home

PCConfidential.exe

PC Confidential

Capital Intellect Inc

The application PCConfidential.exe by Capital Intellect Inc has been detected as a potentially unwanted program by 4 anti-malware scanners.
Publisher:
Capital Intellect, Inc  (signed by Capital Intellect Inc)

Product:
PC Confidential

Version:
2015.01.0011

MD5:
8b71e5d089287d011d64b4dd6e2661c9

SHA-1:
b08816b73cd8dff45f0b6cd26fb34540bf6d64a8

SHA-256:
5e38cd11689d8cdee52c0c3eb7f417c609b91ec70bb0303a889494ffe9fb436d

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 8:46:41 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAdware
1.3.0.6379

ESET NOD32
Win32/XrayMyPC potentially unwanted (variant)
9.11574

Reason Heuristics
Win32.Generic.CapitalIntellect.Meta
15.11.10.12

Trend Micro House Call
Suspicious_GEN.F47V0310
7.2.314

File size:
14.9 MB (15,632,096 bytes)

Product version:
2015.01.0011

Copyright:
Copyright (c) 2000-2012 Capital Intellect Inc

Trademarks:
All Rights Reserved. Capital Intellect Inc

Original file name:
PCConfidential.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\winferno\suite\pcconfidential\pcconfidential.exe

Digital Signature
Signed by:
Capital Intellect Inc

Authority:
VeriSign, Inc.

Valid from:
6/17/2014 5:00:00 PM

Valid to:
8/16/2017 4:59:59 PM

Subject:
CN=Capital Intellect Inc, O=Capital Intellect Inc, L=Boston, S=Massachusetts, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
40B558C33945329695046A917D13C40A

File PE Metadata
Compilation timestamp:
7/21/2014 7:22:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:4Wjwg11s0pAjHN1MOmuhpZNyHpglltdynFAq:3OLOFv

Entry address:
0x19260

Entry point:
68, 84, 9F, 41, 00, E8, EE, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, EA, 28, 5C, 6D, 25, AE, BA, 4D, BF, 3F, 0B, FF, EF, 42, F6, 76, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 43, 43, 6F, 6E, 66, 69, 64, 65, 6E, 74, 69, 61, 6C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C0, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 41, 00, 00, 00, D4, 41, CE, 0E, 08, 5A, 39, 4F, BD, A6, AA, 99, 3C, F5, 21, 89, 01, 00, 00, 00, A0, 00, 00, 00...
 
[+]

Entropy:
5.4038

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
1.5 MB (1,601,536 bytes)

Internet Explorer Extension
Name:
{53F6FCCD-9E22-4d71-86EA-6E43136192AB}


Remove PCConfidential.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.