» uninstall.exe
Overview
Analysis
File Details
Behaviors (1)

uninstall.exe

Digit Network (Extreme White Limited)

The application uninstall.exe by Digit Network (Extreme White Limited) has been detected as adware by 30 anti-malware scanners. This is the uninstaller utility registered in the Windows Control Panel for the program BrowserV09.07 by BrowserV09.07. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.

File name:

uninstall.exe

Publisher:

Digit Network (Extreme White Limited) (signed and verified)

MD5:

4199467366975d371b47eca55a98e118

SHA-1:

33b137e9a6dec126469b9158baa754574cdf6ebc

SHA-256:

01f502334e10d911d8624ab4361ad0dbf6880c226b0ef040e1c73ff9d2d7a729

Scanner detections:

30 / 68

Status:

Adware

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:

4/19/2024 8:40:14 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Application.Heur.hqX@lSV3hdii

551

Agnitum Outpost

PUA.Toolbar.CrossRider

7.1.1

AhnLab V3 Security

PUP/Win32.CrossRider

2015.07.31

Avira AntiVirus

ADWARE/CrossRider.A.643

8.3.1.6

Arcabit

Application.Heur.EDE86D

1.0.0.425

AVG

Crossrider

2016.0.3029

Baidu Antivirus

Adware.Win32.CrossAd

4.0.3.1582

Bitdefender

Gen:Application.Heur.hqX@lSV3hdii

1.0.20.1070

Bkav FE

W32.HfsAdware

1.3.0.6979

Comodo Security

Application.Win32.InstallCore.GIFI

22901

Dr.Web

Trojan.Crossrider1.42770

9.0.1.0214

ESET NOD32

Win32/Toolbar.CrossRider.CU potentially unwanted (variant)

9.12021

Fortinet FortiGate

Riskware/CrossRider

8/2/2015

F-Secure

Gen:Application.Heur.hqX@lSV3hdii

11.2015-02-08_1

G Data

Gen:Application.Heur.hqX@lSV3hdii

15.8.25

IKARUS anti.virus

Gen.Application.Heur

t3scan.1.9.5.0

K7 AntiVirus

Unwanted-Program

13.207.16740

Kaspersky

not-a-virus:WebToolbar.Win32.CrossRider

14.0.0.1642

Malwarebytes

PUP.Optional.Downloader.C

v2015.08.02.01

McAfee

Artemis!419946736697

5600.6685

MicroWorld eScan

Gen:Application.Heur.hqX@lSV3hdii

16.0.0.642

NANO AntiVirus

Riskware.Win32.CrossRider.dtthes

0.30.24.2668

Panda Antivirus

PUP/HQVideoPro

15.08.02.01

Qihoo 360 Security

Win32/Application.bb7

1.0.0.1015

Reason Heuristics

PUP.ExtremeWhite.DigitNetworkExtremeWhiteLimited (M)

15.8.2.13

Rising Antivirus

PE:Malware.Adwapper!6.25A8

23.00.65.15731

Sophos

Generic PUA DD

4.98

SUPERAntiSpyware

Adware.CrossRider/Variant

9716

VIPRE Antivirus

Trojan.Win32.Generic

42474

Zillya! Antivirus

Adware.CrossRider.Win32.14941

2.0.0.2320

File size:

119.6 KB (122,448 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\browserv09.07\uninstall.exe

Digital Signature

Signed by:

Digit Network (Extreme White Limited)

Authority:

COMODO CA Limited

Valid from:

4/14/2015 5:00:00 PM

Valid to:

4/14/2016 4:59:59 PM

Subject:

CN=Digit Network (Extreme White Limited), O=Digit Network (Extreme White Limited), STREET=Tassou Papadopulu 6 (flat/office 22), L=Nicosia, S=Agios Dometios, PostalCode=2373, C=CY

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00F39F5E5096779B72822CF8381166A432

File PE Metadata

Compilation timestamp:

7/9/2015 2:04:44 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

1536:YmGHqDDDECyP57a/WR3VvtLa5yk355UA10r188cQwSzfG2Oqkc6DiOsWjcdzN1J8:YR0yBhtgyXfsDGzjJYbSvYt

Entry address:

0x93A6

Entry point:

E8, B6, 65, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 88, C4, 41, 00, E8, 24, 0A, 00, 00, E8, 56, 2E, 00, 00, 0F, B7, F0, 6A, 02, E8, 49, 65, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 2A, 5F, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

6.3843

Code size:

86 KB (88,064 bytes)

Program Uninstaller

Program name:

BrowserV09.07

Display publisher:

BrowserV09.07

Display version:

1.36.01.22

Uninstall string:

C:\Program Files (x86)\BrowserV09.07\Uninstall.exe /fcp=1 /runexe='C:\Program Files (x86)\BrowserV09.07\UninstallBrw.exe' /url='http://static.gonotiftime.com/notf_sys/index.html' /brwtype='uni' /onerr

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.