» uninstallmanager.exe
Overview
Analysis
File Details
Programs (1)

uninstallmanager.exe

Skytech

Hefei Zhimingxingtong Software&Technology Co., Ltd.

The application uninstallmanager.exe by Hefei Zhimingxingtong Software&Technology Co. has been detected as adware by 39 anti-malware scanners. This file is typically installed with the program webssearches uninstall by Hefei Zhimingxingtong Software&Technology Co., Ltd. which is a potentially unwanted software program.

File name:

Publisher:

Skytech Co., Ltd. (signed by Hefei Zhimingxingtong Software&Technology Co., Ltd.)

Product:

Skytech

Version:

5.0.2.372

MD5:

91624851f9f7abd09f2322efa4ea07b4

SHA-1:

09f4b90005585de3b3fa221f97ab30f8ce42c36f

SHA-256:

a3e544738392b80e4d3f5439f042e90416f37121dedf9c4581b63fbcab020d88

Scanner detections:

39 / 68

Status:

Adware

Analysis date:

4/19/2024 7:14:55 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.SlugIn.A

903

Agnitum Outpost

Win32.Slugin.A

7.1.1

AhnLab V3 Security

Win32/Slugin.C

2014.08.16

Avira AntiVirus

W32/Slugin.A

7.11.30.172

avast!

Patched-HO [Trj]

140813-1

AVG

Win32/Slugin.A

2014.0.4007

Baidu Antivirus

Virus.Win32.Patched.$dj

4.0.3.14816

Bitdefender

Win32.SlugIn.A

1.0.20.1140

Bkav FE

W32.OlayFara.PE

1.3.0.4959

Clam AntiVirus

Trojan.Spy-59563

0.98/19284

Comodo Security

TrojWare.Win32.Patched.P

19209

Dr.Web

Win32.Wplugin.1

9.0.1.05190

Emsisoft Anti-Malware

Win32.SlugIn

9.0.0.4324

ESET NOD32

Win32/Slugin.A virus

7.0.302.0

Fortinet FortiGate

W32/Wplug.A

8/16/2014

F-Prot

W32/Slugin.B

4.6.5.141

F-Secure

Win32.SlugIn.A

11.2014-16-08_7

G Data

Win32.SlugIn

14.8.24

IKARUS anti.virus

Virus.Win32.Patched.HO

t3scan.1.7.5.0

K7 AntiVirus

Trojan

13.183.13054

Kaspersky

Virus.Win32.Slugin

15.0.0.494

Malwarebytes

PUP.Optional.Skytech.A

v2014.08.16.05

McAfee

W32/Wplugin

5600.7037

Microsoft Security Essentials

Threat.Undefined

1.179.3144.0

MicroWorld eScan

Win32.SlugIn.A

15.0.0.684

NANO AntiVirus

Virus.Win32.Slugin.ddowbn

0.28.2.61519

nProtect

Win32.SlugIn.A

14.08.14.01

Panda Antivirus

W32/Wplugin.A

14.08.16.06

Qihoo 360 Security

Virus.Win32.Slugin.A

1.0.0.1015

Quick Heal

W32.Slugin.A

8.14.14.00

Reason Heuristics

PUP.HefeiZhimingxingtongSoftwareTechnologyCo.Q

14.8.16.5

Rising Antivirus

PE:Win32.Agent.ey!1474842

23.00.65.14814

Sophos

W32/Slugin-A

4.98

Total Defense

Win32/Slugin.A

37.0.11124

Trend Micro House Call

PE_WPLUG.A

7.2.228

Trend Micro

PE_WPLUG.A

10.465.16

Vba32 AntiVirus

Trojan.Patched.dj

3.12.26.3

VIPRE Antivirus

Threat.4314870

32210

ViRobot

Win32.Patched.N

2011.4.7.4223

File size:

1.9 MB (1,956,985 bytes)

Product version:

5.0.2.372

Original file name:

UninstallManager

File type:

Executable application (Win32 EXE)

Language:

Chinese (PRC)

Common path:

C:\Documents and Settings\{user}\Application data\omiga-plus\uninstallmanager.exe

Digital Signature

Signed by:

Hefei Zhimingxingtong Software&Technology Co., Ltd.

Authority:

GlobalSign nv-sa

Valid from:

10/29/2013 2:37:05 PM

Valid to:

10/30/2014 2:37:05 PM

Subject:

CN="Hefei Zhimingxingtong Software&Technology Co., Ltd.", O="Hefei Zhimingxingtong Software&Technology Co., Ltd.", L=Hefei, S=Anhui, C=CN

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11219E374B1001FFC6B983B5DE082D65401A

File PE Metadata

Compilation timestamp:

6/5/2014 12:53:38 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

24576:Sr14iKuHI3T7DqtaqMxyd2jRI+H0cveqdCm8QyZnbmRxQJEx1WGlJdkQDq48cWNJ:EnqyKxyd2j/8lSxQWTDDs4GEUQsNmd7+

Entry address:

0xFA447

Entry point:

60, E8, 00, 00, 00, 00, 5B, 81, EB, D0, 48, 00, 10, 83, EC, 74, 8B, EC, 8B, 83, AB, 4B, 00, 10, 89, 45, 00, 8B, 83, B3, 4B, 00, 10, 03, 45, 00, 89, 45, 2C, 8B, 83, B7, 4B, 00, 10, 03, 45, 00, 89, 45, 30, C7, 45, 14, 00, 00, 00, 00, C7, 45, 18, 00, 00, 00, 00, C7, 45, 1C, 00, 00, 00, 00, 8B, 45, 14, FF, 45, 14, 66, 33, C9, 8A, 8C, 03, FF, 4B, 00, 10, 84, C9, 74, 7A, 8B, 45, 1C, 66, 01, 4D, 1C, 03, C3, 05, 13, 4C, 00, 10, 50, 8B, 45, 2C, FF, 10, 85, C0, 0F, 84, 5E, 02, 00, 00, 89, 45, 10, 8B, 45, 1C, 03, C3... 
[+]

Entropy:

6.2870

Packer / compiler:

ASPack v1.08.04

Code size:

1.3 MB (1,392,128 bytes)

The file uninstallmanager.exe has been discovered within the following program.

webssearches uninstall by Hefei Zhimingxingtong Software&Technology Co., Ltd.

webssearches is an adware (advertising supported) web browser application that is designed to display banner ads as well as contextual link ads (such as hyperlinks the user will see underlined).

83% remove it

Remove uninstallmanager.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.