AppRemover.exe

AppRemover

OPSWAT, Inc.

This is a setup program which is used to install the application. This file is installed with the program OPSWAT utilities. The file has been seen being downloaded from www.appremover.com and multiple other hosts.
Publisher:
OPSWAT, Inc.  (signed and verified)

Product:
AppRemover

Version:
3, 1, 3, 1

MD5:
1509e634038730d5bb5291a54984dcf3

SHA-1:
916f6af740f57ea6c425e956dd435a45380f1408

SHA-256:
655043bac06d6f1dff269b824ee83d90e37b457145f3f735c05564c2acee9bc3

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/23/2024 10:07:48 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0808
7.2.329

File size:
11.1 MB (11,619,936 bytes)

Product version:
3.1.3.1

Copyright:
© OPSWAT, Inc. All rights reserved.

Original file name:
AppRemover.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\appremover.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
8/7/2012 8:00:00 PM

Valid to:
8/8/2015 7:59:59 PM

Subject:
CN="OPSWAT, Inc.", OU=Engineering, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="OPSWAT, Inc.", L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1A357339C3B74C1FE1DEB8981CF0278D

File PE Metadata
Compilation timestamp:
7/20/2009 4:15:43 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:hs2hnxrKBkD9Bypg9sG7bEMcDX5cGN4+GZGyCqWTRW67K:hs2FxeBkD9Bypg6GHEMc75cGNXjEA

Entry address:
0xA794

Entry point:
E8, E3, FE, FF, FF, 33, C0, 50, 50, 50, 50, E8, 54, 2B, 00, 00, C3, 56, 57, 8B, 7C, 24, 0C, 8B, F1, 8B, CF, 89, 3E, E8, E2, A7, FF, FF, 89, 46, 08, 89, 56, 0C, 8B, 87, 1C, 0C, 00, 00, 89, 46, 10, 5F, 8B, C6, 5E, C2, 04, 00, 8B, C1, 8B, 08, 8B, 50, 10, 3B, 91, 1C, 0C, 00, 00, 75, 0D, 6A, 00, FF, 70, 0C, FF, 70, 08, E8, C1, AC, FF, FF, C3, 55, 8B, EC, 83, EC, 1C, 56, 33, F6, 56, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 30, 22, 41, 00, 85, C0, 74, 21, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 34, 22, 41, 00, 8D, 45, E4...
 
[+]

Code size:
66 KB (67,584 bytes)

The file AppRemover.exe has been discovered within the following program.

OPSWAT utilities  by OPSWAT Inc.
About 13% of users remove it
 
Powered by Should I Remove It?

The file AppRemover.exe has been seen being distributed by the following 5 URLs.

Scan AppRemover.exe - Powered by Reason Core Security