» realtekhdaudiosoundeffectmanagerremovalutility.exe
Overview
Analysis
File Details
Programs (1)

realtekhdaudiosoundeffectmanagerremovalutility.exe

Removal Tool

Security Stronghold LLC

The application realtekhdaudiosoundeffectmanagerremovalutility.exe by Security Stronghold has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Remote Task Manager Removal Tool by Security Stronghold which is a potentially unwanted software program.

File name:

Publisher:

Security Stronghold (signed by Security Stronghold LLC)

Product:

Removal Tool

Version:

1.0.0.0

MD5:

8042d5897a2efc9f019383ae3a0ee7e4

SHA-1:

a6e9e003a2a26ca54ac1fe1707a16bfe51863b80

SHA-256:

486fda07305eca9142d136374212d6e2fe1602c7f64bd546b9ef560078a63907

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/27/2024 6:51:10 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic

16.8.1.12

File size:

3.3 MB (3,439,032 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\realtek hdaudio sound effect manager removal utility\realtekhdaudiosoundeffectmanagerremovalutility.exe

Digital Signature

Signed by:

Security Stronghold LLC

Authority:

GlobalSign nv-sa

Valid from:

10/10/2011 6:49:57 AM

Valid to:

10/10/2012 6:49:57 AM

Subject:

E=manager@securitystronghold.com, CN=Security Stronghold LLC, O=Security Stronghold LLC, L=Astrakhan, S=Astrakhan region, C=RU

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

112178C42A18008AB27616B3F5140692C337

File PE Metadata

Compilation timestamp:

11/3/2011 7:17:42 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:acQIbrPre4qmcf+BZX3WR8c7hckTy5T3AvnLQddxckpTU1Y:8IXdqmrWR8c7EafWT

Entry address:

0x21CDD0

Entry point:

55, 8B, EC, B9, 0A, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, B8, D8, 89, 61, 00, E8, FC, C4, DE, FF, 8B, 35, D0, D6, 64, 00, 33, C0, 55, 68, E6, CF, 61, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E4, 33, C0, E8, 56, 67, DE, FF, 8B, 45, E4, 8D, 55, E8, E8, 3F, 20, DF, FF, 8B, 45, E8, 8D, 4D, EC, 33, D2, E8, 8A, 1C, DF, FF, 8B, 55, EC, 8B, C6, E8, AC, 96, DE, FF, BB, 02, 00, 00, 00, 8D, 45, DC, 8B, 16, 0F, B7, 54, 5A, FC, E8, 14, 98, DE, FF, 8B, 45, DC, 8D, 55, E0, E8, 31, 01, DF, FF, 8B, 45, E0, 50, 8D... 
[+]

Entropy:

6.8143

Developed / compiled with:

Microsoft Visual C++

Code size:

2.1 MB (2,210,304 bytes)

The file realtekhdaudiosoundeffectmanagerremovalutility.exe has been discovered within the following program.

Remote Task Manager Removal Tool by Security Stronghold

As part of the installation, the Security Stronghold Removal utility will provide various bundled offers including a PC optimization utility. It will then download utilities from its server and scan the user's PC.

www.securitystronghold.com/gates/remote-task-manager.html

69% remove it

Remove realtekhdaudiosoundeffectmanagerremovalutility.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.