» revosetup.exe
Overview
Analysis
File Details
Programs (5)
Downloads (35)

revosetup.exe

Revo Uninstaller Setup

VS Revo Group

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from dl-web.dropbox.com and multiple other hosts.

File name:

revosetup.exe

Publisher:

VS Revo Group Ltd. (signed by VS Revo Group)

Product:

Revo Uninstaller Setup

Version:

1.9.4.0

MD5:

979e536f75c1512ca0a13e07835a40fd

SHA-1:

bf6f4ba40d0f10646e4489b42f0ba462a3ae2089

SHA-256:

9db1d558be2f207e6ecc0f0210cf9cef0e109ead048790239b4c758ae33bab28

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/10/2024 10:11:05 AM UTC (today)

File size:

2.5 MB (2,617,648 bytes)

Trademarks:

Revo Uninstaller is a trademark of VS Revo Group

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\revosetup.exe

Digital Signature

Signed by:

VS Revo Group

Authority:

VeriSign, Inc.

Valid from:

12/19/2010 4:00:00 PM

Valid to:

12/18/2013 3:59:59 PM

Subject:

CN=VS Revo Group, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=VS Revo Group, L=Ruse, S=Ruse, C=BG

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

017BF223028469B14729A770A1F0EA2D

File PE Metadata

Compilation timestamp:

12/5/2009 2:50:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:DUoLE/El7CzwzVKi2EaBS8lY72jt36SOHmQtgbWW7BC:xA/Ew0z4i2tSY6SOva7g

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.9923

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file revosetup.exe has been discovered within the following programs.

BitTorrent by BitTorrent Inc.

BitTorrent is a desktop application that allows you to work with torrent files.BitTorrent allows you to download files available as torrents, search torrent sites for music, videos, books, software and other free or public domain material.

www.bittorrent.com

7% remove it

CCleaner by Piriform

CCleaner developed by Piriform, is a utility program used to clean potentially unwanted files and invalid Windows Registry entries from a computer.

www.piriform.com/ccleaner

3% remove it

ConceptDraw MINDMAP Professional by Computer Systems Odessa corp.

Publisher's description - “ConceptDraw MINDMAP offers a variety of outputs, making it easy to share map content in the appropriate format.”

www.conceptdraw.com/products/mind-map

8% remove it

Maxthon 3 by Maxthon International Limited

Publisher's description - “Maxthon Cloud Browser for Windows uses a unique, innovative dual-core design that uses both Webkit and Trident. Fast and efficient, our dual-core design displays all web pages quickly and reliably.”

www.maxthon.com

6% remove it

SUPERAntiSpyware by SUPERAntiSpyware.com

SUPERAntiSpyware is a software application distributed as shareware which can detect and remove spyware, adware, trojan horses, rogue security software, computer worms, rootkits, parasites and other potentially harmful software applications.

www.superantispyware.com/support.html

25% remove it

The file revosetup.exe has been seen being distributed by the following 35 URLs.

https://dl-web.dropbox.com/get/.../revo uninstaller.exe

https://tmpfile1410.s3.amazonaws.com/download77/ic_trackings/24827/.../revo-uninstaller.exe

http://download-1.com/softwares/.../revosetup_free_1.94_master.exe

http://www.fayloobmennik.net/files/.../118228358.html?check=b282d4ae1107268dfd89aa6610b55448&file=2836155

http://download-1.com/softwares/.../revosetup_free_1.94_master.exe

http://files.jalantikus.com/dde/354/.../revosetup.exe

http://relizua.com/.../revosetup.exe

ftp://115.112.157.36:26/.../revosetup.exe

https://tmpfile2173.s3.amazonaws.com/download77/ic_trackings/126038/.../revo-uninstaller.exe

https://tmpfile1588.s3.amazonaws.com/download77/ic_trackings/24827/.../revo-uninstaller.exe

http://vsesam.org/htdocs/wp-content/uploads/2013/.../revosetup.exe

http://files6.majorgeeks.com/files/c3a83e015935188821aa9ee65e6b322f/.../revosetup.exe

http://download.sosej.cz/Revo_Uninstaller_1.94_Free.exe

http://files2.majorgeeks.com/files/297b631a88835f8931aa5aabdd06ece9/.../revosetup.exe

http://files2.majorgeeks.com/b02d8e29b2848ee5cd4387d2db1d379c/.../revosetup.exe

http://down.filepuma.com/files/uninstallers/.../Revo_Uninstaller_v1.94.exe

http://www.filepuma.com/down/1414033266c953/revo_uninstaller_1.94/.../0/

http://www.filepuma.com/file/1414033266c953/revo_uninstaller_1.94/.../0/

https://d13dhn7ldhrcf6.cloudfront.net/?domain=revo-uninstaller&name=Revo Uninstaller&icon=aHR0cDovL3NjcmVlbnNob3RzLm5sLnNmdGNkbi5uZXQvbmwvc2Nybi82MjAwMC82Mjk2My9yZXZvLXVuaW5zdGFsbGVyLTE0LnBuZw==&url=aHR0cDovL3d3dy5yZXZvdW5pbnN0YWxsZXIuY29tL2Rvd25sb2FkL3Jldm9zZXR1cC5leGUx&os=&lang=nl_NL&desc=VmVyd2lqZGVyIHByb2dyYW1tYSdzIGVuIGFjaHRlcmdlYmxldmVuIHZ1aWwgdmFuIGplIHBj

ftp://de1349358cea645d1660ff16bea99ccd:1348972572@ftpclubicb9b.clubic.com/.../revouninstaller_revouninstaller_1.94_francais_39528.exe

http://www.intelliadmin.com/.../Download.php?filename=revosetup.exe&access=MTM2NDAwMDY5Mg==

https://doc-0g-bk-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/cmq0i4i7e615sep1aqklun6eu00kea3v/1361995200000/13125017520261617353/.../0B36NhHzPGxvjUHFGa3lGSWNOemM?e=download

http://download1us.softpedia.com/dl/12c8b3e05d870f1d4563ccc623352a2d/50959153/100074235/software/.../revosetup.exe

http://download.slunecnice.cz/slunecnice/1ff7ca449f335280a61446db61ad6576/50dc708b/win/.../revosetup.exe

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQwNDE2MjQ4NjtzOjI6ImlkIjtpOjk1ODU7czo0OiJmaWxlIjtzOjE3OiJyZXZvc2V0dXBfMTk0LmV4ZSI7czozOiJ1cmwiO3M6NTU6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5jb20vd2luZG93cy9yZXZvLXVuaW5zdGFsbGVyLTEtOTQiO3M6NDoicGFzcyI7czozMjoiODQ1YTU0NTdiZTllYjg3NWUzNzI2NjUyZWIwNDg2NmEiO30=

http://www.oldapps.com/revo_uninstaller.php?app=979E536F75C1512CA0A13E07835A40FD

http://www.m5zn.com/.../?6f20c7b64815dae&do=m5zn-VDw2Dwabl4

http://www.commentcamarche.net/download/.../telecharger-34055245-revo-uninstaller

http://dl.cdn.chip.de/downloads/.../revosetup194.exe

http://ftp.vector.co.jp/pack/winnt/util/.../revosetup.exe

Latest 30 of 35 download URLs

Scan revosetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.