home

uninstalle2012.exe

Uninstall Security Settings for Window Power Tools

Dr Salman Zafar

The executable uninstalle2012.exe, “Uninstall Security Settings” has been detected as malware by 2 anti-virus scanners. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
Digital Millenium Inc.  (signed by Dr Salman Zafar)

Product:
Uninstall Security Settings for Window Power Tools

Description:
Uninstall Security Settings

Version:
2012.09.0122

MD5:
10e972087a7c8cd4b993a984f37ca661

SHA-1:
a13b5482e659ce4746a5f5a9919ba4f00beebb40

SHA-256:
51d3c0faa3c52573628e3254b5ca0b79448c390c6c0d0fefbfb5f176cb06719b

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
4/19/2024 9:45:12 PM UTC  (today)

Scan engine
Detection
Engine version

Quick Heal
(Suspicious) - DNAScan
1.14.12.00

Reason Heuristics
Threat.Win.Reputation.IMP
15.6.15.13

File size:
146.7 KB (150,256 bytes)

Product version:
2012.09.0122

Copyright:
Dr.Salman Zafar and Digital Millenium Inc.

Original file name:
uninstalle2.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\uninstalle2012.exe

Digital Signature
Signed by:
Dr Salman Zafar

Authority:
COMODO CA Limited

Valid from:
5/3/2012 2:00:00 AM

Valid to:
5/4/2013 1:59:59 AM

Subject:
CN=Dr Salman Zafar, O=Dr Salman Zafar, STREET=8 Achilles Road, L=Coventry, S=West Midlands, PostalCode=CV6 7NH, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
7BDC15504020A97470E73278B5718D59

File PE Metadata
Compilation timestamp:
7/1/2012 10:10:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:Gc2VdWQWA9lc1I0ZdJNGU9abSZ1dyaGnTxgIdA4DrA/0k:12UIuy0zDqaGTxHk

Entry address:
0x1000

Entry point:
68, 01, C0, 40, 00, E8, 01, 00, 00, 00, C3, C3, 86, 91, 5C, 6D, BB, FE, 49, E0, 7C, EB, 28, 2B, B0, 9C, 51, B0, 83, AB, 92, C3, AC, 10, 52, C3, 37, 5B, 9E, E9, 92, F4, 33, 96, 7D, 12, BF, BE, ED, EA, EF, 94, 91, 32, EF, B3, 43, 5A, 85, 74, 09, F5, AC, 85, 20, 93, E1, E5, 88, F8, B3, 3D, B4, A5, A2, CE, D9, 80, C7, D8, 54, 53, 56, A7, 8A, F5, F6, 43, 6A, E1, 66, 34, CE, D1, 82, 0B, 15, 05, 56, 21, EE, A4, 9A, C9, 17, 1F, 30, 46, 60, C2, 46, 66, FF, F9, FF, 12, 25, C9, D2, 74, A6, F1, C0, 2F, 70, 76, DD, 53...
 
[+]

Entropy:
7.6872

Packer / compiler:
ASProtect v2.0

Code size:
32 KB (32,768 bytes)

Remove uninstalle2012.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.