JHSoft_PC_BoosterAuto.exe

PC Booster

JH Software Private Limited

The application JHSoft_PC_BoosterAuto.exe by JH Software Private Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘pcboost’. This file is typically installed with the program PCEnergizer by JH Software Private Limited.
Publisher:
Software  (signed by JH Software Private Limited)

Product:
PC Booster

Version:
1.1.0.0

MD5:
8b2a12e35ec05ff132c2e66d00194bb9

SHA-1:
b848f6e5d5fb791542a35c6907e65150f752977b

SHA-256:
4cc46f4504f10bdd139f63cad1f5020cc4265713d983b1e7ac4ea4a4fd3dae29

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 12:22:59 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.1.22.3

File size:
2.6 MB (2,770,696 bytes)

Product version:
1.1.0.0

Copyright:
Copyright © December 2014

Trademarks:
Software Pvt. Ltd

Original file name:
JHSoft_PC_BoosterAuto.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\portable booster\jhsoft_pc_boosterauto.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
7/27/2014 5:00:00 PM

Valid to:
7/19/2015 4:59:59 PM

Subject:
CN=JH Software Private Limited, OU=IT, O=JH Software Private Limited, L=New Delhi, S=Delhi, C=IN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1EB0D774DCDE92063F522689F4040A38

File PE Metadata
Compilation timestamp:
11/11/2014 2:11:56 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x27D3CE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, A0, 00, 00, 80, 10, 00, 00, 00, B8, 00, 00, 80, 18, 00, 00, 00, D0, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 0C, 00, 02, 00, 00, 00, E8, 00, 00, 80, 03, 00, 00, 00, 00, 01...
 
[+]

Entropy:
7.6591

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
2.5 MB (2,601,984 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
pcboost

Command:
C:\Program Files\portable booster\jhsoft_pc_boosterauto.exe


The file JHSoft_PC_BoosterAuto.exe has been discovered within the following program.

PCEnergizer  by JH Software Private Limited
jhsoftware.in
48% remove it
 
Powered by Should I Remove It?

Remove JHSoft_PC_BoosterAuto.exe - Powered by Reason Core Security