home

StartApps.exe

Boosting for Main Application

Xportsoft Technologies

The application StartApps.exe, “Starting up the applicaiton” by Xportsoft Technologies has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘PC Optimizer Pro’. This file is typically installed with the program PC Optimizer Pro by PC Optimizer Pro, Inc..
Publisher:
Tweaking Tools  (signed by Xportsoft Technologies)

Product:
Boosting for Main Application

Description:
Starting up the applicaiton

Version:
1.0.0.5

MD5:
03bf88dc806613a23dad10ee564772f2

SHA-1:
85f932dfafcd310c991c267f2b40557b9c0026e3

SHA-256:
ac43710eadafb8a591aaedd134f39050f2be74784cc1d38940eb180aa12b0075

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/15/2024 11:52:17 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.1.9.21

File size:
338.6 KB (346,752 bytes)

Product version:
1.0.0.5

Copyright:
(c) Tweaking Tools. All rights reserved.

Original file name:
StartApps.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\pc optimizer pro\startapps.exe

Digital Signature
Signed by:
Xportsoft Technologies

Authority:
The USERTRUST Network

Valid from:
10/11/2009 7:00:00 PM

Valid to:
10/12/2010 6:59:59 PM

Subject:
CN=Xportsoft Technologies, O=Xportsoft Technologies, STREET="Cabin No 12-13, Chhabra Building, Gulati Market, Mahesh Nagar", L=Ambala Cantt, S=Haryana, PostalCode=133001, C=IN

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00E77DDB005DF0938FC6896599648E42DC

File PE Metadata
Compilation timestamp:
7/29/2010 6:24:09 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:8gY/Io7UXCkgNroOnF9WVVsA6HW0bFbnLQzsgmB1QmY+MhApwW0U:8nkgNVaSA620bFbn8zsgxmY+Jw+

Entry address:
0x1DFA9

Entry point:
E8, F2, 4E, 00, 00, E9, 79, FE, FF, FF, 3B, 0D, B0, 07, 44, 00, 75, 02, F3, C3, E9, 74, 4F, 00, 00, 8B, FF, 55, 8B, EC, 51, 53, 56, 57, FF, 35, 88, 57, 44, 00, E8, 78, 49, 00, 00, FF, 35, 84, 57, 44, 00, 8B, F8, 89, 7D, FC, E8, 68, 49, 00, 00, 8B, F0, 59, 59, 3B, F7, 0F, 82, 83, 00, 00, 00, 8B, DE, 2B, DF, 8D, 43, 04, 83, F8, 04, 72, 77, 57, E8, 2E, 30, 00, 00, 8B, F8, 8D, 43, 04, 59, 3B, F8, 73, 48, B8, 00, 08, 00, 00, 3B, F8, 73, 02, 8B, C7, 03, C7, 3B, C7, 72, 0F, 50, FF, 75, FC, E8, A5, 50, 00, 00, 59...
 
[+]

Entropy:
6.2147

Code size:
195.5 KB (200,192 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
PC Optimizer Pro

Command:
"C:\Program Files\pc optimizer pro\startapps.exe" -s


The file StartApps.exe has been discovered within the following program.

PC Optimizer Pro  by PC Optimizer Pro, Inc.
This is a PC optimization program that is supposed to increase the speed of computer by removing invalid entries the computer's registry.
www.twekingtools.com/PC Optimizer Pro
53% remove it
 
Powered by Should I Remove It?

Remove StartApps.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.