nsinstall.exe

Gemius S.A.

The application nsinstall.exe by Gemius S.A has been detected as a potentially unwanted program by 20 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.
Publisher:
Gemius S.A.  (signed and verified)

MD5:
a312bbe16006425e044aef6d5f8ec3dc

SHA-1:
318cd082efb41906c0de9ec505cd3cd8abc79c16

SHA-256:
b9f43c4f7be178d5cf6e5f97d8e1cf1d7d6cb6e9821c0b46977079df1cad9357

Scanner detections:
20 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 2:27:19 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Adware.BHO
7.1.1

Avira AntiVirus
ADWARE/Adware.Gen
7.11.30.172

avast!
Win32:PUP-gen [PUP]
2014.9-150113

Clam AntiVirus
Adware.BHO-217
0.98/19915

Comodo Security
UnclassifiedMalware
20692

Dr.Web
Threat.Undefined
9.0.1.05190

ESET NOD32
Win32/Trackware.Gemius potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/PUP
1/13/2015

F-Prot
W32/Adware.AAJD (exact, not disinfectable)
4.6.5.141

G Data
Win32.Trojan.Agent.GHUJ40
15.1.24

K7 AntiVirus
Trojan
13.191.14617

McAfee
Program.Generic PUP.g
16.8.708.2

NANO AntiVirus
Riskware.Win32.NetPanel.dacszh
0.30.0.64448

Reason Heuristics
PUP.GemiusSA
15.3.1.15

Rising Antivirus
PE:Trojan.Win32.Generic.11E62AD4!300296916
23.00.65.15111

Total Defense
Win32/Trackware.Gemius_dc
37.0.11383

Trend Micro House Call
ADW_BHO
7.2.13

Trend Micro
ADW_BHO
10.465.13

Vba32 AntiVirus
Riskware.NetPanel
3.12.26.3

VIPRE Antivirus
Threat.4150696
36468

File size:
433 KB (443,392 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\nsinstall.exe

Digital Signature
Signed by:

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
1/27/2009 1:00:00 AM

Valid to:
1/28/2010 12:59:59 AM

Subject:
CN=Gemius S.A., O=Gemius S.A., L=Warszawa, S=mazowieckie, C=PL

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
7125A406F95E708C6C6B6DF1A2AD9F4D

File PE Metadata
Compilation timestamp:
1/14/2003 9:27:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
12288:K8CmuoAkvFqV4yawdCzKr/hNHmXtcOnY2P5TkbmZNqlS:K8PzAkvFqbIebmOOtBTkCvqw

Entry address:
0x1F150

Entry point:
60, BE, 00, 50, 41, 00, 8D, BE, 00, C0, FE, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Packer / compiler:
UPX 2.90LZMA

Code size:
44 KB (45,056 bytes)

Remove nsinstall.exe - Powered by Reason Core Security