, 0D, 59, 01, C0, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 41, 00, 00, 00, E0, 35, 40, 1E, 8F, 16, E7, 49, 80, 36, 9C, 41, 73, 4B, CD, 3F, 01, 00, 00, 00, A0, 00, 00, 00... 
[+]

Entropy:

5.1781

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

1.5 MB (1,585,152 bytes)

Internet Explorer Extension

Name:

{53F6FCCD-9E22-4d71-86EA-6E43136192AB}

The file PCConfidential.exe has been discovered within the following program.

PC Confidential 2013 by Winferno.com

Publisher's description - “PC Confidential deep scans your PC to locate all traces of private data including website history, cache, cookies and more. Next PC Confidential compiles this data so that with one click you can thoroughly erase it all or select pieces to erase.”

www.Winferno.com

51% remove it

Remove PCConfidential.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.