home

uninstall.exe

Chromium

Fuyuan Zhou

The application uninstall.exe, “Chromium Uninstaller” by Fuyuan Zhou has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program Chromium by Chromium Authors.
Publisher:
Fuyuan Zhou  (signed and verified)

Product:
Chromium

Description:
Chromium Uninstaller

Version:
1.0.0.1

MD5:
84dfdca1b9c2423ddf877068d88bf98a

SHA-1:
9ede575f39f68aefd61ed554f9b55b2ee91f1bfc

SHA-256:
f63bf9658340ff264495d577da78a20525e5a7f88d80f43a5cc790d4f7b40118

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/27/2024 3:34:22 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.FuyuanZh.Installer (M)
16.7.13.12

File size:
311.4 KB (318,848 bytes)

Product version:
51.0.2704.68

Copyright:
Copyright (C) 2016 Chromium Authors

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\chromium\application\uninstall.exe

Digital Signature
Signed by:
Fuyuan Zhou

Authority:
thawte, Inc.

Valid from:
7/10/2016 9:00:00 PM

Valid to:
6/21/2017 8:59:59 PM

Subject:
CN=Fuyuan Zhou, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
21E4E205D19BCF68E4675D7F8F39A764

File PE Metadata
Compilation timestamp:
7/13/2016 6:02:26 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
6144:1ObhI3msGaQEH2zg2mc+N1xPgexWDQBNoOfs2pbQXj+2F4:Q1Jm2zg2mc+N1XcQjV2F4

Entry address:
0x15AAA

Entry point:
B5, E6, 23, 00, 00, 99, DD, 94, DB, 81, BD, 55, 51, 49, 67, 00, C9, 3D, A9, 0E, AD, 73, 00, 00, 00, 00, 7D, 21, 1D, 2E, 06, E1, C1, 23, 13, 82, 9E, 3A, 40, 81, 77, 00, 00, 00, 00, F3, 06, 54, 51, 41, 40, 5A, 4E, 23, 0B, 3D, AD, 56, C9, 98, FC, D6, 35, 3A, 00, 43, 98, 3A, DB, 0B, BE, B7, 18, 96, DB, 81, BD, 8F, D0, 2F, D0, 1A, E1, 00, 00, 00, 00, 8C, 81, 20, 39, 95, 11, 00, 00, 00, 00, E7, 60, 5A, 4E, 5B, 39, 4E, 28, 2D, 14, 27, D4, 42, AF, 96, E3, CC, 4C, 2E, 00, 4D, 87, 20, D4, 0F, D4, 81, 37, 8C, 9A, 2F...
 
[+]

Code size:
192.5 KB (197,120 bytes)

Program Uninstaller
Program name:
Chromium

Display publisher:
Chromium Authors

Display version:
51.0.2704.68

Uninstall string:
C:\Program Files\Chromium\Application\uninstall.exe


Remove uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.