home

RegistryDefragHelper.dll

BoostSpeed

UpdateStar GmbH

The module RegistryDefragHelper.dll, “Registry Defrag Library” by UpdateStar GmbH has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Auslogics  (signed by UpdateStar GmbH)

Product:
BoostSpeed

Description:
Registry Defrag Library

Version:
7.10.0.0

MD5:
676341268bb8e8099e99ac8f3a634937

SHA-1:
cf9d5177c9184a4a0a848204c43acc10f48951ac

SHA-256:
5ff122f8c4e1e8a43da00326687abf8ecf53a30692e0f921a22d9f3e14246731

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/19/2024 6:17:46 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.installCore (M)
17.1.15.22

File size:
265.7 KB (272,080 bytes)

Product version:
9.x

Copyright:
Copyright © 2008-2016 Auslogics Labs Pty Ltd

Trademarks:
Copyright © 2008-2016 Auslogics Labs Pty Ltd

Original file name:
RegistryDefragHelper.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\updatestar\repair\registrydefraghelper.dll

Digital Signature
Signed by:
UpdateStar GmbH

Authority:
COMODO CA Limited

Valid from:
1/12/2016 7:00:00 AM

Valid to:
1/12/2019 6:59:59 AM

Subject:
CN=UpdateStar GmbH, O=UpdateStar GmbH, STREET=Gneisenaustr. 44/45, L=Berlin, S=Berlin, PostalCode=10961, C=DE

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FBADF674BC78E279821FBDF9D937DF06

File PE Metadata
Compilation timestamp:
12/19/2016 8:44:13 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x171AE

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 5C, 69, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 54, D4, 02, 10, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 04, D1, 02, 10, C9, C2, 08, 00, FF, 35, 28, 06, 04, 10, FF, 15, F4, D0, 02, 10, 85, C0, 74, 02, FF...
 
[+]

Entropy:
6.3272

Code size:
172.5 KB (176,640 bytes)

Remove RegistryDefragHelper.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.