home

wintaske.exe

Yan Jiang

The application wintaske.exe by Yan Jiang has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler named WinTaske triggered daily at a specified time. This file is typically installed with the program yessearches Uninstall by ELEX which is a potentially unwanted software program.
Publisher:
Yan Jiang  (signed and verified)

MD5:
52dabafbe381fe68f7073099c3ac4c3d

SHA-1:
901fa03f6f69c2876122d2dab9419c15814d38df

SHA-256:
8b985c24d551758e25f3c532d047b9346c4d5e42c7d186d54842bb879d6c81cd

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/30/2024 9:28:35 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ELEX (M)
16.12.14.19

File size:
334.2 KB (342,200 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\wintaske\wintaske\wintaske.exe

Digital Signature
Signed by:
Yan Jiang

Authority:
thawte, Inc.

Valid from:
11/26/2015 7:00:00 AM

Valid to:
11/26/2016 6:59:59 AM

Subject:
CN=Yan Jiang, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
5DA147CD5813DFB43C70C7FD0A1B8461

File PE Metadata
Compilation timestamp:
2/2/2016 1:43:26 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x231B6

Entry point:
E8, D5, A6, 00, 00, E9, 7F, FE, FF, FF, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, 68, 15, 45, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, 70, F7, 44, 00, 01, 0F, 82, 14, A8, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74, 06, F3...
 
[+]

Entropy:
6.4891

Code size:
245 KB (250,880 bytes)

Scheduled Task
Task name:
WinTaske

Trigger:
Daily (Runs daily at 3:29 AM)

Description:
Enables the detection, download and installation of updates for WinTaske and other programs. If this service is disabled, users of this computer will


The file wintaske.exe has been discovered within the following program.

yessearches Uninstall  by ELEX
yessearches is a web browser search hijacker that modifies the assets of the user's web browser in order to redirect search results.
yessearches.com
88% remove it
 
Powered by Should I Remove It?

Remove wintaske.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.