home

advancedinvisiblekeyloggerremovaltool.exe

Security Stronghold LLC

The application advancedinvisiblekeyloggerremovaltool.exe by Security Stronghold has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including Get Savin Removal Tool by Security Stronghold and Solid Savings Removal Tool by Security Stronghold.
Publisher:
Security Stronghold  (signed by Security Stronghold LLC)

Version:
1.0.0.100

MD5:
545dfee1c19906ef22ddc76cd7370118

SHA-1:
54e3affe2a91fd0fe785ae649db6bdfaaa5c63ef

SHA-256:
8a9be02322f230a3c7fd7961932ee1767a63bfe5573346600bc5a3e2d3ed01ec

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 9:34:16 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SecurityStronghold.Meta (L)
16.6.17.10

File size:
5.9 MB (6,208,952 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\advanced invisible keylogger removal tool\advancedinvisiblekeyloggerremovaltool.exe

Digital Signature
Signed by:
Security Stronghold LLC

Authority:
GlobalSign nv-sa

Valid from:
8/16/2012 4:41:30 AM

Valid to:
11/10/2013 5:49:56 AM

Subject:
E=manager@securitystronghold.com, CN=Security Stronghold LLC, O=Security Stronghold LLC, L=Astrakhan, S=Astrakhan region, C=RU

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121A8E6D4E8876A9E02DB5215F60B91C5F5

File PE Metadata
Compilation timestamp:
7/2/2013 10:16:07 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:n1QTc0twbsSlIVEj6PH1A3nVbsE2GfL33q26t362wWiAs9ZTLHUWd098GoMQS98O:nyTc0a9aE20q26t36vWiZ9J+hBefk

Entry address:
0x3F7D00

Entry point:
55, 8B, EC, B9, 0A, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, B8, 9C, 77, 7E, 00, E8, 60, 41, C1, FF, 8B, 35, 54, 66, 85, 00, 33, C0, 55, 68, 16, 7F, 7F, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E4, 33, C0, E8, 92, CE, C0, FF, 8B, 45, E4, 8D, 55, E8, E8, D3, BC, C2, FF, 8B, 45, E8, 8D, 4D, EC, 33, D2, E8, D2, BA, C2, FF, 8B, 55, EC, 8B, C6, E8, A8, 00, C1, FF, BB, 02, 00, 00, 00, 8D, 45, DC, 8B, 16, 0F, B7, 54, 5A, FC, E8, 78, 0B, C1, FF, 8B, 45, DC, 8D, 55, E0, E8, 11, 9D, C2, FF, 8B, 45, E0, 50, 8D...
 
[+]

Entropy:
6.7538

Developed / compiled with:
Microsoft Visual C++

Code size:
4 MB (4,157,440 bytes)

The file advancedinvisiblekeyloggerremovaltool.exe has been discovered within the following programs.

Get Savin Removal Tool  by Security Stronghold
During installation, the Security Stronghold Removal Tool utility will provide various bundled applications including RegClean Pro registry cleaner. It will then download utilities from its server and scan the user's PC.
www.SecurityStronghold.com
59% remove it
Solid Savings Removal Tool  by Security Stronghold
Publisher's description - “Solid Savings adware may seem a very helpful browser add-on, because it shows different advertising pop-ups, and helps to save money, but actually it is an undesired program that should be removed from your computer.”
59% remove it
 
Powered by Should I Remove It?

Remove advancedinvisiblekeyloggerremovaltool.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.