home

startuploader.exe

Startup Faster!

URSoft, Inc.

The application startuploader.exe, “Startup Faster! - Make Windows faster.” by URSoft has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘StartupFaster’. This file is typically installed with the program Startup Faster! by URSoft, Inc..
Publisher:
URSoft,Inc  (signed by URSoft, Inc.)

Product:
Startup Faster!

Description:
Startup Faster! - Make Windows faster.

Version:
3.6.2011.11

MD5:
6da9d2fcec0170756ab3186924e60d8c

SHA-1:
02bd525d8f2bd5f3349e246ed6ae6e7ae544958b

SHA-256:
cb23f4db9921671fb1e18360293d9a657245c70d8cf534314049f4b6d66047fb

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/24/2024 9:30:06 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.URSoft.Startup
16.1.25.8

File size:
1.7 MB (1,819,920 bytes)

Product version:
3.6.0.0

Copyright:
Copyright ?1998-2011 URSoft,Inc.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\startup faster\startuploader.exe

Digital Signature
Signed by:
URSoft, Inc.

Authority:
The USERTRUST Network

Valid from:
3/13/2009 8:00:00 AM

Valid to:
3/13/2012 7:59:59 AM

Subject:
CN="URSoft, Inc.", O="URSoft, Inc.", STREET=7241 W. Addison, L=Chicago, S=IL, PostalCode=60634, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
20D86DE3316D2F604A4A91753B51F566

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

CTPH (ssdeep):
49152:jc0MGYrhLxelxCMD4ct3r/HJ6cbBddxLL5:6GYraxl5l/pPbTt

Entry address:
0x18B000

Entry point:
60, E8, 00, 00, 00, 00, 5D, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB...
 
[+]

Entropy:
7.5453

Packer / compiler:
ASPack v1.08.04

Code size:
320 KB (327,680 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
StartupFaster

Command:
"C:\Program Files\startup faster\startuploader.exe" -run sfaurun sfcurun sfaustartup sfcustartup


The file startuploader.exe has been discovered within the following program.

Startup Faster!  by URSoft, Inc.
www.pcfaster.com
44% remove it
 
Powered by Should I Remove It?

Remove startuploader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.