home

idinstallwatch.exe

ID Install Watch

Christina Mailat

The application idinstallwatch.exe by Christina Mailat has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
Fastlink2  (signed by Christina Mailat)

Product:
ID Install Watch

Version:
3.5.0.0

MD5:
52c00828b48a4f3ca2a2ec062ef65f0e

SHA-1:
3f0a2e0667841cbf2bb44cc43f5bff797e68958e

SHA-256:
04d40c596f5946146dc420618b502e91ec2e9b15af78f6671614ffd183516e20

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/27/2024 1:27:19 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Fastlink2.Installer.Optional.Installer.Meta (L)
16.2.10.13

File size:
882.7 KB (903,888 bytes)

Product version:
3.5.0.0

Copyright:
Copyright © Fastlink2

Original file name:
ID Install Watch

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\id security suite\id install watch\idinstallwatch.exe

Digital Signature
Signed by:
Christina Mailat

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
3/26/2008 1:48:06 PM

Valid to:
3/26/2010 1:48:06 PM

Subject:
CN=Christina Mailat, OU=Fastlink2, O=Christina Mailat, L=Leverkusen, S=NRW, C=DE

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
4F994EA4A24BABD032D444472ED931A6

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:GDheKuFciLdmJE3l3KPVYXT0GkpXpvqYnY:GVeKCRZOEV3dXTnMtqYY

Entry address:
0x1000

Entry point:
68, 01, A0, 57, 00, E8, 01, 00, 00, 00, C3, C3, CD, 74, 95, 8A, 02, D2, 31, 6D, 19, 6B, EC, 07, C5, FB, 49, 2C, 82, 15, D4, 7B, 6C, 23, 68, 34, 38, 2B, F7, 14, DA, FD, AE, BB, 7D, 04, E9, A0, 0B, 68, 52, C9, F6, 86, 95, 15, 31, F8, 94, D5, EA, E2, EA, 4B, 27, C5, 02, 05, 3F, 71, 33, B0, 93, 72, D0, 48, 17, 0C, CC, C6, 83, 6D, AB, C7, 97, 79, 66, EA, E5, 3E, B2, 41, 23, 2E, 9C, D7, A3, 43, BB, A0, 44, 41, 7E, 33, E5, 39, C1, 38, 69, F8, 9F, BF, 35, 59, 58, DA, B8, 47, 71, 17, 43, 80, 41, 02, E4, FB, 67, AA...
 
[+]

Entropy:
7.8976

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
1011 KB (1,035,264 bytes)

Remove idinstallwatch.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.