FixCleaner.EXE

FixCleaner Application

Slimware Utilities, Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘FixCleaner’. This file is installed with multiple programs including FixCleaner.
Publisher:
Slimware Utilities, Inc.  (signed and verified)

Product:
FixCleaner Application

Description:
FixCleaner

Version:
2.0.5013.879

MD5:
3ee17df5309731d7c8bb973c050f5286

SHA-1:
473b33f3f7681d199ed062db3c83109d02855f62

SHA-256:
dd55d2822317593d1720bfa0b46d8cb0f7859f43982650c5f7166946fa7c7dc3

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/23/2024 6:49:46 AM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.Task.SlimwareUtilities.K
188163

File size:
47.6 MB (49,875,264 bytes)

Product version:
2.0.0.0

Copyright:
Copyright ©2011 Slimware Utilities, Inc.. All rights reserved.

Original file name:
FixCleaner.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\fixcleaner\fixcleaner.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
1/4/2013 12:00:00 AM

Valid to:
1/4/2015 11:59:59 PM

Subject:
CN="Slimware Utilities, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Slimware Utilities, Inc.", L=Ocean Springs, S=Mississippi, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
396592A759309A28F5D983A5A376DA47

File PE Metadata
Compilation timestamp:
9/11/2013 8:40:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
196608:ZbV+GEO5TsfP1elqlpyt4iup951hWwVlMhOc+c:JVfyBY4iup/19wOch

Entry address:
0x1D9467

Entry point:
E8, 43, AF, 00, 00, E9, 17, FE, FF, FF, 51, 53, 55, 56, 57, FF, 35, 48, D7, 6D, 00, E8, 03, A9, 00, 00, FF, 35, 44, D7, 6D, 00, 8B, F0, 89, 74, 24, 18, E8, F2, A8, 00, 00, 8B, F8, 3B, FE, 59, 59, 0F, 82, 84, 00, 00, 00, 8B, DF, 2B, DE, 8D, 6B, 04, 83, FD, 04, 72, 78, 56, E8, F1, 98, 00, 00, 8B, F0, 3B, F5, 59, 73, 4A, B8, 00, 08, 00, 00, 3B, F0, 73, 02, 8B, C6, 03, C6, 3B, C6, 72, 10, 50, FF, 74, 24, 14, E8, F9, AF, 00, 00, 85, C0, 59, 59, 75, 17, 8D, 46, 10, 3B, C6, 72, 43, 50, FF, 74, 24, 14, E8, E2, AF...
 
[+]

Code size:
2.3 MB (2,367,488 bytes)

2 Scheduled Tasks
Task name:
FixCleaner Startup

Trigger:
Logon (Runs on logon)

Task name:
FixCleaner Scan

Trigger:
Daily (Runs daily at 12:00)

Action:
fixcleaner.exe scheduled

Description:
Runs FixCleaner to check for driver and software updates.


Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
FixCleaner

Command:
C:\Program Files\fixcleaner\fixcleaner.exe -boot


The file FixCleaner.EXE has been discovered within the following programs.

FixCleaner  by SlimWare Utilities, Inc.
Publisher's description - “FixCleaner seamlessly integrates the multiple tools you need to make a computer run faster, run more reliably, and eliminate errors. It harnesses the power of over a dozen optimization utilities, all combined into a single, push-button interface.”
fixcleaner.com
39% remove it
Macromedia Shockwave Player  by Macromedia, Inc.
Publisher's description - “Shockwave Player is the web standard for powerful multimedia playback. The Shockwave Player allows you to view interactive web content like games, business presentations, entertainment, and advertisements from your web browser.”
helpx.adobe.com/shockwave.html
About 4% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to ec2-107-21-109-222.compute-1.amazonaws.com  (107.21.109.222:80)

Scan FixCleaner.EXE - Powered by Reason Core Security