» uninstall.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

uninstall.exe

HP Defender

KOMP'YUTERINFO AND MODERN TECHNOLOGY

The application uninstall.exe by KOMP'YUTERINFO AND MODERN TECHNOLOGY has been detected as a potentially unwanted program by 11 anti-malware scanners. The program is a setup application that uses the Nullsoft Install System installer. This is the uninstaller utility registered in the Windows Control Panel for the program HP Defender by My Company. This file is typically installed with the program HP Defender by My Company. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

uninstall.exe

Publisher:

My Company (signed by KOMP'YUTERINFO AND MODERN TECHNOLOGY)

Product:

HP Defender

Version:

2.0.0.14

MD5:

a9a85a21197aad30d645d9ca50ccab84

SHA-1:

fb725bbe387e6e8ba59a1bde886289d2f7de8923

SHA-256:

7f057046764c7ed54d29ec98feb80193e40eac0c4e40bb30d4443f4e41b44bd7

Scanner detections:

11 / 68

Status:

Potentially unwanted

Analysis date:

11/15/2024 3:32:52 PM UTC (today)

Scan engine

Detection

Engine version

AegisLab AV Signature

Virus.Gen!c

2.1.4+

AVG

Generic

2017.0.2846

Baidu Antivirus

Adware.Win32.HPDefender

4.0.3.1621

Dr.Web

Trojan.StartPage1.20783

9.0.1.032

ESET NOD32

Win32/Adware.HPDefender

10.12900

K7 AntiVirus

Adware

13.212.18485

McAfee

Artemis!A9A85A21197A

5600.6502

SUPERAntiSpyware

PUP.Amonetize/Variant

9349

Vba32 AntiVirus

Downloader.SoftBase

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

46646

Zillya! Antivirus

Trojan.Injector.Win32.326269

2.0.0.2622

File size:

220.5 KB (225,768 bytes)

Product version:

2.0.0.14

File type:

Executable application (Win32 EXE)

Installer:

Nullsoft Install System

Common path:

C:\Program Files\hp defender\uninstall.exe

Digital Signature

Signed by:

KOMP'YUTERINFO AND MODERN TECHNOLOGY

Authority:

COMODO CA Limited

Valid from:

9/9/2015 4:00:00 AM

Valid to:

9/9/2016 3:59:59 AM

Subject:

CN=KOMP'YUTERINFO AND MODERN TECHNOLOGY, O=KOMP'YUTERINFO AND MODERN TECHNOLOGY, STREET="Lviv region., Lviv, Street Bakery, building 14, apartment 9A", L=Lviv, S=Lvivska, PostalCode=79008, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00EDE594F977159EC23279FF0C547A48F6

File PE Metadata

Compilation timestamp:

2/19/2012 7:01:57 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.22

CTPH (ssdeep):

3072:VlU4wBzaWRRu38YLsdQGlJUhXJmDwU3NciWqmK+c0FZ0V0SqgZpOTt:Vcu38YwhUhXJmDw2Cih04uSXrG

Entry address:

0x4131

Entry point:

55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, FF, 15, 74, 43, 43, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 58, 44, 43, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, 98, 44, 43, 00, 56, A3, F4, 27, 43, 00, C7, 04, 24, 08, 00, 00, 00, E8, 8B, 3B, 00, 00, A3, 50, 28, 43, 00, 8D, 85, 84, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, A9, B2, 40, 00, FF, 15, AC, 44, 43, 00, 83, EC, 14, C7, 44, 24, 04, AA, B2, 40, 00, C7... 
[+]

Code size:

33.5 KB (34,304 bytes)

Program Uninstaller

Program name:

HP Defender

Display publisher:

My Company

Display version:

2.0.0.14

Uninstall string:

C:\Program Files (x86)\HP Defender\uninstall.exe

The file uninstall.exe has been discovered within the following program.

HP Defender by My Company

About 5% of users remove it

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.