360Amigo.exe

360Amigo System Speedup

360Amigo Oy

The application 360Amigo.exe by 360Amigo Oy has been detected as a potentially unwanted program by 6 anti-malware scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘360Amigo’. This file is typically installed with the program 360Amigo System Speedup PRO by 360Amigo.
Publisher:
360Amigo  (signed by 360Amigo Oy)

Product:
360Amigo System Speedup

Version:
1.2.1.8200

MD5:
1e7972554e81197ad02236a3c0058925

SHA-1:
5fe3a17d4389514e739ddf2b7665428c6ba44dbb

SHA-256:
fa7de79d84ab94d79c967223659d7589c70645180e3b3ead6cd2d79e06266bfb

Scanner detections:
6 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 5:59:20 AM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Worm.Win32.AutoRun
t3scan.2.2.29

Kaspersky
Worm.Win32.AutoRun
14.0.0.4420

McAfee
Artemis!1E7972554E81
5600.7278

Reason Heuristics
PUP.Optional.Startup.360AmigoOy.I
14.2.22.22

Trend Micro House Call
TROJ_GEN.F47V1210
7.2.23

Vba32 AntiVirus
Worm.AutoRun
3.12.24.3

File size:
4.9 MB (5,097,760 bytes)

Product version:
1.2.1

Copyright:
Copyright(c) 2013 by 360Amigo

Trademarks:
360Amigo

Original file name:
360Amigo.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\360amigo\360amigo.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
7/28/2012 8:00:00 PM

Valid to:
7/29/2013 7:59:59 PM

Subject:
CN=360Amigo Oy, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=360Amigo Oy, L=Helsinki, S=Helsinki, C=FI

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7369CB538B18E218534A606B0904BBA4

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:I/uApRfIrs/TqP6Sbjo1qxCthefEYmiXhEmDvnpl:Irt2UtwHmiXqmjpl

Entry address:
0x32553C

Entry point:
55, 8B, EC, 83, C4, F0, 53, 56, B8, 84, 4C, 72, 00, E8, 7E, 1E, CE, FF, 8B, 1D, 50, C7, 73, 00, B8, EC, 59, 72, 00, E8, D6, 3A, D8, FF, E8, 45, F5, FF, FF, E8, E4, F5, FF, FF, E8, AB, 33, D8, FF, 84, C0, 75, 34, BA, 08, 5A, 72, 00, B1, 01, B8, 30, 5A, 72, 00, E8, 86, B8, CE, FF, 84, C0, 74, 0E, A1, E8, CB, 73, 00, 8B, 00, E8, A2, 3A, D8, FF, EB, 11, A1, E8, CB, 73, 00, 8B, 00, E8, D4, 39, D8, FF, E8, 7F, F3, CD, FF, BA, 08, 5A, 72, 00, B1, 01, B8, 40, 5A, 72, 00, E8, 52, B8, CE, FF, 84, C0, 74, 3E, 8B, 03...
 
[+]

Entropy:
6.9826

Developed / compiled with:
Microsoft Visual C++

Code size:
3.1 MB (3,296,768 bytes)

Scheduled Task
Task name:
360Amigo

Trigger:
Logon (Runs on logon)

Action:
360amigo.exe -autorun


Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
360Amigo

Command:
"C:\Program Files\360amigo\360amigo.exe" -autorun


The file 360Amigo.exe has been discovered within the following program.

360Amigo System Speedup is a tool of Windows that works quickly in identifying the problem and fix it if there are some mistakes that result in slow system performance.
www.360amigo.com
56% remove it
 
Powered by Should I Remove It?

Remove 360Amigo.exe - Powered by Reason Core Security