uninstall.exe

Superfish Inc. VisualDiscovery

Superfish Inc.

The application uninstall.exe by Superfish has been detected as adware by 12 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program Superfish Inc. VisualDiscovery by Superfish.
Publisher:
Superfish  (signed by Superfish Inc.)

Product:
Superfish Inc. VisualDiscovery

Version:
1.0.0.0

MD5:
4ee37c7116789dfbbb70571b39a5b212

SHA-1:
afd0356cec37127e93b9f5f8c1398297f6cf954a

SHA-256:
73a8c46a6e23ee33bacc4519c9da60d6a79f7941786fced33a59e6a4333bfafa

Scanner detections:
12 / 68

Status:
Adware

Analysis date:
12/25/2024 8:52:56 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Superfish.1
712

AVG
Superfish.4d6
2016.0.3190

Bitdefender
Gen:Variant.Adware.Superfish.1
1.0.20.270

Emsisoft Anti-Malware
Gen:Variant.Adware.Superfish
8.15.02.23.12

F-Secure
Gen:Variant.Adware.Superfish.1
11.2015-23-02_2

G Data
Gen:Variant.Adware.Superfish
15.2.25

McAfee
Artemis!4EE37C711678
5600.6846

MicroWorld eScan
Gen:Variant.Adware.Superfish.1
16.0.0.162

Reason Heuristics
PUP.Superfish
15.3.1.9

Sophos
SuperFish
4.98

Trend Micro House Call
Suspicious_GEN.F47V0221
7.2.54

VIPRE Antivirus
Superfish
37806

File size:
63.4 KB (64,960 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\Program Files\lenovo\visualdiscovery\uninstall.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
7/28/2013 8:00:00 PM

Valid to:
7/27/2014 7:59:59 PM

Subject:
CN=Superfish Inc., O=Superfish Inc., L=Grandville, S=Michigan, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3E32431476CFB3E1F90955B25396A6F4

File PE Metadata
Compilation timestamp:
12/5/2009 5:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:GpgpHzb9dZVX9fHMvG0D3XJPQEyS+EhcCFTE:sgXdZt9P6D3XJIilFTE

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
6.5515

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Program Uninstaller
Program name:
Superfish Inc. VisualDiscovery

Display publisher:
Superfish

Display version:
1.0.0.0

Uninstall string:
C:\Program Files (x86)\Lenovo\VisualDiscovery\uninstall.exe


Remove uninstall.exe - Powered by Reason Core Security