home

s6000remov.exe

ALi Corporation

Publisher:
ALi Corporation  (signed and verified)

MD5:
37f3c298524f003fce5d7cf89692606c

SHA-1:
334e20b5e3a6ba5c2425de97f6d0335bacb7665c

SHA-256:
1edd5de8bf8cd3cd5f0d65435095c4e0774b4f628f4682f5ce02c542f08c949e

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/24/2024 3:20:02 PM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Gen:Trojan.Heur.TP.Om0@byK4uip
8.14.04.10.06

File size:
12 KB (12,288 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\camera_lite-on_2.103.14.3_xpx86\ali-manual_100512_2.103.14.3_ds\x32\s6000remov.exe

Digital Signature
Signed by:
ALi Corporation

Authority:
VeriSign, Inc.

Valid from:
5/15/2009 2:00:00 AM

Valid to:
5/27/2010 1:59:59 AM

Subject:
CN=ALi Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ALi Corporation, L=Taipei, S=Taipei, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
42A3CE1434C09D2CA8FA35643A603B7A

File PE Metadata
Compilation timestamp:
10/22/2009 10:34:51 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
192:RJ+uWOPAd33fTJEWDqRnyowJL/aMjGwP7EzMVJ2X+ebMhX/ZgjlJMV52:R8uMvTXYYJLW8J2pbmX/6jJ

Entry address:
0x15DB

Entry point:
E8, E1, 02, 00, 00, E9, C3, FD, FF, FF, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 8B, 45, 08, 8B, 00, 81, 38, 63, 73, 6D, E0, 75, 2B, 83, 78, 10, 03, 75, 25, 8B, 40, 14, 3D, 20, 05, 93, 19, 74, 15, 3D, 21, 05, 93, 19, 74, 0E, 3D, 22, 05, 93, 19, 74, 07, 3D, 00, 40, 99, 01, 75, 06, FF, 15, 40, 10, 00, 01, 33, C0, 5D, C2, 04, 00, CC, CC, CC, CC, CC, 68, EA, 15, 00, 01, FF, 15, 24, 10, 00, 01, 33, C0, C3, CC, CC, CC, CC, CC, CC, FF, 25, 60, 10, 00, 01, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC...
 
[+]

Code size:
3.5 KB (3,584 bytes)

Scan s6000remov.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.