» uninstaller.exe
Overview
Analysis
File Details
Behaviors (1)

uninstaller.exe

Advanced Uninstaller PRO

Innovative Solutions Grup SRL

The executable uninstaller.exe, “Advanced Uninstaller” has been detected as malware by 3 anti-virus scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. It runs as a scheduled task under the Windows Task Scheduler named UninstallMonitor triggered to execute each time a user logs in.

File name:

uninstaller.exe

Publisher:

Innovative Solutions (signed by Innovative Solutions Grup SRL)

Product:

Advanced Uninstaller PRO

Description:

Advanced Uninstaller

Version:

11.72.0.337

MD5:

6e3a164ac759f34c84297880c039783d

SHA-1:

4e760663bda3b6a170b53ea5e41e2539d2ed93d0

SHA-256:

bf0b372209f1399af34daac0491a73e8053cacf14a21aad4e81b6ec4b6728eee

Scanner detections:

3 / 68

Status:

Malware

Analysis date:

1/12/2025 9:06:14 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/Floxif.H virus

6.3.12010.0

F-Prot

W32/Floxif.B

4.6.5.141

F-Secure

Win32.Floxif.A

5.15.154

File size:

3.1 MB (3,296,255 bytes)

Product version:

11.72

Innovative Solutions

Trademarks:

Innovative Solutions

Original file name:

uninstaller.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\innovative solutions\advanced uninstaller pro\uninstaller.exe

Digital Signature

Signed by:

Innovative Solutions Grup SRL

Authority:

Symantec Corporation

Valid from:

3/19/2015 6:00:00 AM

Valid to:

5/18/2016 5:59:59 AM

Subject:

CN=Innovative Solutions Grup SRL, O=Innovative Solutions Grup SRL, L=Bucharest, S=Bucharest, C=RO

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

6CCC9ABD5046DE5246F5CD620FC3DEBB

File PE Metadata

Compilation timestamp:

6/20/1992 4:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x1000

Entry point:

E9, 1F, 2A, 07, 00, E8, 01, 00, 00, 00, C3, C3, 09, 22, 3E, 57, 8C, 65, 19, 6C, 04, 2B, AA, A1, 25, BD, 23, 15, 0B, 8D, 0D, C7, AC, F6, 4C, 96, 13, 3A, F5, E7, 5F, 76, 91, 61, 72, 41, 45, 26, D4, 9A, 21, 86, E3, 28, 5B, C2, 51, C5, B3, F7, 24, B5, 2B, 3A, 30, 46, 1A, C6, D6, 34, 51, C2, 12, 68, 85, FB, 58, AE, AB, 5E, 89, B6, B7, 24, BD, D4, 8D, 92, 45, BC, 9A, 0C, 93, E7, 1E, 3C, 61, 4B, C3, 46, EF, 3D, E3, 05, 4A, 1B, 27, F8, C1, 81, 66, 06, 63, 62, 9C, C7, DB, DD, B4, 10, 69, 73, D9, 06, 4D, D3, 29, 24... 
[+]

Entropy:

7.9871

Packer / compiler:

Xtreme-Protector v1.05

Code size:

4.3 MB (4,480,000 bytes)

Scheduled Task

Task name:

UninstallMonitor

Trigger:

Logon (Runs on logon)

Description:

UninstallMonitor

Remove uninstaller.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.