uninstall.exe

Setup Factory Runtime

Media Codecs Interactive LLC

The application uninstall.exe, “Setup Application” by Media Codecs Interactive has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Setup Factory installer. This is the uninstaller utility registered in the Windows Control Panel for the program Worldwide Web Research by Media Codecs Interactive LLC. This file is typically installed with the program Worldwide Web Research by Media Codecs Interactive.
Publisher:
Indigo Rose Corporation  (signed by Media Codecs Interactive LLC)

Product:
Setup Factory Runtime

Description:
Setup Application

Version:
9.0.4.0

MD5:
0846683b68fbc52bceb6882140b602fa

SHA-1:
999791f3d418bf3a65c3c06020f9a51715e8576f

SHA-256:
7802aff7a6975f7c9a8516d4d5c1eee93e80e7d2172d7aaed63e92eaa85796c8

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 1:00:40 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MediaCod.Installer (M)
16.3.12.18

File size:
1.3 MB (1,351,776 bytes)

Product version:
9.0.4.0

Copyright:
Runtime Engine Copyright © 2012 Indigo Rose Corporation (www.indigorose.com)

Trademarks:
Setup Factory is a trademark of Indigo Rose Corporation

Original file name:
suf_rt.exe

File type:
Executable application (Win32 EXE)

Installer:
Setup Factory

Language:
English (United States)

Common path:
C:\Program Files\worldwide web research\uninstall.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
2/16/2014 7:00:00 PM

Valid to:
2/17/2016 6:59:59 PM

Subject:
CN=Media Codecs Interactive LLC, O=Media Codecs Interactive LLC, STREET="2711 Centerville Road, Suite 400", L=Wilmington, S=Delaware, PostalCode=19808, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
63947F076DDE97DF55EEFBFED004A037

File PE Metadata
Compilation timestamp:
12/16/2011 1:23:46 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:OB/s9XkrGUtabZRNM5vnRCnofkCuDVw4miJV5AX+ec999treoEUXLYydFsoked/n:esY+7u5ZCn0kDb14A9hCk0ydWeR

Entry address:
0x3C2C80

Entry point:
60, BE, 00, 30, 68, 00, 8D, BE, 00, E0, D7, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.9202

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
1.3 MB (1,310,720 bytes)

Program Uninstaller
Program name:
Worldwide Web Research

Display publisher:
Media Codecs Interactive LLC

Display version:
11.041.44

Uninstall string:
"C:\Program Files (x86)\Worldwide Web Research\uninstall.exe" "/U:C:\Program Files (x86)\Worldwide Web Research\Uninstall\uninstall.xml"


The file uninstall.exe has been discovered within the following program.

Worldwide Web Research  by Media Codecs Interactive
worldwidewebresearch.com
About 6% of users remove it
 
Powered by Should I Remove It?

Remove uninstall.exe - Powered by Reason Core Security