home

Setup.exe

SmartSound Qu

SmartSound Software, Inc.

The executable Setup.exe has been detected as malware by 7 anti-virus scanners. The program is a setup application that uses the InstallShield Setup installer. This is the uninstaller utility registered in the Windows Control Panel for the program SmartSound Quicktracks 5 by SmartSound Software Inc..
Publisher:
SmartSound Software Inc  (signed by SmartSound Software, Inc.)

Product:
SmartSound Qu

Description:
Setup Launcher

Version:
5.1.7

MD5:
e2742aad85a656520f159e19616177a8

SHA-1:
b8499c58bbb99a21ade34de7bae4b7df9560b7ce

SHA-256:
22a4010435b5f8dcbd7df1c726a0228841079692d899b3afe4bc99bef9b3e988

Scanner detections:
7 / 68

Status:
Malware

Analysis date:
4/27/2024 3:43:50 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.Madangel.I.Dam
5813612

avast!
Win32:Agent-BARL [Trj]
160107-0

AVG
Win32/Madang.G
2015.0.4489

Clam AntiVirus
Trojan.Downloader.Small-1607
0.98/21242

Emsisoft Anti-Malware
Win32.Madangel.I.Dam
10.0.0.5366

F-Secure
Win32.Madangel.I.Dam
5.15.21

Norman
Win32.Madangel.I.Dam
17.12.2015 06:34:11

File size:
468.7 KB (479,984 bytes)

Product version:
5.1.

Copyright:
Copyright (C) 2007 Macrovision Corporation

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Installer:
InstallShield Setup

Language:
English (United States)

Common path:
C:\Program Files\installshield installation information\{2f8ba3fd-1fa9-4279-b696-712abb12f09f}\setup.exe

Digital Signature
Signed by:
SmartSound Software, Inc.

Authority:
The USERTRUST Network

Valid from:
11/12/2009 4:00:00 PM

Valid to:
11/13/2010 3:59:59 PM

Subject:
CN="SmartSound Software, Inc.", OU=Web Site, O="SmartSound Software, Inc.", STREET=8550 Balboa Blvd. Suite 180, L=Northridge, S=CA, PostalCode=91325, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00993EBB1EBA72F2BCAF23B9245B70D9ED

File PE Metadata
Compilation timestamp:
4/18/2007 6:03:15 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:jtGrLFaxvDJDPAernALxwapvmNWz8+DeqrBCGvVpT0PFn0wccccccccj/HHHHHHb:BewD2OAONV+DesF9O

Entry address:
0x2996C

Entry point:
55, 8B, EC, 6A, FF, 68, C8, 70, 43, 00, 68, 58, CB, 42, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 78, 61, 43, 00, 33, D2, 8A, D4, 89, 15, 04, 56, 44, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 00, 56, 44, 00, C1, E1, 08, 03, CA, 89, 0D, FC, 55, 44, 00, C1, E8, 10, A3, F8, 55, 44, 00, 6A, 01, E8, 15, 1F, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 30, 10, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
6.4754

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
212 KB (217,088 bytes)

Program Uninstaller
Program name:
SmartSound Quicktracks 5

Display publisher:
SmartSound Software Inc.

Display version:
5.1.7

Uninstall string:
"C:\Program Files\InstallShield Installation Information\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}\setup.exe" -runfromtemp -l0x0409 -removeonly


Remove Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.