home

uninst000.exe

Savepath Deals

The application uninst000.exe by Savepath Deals has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is the uninstaller utility registered in the Windows Control Panel for the program Savepath Deals by Savepath Deals. This file is typically installed with the program Savepath Deals which is a potentially unwanted software program.
Publisher:
Savepath Deals  (signed and verified)

MD5:
6f47463ad16e64de25ad13ee1ff00e8b

SHA-1:
7691f068332634f919933801a387868133a30cb0

SHA-256:
96bb1f42498a3415a2db66ac8d2bb461757c0fc946ec6ad266c81e13c2db0a7e

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/5/2024 2:30:36 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SavepathDeals (M)
15.10.26.7

File size:
818.8 KB (838,424 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\savepath deals\uninst000.exe

Digital Signature
Signed by:
Savepath Deals

Authority:
COMODO CA Limited

Valid from:
5/16/2013 8:00:00 PM

Valid to:
5/17/2014 7:59:59 PM

Subject:
CN=Savepath Deals, O=Savepath Deals, STREET=2526 W Macarthur blvd, STREET=UNIT G, L=Santa Ana, S=CA, PostalCode=92704, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0080BC518A6FEE7C80D4DA50F0F5EEB4DA

File PE Metadata
Compilation timestamp:
9/17/2013 9:53:21 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:DrjpKE4GVjra9jSjdFwIbnQT4TxCMdnBG2hvbrOyMORMgmaNB4G5VVw0odwM1El9:DrjrpVXZFjnQkl/dAUCyMgMJg4oVw0eQ

Entry address:
0x8F5D4

Entry point:
E8, E6, 74, 00, 00, E9, 89, FE, FF, FF, 3B, 0D, 5C, 06, 4C, 00, 75, 02, F3, C3, E9, 6D, 75, 00, 00, 6A, 0C, 68, A0, B2, 4B, 00, E8, D7, 72, 00, 00, 33, FF, 89, 7D, E4, 33, C0, 8B, 75, 0C, 3B, F7, 0F, 95, C0, 3B, C7, 75, 18, E8, C1, 34, 00, 00, C7, 00, 16, 00, 00, 00, E8, 32, 79, 00, 00, 83, C8, FF, E9, B4, 00, 00, 00, 56, E8, A8, 06, 00, 00, 59, 89, 7D, FC, F6, 46, 0C, 40, 75, 6F, 56, E8, D1, 1A, 00, 00, 59, 83, F8, FF, 74, 1B, 83, F8, FE, 74, 16, 8B, D0, C1, FA, 05, 8B, C8, 83, E1, 1F, C1, E1, 06, 03, 0C...
 
[+]

Entropy:
6.6699

Code size:
677.5 KB (693,760 bytes)

Program Uninstaller
Program name:
Savepath Deals

Display publisher:
Savepath Deals

Uninstall string:
C:\Program Files (x86)\Savepath Deals\uninst000.exe


The file uninst000.exe has been discovered within the following program.

Savepath Deals  by Savepath Deals
Publisher's description - “Download and install our small browser add-on to get started. Don't worry our app is free and only shows minimal ads that won't get in the way. If you want to remove our app at anytime you can uninstall it.”
www.savepathdeals.com
64% remove it
 
Powered by Should I Remove It?

Remove uninst000.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.