home

RegUse.exe

RegUse

Amptek Limited

The application RegUse.exe by Amptek Limited has been detected as adware by 8 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler named RegUse. This file is typically installed with the program RegUse by Honlyn Limited.
Publisher:
Honlyn (Macao Commercial Offshore) Limited  (signed by Amptek Limited)

Product:
RegUse

Version:
1, 0, 5, 3

MD5:
3f8d8dccbb43f726ca15e852a036a815

SHA-1:
4e7348c98138dee5fa76d6d125e35bb07085eeb9

SHA-256:
9d9e17537808cd2b5848634514297d4fef988583db155acc113d0f486ee3daf3

Scanner detections:
8 / 68

Status:
Adware

Analysis date:
4/19/2024 4:06:51 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Generic.827474
738

Bitdefender
Application.Generic.827474
1.0.20.140

Comodo Security
UnclassifiedMalware
20282

ESET NOD32
Win32/Adware.RegRevive (variant)
9.10826

F-Secure
Application.Generic.827474
11.2015-28-01_4

G Data
Application.Generic.827474
15.1.24

MicroWorld eScan
Application.Generic.827474
16.0.0.84

Reason Heuristics
PUP.Task.Amptek
15.1.28.5

File size:
805.6 KB (824,960 bytes)

Product version:
1, 0, 5, 3

Copyright:
Honlyn (Macao Commercial Offshore) Limited

Original file name:
RegUse.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\reguse\reguse.exe

Digital Signature
Signed by:
Amptek Limited

Authority:
VeriSign, Inc.

Valid from:
6/7/2012 2:00:00 AM

Valid to:
10/13/2013 1:59:59 AM

Subject:
CN=Amptek Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Amptek Limited, L=Hong Kong, S=Hong Kong, C=HK

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
55B30AAE501ADA359698E3025A847E57

File PE Metadata
Compilation timestamp:
5/14/2012 2:40:22 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:se3d3ezjpzDhrkdO611ydDh9bqflxI3icUgkHgJqn6V//8:se3d3ezjpzDh6O6Lyf9ONxRCJ+6Vc

Entry address:
0x9378E

Entry point:
E8, 60, 08, 00, 00, E9, 37, FD, FF, FF, FF, 25, 50, 03, 4A, 00, 3B, 0D, 4C, 95, 4C, 00, 75, 02, F3, C3, E9, DC, 08, 00, 00, 8B, FF, 55, 8B, EC, F6, 45, 08, 02, 57, 8B, F9, 74, 25, 56, 68, 80, 42, 49, 00, 8D, 77, FC, FF, 36, 6A, 0C, 57, E8, E2, 03, 00, 00, F6, 45, 08, 01, 74, 07, 56, E8, 12, F5, FF, FF, 59, 8B, C6, 5E, EB, 14, E8, 9B, 0A, 00, 00, F6, 45, 08, 01, 74, 07, 57, E8, FB, F4, FF, FF, 59, 8B, C7, 5F, 5D, C2, 04, 00, CC, CC, CC, CC, CC, CC, CC, 57, 56, 53, 33, FF, 8B, 44, 24, 14, 0B, C0, 7D, 14, 47...
 
[+]

Code size:
633 KB (648,192 bytes)

Scheduled Task
Task name:
RegUse


The file RegUse.exe has been discovered within the following program.

RegUse  by Honlyn Limited
Publisher's description - “Make it Quick. Make it Easy. Scan The Registry, Correct The Errors, and Pump Up The System Speed. Registry faults cause your computer to run slower. Registry faults generate Windows error messages.Energize screen displays. Stop wading through Windows popup error messages.”
reguse.com
35% remove it
 
Powered by Should I Remove It?

Remove RegUse.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.