» RegistryDefrag.exe
Overview
Analysis
File Details
Programs (1)

RegistryDefrag.exe

System Cleaner

Pointstone Software, LLC

The application RegistryDefrag.exe by Pointstone Software has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program System Cleaner 7 by Pointstone Software, LLC.

File name:

RegistryDefrag.exe

Publisher:

Pointstone Software, LLC (signed and verified)

Product:

System Cleaner

Description:

Registry Defrag

Version:

6.0.0.1

MD5:

175b958d4c8e2911c722e0e2d7b4cf3e

SHA-1:

65e651129454512e977c56dfb74631d9cc88631d

SHA-256:

36f2c41a5f44b03254a28cd785e8a0c7e76c32f8ae0217c74528ba5674b744a2

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 2:50:45 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Optional.Pointstone

16.2.13.0

File size:

192.8 KB (197,376 bytes)

Trademarks:

System Cleaner is a registered trademark of Pointstone Software, LLC. (United States Patent and Trademark Office registration number 2926385)

Original file name:

RegistryDefrag.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\pointstone\system cleaner 7\registrydefrag.exe

Digital Signature

Signed by:

Pointstone Software, LLC

Authority:

COMODO CA Limited

Valid from:

3/19/2012 1:00:00 AM

Valid to:

3/20/2014 12:59:59 AM

Subject:

CN="Pointstone Software, LLC", O="Pointstone Software, LLC", STREET="2915 Ogletown Road, #342", L=Newark, S=DE, PostalCode=19713, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

6A22BB97E19FF5ADFB20EE6464F9DEFA

File PE Metadata

Compilation timestamp:

12/24/2012 10:21:01 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:eep7qIuQJMkMeB9Fa7wP21xFdVpft/dX/1TFdkwd/T:ePQJMkMeVaD97

Entry address:

0x108E8

Entry point:

55, 8B, EC, 83, C4, F0, 53, B8, 18, F1, 40, 00, E8, F7, 09, FF, FF, 8B, 1D, 7C, 4E, 41, 00, 8B, 03, E8, 46, 1E, FF, FF, 8B, 03, B2, 01, E8, 65, 1E, FF, FF, 8B, 03, BA, 5C, 09, 41, 00, E8, 21, 1E, FF, FF, 8B, 0D, 44, 11, 41, 00, 8B, 03, 8B, 15, C4, BD, 40, 00, E8, 26, 1E, FF, FF, 8B, 0D, 2C, 11, 41, 00, 8B, 03, 8B, 15, 6C, CC, 40, 00, E8, 13, 1E, FF, FF, 8B, 03, E8, 14, 1E, FF, FF, 5B, E8, AA, 07, FF, FF, 00, 00, B0, 04, 02, 00, FF, FF, FF, FF, 0F, 00, 00, 00, 52, 00, 65, 00, 67, 00, 69, 00, 73, 00, 74, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

62 KB (63,488 bytes)

The file RegistryDefrag.exe has been discovered within the following program.

System Cleaner 7 by Pointstone Software, LLC

Publisher's description - “Fix your PC's problems, and help prevent them from recurring with System Cleaner's suite of maintenance tools. System Cleaner restores your PC's performance, frees up wasted disk space, prevents registry corruption and protects your online privacy. Your PC is slowing down.”

www.systemcleaner.com

45% remove it

Remove RegistryDefrag.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.