UninstallSurvey.exe

UninstallSurvey Module

Musiclab, LLC

The application UninstallSurvey.exe by Musiclab has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program BearShare by BearShare.
Publisher:
Musiclab, LLC  (signed and verified)

Product:
UninstallSurvey Module

Version:
1, 0, 0, 1

MD5:
212c46e78dd1a4342de8ec92f114531e

SHA-1:
2ed999e82bd993a413b23bc8381ffa45b9faf460

SHA-256:
f397ddae2957fd77bb0cb1dcb3181a111bc15f8337e224f5fe161252285bec2a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/29/2024 1:04:36 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.Musiclab.Installer
16.9.3.6

File size:
147.4 KB (150,968 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright 2006

Original file name:
UninstallSurvey.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\bearshare\uninstallsurvey.exe

Digital Signature
Signed by:

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/12/2007 2:00:00 AM

Valid to:
5/5/2008 1:59:59 AM

Subject:
CN="Musiclab, LLC", OU=SECURE APPLICATION DEVELOPMENT, O="Musiclab, LLC", L=New York, S=New York, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
2830FE3621196B9BFE955DD0180EF55B

File PE Metadata
Compilation timestamp:
7/24/2007 9:22:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
3072:7OYDRdV9hO+XTA16IW1dhlgLuYzRCUO1C0iI233mDonHsMsdC9Kn:7OYDRdV/5s6v/0ZzsUJ0iD33vo

Entry address:
0xC192

Entry point:
6A, 74, 68, 18, D4, 40, 00, E8, 3E, 02, 00, 00, 33, FF, 89, 7D, E0, 57, 8B, 1D, DC, D0, 40, 00, FF, D3, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03, C8, 81, 39, 50, 45, 00, 00, 75, 12, 0F, B7, 41, 18, 3D, 0B, 01, 00, 00, 74, 1F, 3D, 0B, 02, 00, 00, 74, 05, 89, 7D, E4, EB, 27, 83, B9, 84, 00, 00, 00, 0E, 76, F2, 33, C0, 39, B9, F8, 00, 00, 00, EB, 0E, 83, 79, 74, 0E, 76, E2, 33, C0, 39, B9, E8, 00, 00, 00, 0F, 95, C0, 89, 45, E4, 89, 7D, FC, 6A, 02, FF, 15, 44, D2, 40, 00, 59, 83, 0D, 48, 13, 41, 00, FF, 83...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
46.5 KB (47,616 bytes)

Program Uninstaller
Program name:
BearShare

Display publisher:
BearShare

Uninstall string:
C:\Program Files (x86)\BearShare\UninstallSurvey.exe C:\PROGRA~2\BEARSH~2\UNWISE.EXE C:\PROGRA~2\BEARSH~2\INSTALL.LOG


Remove UninstallSurvey.exe - Powered by Reason Core Security