home

RegCureProSetup_RW.exe

Paretologic Inc.

The application RegCureProSetup_RW.exe, “RegCure Pro Installer” by Paretologic has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This file is typically installed with the program RegCure Pro by ParetoLogic, Inc.. The file has been seen being downloaded from file-help.net and multiple other hosts.
Publisher:
ParetoLogic, Inc.  (signed by Paretologic Inc.)

Description:
RegCure Pro Installer

Version:
3.1.6.0

MD5:
ceebc61f1d1b5889161f39e91f879240

SHA-1:
78fe731e4b644985b59dfaf48966f78f92c7caef

SHA-256:
e5187f3820097ee325e4b621555206adde0a4b3e34845eaa2ba79c9e30c32a61

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 2:44:46 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Trojan.Win32.FakeAV
4.0.3.14414

Reason Heuristics
PUP.ParetoLogic.Optional.Installer.Meta (L)
16.2.11.23

File size:
5.5 MB (5,799,944 bytes)

Copyright:
Copyright © 2013 ParetoLogic, Inc.

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\regcureprosetup_rw.exe

Digital Signature
Signed by:
Paretologic Inc.

Authority:
GlobalSign nv-sa

Valid from:
2/25/2013 4:53:32 PM

Valid to:
2/26/2015 4:53:32 PM

Subject:
CN=Paretologic Inc., OU=Paretologic Inc., O=Paretologic Inc., L=Victoria, S=British Columbia, C=CA

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121F9945D68B6DFDD557292B63C5A3015E1

File PE Metadata
Compilation timestamp:
2/24/2012 2:19:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:Jkau+yIwiqvd6MstiTGog38V75xMjMd4dIPGb3/neQ3f1DRdZY0qjtwhQZ61Bjgn:CtMMsh38JIjzdIPGbPP9D3pq6qZ61Bcn

Entry address:
0x39E3

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00...
 
[+]

Code size:
28 KB (28,672 bytes)

The file RegCureProSetup_RW.exe has been discovered within the following program.

RegCure Pro  by ParetoLogic, Inc.
Publisher's description - “RegCure Pro is packed with the tools you need to boost your PC's speed and performance. Featuring an intuitive interface and easy-to-use work flow, RegCure Pro scans common problem areas - and quickly and safely fixes them.”
www.paretologic.com/products/regcurepro
53% remove it
 
Powered by Should I Remove It?

The file RegCureProSetup_RW.exe has been seen being distributed by the following 42 URLs.

http://file-help.net/n/recommends/.../m.php

http://removal-tool.net/recommends/.../m.php

http://repairtool.net/recommends/.../m.php

http://error-tool.com/.../index.php

http://ie-errors.com/download/.../

http://ssbsks.paretologic.safecart.com/.../download

http://ssbsks.paretologic.revenuewire.net/.../download

http://ie-errors.com/download/.../index.php

http://www.file-docs.com/download_RegCure.php

http://www.exe-error-advisor.com/repairtool.php

http://weblink.paretologic.revenuewire.net/.../download

http://weblink.paretologic.safecart.com/.../download

http://signup09.paretologic.revenuewire.net/.../download?fixerrorsfree

http://signup09.paretologic.safecart.com/.../download?fixerrorsfree

http://www.paretologic.com/download/.../index.php

http://www.paretologic.com/download/regcurepro/.../download.php

http://error-tool.com/recommends/.../m.php

http://url2.paretologic.revenuewire.net/.../download

http://url2.paretologic.safecart.com/.../download

http://www.paretologic.com/download/regcurepro/.../index.php

http://repairtool.net/b/recommends/.../m.php

http://windowstechies.com/go/.../

http://tracking.windowstechies.com/public/click.php?tid=&tag=&page=http://windowstechies.com/.../download-started&offer=5&meta=false&append=true&extra=&cookie=false

http://bcmarket.paretologic.revenuewire.net/.../download?BC0-MA8E-7FF7

http://bcmarket.paretologic.safecart.com/.../download?BC0-MA8E-7FF7

http://www.openfilesnow.com/.../download_RegCure.php

http://fixfile.paretologic.revenuewire.net/.../download

http://fixfile.paretologic.safecart.com/.../download

http://errorsfixer.com/.../download_RegCure.php

http://speedyfix.paretologic.revenuewire.net/.../download

Latest 30 of 42 download URLs

Remove RegCureProSetup_RW.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.