uninst.exe

Secure Download

The application uninst.exe by Secure Download has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program Real Desktop Pool 1.0 by Real Desktop Pool.
Publisher:
Secure Download  (signed and verified)

MD5:
e7d32740e432fe142c50e4b0ecb06579

SHA-1:
cbd5d2ddbfc9392e44ed22ebf829f1aeba31d407

SHA-256:
4aac843005343f9648a8fdd5b09c9770ff431d577b869db66dc90ff7a80439d5

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 9:40:33 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.AVSoftware EOOD.Installer
16.6.9.2

File size:
139.2 KB (142,536 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\Program Files\real desktop pool\uninst.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
3/5/2014 1:00:00 AM

Valid to:
3/6/2015 12:59:59 AM

Subject:
CN=Secure Download, O=Secure Download, STREET=5655 Silver Creek Valley Road, L=San Jose, S=CA, PostalCode=95138, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A163CF1968E65B367055E666115E2F14

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:kpgpHzb9dZVX9fHMvG0D3XJrgQzejTIyAqAwLHgQ3pQQQkQQ6OQQQGQQQQgOQQQO:SgXdZt9P6D3XJrXuB4U2pzIO+Sw

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Program Uninstaller
Program name:
Real Desktop Pool 1.0

Display publisher:
Real Desktop Pool

Display version:
1.0

Uninstall string:
C:\Program Files (x86)\Real Desktop Pool\uninst.exe


Remove uninst.exe - Powered by Reason Core Security