I installed, uninstalled, and reinstalled a fresh copy duplicacy.
Purely to see if I can move the install folder.
About an hour later I get a cortex alert. about the uninstaller and AU_.exe
Looks like AU_.exe just deleted the Administrators folders.
global-verdict-report.pdf (350.4 KB)
The program even has the duplicacy logo.
WTF.
The uninstaller executable Duplicacy Web Edition Uninstall.exe is auto genreated by NSIS.
When the uninstaller runs, it spawns off a new process AU_.exe which does the actual work. It should only delete files created by the installer.
I don’t know anything about sample.exe in your report.
Are you actually reading what files were deleted?
Additionally this was ran as a user, not administrator.
It’s interesting that the argument to the uninstaller is path to the C:/Users/Admininstrator, and not to the installation location. If the uninstaller is designed to delete the contents of the folder it thinks it created — that would be the behavior you see.
So there are at least two issues:
Is this behavior reproducible?
When the uninstaller runs, it will first show the installation directory that it is going to remove all files from. The text input for this is non-editable. Does it show the correct directory for you?