× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 77b8e2f43ba3ea3f972ce3af69ebf8156c90650fe5e5a3d0bae1fa316ce94d7d
File name: historyeraser.exe
Detection ratio: 0 / 41
Analysis date: 2009-05-03 00:33:33 UTC ( 4 years, 11 months ago ) View latest
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
AVG 20090502
AhnLab-V3 20090501
AntiVir 20090502
Antiy-AVL 20090430
Authentium 20090502
Avast 20090502
BitDefender 20090502
CAT-QuickHeal 20090502
ClamAV 20090502
Comodo 20090502
DrWeb 20090502
F-Prot 20090502
F-Secure 20090502
Fortinet 20090502
GData 20090502
Ikarus 20090502
K7AntiVirus 20090502
Kaspersky 20090503
McAfee 20090502
McAfee+Artemis 20090502
McAfee-GW-Edition 20090502
Microsoft 20090502
NOD32 20090501
NOD32Beta 20090501
Norman 20090430
PCTools 20090502
Panda 20090502
Prevx1 20090503
Rising 20090501
Sophos 20090502
Sunbelt 20090502
Symantec 20090502
TheHacker 20090502
TrendMicro 20090501
VBA32 20090502
ViRobot 20090501
VirusBuster 20090502
a-squared 20090502
eSafe 20090430
eTrust-Vet 20090502
nProtect 20090502
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Publisher Smart Soft
File version 4.7
Description Free History Eraser Setup
Comments This installation was built with Inno Setup: http://www.innosetup.com
Signature verification Signed file, verified signature
Signing date 10:34 AM 8/24/2006
Signers
[+] Smart Soft
Status Certificate out of its validity period
Valid from 1:00 AM 10/14/2005
Valid to 12:59 AM 10/15/2007
Valid usage Code Signing
Algorithm SHA1
Thumbrint B15D24B48378B27E9B7A219966CAC6403A8457B9
Serial number 00 92 E3 FA 43 1D AD E9 E5 4B 4A 44 E4 27 8B AB 8B
[+] UTN-USERFirst-Object
Status Valid
Valid from 9:09 AM 6/7/2005
Valid to 11:48 AM 5/30/2020
Valid usage All
Algorithm SHA1
Thumbrint 8AD5C9987E6F190BD6F5416E2DE44CCD641D8CDA
Serial number 42 1A F2 94 09 84 19 1F 52 0A 4B C6 24 26 A7 4B
[+] USERTrust
Status Valid
Valid from 11:48 AM 5/30/2000
Valid to 11:48 AM 5/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm SHA1
Thumbrint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Counter signers
[+] VeriSign Time Stamping Services Signer
Status Certificate out of its validity period
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2008
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 817E78267300CB0FE5D631357851DB366123A690
Serial number 0D E9 2B F0 D4 D8 29 88 18 32 05 09 5E 9A 76 88
[+] VeriSign Time Stamping Services CA
Status Certificate out of its validity period
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm MD5
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT INNO, INNO, INNO, INNO, INNO, INNO, INNO, INNO
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00009264
Number of sections 8
PE sections
PE imports
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegQueryValueExA
AdjustTokenPrivileges
RegOpenKeyExA
InitCommonControls
GetSystemTime
GetLastError
GetEnvironmentVariableA
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
GetSystemInfo
GetFileAttributesA
GetExitCodeProcess
ExitProcess
VirtualProtect
GetVersionExA
RemoveDirectoryA
RtlUnwind
GetModuleFileNameA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetSystemDefaultLCID
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GetProcAddress
FormatMessageA
SetFilePointer
RaiseException
WideCharToMultiByte
GetModuleHandleA
ReadFile
InterlockedExchange
WriteFile
CloseHandle
GetFullPathNameA
LocalFree
CreateProcessA
InitializeCriticalSection
VirtualQuery
VirtualFree
TlsGetValue
Sleep
GetFileType
SetEndOfFile
TlsSetValue
CreateFileA
VirtualAlloc
GetFileSize
SetLastError
LeaveCriticalSection
SysStringLen
SysAllocStringLen
VariantCopyInd
VariantClear
VariantChangeTypeEx
CharPrevA
CreateWindowExA
LoadStringA
DispatchMessageA
CallWindowProcA
CharNextA
MessageBoxA
PeekMessageA
SetWindowLongA
MsgWaitForMultipleObjects
TranslateMessage
ExitWindowsEx
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 6
ENGLISH US 4
ExifTool file metadata
SubsystemVersion
4.0

Comments
This installation was built with Inno Setup: http://www.innosetup.com

LinkerVersion
2.25

ImageVersion
0.0

FileVersionNumber
4.7.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
14336

MIMEType
application/octet-stream

FileVersion
4.7

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

FileAccessDate
2014:04:08 00:40:12+01:00

FileDescription
Free History Eraser Setup

OSVersion
1.0

FileCreateDate
2014:04:08 00:40:12+01:00

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
SmartSoft

CodeSize
35328

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0x9264

ObjectFileType
Executable application

File identification
MD5 912826ac2ad43d6077860356529964aa
SHA1 bc6fd904dd58f5743c993e53d8d8f3889681c92e
SHA256 77b8e2f43ba3ea3f972ce3af69ebf8156c90650fe5e5a3d0bae1fa316ce94d7d
ssdeep
12288:BYk5PUiWIqbvGs3Lt3dmzQqEBCRtnJhLYO:aDiWIOvXx3IzWyjm

imphash 25890460a2b98652bed7ba240be2c1d7
File size 417.3 KB ( 427320 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (92.7%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.6%)
DOS Executable Generic (1.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe signed software-collection

VirusTotal metadata
First submission 2009-05-03 00:33:33 UTC ( 4 years, 11 months ago )
Last submission 2014-04-06 09:18:25 UTC ( 2 weeks, 4 days ago )
File names browser history eraser.exe
file-3642772_exe
historyeraser.exe
file
912826ac2ad43d6077860356529964aa
historyeraser.exe
historyeraser.exe
912826ac2ad43d6077860356529964aa
6827_historyeraser.exe
bc6fd904dd58f5743c993e53d8d8f3889681c92e
77b8e2f43ba3ea3f972ce3af69ebf8156c90650fe5e5a3d0bae1fa316ce94d7d
historyeraser.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!