home

uninstall.exe

Folder Lock

NewSoftwares.net Inc. SDN. BHD.

The application uninstall.exe by NewSoftwares.net SDN. BHD has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This file is typically installed with the program Folder Lock by New Softwares.net Inc.. The file has been seen being downloaded from downloads.pcworld.com.
Publisher:
NewSoftwares.net, Inc.  (signed by NewSoftwares.net Inc. SDN. BHD.)

Product:
Folder Lock

Version:
7.0.5.0

MD5:
1a16f52b02a1d239595aa618f4b94541

SHA-1:
3681bc3662939b3bb86030717c97cb90daa6c9c0

SHA-256:
5ebb171a839e3380a5a33c3269b819a9a9619ef770c348b66bbaaf7300ae88fe

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 6:40:48 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.NewSoftw.Installer
16.11.29.9

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.14212

File size:
8 MB (8,381,016 bytes)

Product version:
7.0.5.0

Copyright:
Copyright © 1998-2011 NewSoftwares.net, Inc. All Rights Reserved.

Trademarks:
Folder Lock ® is a registered trademark

Original file name:
FolderLock.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\newsoftware's\folder lock\uninstall.exe

Digital Signature
Signed by:
NewSoftwares.net Inc. SDN. BHD.

Authority:
GlobalSign nv-sa

Valid from:
2/3/2009 4:23:54 PM

Valid to:
2/3/2012 4:23:54 PM

Subject:
E=president@newsoftwares.net, CN=NewSoftwares.net Inc. SDN. BHD., O=NewSoftwares.net Inc. SDN. BHD., C=MY

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000011F3BFCD88E

File PE Metadata
Compilation timestamp:
12/12/2011 6:32:45 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:HuajRtXw+VcPOLaAXVB/OcmdGBECuKlV6a3I089go9uQ2kIDp6axaWw5GAfs0HTU:HuattA+laAXV0fVK408CoF+6a0W8jHTU

Entry address:
0xB8C740

Entry point:
60, BE, 00, 50, 7C, 00, 8D, BE, 00, C0, C3, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Entropy:
7.8055  (probably packed)

Code size:
7.8 MB (8,159,232 bytes)

The file uninstall.exe has been discovered within the following program.

Folder Lock  by New Softwares.net Inc.
About 1% of users remove it
 
Powered by Should I Remove It?

The file uninstall.exe has been seen being distributed by the following URL.

http://downloads.pcworld.com/pub/new/utilities/.../folder-lock-en.exe

Remove uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.