screensaverremovaltool.exe

Security Stronghold LLC

The application screensaverremovaltool.exe by Security Stronghold has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including Mobogenie Removal Tool by Security Stronghold and Bubble Dock Removal Tool by Security Stronghold, both potentially unwanted software.
Publisher:
Security Stronghold  (signed by Security Stronghold LLC)

Version:
1.0.0.100

MD5:
e831bd519969d21a2339801250121631

SHA-1:
f57096b321a0a6ef6a9d8af6e580233d075a188e

SHA-256:
a0b22aed4878d8dc452be06ae6085f76bc4ab76d4c51c19af92746834f9430e5

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 4:49:23 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.7.10.15

File size:
5.2 MB (5,421,008 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\screen saver removal tool\screensaverremovaltool.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
10/14/2013 11:55:31 PM

Valid to:
12/11/2014 5:49:56 PM

Subject:
E=manager@securitystronghold.com, CN=Security Stronghold LLC, O=Security Stronghold LLC, L=Astrakhan, C=RU

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121ACD1A0DCFFA94069288588DCC5FFCF18

File PE Metadata
Compilation timestamp:
12/12/2013 7:25:39 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:I5DqyUgpRKSbGR9HKDUBbYjfwONHc7YmB530mTUhCPI+QCTUBL2pcKATSddxRsM6:I5DF/U5Y3NHm530mT4CPI+QpscKAc6

Entry address:
0x3DCDA0

Entry point:
55, 8B, EC, B9, 0A, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, B8, 4C, B5, 7C, 00, E8, F4, F0, C2, FF, 8B, 35, 3C, A9, 83, 00, 33, C0, 55, 68, B6, CF, 7D, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E4, 33, C0, E8, F2, 7D, C2, FF, 8B, 45, E4, 8D, 55, E8, E8, 3B, 6C, C4, FF, 8B, 45, E8, 8D, 4D, EC, 33, D2, E8, 3A, 6A, C4, FF, 8B, 55, EC, 8B, C6, E8, 08, B0, C2, FF, BB, 02, 00, 00, 00, 8D, 45, DC, 8B, 16, 0F, B7, 54, 5A, FC, E8, D8, BA, C2, FF, 8B, 45, DC, 8D, 55, E0, E8, 79, 4C, C4, FF, 8B, 45, E0, 50, 8D...
 
[+]

Entropy:
6.6174

Developed / compiled with:
Microsoft Visual C++

Code size:
3.9 MB (4,047,360 bytes)

The file screensaverremovaltool.exe has been discovered within the following programs.

Bubble Dock Removal Tool  by Security Stronghold
Distributes a version of SpyHunter by Enigma Software Group with various offers.
www.SecurityStronghold.com
75% remove it
Lucky Leap Removal Tool  by Security Stronghold
Lucky Leap Removal Tool is designed to remove the adware from the user PC however it also bundles various applications including the Pro registry cleaner which will download utilities from its server and scan the user's PC.
56% remove it
Mobogenie Removal Tool  by Security Stronghold
Publisher's description - “Mobogenie copies its file(s) to your hard disk. Its typical file name is Mobogenie.exe. Then it creates new startup key with name Mobogenie and value Mobogenie.exe. You can also find it in your processes list with name Mobogenie.exe or Mobogenie.”
73% remove it
 
Powered by Should I Remove It?

Remove screensaverremovaltool.exe - Powered by Reason Core Security