uninstall.exe

AssetsManager

AZTEC MEDIA INC.

The application uninstall.exe, “Assets Manager Uninstall” by AZTEC MEDIA INC has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program Assets Manager by Aztec Media Inc. This file is typically installed with the program Assets Manager by Aztec Media inc. which is a potentially unwanted software program.
Publisher:
Aztec Media Inc  (signed by AZTEC MEDIA INC.)

Product:
AssetsManager

Description:
Assets Manager Uninstall

Version:
5.0.0.16166

MD5:
fb4d133cd7f8d3fa045976912de5a599

SHA-1:
7b28187a419b87b7bc232f99826e9356574dae17

SHA-256:
53497e8fdf10aedcc2216e564c82b9938bc671f6091fca5339ac489a85d0c0e6

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 6:27:12 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Bandoo.AZTECMED.Installer (M)
16.3.23.11

File size:
111.7 KB (114,392 bytes)

Product version:
5.0.0.16166

Copyright:
Copyright (c) 2005 - 2015

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\Program Files\assets manager\smdmf\uninstall.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
4/8/2015 5:00:00 PM

Valid to:
5/18/2016 4:59:59 PM

Subject:
CN=AZTEC MEDIA INC., OU=Development, O=AZTEC MEDIA INC., L=Panama City, S=Panama, C=PA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
4DCD479A23FD2DC0994F996E411C47C1

File PE Metadata
Compilation timestamp:
2/24/2012 11:19:59 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:EVdePelp2Xy+tuQOzOYE5aXPncMcF8GaCTKzfd1qfYUGswdF5AY97RBWeDgxDeXb:3weqOYEUXPncMGaClisQRmesxSll

Entry address:
0x39E3

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00...
 
[+]

Entropy:
7.4457

Packer / compiler:
Nullsoft install system v2.x

Code size:
28 KB (28,672 bytes)

Program Uninstaller
Program name:
Assets Manager

Display publisher:
Aztec Media Inc

Display version:
5.0.0.16166

Uninstall string:
C:\Program Files (x86)\Assets Manager\smdmf\Uninstall.exe /browser=all


The file uninstall.exe has been discovered within the following program.

Assets Manager  by Aztec Media inc.
Asset Manager is an adware web browser add-on that injects advertising in the user's browser as well as hijacks various browser settings such as the home page, search provider and new tab page. Its is protected and difficult to remove.
80% remove it
 
Powered by Should I Remove It?

Remove uninstall.exe - Powered by Reason Core Security