home

StartApps.exe

Boosting for Main Application

Xportsoft Technologies

The application StartApps.exe, “Starting up the applicaiton” by Xportsoft Technologies has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘PC Optimizer Pro’. This file is typically installed with the program PC Optimizer Pro by PC Optimizer Pro, Inc..
Publisher:
Tweaking Tools  (signed by Xportsoft Technologies)

Product:
Boosting for Main Application

Description:
Starting up the applicaiton

Version:
1.0.0.6

MD5:
9da0b9cf346b90e7e4cb94207db7e3ab

SHA-1:
f1016a7a2f1560909b21e7503a23011db30ba268

SHA-256:
c64a63bfc7ada5812d80a8a1c07bb2a8e42dc4bd655ba822a587a0de6eea9e91

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 8:28:16 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win64.Generic
16.2.7.23

File size:
420.4 KB (430,480 bytes)

Product version:
1.0.0.6

Copyright:
(c) Tweaking Tools. All rights reserved.

Original file name:
StartApps.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\pc optimizer pro\startapps.exe

Digital Signature
Signed by:
Xportsoft Technologies

Authority:
The USERTRUST Network

Valid from:
10/21/2010 12:00:00 AM

Valid to:
10/21/2011 11:59:59 PM

Subject:
CN=Xportsoft Technologies, O=Xportsoft Technologies, STREET="Office NO 12-13, Chhabra Complex", STREET=Mahesh Nagar, L=Ambala Cantt, S=Haryana, PostalCode=133001, C=IN

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
56FBF8A7717FD9CBB90C753FF0F4E25F

File PE Metadata
Compilation timestamp:
11/8/2010 12:43:33 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:w75xqq4s/tqlIDrBNrqD8BUcHGG9xpWXzLJTzBV2i4qHASBc1dwWu:wfl4s/tqlI/BNrY8nmAxpWkaOnwV

Entry address:
0x28D34

Entry point:
48, 83, EC, 28, E8, B7, 3F, 00, 00, 48, 83, C4, 28, E9, 16, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, 79, D0, 02, 00, 75, 11, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 02, F3, C3, 48, C1, C9, 10, E9, 29, 40, 00, 00, CC, 40, 53, 48, 83, EC, 20, BA, 08, 00, 00, 00, 8D, 4A, 18, E8, CD, 41, 00, 00, 48, 8B, C8, 48, 8B, D8, E8, AE, 3B, 00, 00, 48, 89, 05, CB, 46, 03, 00, 48, 89, 05, BC, 46, 03, 00, 48, 85, DB, 75, 05, 8D, 43, 18...
 
[+]

Code size:
243.5 KB (249,344 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
PC Optimizer Pro

Command:
"C:\Program Files\pc optimizer pro\startapps.exe" -s


The file StartApps.exe has been discovered within the following program.

PC Optimizer Pro  by PC Optimizer Pro, Inc.
This is a PC optimization program that is supposed to increase the speed of computer by removing invalid entries the computer's registry.
www.twekingtools.com/PC Optimizer Pro
53% remove it
 
Powered by Should I Remove It?

Remove StartApps.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.