» spoolerfixwizard.exe
Overview
Analysis
File Details
Programs (1)

spoolerfixwizard.exe

Printer Spooler Fix Wizard

Security Stronghold LLC

The application spoolerfixwizard.exe by Security Stronghold has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Printer Spooler Fix Wizard by Security Stronghold.

File name:

Publisher:

Security Stronghold (signed by Security Stronghold LLC)

Product:

Printer Spooler Fix Wizard

Version:

1.2.0.0

MD5:

d108990d4f9394e88bb3774acba20b11

SHA-1:

da0b970d43c64fa0e25a429dac6a8544902e2c83

SHA-256:

925f8fa658ccf17a9d69af0c9031a66678ce64f416a0d7d1e21ec9a31ac925ef

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/27/2024 6:32:31 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic.SecurityStronghold.Meta

15.7.16.21

File size:

1.7 MB (1,756,088 bytes)

Product version:

1.2.0.0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\printer spooler fix wizard\spoolerfixwizard.exe

Digital Signature

Signed by:

Security Stronghold LLC

Authority:

GlobalSign nv-sa

Valid from:

10/10/2011 12:49:57 PM

Valid to:

10/10/2012 12:49:57 PM

Subject:

E=manager@securitystronghold.com, CN=Security Stronghold LLC, O=Security Stronghold LLC, L=Astrakhan, S=Astrakhan region, C=RU

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

112178C42A18008AB27616B3F5140692C337

File PE Metadata

Compilation timestamp:

10/11/2011 1:51:27 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:+29P5F92WHNDrAZAb2f7QBmFjZxkKyOzXSlwcg5gewCtOY+ZWudIKxQXQzp:riTvyOrBc0lwCtOYaWuddxDd

Entry address:

0x12B6FC

Entry point:

55, 8B, EC, 83, C4, F0, 53, B8, 4C, 95, 52, 00, E8, 37, D3, ED, FF, 8B, 1D, 44, 2E, 53, 00, E8, 44, 3E, FE, FF, B8, 88, B7, 52, 00, E8, C6, EB, FE, FF, 8B, 03, E8, F3, 87, F5, FF, 8B, 03, BA, A4, B7, 52, 00, E8, 4B, 82, F5, FF, 8B, 0D, C0, 28, 53, 00, 8B, 03, 8B, 15, 9C, 26, 52, 00, E8, EC, 87, F5, FF, 8B, 0D, CC, 27, 53, 00, 8B, 03, 8B, 15, 28, 35, 50, 00, E8, D9, 87, F5, FF, 8B, 0D, 88, 32, 53, 00, 8B, 03, 8B, 15, 64, F8, 4D, 00, E8, C6, 87, F5, FF, 8B, 03, E8, 0F, 89, F5, FF, 5B, E8, D5, 9B, ED, FF, 00... 
[+]

Entropy:

6.5335

Developed / compiled with:

Microsoft Visual C++

Code size:

1.2 MB (1,222,144 bytes)

The file spoolerfixwizard.exe has been discovered within the following program.

Printer Spooler Fix Wizard by Security Stronghold

During installation, the Security Stronghold Removal Tool utility will provide various bundled applications including RegClean Pro registry cleaner. It will then download utilities from its server and scan the user's PC.

www.SecurityStronghold.com

59% remove it

Remove spoolerfixwizard.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.