Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

1.51.0.0 50.00%
1.5.0.0 50.00%

Relationships

Parent process
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegQueryValueExW, RegOpenKeyExW, RegCloseKey, RegSetValueExW, RegQueryValueExA, RegOpenKeyExA, RegFlushKey, RegEnumKeyExA, RegDeleteValueW, RegCreateKeyExW, OpenProcessToken, LookupPrivilegeNameA, LookupPrivilegeNameW, GetUserNameA, GetTokenInformation, CryptDestroyHash, CryptHashData, CryptCreateHash, CryptDecrypt, CryptEncrypt, CryptImportKey, CryptExportKey, CryptGenRandom, CryptGetHashParam, CryptDestroyKey, CryptDeriveKey, CryptReleaseContext, CryptAcquireContextW
comctl32.dll
ImageList_Destroy, ImageList_Add, ImageList_Create, InitializeFlatSB, FlatSB_SetScrollProp, FlatSB_SetScrollPos, FlatSB_SetScrollInfo, FlatSB_GetScrollPos, FlatSB_GetScrollInfo, _TrackMouseEvent, ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_GetIcon, ImageList_Remove, ImageList_DrawEx, ImageList_Replace, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_SetImageCount, ImageList_GetImageCount, InitCommonControls
comdlg32.dll
ChooseColorW, GetSaveFileNameW, GetOpenFileNameW
crypt32.dll
CertVerifyCertificateChainPolicy, CertFreeCertificateChain, CertGetCertificateChain, CertFreeCertificateContext
gdi32.dll
UnrealizeObject, TextOutA, StretchDIBits, StretchBlt, StartPage, StartDocW, SetWindowOrgEx, SetWinMetaFileBits, SetViewportOrgEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetPaletteEntries, SetMapMode, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SetAbortProc, SelectPalette, SelectObject, SelectClipRgn, SaveDC, RoundRect, RestoreDC, ResizePalette, Rectangle, RectVisible, RealizePalette, Polyline, Polygon, PlayEnhMetaFile, PatBlt, MoveToEx, MaskBlt, LineTo, LPtoDP, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetTextMetricsW, GetTextExtentPointW, GetTextExtentPoint32A, GetTextExtentPoint32W, GetSystemPaletteEntries, GetStockObject, GetRgnBox, GetPixel, GetPaletteEntries, GetObjectW, GetNearestPaletteIndex, GetMapMode, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileDescriptionW, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetCurrentObject, GetClipRgn, GetClipBox, GetBrushOrgEx, GetBitmapBits, GdiFlush, FrameRgn, ExtTextOutW, ExcludeClipRect, EnumFontFamiliesExW, EndPage, EndDoc, Ellipse, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreateRectRgnIndirect, CreateRectRgn, CreatePenIndirect, CreatePalette, CreateICW, CreateHalftonePalette, CreateFontIndirectA, CreateFontIndirectW, CreateFontA, CreateEnhMetaFileW, CreateDIBitmap, CreateDIBSection, CreateDCW, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileW, CombineRgn, CloseEnhMetaFile, BitBlt, TranslateCharsetInfo
kernel32.dll
GetACP, Sleep, VirtualFree, VirtualAlloc, GetSystemInfo, GetTickCount, QueryPerformanceCounter, GetVersion, GetCurrentThreadId, VirtualQuery, WideCharToMultiByte, SetCurrentDirectoryW, MultiByteToWideChar, lstrlenW, lstrcpynW, LoadLibraryExW, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleW, GetModuleFileNameW, GetLocaleInfoW, GetLastError, GetCurrentDirectoryW, GetCommandLineW, FreeLibrary, FindFirstFileW, FindClose, ExitProcess, ExitThread, CreateThread, CompareStringW, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileW, CloseHandle, TlsSetValue, TlsGetValue, LocalAlloc, DllMain, GetUserDefaultUILanguage
msimg32.dll
AlphaBlend
ole32.dll
IsEqualGUID, CLSIDFromString, CoTaskMemFree, StringFromCLSID, CoCreateGuid, CreateStreamOnHGlobal, IsAccelerator, OleDraw, OleSetMenuDescriptor, OleUninitialize, OleInitialize, CoTaskMemAlloc, ProgIDFromCLSID, CoCreateInstance, CoGetClassObject, CoUninitialize, CoInitialize
oleacc.dll
LresultFromObject
oleaut32.dll
SysFreeString, SysReAllocStringLen, SysAllocStringLen, CreateErrorInfo, GetErrorInfo, SetErrorInfo, GetActiveObject, VariantInit, SafeArrayPtrOfIndex, SafeArrayPutElement, SafeArrayGetElement, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantChangeType, VariantCopyInd, VariantCopy, VariantClear
secur32.dll
DecryptMessage, EncryptMessage, FreeContextBuffer, QueryContextAttributesA, DeleteSecurityContext, InitializeSecurityContextA, FreeCredentialsHandle, AcquireCredentialsHandleA
shell32.dll
Shell_NotifyIconW, ShellExecuteA, ShellExecuteW, SHGetSpecialFolderPathW
user32.dll
GetKeyboardType, LoadStringW, MessageBoxA, CharNextW, DllMain
version.dll
VerQueryValueA, VerQueryValueW, GetFileVersionInfoSizeA, GetFileVersionInfoSizeW, GetFileVersionInfoA, GetFileVersionInfoW
wininet.dll
HttpSendRequestExW, InternetAttemptConnect, HttpEndRequestW, InternetWriteFile, InternetSetOptionW, InternetReadFile, InternetQueryOptionW, InternetQueryDataAvailable, InternetOpenW, InternetErrorDlg, InternetCrackUrlW, InternetConnectW, InternetCloseHandle, HttpSendRequestW, HttpQueryInfoW, HttpOpenRequestW, HttpAddRequestHeadersW
winmm.dll
timeGetTime, sndPlaySoundW, mciSendCommandW, mciGetErrorStringW
winspool.drv
OpenPrinterW, EnumPrintersW, DocumentPropertiesW, ClosePrinter
wsock32.dll
WSACleanup, WSAStartup, WSAGetLastError, gethostname, gethostbyname, socket, send, select, recv, htons, connect, closesocket
Export table
EurekaLog_AttachedFilesRequestEvent
EurekaLog_CallCreateThread
EurekaLog_CallExceptObject
EurekaLog_CallExitThread
EurekaLog_CallGeneralRaise
EurekaLog_CallResumeThread
EurekaLog_CustomButtonClickEvent
EurekaLog_CustomDataRequestEventEx
EurekaLog_CustomWebFieldsRequestEvent
EurekaLog_ExceptionActionNotifyEvent
EurekaLog_ExceptionErrorNotifyEvent
EurekaLog_ExceptionNotifyEvent
EurekaLog_HandledExceptionNotifyEvent
EurekaLog_LastDelphiException
EurekaLog_PasswordRequestEvent
EurekaLog_PasswordRequestEventEx
ExceptionManager

ccffacebook.exe

By Plura Processing L.P. (Signed)

Remove ccffacebook.exe
Version:   1.5.0.0
MD5:   84ff215e5e2b59cd70b6f1b5b8b7a0b7
SHA1:   1b3179e903712fc22c8f5a2858c544ba0555a450
SHA256:   7c62923e9816ff9e32685363007380287d2a2d5194fe3728e16ef6805b59a2e1

Overview

ccffacebook.exe executes as a process with the local user's privileges usually within the context of Windows Explorer. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). The file is digitally signed by Plura Processing L.P. which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:ccffacebook.exe
Publisher:Athena IT Limited
Description:Chit Chat for Facebook
Typical file path:C:\Program Files\chit chat for facebook\ccffacebook.exe
File version:1.5.0.0
Product version:1.4.3.5
Size:3.71 MB (3,891,200 bytes)
Certificate
Issued to:Plura Processing L.P.
Authority (CA):VeriSign
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'Chit Chat for Facebook' → C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe
Network connections
  • [TCP] jabber-02-01-ash3.facebook.com (69.171.241.10:5222)
  • [UDP] listens on port 52571

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.01861825%
    0.028634%
    Kernel CPU:0.01055111%
    0.013761%
    User CPU:0.00806713%
    0.014873%
    Kernel CPU time:7,925 ms/min
    100,923,805ms/min
    Memory
    Private memory:32.33 MB
    21.59 MB
    Private (maximum):46.8 MB
    Private (minimum):39.1 MB
    Non-paged memory:32.33 MB
    21.59 MB
    Virtual memory:167.31 MB
    140.96 MB
    Virtual memory (peak):180.34 MB
    169.69 MB
    Working set:38.91 MB
    18.61 MB
    Working set (peak):49.32 MB
    37.95 MB
    Resource allocations
    Threads:10
    12
    Handles:515
    600
    GUI GDI count:560
    103
    GUI GDI peak:564
    142
    GUI USER count:221
    49
    GUI USER peak:224
    71

    BehaviorsProcess properties

    Integrety level:Medium
    Platform:32-bit
    Command line:"C:\Program Files\chit chat for facebook\ccffacebook.exe"
    Owner:User
    Parent process:explorer.exe (Windows Explorer by Microsoft Corporation)

    ResourcesThreads

    Averages
     
    CCFFacebook.exe (main module)
    Total CPU:0.06984549%
    0.272967%
    Kernel CPU:0.04545700%
    0.107585%
    User CPU:0.02438849%
    0.165382%
    CPU cycles:31,347,086/sec
    5,741,424/sec
    Context switches:462/sec
    79/sec
    Memory:3.96 MB
    1.16 MB
    ntdll.dll
    Total CPU:0.00018052%
    Kernel CPU:0.00018052%
    User CPU:0.00000000%
    CPU cycles:2,654/sec
    Memory:1.23 MB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Ultimate 100.00%

    Distribution by countryDistribution by country

    United Kingdom installs about 50.00% of ccffacebook.exe.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Dell 100.00%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE