ORM.exe

一键还原系统

Liu Hang

Publisher:
Http://Www.Kaka888.net  (signed by Liu Hang)

Product:
一键还原系统

Version:
4, 1, 29, 1

MD5:

SHA-1:
9205c7948f38cbfc3c01df91e895eac6526babde

SHA-256:
dc012eee6925021c456c3b1f268a64a9554c575955e81949e8fe6c1bc5f1fd4d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/16/2024 5:23:14 AM UTC  (today)

File size:
744.1 KB (762,000 bytes)

Product version:
4, 1, 29, 1

Copyright:
Copyright (C) Liu Hang

Original file name:
ORM.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\ProgramData\orm\orm.exe

Digital Signature
Signed by:

Authority:
WoSign CA Limited

Valid from:
10/19/2015 2:58:10 PM

Valid to:
11/19/2016 2:58:10 PM

Subject:
CN=Liu Hang, E=xianip@163.com, L=Wuhan, S=Hubei, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
3B6534A7146119DFC9EF50A70F2EDE84

File PE Metadata
Compilation timestamp:
10/9/2016 4:33:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:1DCYuz2lbof/Ep2YQnMSZrVKQDfXw8iR1CXk5CJa9Yr41eyDcUXHr3:1TLof/Ep2jnMSVVKwfXmy056aWOco3

Entry address:
0xC78E

Entry point:
55, 8B, EC, 6A, FF, 68, D8, 4B, 44, 00, 68, 4A, C7, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 28, 42, 44, 00, 59, 83, 0D, 5C, 19, 45, 00, FF, 83, 0D, 60, 19, 45, 00, FF, FF, 15, 54, 42, 44, 00, 8B, 0D, CC, 06, 45, 00, 89, 08, FF, 15, 58, 42, 44, 00, 8B, 0D, C8, 06, 45, 00, 89, 08, A1, 88, 42, 44, 00, 8B, 00, A3, 58, 19, 45, 00, E8, 16, 01, 00, 00, 39, 1D, D0, EC, 44, 00, 75, 0C, 68, 10, C9, 40, 00, FF, 15, C8, 42...
 
[+]

Entropy:
7.5230

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
266.5 KB (272,896 bytes)

Access Provider
Name:
MartaExtension


The file ORM.exe has been discovered within the following programs.

Adobe Reader X (10.1.5)  by Adobe Systems Incorporated
Adobe Acrobat X (version 10.0) is an applications designed to view, create, manipulate, print and manage files in Portable Document Format (PDF). Acrobat and Reader are widely used as a method of presenting information with a fixed layout similar to a paper publication.
www.adobe.com
4% remove it
Java 7 Update 13  by Oracle Corporation
This release includes important security fixes. Oracle strongly recommends that all Java SE 7 users upgrade to this release.
java.com
9% remove it
Java 7 Update 15  by Oracle Corporation
Publisher's description - “The full version string for this update release is 1.7.0_15-b03 (where "b" means "build") and the version number is 7u15. JDK 7u15 contains Olson time zone data version 2012i. For more information, refer to Timezone Data Versions in the JRE Software.”
www.oracle.com/technetwork/java/javase/7u15-relnotes-1907738.html
6% remove it
Java 7 Update 7  by Oracle Corporation
Publisher's description - “This releases brings in key security features and bug fixes. Oracle strongly recommends that all Java SE 7 users upgrade to this release. JavaFX 2.2.4 is now bundled with the JDK on Windows, Mac and Linux x86/x64.”
12% remove it
QuarkXPress  by Quark Inc.
www.quark.com
8% remove it
The Sims™ Life Stories  by Electronic Arts
The Sims Life Stories is a video game distributed through EA's Origin digital distribution and digital rights management content delivery system.
www.ea.com
5% remove it
Total Video Converter 3.71 100812  by EffectMatrix Inc.
Publisher's description - “E.M. Total Video Converter is a piece of extremely powerful and full-featured converter software that supports almost all video and audio formats.”
www.effectmatrix.com/total-video-converter
19% remove it
TVCenter  by PCTV Systems
Publisher's description - “PCTV TV Center is equipped with a powerful PVR functionality. You can watch your favorite TV stations, timeshift, schedule recordings and much more . PCTV TV products bring TV to your computer. You can easily enable your PC / Laptop with a full featured TV functionality.”
www.pctvsystems.com
23% remove it
 
Powered by Should I Remove It?

Scan ORM.exe - Powered by Reason Core Security