home

PCRegistryShield.exe

PCRegistryShield

ShieldApps

The application PCRegistryShield.exe, “PC Registry Shield” by ShieldApps has been detected as a potentially unwanted program by 2 anti-malware scanners.
Publisher:
ShieldApps  (signed and verified)

Product:
PCRegistryShield

Description:
PC Registry Shield

Version:
2.4.4.0

MD5:
fa71e6dacf7add8cfafdf225cb224bf1

SHA-1:
26b90403751292798bd431f8a1df6aa241ffc1a2

SHA-256:
48558f95e4d07a98d9f13362f1b3acb8c088f43f287fe6b6526629c9d2fe8b37

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 6:32:26 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Rebrand.LittleRegClean (variant)
10.9350

Reason Heuristics
Win32.Generic
16.1.20.15

File size:
4.4 MB (4,608,984 bytes)

Product version:
2.4.4.0

Copyright:
Copyright © 2013

Original file name:
PCRegistryShield.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\shieldapps\pc registry shield 2.4.4\install\624faaa\pcregistryshield.exe

Digital Signature
Signed by:
ShieldApps

Authority:
COMODO CA Limited

Valid from:
5/17/2013 2:00:00 AM

Valid to:
5/18/2014 1:59:59 AM

Subject:
CN=ShieldApps, O=ShieldApps, STREET="5042 WILSHIRE BLVD #18607", L=Los Angeles, S=California, PostalCode=90036, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
632B7D136E516FB1DB7B7D0D2831E18B

File PE Metadata
Compilation timestamp:
1/13/2014 7:01:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
98304:aveCvepveKveB6ThR/3K3h8rbCveRvefveWvegvekveQveKveKveKveQveHveLv/:ee2e9eueB6b3K3urb2e1e3eSeQecegee

Entry address:
0x44C8F2

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
4.3 MB (4,499,968 bytes)

Remove PCRegistryShield.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.