uninstall.exe

Setup Factory Runtime

Coupons.com, Inc.

The application uninstall.exe, “Setup Application” by Coupons.com has been detected as a potentially unwanted program by 6 anti-malware scanners. The program is a setup application that uses the Setup Factory installer. This is the uninstaller utility registered in the Windows Control Panel for the program CouponBar by Coupons.com Incorporated. This version of the installer will bundle a Mindspark/MyWebSearch Toolbar, a potentially unwanted web browser extension.
Publisher:
Indigo Rose Corporation  (signed by Coupons.com, Inc.)

Product:
Setup Factory Runtime

Description:
Setup Application

Version:
9.1.1.0

MD5:
c9746fd692b06d53764e1cba45cccdc3

SHA-1:
303bfebcfdb18791066f264d8fdcd63343e2c45b

SHA-256:
d6c4dd6a8b3e54e418637ef47226a78e0c6801454862f492b3a933cdbf31681c

Scanner detections:
6 / 68

Status:
Potentially unwanted

Explanation:
Bundles the Mindspark (MyWebSearch/Ask) toolbar, a web browser extension that will modify a user's search and home pages.

Analysis date:
11/16/2024 9:58:58 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Mindspark-A [PUP]
2014.9-160124

AVG
Zango
2017.0.2854

Bkav FE
HW32.CDB
1.3.0.4246

Reason Heuristics
PUP.Coupons.IndigoRoseCorporation.Installer (M)
16.1.24.23

Trend Micro House Call
TROJ_GEN.F47V1001
7.2.24

VIPRE Antivirus
24656

File size:
1.3 MB (1,351,720 bytes)

Product version:
9.1.1.0

Copyright:
Runtime Engine Copyright © 2013 Indigo Rose Corporation (www.indigorose.com)

Trademarks:
Setup Factory is a trademark of Indigo Rose Corporation

Original file name:
suf_rt.exe

File type:
Executable application (Win32 EXE)

Installer:
Setup Factory

Language:
English (United States)

Common path:
C:\Program Files\coupons.com couponbar\uninstall.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
10/9/2012 8:00:00 PM

Valid to:
10/13/2015 7:59:59 PM

Subject:
CN="Coupons.com, Inc.", OU=Coupons.com, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Coupons.com, Inc.", L=Palo Alto, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
545EAD15996F57759F442D2F8A9849FD

File PE Metadata
Compilation timestamp:
4/10/2013 8:41:55 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:q+rpqMXmPJ6aHI6egH4PBrdJyrAUCdZqo1DIXXDLHExrO2BsHoU9j:qKqMXy65VThdp6YIX3kNOXHoC

Entry address:
0x3C2EA0

Entry point:
60, BE, 00, 30, 68, 00, 8D, BE, 00, E0, D7, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.9205

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
1.3 MB (1,314,816 bytes)

Program Uninstaller
Program name:
CouponBar

Display publisher:
Coupons.com Incorporated

Display version:
5.0.0.5

Uninstall string:
"C:\Program Files (x86)\Coupons.com CouponBar\uninstall.exe" "/U:C:\Program Files (x86)\Coupons.com CouponBar\Uninstall\uninstall.xml"


Remove uninstall.exe - Powered by Reason Core Security