» uninstall.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

uninstall.exe

Goobzo LTD

The application uninstall.exe by Goobzo has been detected as adware by 28 anti-malware scanners. This is the uninstaller utility registered in the Windows Control Panel for the program Object Browser by Object Browser. This file is typically installed with the program Object Browser which is a potentially unwanted software program. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.

File name:

uninstall.exe

Publisher:

Goobzo LTD (signed and verified)

MD5:

b7eeb61c73b516a708d5fa621dad74fa

SHA-1:

03db1eadeca246f0de391d339f07018ba10f5739

SHA-256:

58b4a53903c816a740870fde185825eaee0e6b87e8014ccb254f455f2718c8ea

Scanner detections:

28 / 68

Status:

Adware

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:

4/25/2024 7:47:01 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Application.Heur.gqX@l0oksKpi

681

AhnLab V3 Security

Win-PUP/CrossRider

2015.02.19

avast!

Win32:Adware-CDO [PUP]

2014.9-150325

AVG

Skodna

2016.0.3159

Baidu Antivirus

Adware.Win32.Shopper

4.0.3.15325

Bitdefender

Gen:Application.Heur.gqX@l0oksKpi

1.0.20.420

Bkav FE

W32.HfsAdware

1.3.0.6379

Comodo Security

Application.Win32.InstallCore.GIFI

21132

Dr.Web

Trojan.Crossrider.27207

9.0.1.084

Emsisoft Anti-Malware

Trojan.Generic.11428993

8.15.06.30.05

ESET NOD32

Win32/SBWatchman.D potentially unwanted (variant)

9.11199

Fortinet FortiGate

Adware/Adload

3/25/2015

F-Secure

Trojan.Generic.11428993

11.2015-25-03_4

G Data

Trojan.Generic.11428993

15.3.24

IKARUS anti.virus

PUA.Plush

t3scan.1.6.1.0

K7 AntiVirus

Unwanted-Program

13.196.15015

Kaspersky

not-a-virus:WebToolbar.Win32.CrossRider

14.0.0.2291

McAfee

Artemis!B7EEB61C73B5

5600.6815

MicroWorld eScan

Gen:Application.Heur.gqX@l0oksKpi

16.0.0.252

NANO AntiVirus

Riskware.Win32.AdLoad.dbwqba

0.30.0.126

Panda Antivirus

PUP/MultiToolbar.A

15.06.30.05

Qihoo 360 Security

HEUR/Malware.QVM10.Gen

1.0.0.1015

Reason Heuristics

Adware.Goobzo

15.3.25.21

Sophos

Generic PUA AD

4.98

Trend Micro House Call

TROJ_GEN.F0C2C00A815

7.2.84

Trend Micro

TROJ_GEN.R0CBC0PFU14

10.465.25

VIPRE Antivirus

CoolMirage Ltd

30908

Zillya! Antivirus

Adware.CrossRider.Win32.1347

2.0.0.2073

File size:

103.4 KB (105,840 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\object browser\uninstall.exe

Digital Signature

Signed by:

Goobzo LTD

Authority:

Thawte, Inc.

Valid from:

5/1/2013 7:00:00 PM

Valid to:

5/2/2015 6:59:59 PM

Subject:

CN=Goobzo LTD, O=Goobzo LTD, L=Haifa, S=Israel, C=IL

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

120B25DDE57B88636AD4D97D23B99C88

File PE Metadata

Compilation timestamp:

6/23/2014 5:03:39 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

1536:2c2hbieo8x4gqIOAGkwmS59Y0I6OuiSmcVjysWjcdVEuoijz:s5if8pNgdAGj9VEuoiv

Entry address:

0x5D02

Entry point:

E8, 3B, 66, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, D8, 7F, 41, 00, E8, 28, 0A, 00, 00, E8, D4, 32, 00, 00, 0F, B7, F0, 6A, 02, E8, CE, 65, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, AF, 5F, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

6.3816

Code size:

69.5 KB (71,168 bytes)

Program Uninstaller

Program name:

Object Browser

Display publisher:

Object Browser

Display version:

1.34.6.10

Uninstall string:

C:\Program Files\Object Browser\Uninstall.exe /fcp=1

The file uninstall.exe has been discovered within the following program.

Object Browser by Object Browser

Object Browser is an adware style application that runs in the web browser as a toolbar and web extension.

66% remove it

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.