uninstallmanager.exe

Skytech

Fu Yu

The application uninstallmanager.exe by Fu Yu has been detected as adware by 6 anti-malware scanners. This file is typically installed with the program qone8 uninstaller by Taiwan Shui Mu Chih Ching Technology Limited which is a potentially unwanted software program.
Publisher:
Skytech Co., Ltd.  (signed by Fu Yu)

Product:
Skytech

Version:
5.0.2.180

MD5:
86e4988d0dd84e9002b24b076758aa81

SHA-1:
a0a6abb38946f44677715ed57bf504b03f7b37d4

SHA-256:
0007227668d371cb739cd23c3093b01d433bd1f719e05f03e40b957f0d42b550

Scanner detections:
6 / 68

Status:
Adware

Analysis date:
11/23/2024 7:49:26 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Trojan.Win32.WPM
4.0.3.151118

Bkav FE
W32.HfsAdware
1.3.0.6379

ESET NOD32
Win32/ELEX.CP potentially unwanted (variant)
9.11656

Kaspersky
not-a-virus:AdWare.Win32.Agent
14.0.0.1104

Malwarebytes
PUP.Optional.Skytech.A
v2015.11.18.06

Reason Heuristics
PUP.Skytech.FuYu.Installer (M)
15.11.18.6

File size:
648.1 KB (663,664 bytes)

Product version:
5.0.2.180

Copyright:
Skytech Copyright (C) 2013

Original file name:
UninstallManager

File type:
Executable application (Win32 EXE)

Language:
Chinese

Common path:
C:\users\{user}\appdata\roaming\qone8\uninstallmanager.exe

Digital Signature
Signed by:

Authority:
WoSign CA Limited

Valid from:
3/12/2014 7:09:17 AM

Valid to:
3/12/2015 7:09:17 AM

Subject:
CN=Fu Yu, E=andreafuyu@gmail.com, L=丽水市, S=浙江省, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
1DDE9DD81089F1E49F8985695790CC53

File PE Metadata
Compilation timestamp:
4/1/2014 2:12:30 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:wPSjOv9sd6JsaCxP/jERsLd/3h8LbCq7Qz0IZgRH//3E5Pn6i4hkIU9UK+V:wPSOvudIsaCxQRsLd/3h8//VbR33E5fS

Entry address:
0x1CA1B0

Entry point:
60, BE, 00, C0, 52, 00, 8D, BE, 00, 50, ED, FF, C7, 87, 24, 93, 18, 00, 33, 4B, 8B, 35, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46...
 
[+]

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:
636 KB (651,264 bytes)

The file uninstallmanager.exe has been discovered within the following program.

qone8 uninstaller  by Taiwan Shui Mu Chih Ching Technology Limited
Adware bundle from Skytouch Technology Co. that hijacks the web browser's homepage and search provider. The software is distributed through 3rd-party download managers such as Adknowledges's WARP INSTALL that will include it as an additional or sponsored offers including adware.
84% remove it
 
Powered by Should I Remove It?

Remove uninstallmanager.exe - Powered by Reason Core Security