home

roboot.exe

PC Optimizer

CyberDefender Corporation

The application roboot.exe by CyberDefender has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
CyberDefender, (www.cyberdefender.com)  (signed by CyberDefender Corporation)

Product:
PC Optimizer

Version:
2.0.0.0

MD5:
e90b643ca75b8b64850446eb4f014787

SHA-1:
af20392dd32b84b0e271b15bae9cca4944f178d5

SHA-256:
c9c2fcd910938614ca20e1fbef702274955626c5cb31082c0ce564a2dc57ba09

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 5:22:03 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic.CyberDefenderCorporation.Meta
15.10.10.16

File size:
16.6 KB (17,016 bytes)

Product version:
2.0.0.0

Copyright:
© 2012, CyberDefender Corp.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\roboot.exe

Digital Signature
Signed by:
CyberDefender Corporation

Authority:
VeriSign, Inc.

Valid from:
11/21/2011 7:00:00 PM

Valid to:
11/22/2012 6:59:59 PM

Subject:
CN=CyberDefender Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Security Software, O=CyberDefender Corporation, L=Los Angeles, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2F020BCB1B37E9E1D2927775129A0B65

File PE Metadata
Compilation timestamp:
12/8/2011 7:48:03 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
192:fL78ACZd01JP/uZcPRL+T7XdxDa4x/O5YShw0f/AE1qSfjcHZsytwRFMyowJL/9u:T1l5RLE7XLDaHfjjjcuytXYJL5EeMQY

Entry address:
0x25CC

Entry point:
8B, FF, 55, 8B, EC, 51, 51, 56, BE, 8C, 13, 00, 01, 56, E8, E6, F1, FF, FF, C7, 04, 24, 28, 13, 00, 01, E8, DA, F1, FF, FF, C7, 04, 24, EC, 12, 00, 01, E8, CE, F1, FF, FF, 56, E8, C8, F1, FF, FF, 68, 98, 16, 00, 01, E8, BE, F1, FF, FF, 83, C4, 0C, E8, A3, FB, FF, FF, E8, B0, F3, FF, FF, 85, C0, 75, 1A, 68, 7C, 16, 00, 01, E8, A3, F1, FF, FF, 59, 6A, 00, 6A, FF, FF, 15, 7C, 10, 00, 01, E9, B2, 00, 00, 00, 6A, 04, E8, D7, FE, FF, FF, E8, 8E, F4, FF, FF, 85, C0, 75, 07, 68, 64, 16, 00, 01, EB, D4, 53, E8, 7B...
 
[+]

Entropy:
6.5244

Code size:
8 KB (8,192 bytes)

Remove roboot.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.