uninstall.exe

Ventury Media

The application uninstall.exe by Ventury Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program YouShopping by Ventury Media.
Publisher:
Ventury Media  (signed and verified)

MD5:
98d4f52a6d7ded10afd1efdc63210961

SHA-1:
cf4ed33645a79fd9e3e4a956e64b8900b8e9ae3e

SHA-256:
cc754eaba9934751cb4ba1fa243e3027b469650a56af19e5f52c7281479271d5

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 10:49:34 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Goobzo
17.1.24.16

File size:
79.4 KB (81,280 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\youshopping\uninstall.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
10/14/2013 2:00:00 AM

Valid to:
10/15/2014 1:59:59 AM

Subject:
CN=Ventury Media, O=Ventury Media, L=bergerac, S=dordogne, C=FR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
227C91379426395851CF4538358DA932

File PE Metadata
Compilation timestamp:
11/19/2013 5:16:52 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x3361

Entry point:
E8, BB, 61, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 80, 1A, 41, 00, E8, 79, 63, 00, 00, E8, 57, 28, 00, 00, 0F, B7, F0, 6A, 02, E8, 4E, 61, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 2F, 5B, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Code size:
48 KB (49,152 bytes)

Program Uninstaller
Program name:
YouShopping

Display publisher:
Ventury Media

Display version:
1.32.153.0

Uninstall string:
C:\Program Files (x86)\YouShopping\Uninstall.exe /fromcontrolpanel=1


Remove uninstall.exe - Powered by Reason Core Security