home

uninstall.exe

technologiesaintdenis.com

The application uninstall.exe by technologiesaintdenis.com has been detected as a potentially unwanted program by 7 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program Wajam by WaNetworkEnhance. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
Publisher:
technologiesaintdenis.com  (signed and verified)

MD5:
fc6982e0d59851926d8d5b4835d5b831

SHA-1:
d31cb7a6241bae7b67b26e001e0547a68b1732a3

SHA-256:
774471ce48a1bb238a80e35f0fe7a6d5524a21667dc7d5f824c74b595bdaa88c

Scanner detections:
7 / 68

Status:
Potentially unwanted

Explanation:
Injects advertising in the web browser in various formats.

Analysis date:
11/23/2024 9:40:48 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Downloader/Win32.Genome
2015.05.14

Avira AntiVirus
ADWARE/BrowseFox.Gen4
8.3.1.6

Dr.Web
Adware.Searcher.2792
9.0.1.0134

Malwarebytes
PUP.Optional.Wajam.A
v2015.05.14.03

NANO AntiVirus
Trojan.Nsis.Wajam.dqgtqq
0.30.24.1357

Qihoo 360 Security
HEUR/QVM42.0.Malware.Gen
1.0.0.1015

Trend Micro House Call
Suspicious_GEN.F47V0417
7.2.134

File size:
865.1 KB (885,824 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\Program Files\wajam\uninstall.exe

Digital Signature
Signed by:
technologiesaintdenis.com

Authority:
thawte, Inc.

Valid from:
2/9/2015 1:00:00 AM

Valid to:
2/10/2016 12:59:59 AM

Subject:
CN=technologiesaintdenis.com, OU=Software Development, O=technologiesaintdenis.com, L=Montreal, S=Quebec, C=CA

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
5C8520910142CFB327393EC3AF836FDB

File PE Metadata
Compilation timestamp:
12/5/2009 11:53:08 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:JswdzFPcyYWp8WBTyvTEKE4M/Js7gogqLM:SofYm8WxETNE4M/Js7gWY

Entry address:
0x36A3

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 88, A7, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 80, 40, 00, 53, FF, 15, 88, 82, 40, 00, 6A, 08, A3, F8, 4B, 7A, 00, E8, EE, 2E, 00, 00, A3, 44, 4B, 7A, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, F0, F4, 79, 00, FF, 15, 58, 81, 40, 00, 68, 10, A8, 40, 00, 68, 40, 43, 7A, 00, E8, F4, 29, 00, 00, FF, 15, B0, 80, 40, 00, BF, 00, A0, 7A, 00, 50, 57, E8, E2, 29, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
25 KB (25,600 bytes)

Program Uninstaller
Program name:
Wajam

Display publisher:
WaNetworkEnhance

Display version:
2.29.75.15 (i2.6)

Uninstall string:
C:\Program Files\Wajam\uninstall.exe


Remove uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.