AVInstaller.exe

AVInstaller

ShieldApps

The application AVInstaller.exe, “Shield Antivirus Installer” by ShieldApps has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.
Publisher:
ShieldApps  (signed and verified)

Product:
AVInstaller

Description:
Shield Antivirus Installer

Version:
1.6.6.0

MD5:
060c8be276d744d0c61314d5f9a6373e

SHA-1:
92f34c3984c05ddc0dd94db8bf3ed425f484e8fc

SHA-256:
c8a9d46eb456ab59dafeaa3e307b01106dc967169dcef8d4981761b70ed6a54e

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 10:52:17 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.9.7.22

File size:
1.3 MB (1,321,904 bytes)

Product version:
1.6.6

Copyright:
Copyright (C) 2014 ShieldApps

Original file name:
AVInstaller.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\avsetup\avinstaller.exe

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
4/29/2015 9:00:00 PM

Valid to:
7/29/2016 8:59:59 PM

Subject:
CN=ShieldApps, O=ShieldApps, L=Encino, S=California, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
67DE0C1DD82BF1D662F62398AA97EC55

File PE Metadata
Compilation timestamp:
6/25/2015 4:49:11 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
24576:nNHyDWjia/m8u8obf0YSF6CFXjqT2drqHYNvE2Cg:JErTcWw

Entry address:
0x1494

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, 9C, 70, 4A, 00, A1, 8F, 70, 4A, 00, C1, E0, 02, A3, 93, 70, 4A, 00, 52, 6A, 00, E8, CB, 50, 0A, 00, 8B, D0, E8, B6, E0, 08, 00, 5A, E8, CC, DC, 08, 00, E8, 97, E5, 08, 00, 6A, 00, E8, 04, F7, 08, 00, 59, 68, 38, 70, 4A, 00, 6A, 00, E8, A5, 50, 0A, 00, A3, 97, 70, 4A, 00, 6A, 00, E9, B7, 85, 09, 00, E9, 36, F7, 08, 00, 33, C0, A0, 81, 70, 4A, 00, C3, A1, 97, 70, 4A, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, EC, 00, 00, 00, 0B, C9...
 
[+]

Code size:
664 KB (679,936 bytes)

Remove AVInstaller.exe - Powered by Reason Core Security