MalwareTips
File verdict·Decided by the MT AI Engine
Our call

Safe

Signed Win32 EXE 'Uninstalr' from Great Software Company scans clean across 76 engines including 17 top-tier ones like BitDefender, Kaspersky, and Avast—safe to use.

Verified · Great Software Company OÜ
Trust score6Critical
MT AI confidence · 95%
Uninstalr
7.1 MB
2eb88a7c5396c486e4aaad82bf7c
Antivirus engines
0 of 76 flagged
Code signing
Signed by Great Software Company OÜ
Age
First seen 2mo ago
MT AI Engine · our arbiter

The verdict, reasoned out.

Not a rules engine. The MT AI Engine reads every signal we collected, weighs them against history, and commits to an answer.

95%Confidence
Very high
Reasoning

The file is a Win32 EXE packed with UPX, has an overlay, and checks the USB bus, which can sometimes trigger heuristics but did not here. It carries a valid Authenticode signature from Great Software Company OÜ dated March 2026 and has been seen for 27 days with a reputation score of 1. Our antivirus network ran 76 scans: 71 undetected, 1 timeout, and zero malicious hits—including zero from 17 Tier-1 engines like Avast, AVG, BitDefender, DrWeb, Emsisoft, ESET-NOD32, F-Secure, Fortinet, GData, Ikarus, and Kaspersky. No external threat intel hits confirm any issues. With full clean consensus and a valid signature, this file poses no detected threat.

Points in its favour
  • Valid Authenticode signature by Great Software Company OÜ.
  • 17 Tier-1 engines (Avast, AVG, Avira, BitDefender, DrWeb, Emsisoft, ESET-NOD32, F-Secure, Fortinet, GData, Ikarus, Kaspersky) all clean.
  • Zero malicious detections from 76 total engines.
  • No hits in CIRCL, MalwareBazaar, or YARAify databases.
  • Consistent 'undetected' results across tiers.
Points against
  • File is young: only 27 days since first submission.
  • Low reputation score of 1.
  • Packed with UPX, which can obscure analysis.
  • Contains overlay data and marked as partially corrupt.
  • Performs USB bus checks, uncommon in standard uninstallers.
  • Filename 'Uninstalr' appears misspelled.
What to do

Run the file if it came from a trusted download source. Consider verifying with your own antivirus or sandbox if concerned about the packing and USB checks.

No researcher-database hits
External threat-intel sources were not collected for this scan.
Antivirus engine breakdown

0 detections across 76 engines

0 malicious0 suspicious76 clean
Tier-117 engines
0flag
Top commercial AVs (low FP rate)
Tier-238 engines
0flag
Mainstream engines with mixed FP rates
Low-trust21 engines
0flag
Heuristic / generic-AI engines (high FP rate)
All 76 engines report this file as clean.
Hash 2eb88a7c5396… cross-referenced against 76 AV engines via our AV network.
File identity

Forensic fingerprint

File biography
First seen (VT)
3/25/2026, 2:48:49 AM
First seen (MalwareBazaar)
Last analysis (VT)
4/17/2026, 5:00:52 AM
Scanned here
4/21/2026, 3:32:25 AM
File name
Uninstalr
Size
7.13 MB
MIME type
(unknown)
Detected type
Win32 EXE
SHA-256
2eb88a7c5396c486e4d2bb81490a02d62dddf2e3273b5a805a9629aaad82bf7c
MD5
17b4b52e9d13233fb196f960ccd4395c
SHA-1
6739ed1f9ca64cafe211b188a148951f1bd31772
PE imphash
f74069c8fa2c6300d0de7b58c11e10df
First seen (VT)
3/25/2026, 2:48:49 AM
Last analysis (VT)
4/17/2026, 5:00:52 AM
First scan (MalwareTips)
4/21/2026, 3:32:25 AM
Last scan (MalwareTips)
4/21/2026, 3:32:25 AM
Code signer
Great Software Company OÜverified
Community reputation
+1trusted
Behavior tags
signedupxoverlaycorruptchecks-usb-buspeexe
Community classification

Reviews & malware reports(0)

Tell the community what you saw. Tag the sample — Trojan, Adware, False Positive — and share what the file did on your system. Your report helps confirm or dispute the AV verdict.

Loading…
Loading reports…
Scanned by
harlan4096Staff
Scan another
Check a different file
URL instead?
Check if a link is safe
Files are processed in a streaming pass-through — MalwareTips never stores the binary on its servers. Only the scan result (hash, detections, verdict) is retained so the next person who scans the same file gets an instant answer. If you ran this file on your computer and are worried, scan your system with an up-to-date antivirus and change critical passwords from a different device.