Should I block it?

No, this file is 100% safe to run.

Relationships

Parent process
Related files

PE structurePE file structure

Show functions
Import table
advapi32.dll
LookupPrivilegeValueW, RegSetValueExW, RegCloseKey, RegOpenKeyExW, RegQueryValueExW, GetUserNameW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyW, RegQueryValueW, FreeSid, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, SetEntriesInAclW, AllocateAndInitializeSid, AdjustTokenPrivileges, RegCreateKeyExW, OpenProcessToken, RegNotifyChangeKeyValue, SetFileSecurityW, RegEnumKeyExW, RegEnumValueW
comctl32.dll
InitCommonControlsEx, _TrackMouseEvent, ImageList_GetIconSize
comdlg32.dll
GetOpenFileNameW, GetFileTitleW
gdi32.dll
SelectClipRgn, CreateRectRgn, GetObjectW, GetPixel, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowOrgEx, OffsetWindowOrgEx, SetWindowExtEx, ScaleWindowExtEx, ExtSelectClipRgn, DeleteDC, CreatePatternBrush, CreateBitmap, GetStockObject, SelectPalette, GetObjectType, CreatePen, CreateHatchBrush, CreateFontIndirectW, CreateRectRgnIndirect, SetRectRgn, CombineRgn, PatBlt, CreateDIBitmap, GetTextMetricsW, EnumFontFamiliesW, GetTextCharsetInfo, CreateEllipticRgn, CreatePolygonRgn, GetBkColor, SetLayout, Polyline, Ellipse, Polygon, GetTextExtentPoint32W, OffsetRgn, GetRgnBox, CreateRoundRectRgn, SetDIBColorTable, GetDIBits, RealizePalette, StretchBlt, SetPixel, CreateDIBSection, Rectangle, CreatePalette, GetPaletteEntries, GetNearestPaletteIndex, GetSystemPaletteEntries, EnumFontFamiliesExW, GetWindowOrgEx, PtInRegion, FillRgn, FrameRgn, GetBoundsRect, GetViewportOrgEx, ExtFloodFill, SetPaletteEntries, GetTextFaceW, SetPixelV, GetLayout, SetTextAlign, MoveToEx, LineTo, IntersectClipRect, ExcludeClipRect, GetClipBox, SetMapMode, SetTextColor, SetROP2, SetPolyFillMode, SetBkMode, SetBkColor, RestoreDC, SaveDC, CreateDCW, GetDeviceCaps, SelectObject, DeleteObject, CreateSolidBrush, LPtoDP, GetMapMode, GetWindowExtEx, GetViewportExtEx, DPtoLP, PtVisible, RectVisible, TextOutW, ExtTextOutW, Escape, CreateCompatibleBitmap, BitBlt, GetTextColor, CopyMetaFileW, CreateCompatibleDC
gdiplus.dll
GdipSetInterpolationMode, GdipDrawImageRectRectI, GdipLoadImageFromFile, GdipDrawEllipse, GdipFillEllipse, GdipCreateFontFromLogfontW, GdipFree, GdipAlloc, GdipGetImageWidth, GdipGetImageHeight, GdipCreateFromHDC, GdipDeleteGraphics, GdipDrawImageRectI, GdipFillRectangleI, GdipCreateSolidFill, GdipDeleteBrush, GdipCloneBrush, GdipDrawRectangleI, GdipCreatePen1, GdipDeletePen, GdipDrawLineI, GdipDrawLine, GdipDrawImage, GdipSetSmoothingMode, GdipGraphicsClear, GdipCreateStringFormat, GdipDeleteStringFormat, GdipSetStringFormatLineAlign, GdipDrawString, GdipDrawImagePointRectI, GdipSetStringFormatTrimming, GdipSetStringFormatAlign, GdipCreateRegion, GdipDeleteRegion, GdipGetClip, GdipCreatePath, GdipDeletePath, GdipAddPathEllipseI, GdipCombineRegionPath, GdipSetClipRegion, GdipResetClip, GdipDrawEllipseI, GdipGetFontHeight, GdipMeasureString, GdipReleaseDC, GdipSetTextRenderingHint, GdipSetPenDashStyle, GdipSetSolidFillColor, GdipSetStringFormatFlags, GdipDeleteFont, GdipCreateFromHWND, GdipDrawImageI, GdipGetImageBounds, GdipImageSelectActiveFrame, GdipCreateTexture, GdipTranslateTextureTransform, GdipSetTextureWrapMode, GdipDrawRectangle, GdipFillRectangle, GdipDeleteFontFamily, GdipGetFamily, GdipCreateFont, GdipGetFontUnit, GdipGetFontStyle, GdipGetFontSize, GdipFillPath, GdipDrawPath, GdipSetClipPath, GdipSetClipRectI, GdipImageRotateFlip, GdipCreateLineBrushFromRectI, GdipGetDC, GdipDrawImagePointRect, GdipSetPixelOffsetMode, GdipCreateLineBrushFromRectWithAngleI, GdipDisposeImage, GdipGetImagePixelFormat, GdipGetImagePaletteSize, GdipGetImagePalette, GdipCreateBitmapFromStream, GdipCreateBitmapFromScan0, GdipBitmapLockBits, GdipBitmapUnlockBits, GdiplusStartup, GdiplusShutdown, GdipGetImageGraphicsContext, GdipCloneImage, GdipCreateBitmapFromHBITMAP, GdipCreateLineBrushFromRectWithAngle, GdipAddPathLineI, GdipAddPathArcI, GdipClonePath, GdipDrawImageRect, GdipAddPathLine, GdipClosePathFigure, GdipCreateImageAttributes, GdipDisposeImageAttributes, GdipSetImageAttributesColorMatrix, GdipDrawImageRectRect, GdipSetStringFormatHotkeyPrefix
imm32.dll
ImmGetContext, ImmReleaseContext, ImmGetOpenStatus
iphlpapi.dll
GetAdaptersInfo, SendARP
kernel32.dll
DllMain
msimg32.dll
TransparentBlt, AlphaBlend
ole32.dll
CoInitializeSecurity, CoInitializeEx, CoUninitialize, StgCreateDocfileOnILockBytes, RevokeDragDrop, CoLockObjectExternal, RegisterDragDrop, IsAccelerator, OleTranslateAccelerator, OleDestroyMenuDescriptor, OleCreateMenuDescriptor, CLSIDFromProgID, OleRun, OleGetClipboard, DoDragDrop, CreateILockBytesOnHGlobal, StgOpenStorageOnILockBytes, OleLockRunning, CoRegisterMessageFilter, OleFlushClipboard, OleIsCurrentClipboard, CoRevokeClassObject, CoGetClassObject, CreateStreamOnHGlobal, CLSIDFromString, CoFreeUnusedLibraries, CoCreateGuid, OleDuplicateData, CoTaskMemAlloc, ReleaseStgMedium, CoCreateInstance, CoTaskMemFree, OleUninitialize, OleDraw, OleInitialize, CoInitialize
oleacc.dll
AccessibleObjectFromWindow, CreateStdAccessibleObject, LresultFromObject
oledlg.dll
OleUIBusyW
shell32.dll
ShellExecuteW, SHGetFolderPathW, SHBrowseForFolderW, SHGetPathFromIDListW, Shell_NotifyIconW, DragFinish, DragQueryFileW, SHCreateDirectoryExW, SHGetFileInfoW, SHAppBarMessage, SHGetMalloc, SHGetSpecialFolderLocation, SHGetDesktopFolder, SHGetSpecialFolderPathW
shlwapi.dll
PathRemoveFileSpecW, PathFindExtensionW, PathIsDirectoryW, PathFileExistsW, PathFindFileNameW, PathAppendW, PathIsUNCW, PathStripToRootW
user32.dll
DllMain
wininet.dll
InternetWriteFile, InternetSetFilePointer, InternetSetStatusCallbackW, InternetOpenW, InternetConnectW, HttpOpenRequestW, HttpAddRequestHeadersW, HttpSendRequestW, HttpQueryInfoW, InternetReadFile, InternetCloseHandle, InternetQueryDataAvailable, InternetGetLastResponseInfoW
winmm.dll
PlaySoundW
winspool.drv
ClosePrinter, DocumentPropertiesW, OpenPrinterW
wlanapi.dll
WlanQueryInterface, WlanFreeMemory, WlanOpenHandle, WlanEnumInterfaces

xoftspy.exe

XoftSpy AntiVirus Pro by Paretologic Inc. (Signed)

Remove xoftspy.exe
Version:   9.1.0.0
MD5:   9c98891ffb41630f88e487aa6dfe0c73
SHA1:   0d84677c71ca30cd66c5a9f9ecb1a7e56e3345e2

Overview

xoftspy.exe executes as a process with the local user's privileges usually within the context of Windows Explorer. This is typically installed with the program XoftSpy AntiVirus Pro published by ParetoLogic Inc.. The file is digitally signed by Paretologic Inc. which was issued by the GlobalSign nv-sa certificate authority (CA). This particular version is usually found on Windows 7 Professional (6.1.7601.65536).

DetailsDetails

File name:xoftspy.exe
Publisher:ParetoLogic Inc.
Product name:XoftSpy AntiVirus Pro
Description:AntiVirus
Typical file path:C:\Program Files\paretologic\xoftspy antivirus pro\xoftspy.exe
Original name:AntiVirus.exe
File version:9.1.0.0
Product version:9.1.0.2
Size:3.53 MB (3,697,264 bytes)
Build date:8/15/2013 8:47 PM
Certificate
Issued to:Paretologic Inc.
Authority (CA):GlobalSign nv-sa
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
ParetoLogic Inc.
50% remove
XoftSpy Detects & Removes Spyware, Adware, Hijackers & Other Malicious Files.

BehaviorsBehaviors

Scheduled task
  • The job 'XoftSpy AntiVirus Pro Startup' runs on logon in the path '\XoftSpy AntiVirus Pro Startup'
Network connections
  • [UDP] listens on port 57214

  • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00091439%
    0.028634%
    Kernel CPU:0.00062796%
    0.013761%
    User CPU:0.00028644%
    0.014873%
    Kernel CPU time:3,219 ms/min
    100,923,805ms/min
    Memory
    Private memory:10.87 MB
    21.59 MB
    Private (maximum):30.19 MB
    Private (minimum):25.59 MB
    Non-paged memory:10.87 MB
    21.59 MB
    Virtual memory:170.95 MB
    140.96 MB
    Virtual memory (peak):265.09 MB
    169.69 MB
    Working set:23.07 MB
    18.61 MB
    Working set (peak):42.01 MB
    37.95 MB
    Resource allocations
    Threads:11
    12
    Handles:677
    600
    GUI GDI count:139
    103
    GUI GDI peak:141
    142
    GUI USER count:352
    49
    GUI USER peak:360
    71

    BehaviorsProcess properties

    Tray notification:Yes
    Integrety level:Medium
    Platform:32-bit
    Command line:"C:\Program Files\paretologic\xoftspy antivirus pro\xoftspy.exe" /minimize
    Owner:User
    Parent process:explorer.exe (Windows Explorer by Microsoft Corporation)

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Professional 100.00%

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Sony 100.00%
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE