home

flvplayersetup.exe

The application flvplayersetup.exe has been detected as a potentially unwanted program by 20 anti-malware scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. This is the uninstaller utility registered in the Windows Control Panel for the program FLV Player. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.flvplayerpro.net.
MD5:
e2f421a5e68c2c503851ab2f65f21f16

SHA-1:
20cc762f3d6a55001d265fe370dcb61775ac0e0c

SHA-256:
3f7e0008553ba412b97296beb3881488f6b6d5a88a74b1e6641a830c2b311955

Scanner detections:
20 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/26/2024 5:43:15 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.InstallCore
7.1.1

AhnLab V3 Security
Adware/Win32.InstallCore
14.11.23

Avira AntiVirus
APPL/Downloader.Gen6
7.11.150.22

avast!
Win32:Adware-gen [Adw]
141119-1

AVG
Adware InstallCore.FZ
2014.0.4189

Clam AntiVirus
Win.Adware.Installcore-169
0.98/19086

Comodo Security
Application.Win32.ClickRun.A
18286

Dr.Web
Adware.Downware.421
9.0.1.05190

ESET NOD32
Win32/InstallCore.AX potentially unwanted application
7.0.302.0

F-Prot
W32/InstallCore.N.gen
4.6.5.141

K7 AntiVirus
Unwanted-Program
13.173.9789

McAfee
Artemis!120D7F412147
5600.6937

NANO AntiVirus
Trojan.Win32.Downware.cstwfc
0.28.0.59911

Panda Antivirus
PUP/MultiToolbar.A
14.11.23.03

Rising Antivirus
PE:Malware.InstallCore!6.1961
23.00.65.141121

Sophos
Install Core Click run software
4.98

Trend Micro House Call
TROJ_GEN.RCBZ1KE
7.2.327

Trend Micro
TROJ_GEN.RCBZ1KE
10.465.23

Vba32 AntiVirus
Adware.InstallCore.gen
3.12.26.0

VIPRE Antivirus
Click run software
29290

File size:
1.1 MB (1,153,296 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\documents and settings\annick lamotte\mes documents\downloads\flvplayersetup.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:DA2wfnq7q82VevVdaY4lUHH5JP7tfvjN+89TzIkZ9:DAbfjuvV4cnZTck

Entry address:
0xC9330

Entry point:
55, 8B, EC, 83, C4, F0, B8, 30, 8F, 40, 00, E8, 65, F9, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
828.5 KB (848,384 bytes)

Program Uninstaller
Program name:
FLV Player

Uninstall string:
C:\Program Files\FLVPlayer\Uninstall\Uninstall.exe /Uninstall


The file flvplayersetup.exe has been seen being distributed by the following URL.

http://www.flvplayerpro.net/default/ga/.../?dl=1

Remove flvplayersetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.