uninstall.exe

ContentExplorer Uninstaller

Application Genius, LLC

This adware bundler is distributed through Adknowledge's advertising supported software managers. The application uninstall.exe, “ContentExplorer Uninstall” by Application Genius has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Adknowledge Fusion installer.
Publisher:
ContentExplorer.net  (signed by Application Genius, LLC)

Product:
ContentExplorer Uninstaller

Description:
ContentExplorer Uninstall

Version:
1.0.0.0

MD5:
193ce53b558384e634475bc774217301

SHA-1:
bbc93d8d5f4c1ef3067aa0c3c7f4c2ac2fe76b51

SHA-256:
2291b2c8269a3fbb23151eb517b24f640efc90199fb6a1175a341cb848710fb6

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This installer bundles various adware prorgams that may include toolbars and web browser advertising injectors/extensions.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/25/2024 9:36:03 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Adknowledge (M)
17.3.16.10

File size:
127.7 KB (130,744 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2013

Original file name:
uninstall.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adknowledge Fusion

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\contentexplorer\uninstall.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
12/30/2014 6:32:38 PM

Valid to:
12/29/2016 3:07:38 PM

Subject:
CN="Application Genius, LLC", O="Application Genius, LLC", L=Walnut, S=California, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
629B575CD8F3186B

File PE Metadata
Compilation timestamp:
2/7/2015 5:30:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x1E50A

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5567

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
113.5 KB (116,224 bytes)

Remove uninstall.exe - Powered by Reason Core Security