» UninstallTool.exe
Overview
Analysis
File Details
Behaviors (1)

UninstallTool.exe

Uninstall Tool

crystalidea.com

This is a self-extracting archive and installer. It runs as a scheduled task under the Windows Task Scheduler.

File name:

UninstallTool.exe

Publisher:

CrystalIDEA Software (signed by crystalidea.com)

Product:

Uninstall Tool

Version:

3.4.1.5400

MD5:

210d40d0d86ce102fe4788f273ddd329

SHA-1:

15410f26f2d782233ddc3d1146909e7a43733355

SHA-256:

70c719a85d23657474d03d0e2910e806f6a0a17f7b9d9c2a6e63f0a9bb38eb36

Scanner detections:

3 / 68

Status:

Clean (3 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/24/2024 1:57:15 AM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

HW32.TsCabk

1.3.0.4959

Qihoo 360 Security

HEUR/QVM19.1.Malware.Gen

1.0.0.1077

Trend Micro House Call

TROJ_GEN.F47V0227

7.2.41

File size:

3.3 MB (3,426,808 bytes)

Product version:

3.4.1.5400

Original file name:

UninstallTool.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\uninstall tool\uninstalltool.exe

Digital Signature

Signed by:

crystalidea.com

Authority:

Unizeto Technologies S.A.

Valid from:

1/14/2014 8:14:00 AM

Valid to:

1/13/2017 8:14:00 AM

Subject:

E=support@crystalidea.com, CN=crystalidea.com, O=crystalidea.com, C=US

Issuer:

CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:

119B09803E11C7BE685861F72F128819

File PE Metadata

Compilation timestamp:

1/23/2015 2:51:04 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

49152:RgyQfydj3XZI/tLKEdurkol7rZ10uKXlRAS/RT9G9oOmK8h+aIg:RgidGLKEdull7UnAyGSwXg

Entry address:

0x305CA9

Entry point:

E9, E8, 3D, 03, 00, 5F, C7, E6, 57, 6C, 1A, 27, F8, 16, 26, FB, 14, 79, 8E, 18, 85, 7D, 42, A5, 83, EC, 0C, 53, 56, 57, E8, 24, 02, 00, 81, 04, 24, 65, 78, 63, 68, 8B, 06, 8B, D0, E9, FA, F5, 02, 00, 9C, E9, 1B, D4, 03, 00, 87, 0C, 24, E9, 58, 6B, 02, 00, 89, 14, 24, 5A, 53, 80, E3, 03, E8, DD, BE, 03, 00, 87, 1C, 24, E9, 7A, 61, 00, 00, 89, 3C, 24, 5F, 89, 14, 24, 50, E8, B4, ED, 02, 00, B0, 47, 41, 78, E8, C4, 77, FF, FF, 5E, 8C, D6, CA, FE, 06, 90, D0, 2B, D3, 68, 6D, 18, 71, 00, E9, 9F, 33, 00, 00, E8... 
[+]

Packer / compiler:

Xtreme-Protector v1.05

Code size:

1.9 MB (1,988,608 bytes)

Scheduled Task

Task name:

RunUninstallTool_SkipUac

Action:

uninstalltool.exe $(arg0)

Scan UninstallTool.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.