home

uninstalltoolwizcare.exe

ToolWiz Care

XII CNC Inc.

This is a setup program which is used to install the application. This file is installed with multiple programs including Toolwiz Care. The file has been seen being downloaded from download.toolwiz.com.
Publisher:
ToolWiz  (signed by XII CNC Inc.)

Product:
ToolWiz Care

Version:
2.1.0.5100

MD5:
3f2d5ea4b6dd65b3bdfcae2bb3e04c56

SHA-1:
96e29a42d843fd8448828cb861d5254b15c914d5

SHA-256:
dc8679b2939646bfd0ec5052d7a49eb797628ee5346ee4d97286149cbecb5587

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 1:46:04 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Trojan.Agent!6.670
23.00.65.14304

File size:
7.3 MB (7,695,616 bytes)

Product version:
2.0

Copyright:
Copyright(c) 2012 by ToolWiz.com

Trademarks:
ToolWiz

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\toolwizcarefree\uninstalltoolwizcare.exe

Digital Signature
Signed by:
XII CNC Inc.

Authority:
VeriSign, Inc.

Valid from:
8/29/2012 4:00:00 AM

Valid to:
9/29/2013 3:59:59 AM

Subject:
CN=XII CNC Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=XII CNC Inc., L=Anyang-si, S=Gyunggi-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5AE657C73341F9A5D7BDDD336C543E67

File PE Metadata
Compilation timestamp:
6/20/1992 2:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:91++1x68MIDeLnw1anB/qerMQbGDIE3Wr4tS0qrgjl2s9VAtUj:T51XTCTw1aB/qerlbrMS3gjl27y

Entry address:
0xFBC001

Entry point:
60, E9, 3D, 04, 00, 00, 97, D3, B3, AF, AF, 9A, AF, 6A, DF, E8, F3, AF, B2, 8C, DA, 4C, 7F, EE, F3, AF, 32, 6C, AB, F8, F3, AF, AF, 38, 4C, AB, F8, F3, AF, BE, 34, 15, B2, AF, AF, 76, 34, E2, E8, F3, AF, AF, AF, AF, AF, 3C, 34, B3, F9, F3, AF, FF, AE, 44, AF, FA, F3, AF, 38, 34, AF, F9, F3, AF, 3A, A7, 3C, 4C, C0, F9, F3, AF, 02, FF, AE, 44, AB, F9, F3, AF, 38, 34, AB, EE, F3, AF, 3C, 4C, CD, F9, F3, AF, 02, 06, AE, 44, AB, F9, F3, AF, 38, 34, AF, EF, F3, AF, 3C, 34, 64, E8, F3, AF, AE, 8F, 5F, 18, C4, AF...
 
[+]

Packer / compiler:
ASPack v2.11

Code size:
1.3 MB (1,400,320 bytes)

The file uninstalltoolwizcare.exe has been discovered within the following programs.

360Amigo System Speedup Free  by 360Amigo
360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
Toolwiz Care  by ToolWiz
Publisher's description - “ToolWiz Care is a set of free-of-charge tools designed to speed up your PC and give your system a full range of care.”
www.Toolwiz.com
4% remove it
 
Powered by Should I Remove It?

The file uninstalltoolwizcare.exe has been seen being distributed by the following URL.

http://download.toolwiz.com/Setup_SystemCare2.1.0.5100.exe

Scan uninstalltoolwizcare.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.