» UninstallTool.exe
Overview
Analysis
File Details
Behaviors (1)

UninstallTool.exe

Uninstall Tool

crystalidea.com

This is a self-extracting archive and installer. It runs as a scheduled task under the Windows Task Scheduler.

File name:

UninstallTool.exe

Publisher:

CrystalIDEA Software (signed by crystalidea.com)

Product:

Uninstall Tool

Version:

3.4.2.5405

MD5:

e11beefea5e79de79af5d2d47ea467b3

SHA-1:

dc3c0be514e7c3e1f520f1265926b0594bd5fef0

SHA-256:

694e0595b89a2d8d801d6e5ec9033fccb1be2afa6a5693850f96b8f1faab2e44

Scanner detections:

3 / 68

Status:

Clean (3 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/23/2024 11:40:24 AM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

HW32.TsCabk

1.3.0.4959

Qihoo 360 Security

HEUR/QVM19.1.Malware.Gen

1.0.0.1077

Trend Micro House Call

TROJ_GEN.F47V0227

7.2.15

File size:

3.3 MB (3,433,464 bytes)

Product version:

3.4.2.5405

Original file name:

UninstallTool.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\uninstall tool\uninstalltool.exe

Digital Signature

Signed by:

crystalidea.com

Authority:

Unizeto Technologies S.A.

Valid from:

1/14/2014 10:14:00 AM

Valid to:

1/13/2017 10:14:00 AM

Subject:

E=support@crystalidea.com, CN=crystalidea.com, O=crystalidea.com, C=US

Issuer:

CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:

119B09803E11C7BE685861F72F128819

File PE Metadata

Compilation timestamp:

3/9/2015 1:52:17 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

49152:B7kCrg5sH51wRmgXhCTVbplK8hLQdcPbLBe9:thl1wRfcbpwZdcPbLBC

Entry address:

0x3213C5

Entry point:

E9, D8, F3, FF, FF, CF, 11, C2, 32, 5E, 46, 5D, 6F, 28, 2E, D5, 60, 87, 74, 57, 92, C4, 52, D6, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 66, FC, 41, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, BC, 75, EC, 8B, 1E, 83, EE, FC, 81, F8, F8, 74, 1C, 39, 5B, 68, EF, 88, 3F, D1, 5A, E9, 00, 5B, FF, FF, E8, 52, F3, FE, FF, 09, 62, 32, 5F, 08, 07, 80, 72, E9, D2, 6B, FE, FF, E8, 40, F3, FE, FF, 86, 04, 15, 6B, E9, C3, D8, 00, 00, 8B, 45, FC, 66, 83, 38... 
[+]

Packer / compiler:

tElock 0.99 - 1.0 private

Code size:

1.9 MB (1,998,336 bytes)

Scheduled Task

Task name:

RunUninstallTool_SkipUac

Scan UninstallTool.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.