uninstall.exe

TODO:

Liyan Liu

The application uninstall.exe by Liyan Liu has been detected as adware by 21 anti-malware scanners. This file is typically installed with the program SupTab by Thinknice Co. Limited which is a potentially unwanted software program.
Publisher:
Liyan Liu  (signed and verified)

Product:
TODO: <Product name>

Version:
5.8.8.498

MD5:
54e10280f3af69f4a5c62dd8af9d21c5

SHA-1:
9ae9a2c0b8241366357206097fd312b5671fcae8

SHA-256:
075a4e5fc4d9cda691a18e08a05e392b8762db24d6dc76c51d9e14c2968e72a7

Scanner detections:
21 / 68

Status:
Adware

Analysis date:
12/25/2024 1:27:33 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

AhnLab V3 Security
Win32/Kashu.E
2015.01.02

avast!
Win32:SaliCode
2014.9-150105

AVG
Liyan
2016.0.3114

Baidu Antivirus
Adware.Win32.ELEX
4.0.3.1559

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Adware.Mutabaha.277
9.0.1.05190

ESET NOD32
Win32/Thinknice.E potentially unwanted
9.11600

K7 AntiVirus
Virus
13.188.14496

Kaspersky
not-a-virus:AdWare.Win32.Agent
14.0.0.2685

Microsoft Security Essentials
Threat.Undefined
1.191.1318.0

NANO AntiVirus
Trojan.Win32.Thinknice.dlhdkm
0.30.24.1357

Qihoo 360 Security
Malware.QVM19.Gen
1.0.0.1015

Quick Heal
AdWare.SubTab.r5 (Not a Virus)
5.15.14.00

Reason Heuristics
PUP.LiyanLiu.J
14.10.21.3

SUPERAntiSpyware
Trojan.Agent/Gen-XPack
9886

Trend Micro House Call
PE_SALITY.ER
7.2.5

Trend Micro
PE_SALITY.ER
10.465.05

Vba32 AntiVirus
AdWare.Agent
3.12.26.3

VIPRE Antivirus
Threat.4758034
35418

Zillya! Antivirus
Adware.Agent.Win32.52125
2.0.0.2173

File size:
78 KB (79,840 bytes)

Product version:
5.8.8.498

Copyright:
Copyright (C) 2014

Original file name:
UnInstal.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\suptab\uninstall.exe

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
7/22/2014 8:00:00 AM

Valid to:
7/27/2015 8:00:00 PM

Subject:
CN=Liyan Liu, O=Liyan Liu, L=Wenzhou, S=Zhejiang, C=CN

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
02CA146AED05062A5F6C4AC5628BBC00

File PE Metadata
Compilation timestamp:
7/3/2014 5:18:10 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:fl7TcwQ/CHwSB4mzcTy1NsWjcdoHIAU2tKX:fF5HB4bnoHIAltc

Entry address:
0x18F0

Entry point:
E8, BA, 17, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, FF, 15, 50, 90, 40, 00, 6A, 01, A3, A4, F0, 40, 00, E8, 76, 1E, 00, 00, FF, 75, 08, E8, 0C, 1C, 00, 00, 83, 3D, A4, F0, 40, 00, 00, 59, 59, 75, 08, 6A, 01, E8, 5C, 1E, 00, 00, 59, 68, 09, 04, 00, C0, E8, DA, 1B, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 5D, 72, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 88, EE, 40, 00, 89, 0D, 84, EE, 40, 00, 89, 15, 80, EE, 40, 00, 89, 1D, 7C, EE, 40, 00, 89, 35, 78, EE, 40, 00, 89, 3D, 74...
 
[+]

Entropy:
5.6572

Code size:
31 KB (31,744 bytes)

The file uninstall.exe has been discovered within the following program.

SupTab  by Thinknice Co. Limited
SupTab is an web browser advertisement injection extension that is designed with the core purpose of delivering ads to the user's web browser. Ads are in the form of banners (both static and videos) as well as context-hyper links.
80% remove it
 
Powered by Should I Remove It?

Remove uninstall.exe - Powered by Reason Core Security