home

roboot.exe

PC Cleaner Ultra PC Care

Software Marketing Ltd

The application roboot.exe, “Ultra PC Care - Registry Optimizer” by Software Marketing has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
PC Cleaner  (signed by Software Marketing Ltd)

Product:
PC Cleaner Ultra PC Care

Description:
Ultra PC Care - Registry Optimizer

Version:
3.0.0.0

MD5:
53350cf415e34cdb270ebbb3b69ed18a

SHA-1:
03048683c5ac07984982c4cedd1287298062335d

SHA-256:
e7950a34e582619359ee44ffbfa553df39410bf3c42b75717b773989fb19b790

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
6/29/2025 8:50:12 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SoftwareMarketing.PCCleane.Meta (L)
16.4.11.7

File size:
17 KB (17,408 bytes)

Copyright:
Copyright (C) 2011 Software Marketing ltd. Portions Copyright Systweak Inc, All rights reserved.

Trademarks:
PC Cleaner, Ultra PC Care

Original file name:
RegistryOptimizer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\roboot.exe

Digital Signature
Signed by:
Software Marketing Ltd

Authority:
GoDaddy.com, Inc.

Valid from:
6/14/2011 2:59:41 AM

Valid to:
6/14/2013 2:59:41 AM

Subject:
CN=Software Marketing Ltd, O=Software Marketing Ltd, L=Hong Kong, S=HK, C=HK

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B74A3CB7B3F71

File PE Metadata
Compilation timestamp:
6/1/2011 8:13:11 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
192:f22ccQ8ACZd07P/uig+eNPL+T7XTPMG4QW/O5YSnYX88JS2CjcHZs9qyowJL/nHk:Ob/DLEhLE7XbM/PRCjcu9qYJLnHYhV

Entry address:
0x2525

Entry point:
8B, FF, 55, 8B, EC, 51, 51, 68, 00, 16, 00, 01, E8, FF, F1, FF, FF, 59, E8, CF, FB, FF, FF, E8, F3, F3, FF, FF, 85, C0, 75, 1A, 68, E4, 15, 00, 01, E8, E6, F1, FF, FF, 59, 6A, 00, 6A, FF, FF, 15, 7C, 10, 00, 01, E9, B4, 00, 00, 00, 6A, 04, E8, 03, FF, FF, FF, E8, D1, F4, FF, FF, 85, C0, 75, 07, 68, CC, 15, 00, 01, EB, D4, 53, 56, E8, A6, F9, FF, FF, 8B, 35, 5C, 10, 00, 01, 83, 4D, FC, FF, 8D, 45, F8, 50, 33, DB, 53, C7, 45, F8, 80, 3C, 36, FE, FF, D6, 39, 1D, 1C, 30, 00, 01, 74, 0F, 53, E8, EF, F8, FF, FF...
 
[+]

Code size:
8 KB (8,192 bytes)

Remove roboot.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.