home

toolwizprettyphoto.exe

Toolwiz Pretty Photo

XII CNC Inc.

This is installed with multiple programs including Toolwiz Time Freeze 2015 and Toolwiz Pretty Photo. The file has been seen being downloaded from www.toolwiz.com and multiple other hosts.
Publisher:
Toolwiz.com  (signed by XII CNC Inc.)

Product:
Toolwiz Pretty Photo

Version:
2.0.0.0

MD5:
d10604414e87c0146da24c733c474bf6

SHA-1:
d15c2ba2ca206e31fb163dc2b4a6dfd84ea62189

SHA-256:
70b11eef49b61d2173fbe7441924f246f72ecee657fce805f1ca767e980dd12f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 2:02:38 PM UTC  (today)

File size:
5.1 MB (5,363,968 bytes)

Product version:
1.0.0.0

Copyright:
Copyright 2012 by Toolwiz.com

Trademarks:
Toolwiz

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\toolwizprettyphoto.exe

Digital Signature
Signed by:
XII CNC Inc.

Authority:
VeriSign, Inc.

Valid from:
8/29/2012 5:30:00 AM

Valid to:
9/29/2013 5:29:59 AM

Subject:
CN=XII CNC Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=XII CNC Inc., L=Anyang-si, S=Gyunggi-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5AE657C73341F9A5D7BDDD336C543E67

File PE Metadata
Compilation timestamp:
6/20/1992 3:52:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:58DYJArXklUZWmOaw1fwkQLtoQolLu9mIC05z6ii:583klUUm9OwvtoPK5z6ii

Entry address:
0x2C27C8

Entry point:
55, 8B, EC, 83, C4, F0, B8, 20, 1C, 6C, 00, E8, F4, 49, D4, FF, B8, 88, 28, 6C, 00, E8, 1A, 76, E0, FF, B8, B4, 28, 6C, 00, E8, 10, 76, E0, FF, 33, C0, E8, A1, AC, E0, FF, E8, 5C, F3, FF, FF, A1, 0C, 35, 6D, 00, 8B, 00, E8, 78, 2D, DD, FF, BA, DC, 28, 6C, 00, B1, 01, B8, 04, 29, 6C, 00, E8, FF, D8, D4, FF, 84, C0, 74, 2B, A1, 0C, 35, 6D, 00, 8B, 00, BA, 18, 29, 6C, 00, E8, 4A, 29, DD, FF, 8B, 0D, 98, 30, 6D, 00, A1, 0C, 35, 6D, 00, 8B, 00, 8B, 15, 3C, C5, 6B, 00, E8, 52, 2D, DD, FF, EB, 29, A1, 0C, 35, 6D...
 
[+]

Entropy:
7.2596

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
2.8 MB (2,890,240 bytes)

The file toolwizprettyphoto.exe has been discovered within the following programs.

Toolwiz BSafe  by ToolWiz
www.Toolwiz.com
About 9% of users remove it
Toolwiz Pretty Photo  by ToolWiz
Publisher's description - “ToolWiz Pretty Photo is a free powerful lightweight image editor. With just few clicks on this free tool, you can edit photos, create photo collage, and make them look the way you want them to be, and much prettier. Yes, it is that simple.”
www.toolwiz.com/products/toolwiz-pretty-photo
About 8% of users remove it
Toolwiz Time Freeze 2014  by ToolWiz
About 1% of users remove it
Toolwiz Time Freeze 2015  by ToolWiz
About 5% of users remove it
 
Powered by Should I Remove It?

The file toolwizprettyphoto.exe has been seen being distributed by the following 2 URLs.

http://www.toolwiz.com/.../ToolwizPrettyPhoto.exe

http://www.toolwiz.com/download.php?action=PrettyPhoto

Scan toolwizprettyphoto.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.