home

bubbledockremovaltool.exe

Security Stronghold LLC

The application bubbledockremovaltool.exe by Security Stronghold has been detected as a potentially unwanted program by 2 anti-malware scanners. Additionally, the file is typically installed by a number of programs including CTFMon Removal Tool by Security Stronghold and W32 Downloader Removal Tool by Security Stronghold.
Publisher:
Security Stronghold  (signed by Security Stronghold LLC)

Version:
1.0.0.149

MD5:
8ca0e25e1cb8d5614aaa3d50f4a9f780

SHA-1:
ce4aa351b29c6e85d6e9634dc5cdc25112e89f1e

SHA-256:
03d31238c0fc455cbd06ba2ac5586add0f943ce0a63c0bde679b4629a1c8321b

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 9:40:00 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/SecurityStronghold (variant)
9.10646

Reason Heuristics
PUP.Optional.SecurityStronghold
15.1.22.10

File size:
5.4 MB (5,635,024 bytes)

Product version:
1.0.0.149

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\bubble dock removal tool\bubbledockremovaltool.exe

Digital Signature
Signed by:
Security Stronghold LLC

Authority:
GlobalSign nv-sa

Valid from:
10/14/2013 5:55:31 PM

Valid to:
12/11/2014 10:49:56 AM

Subject:
E=manager@securitystronghold.com, CN=Security Stronghold LLC, O=Security Stronghold LLC, L=Astrakhan, C=RU

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121ACD1A0DCFFA94069288588DCC5FFCF18

File PE Metadata
Compilation timestamp:
1/13/2014 11:07:16 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:4Fe00swruRsSDwYvvHoX/DdVZ7SksuiVTlJwI3uCYMgTggVwTIBUadI98qwVTYL:4FksgbZ7kVTLwOuCvVunBT1lYL

Entry address:
0x3FFD7C

Entry point:
55, 8B, EC, B9, 0A, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, 58, DF, 7E, 00, E8, 17, C1, C0, FF, 8B, 35, 8C, F8, 85, 00, 8B, 3D, F0, 03, 86, 00, 33, C0, 55, 68, 93, FF, 7F, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E4, 33, C0, E8, 0F, 4E, C0, FF, 8B, 45, E4, 8D, 55, E8, E8, 84, 3C, C2, FF, 8B, 45, E8, 8D, 4D, EC, 33, D2, E8, 83, 3A, C2, FF, 8B, 55, EC, 8B, C6, E8, 25, 80, C0, FF, BB, 02, 00, 00, 00, 8D, 45, DC, 8B, 16, 0F, B7, 54, 5A, FC, E8, F5, 8A, C0, FF, 8B, 45, DC, 8D, 55, E0, E8, C2, 1C...
 
[+]

Entropy:
6.6375

Developed / compiled with:
Microsoft Visual C++

Code size:
4 MB (4,189,696 bytes)

The file bubbledockremovaltool.exe has been discovered within the following programs.

CTFMon Removal Tool  by Security Stronghold
During installation, the Security Stronghold Removal Tool utility will provide various bundled applications including RegClean Pro registry cleaner. It will then download utilities from its server and scan the user's PC.
www.SecurityStronghold.com
54% remove it
Dealply Removal Tool  by Security Stronghold
Publisher's description - “Dealply copies its file(s) to your hard disk. Its typical file name is DealPlyIE.dll. Then it creates new startup key with name Dealply and value DealPlyIE.dll. You can also find it in your processes list with name DealPlyIE.dll or Dealply.”
www.securitystronghold.com/gates/remove-dealply.html
69% remove it
Free Download Manager Removal Tool  by Security Stronghold
67% remove it
Mobogenie Removal Tool  by Security Stronghold
Distributes a version of SpyHunter by Enigma Software Group with various offers.
73% remove it
W32 Downloader Removal Tool  by Security Stronghold
62% remove it
 
Powered by Should I Remove It?

Remove bubbledockremovaltool.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.