» REGSERVO.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

REGSERVO.exe

REGSERVO

Tuneup System Software Pvt Ltd

It runs as a scheduled task under the Windows Task Scheduler named REGSERVO. This file is installed with the program REGSERVO.

File name:

REGSERVO.exe

Publisher:

Tuneup System Software Pvt Ltd. (signed by Tuneup System Software Pvt Ltd)

Product:

REGSERVO

Description:

REGSERVO for pc optimaization

Version:

1.0.9.71

MD5:

c19d55864bc3d05dd07098e8531b4825

SHA-1:

91fd8093a907f4cd2d7b9feed9b4fbaf42c6cde4

SHA-256:

38058bd8fd8acd06f12af81e5303d4b0eda4336d84e091074ebca76b08c7fa5b

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/16/2024 3:48:45 AM UTC (today)

Scan engine

Detection

Engine version

Emsisoft Anti-Malware

Android.Trojan.FakeInst.CW

8.14.07.29.10

File size:

780.3 KB (799,048 bytes)

Product version:

1.0.9.71

Original file name:

REGSERVO.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\regservo\regservo.exe

Digital Signature

Signed by:

Tuneup System Software Pvt Ltd

Authority:

VeriSign, Inc.

Valid from:

5/11/2013 8:00:00 PM

Valid to:

11/12/2014 6:59:59 PM

Subject:

CN=Tuneup System Software Pvt Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Tuneup System Software Pvt Ltd, L=Kaliakkavilai, S=Tamil Nadu, C=IN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

2D08AF7D2CA33A5485DA7B74F07E996C

File PE Metadata

Compilation timestamp:

9/16/2013 7:24:23 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:jwp+WofMKQPZtRN8UEc2V5+FdadagTy4u:jytofMKQPZtRNe5+jmaCru

Entry address:

0x20930

Entry point:

E8, AC, 52, 00, 00, E9, 79, FE, FF, FF, 3B, 0D, 10, 57, 44, 00, 75, 02, F3, C3, E9, 2E, 53, 00, 00, 8B, FF, 51, C7, 01, F4, 99, 43, 00, E8, 26, 54, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 1E, 43, FE, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, 61, 54, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 83, EC, 20, 53, 33, DB, 39, 5D, 14, 75, 20, E8, 08, 07, 00, 00, 53... 
[+]

Entropy:

5.8195

Code size:

211.5 KB (216,576 bytes)

Scheduled Task

Task name:

REGSERVO

Trigger:

Weekly (Runs weekly on Thursdays at 3:00 AM)

Action:

regservo.exe -t

Description:

Runs REGSERVO at Scheduled Time.

The file REGSERVO.exe has been discovered within the following program.

REGSERVO by TuneUp Software

Publisher's description - “REGSERVO is the one program you need when you have to fix a damaged or corrupted registry with confidence and safety. This program allows users to take their computer back to a time when it ran faster and more reliably than it ever has in the past.”

www.REGSERVO.com

63% remove it

Scan REGSERVO.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.