home

remove.exe

Internet Research

Gemius S.A.

The application remove.exe, “Internet Research Uninstaller” by Gemius S.A has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program NetPanel by Gemius SA..
Publisher:
Gemius  (signed by Gemius S.A.)

Product:
Internet Research

Description:
Internet Research Uninstaller

Version:
2, 23, 0, 1

MD5:
7d096cf2560076242e7bc9f5e654f94e

SHA-1:
16279b8569df6754b9f2b5b7ff99bf97f6cfe67f

SHA-256:
34e4bdfe71a70ddf91b2ecfa8d9298d68462856f9dd4eec2befcac064edee9cd

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/18/2024 12:14:29 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.GemiusSA.Installer (M)
16.2.14.5

File size:
1.1 MB (1,112,048 bytes)

Product version:
2, 23, 0, 1

Copyright:
Copyright (C) 2011 Gemius SA

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\Program Files\netpanel\remove.exe

Digital Signature
Signed by:
Gemius S.A.

Authority:
Thawte, Inc.

Valid from:
3/11/2013 1:00:00 AM

Valid to:
5/11/2014 1:59:59 AM

Subject:
CN=Gemius S.A., O=Gemius S.A., L=Warszawa, S=mazowieckie, C=PL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
4214D27FBFEDDBBD183D1ED8DF3A9C0E

File PE Metadata
Compilation timestamp:
1/2/2014 12:53:58 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:r9SqnLXm89Xw/h/0P1mZc+hchtB/koK3JbX+5UEI2u3JP:QmLX+GX++p/koK3Ji5UEI2u3JP

Entry address:
0x9DDD2

Entry point:
E8, 06, D6, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 00, 01, 00, 00, 72, 0E, 83, 3D, 20, 5E, 4E, 00, 00, 74, 05, E9, BE, D6, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74, 06, F3, AB, 85, D2, 74, 0A, 88, 07, 83, C7, 01, 83, EA, 01, 75, F6, 8B, 44, 24...
 
[+]

Code size:
782 KB (800,768 bytes)

Program Uninstaller
Program name:
NetPanel

Display publisher:
Gemius SA.

Uninstall string:
"C:\Program Files\NetPanel\Remove.exe" "C:\Program Files\NetPanel"


Remove remove.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.