home

cfosspeed.exe

cFosSpeed Window

cFos Software GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ROG GameFirst II’.
Publisher:
cFos Software GmbH  (signed and verified)

Product:
cFosSpeed Window

Version:
7.01.1943

MD5:
1b1367d9e03a0702257d5cf9b5e0d778

SHA-1:
ae1143716568f9403b07dc54ba3cd5c4f8056710

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 10:47:56 PM UTC  (today)

File size:
1.2 MB (1,297,792 bytes)

Product version:
7.01.1943

Copyright:
Copyright © Lueders/Winkler 2003-2012

Original file name:
cfosspeed.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\asus\rog gamefirst ii\cfosspeed.exe

Digital Signature
Signed by:
cFos Software GmbH

Authority:
GlobalSign nv-sa

Valid from:
11/12/2010 1:19:35 AM

Valid to:
11/12/2013 1:19:33 AM

Subject:
CN=cFos Software GmbH, O=cFos Software GmbH, L=Bonn, S=Nordrhein-Westfalen, C=DE

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012C3C06CFDE

File PE Metadata
Compilation timestamp:
4/27/2012 9:34:14 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:8RJ4/Lt/a6ZD/d1rOPPbZHBXXi8DezmKu5MCsDWjH3ZFYL1QEm5U:N35/EBBXIo5cWjHYLeEm5U

Entry address:
0x97420

Entry point:
E8, 52, 90, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 57, 85, F6, 74, 07, 8B, 7D, 0C, 85, FF, 75, 15, E8, 28, 24, 00, 00, 6A, 16, 5E, 89, 30, E8, FF, 44, 00, 00, 8B, C6, 5F, 5E, 5D, C3, 8B, 45, 10, 85, C0, 75, 05, 66, 89, 06, EB, DF, 8B, D6, 2B, D0, 0F, B7, 08, 66, 89, 0C, 02, 83, C0, 02, 66, 85, C9, 74, 03, 4F, 75, EE, 33, C0, 85, FF, 75, D4, 66, 89, 06, E8, E8, 23, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, BC, 8B, FF, 55, 8B, EC, 8B, 55, 08, 53, 8B, 5D, 14, 56, 57, 85, DB, 75, 10, 85...
 
[+]

Entropy:
6.6142

Code size:
766.5 KB (784,896 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ROG GameFirst II

Command:
C:\Program Files\asus\rog gamefirst ii\cfosspeed.exe


Scan cfosspeed.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.