home

zentimo.exe

Zentimo

Crystal Rich, Ltd

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Zentimo xStorage Manager’.
Publisher:
Crystal Rich, Ltd  (signed and verified)

Product:
Zentimo

Description:
Zentimo - An External Drive Manager

Version:
1.0.2.949

MD5:
0213c4cfdaca4f8691996421963a64f9

SHA-1:
a8e41cd6ece90681692897ba99297a74f878d457

SHA-256:
a0863c8240d2ff360b60b651ca95ae1adf628d29ecd1528fa140acfa2bbade96

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/16/2024 5:42:03 AM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
PUA.Packed.ASPack
0.98/17211

Comodo Security
Heur.Suspicious
6235

File size:
1.6 MB (1,664,848 bytes)

Product version:
1.0.2.949

Copyright:
Copyright © 2010 by Crystal Rich Ltd

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Crystal Rich, Ltd

Authority:
VeriSign, Inc.

Valid from:
11/22/2009 10:00:00 PM

Valid to:
11/24/2010 9:59:59 PM

Subject:
CN="Crystal Rich, Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Crystal Rich, Ltd", L=Saint Petersburg, S=Saint Petersburg, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
54B3167B86CDCBCEA4DF714F2DB82384

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x1000

Entry point:
68, 01, 70, 77, 00, E8, 01, 00, 00, 00, C3, C3, 95, BA, 52, EF, D2, 9D, 27, E5, 00, A9, C4, 85, 22, DF, 8E, 25, 8D, 11, 14, E9, 77, E3, 2E, E5, 04, E6, 2C, 56, BB, 57, A9, 25, 0C, E4, 30, E7, BD, C3, F0, 86, E3, 36, F8, 93, 38, 52, 45, 00, 70, 3C, 9B, 14, 7C, 65, 05, 2C, 3A, F5, 36, 2B, DF, AB, 14, 92, 09, E9, 3F, 58, E5, 13, 34, A2, 70, F0, B4, 56, 4F, 2D, 1C, C1, E8, 38, 50, 8D, 74, 04, 01, 4A, AF, 3C, E6, E3, 10, 8F, 3E, 88, FD, 99, 99, F1, 97, 72, 98, 2B, 04, 2B, C2, 9E, C5, DE, 67, 95, 30, 0A, 36, 78...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
2.1 MB (2,181,632 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Zentimo xStorage Manager

Command:
C:\hd ext samsung\Program Files\zentimo\zentimo.exe \startup


Scan zentimo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.