home

uninstall.exe

FLV Player

Install Core

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application uninstall.exe, “FLV Player Installer” by Install Core has been detected as adware by 34 anti-malware scanners. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. It is also typically executed from the user's temporary directory.
Publisher:
FLV Player Techno  (signed by Install Core)

Product:
FLV Player

Description:
FLV Player Installer

Version:
3.1.0.0

MD5:
1d9399cb1287b52515c261a9a071ed96

SHA-1:
501e14411ce37528b8300e7ed2407f0484fa0f38

SHA-256:
882408220636778b2ec1dc15304824170c5b6bdac4d415b4748d5d260cdad226

Scanner detections:
34 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/26/2024 9:28:15 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.InstallCore.AV
867

Agnitum Outpost
PUA.InstallCore
7.1.1

AhnLab V3 Security
Adware/Win32.FoxTab
2014.09.09

Avira AntiVirus
ADWARE/InstallCore.Gen
7.11.171.56

avast!
Win32:InstallCore-F [PUP]
2014.9-140920

Baidu Antivirus
Adware.Win32.InstallCore
4.0.3.14920

Bitdefender
Application.InstallCore.AV
1.0.20.1315

Clam AntiVirus
W32.Adware.InstallCore-2
0.98/19343

Comodo Security
ApplicUnwnt.Win32.AdWare.InstallCore.0
19454

Dr.Web
Adware.InstallCore.13
9.0.1.0263

Emsisoft Anti-Malware
Application.InstallCore.AV
8.14.09.20.10

ESET NOD32
Win32/InstallCore.D potentially unwanted application
8.7.0.302.0

Fortinet FortiGate
Riskware/InstallCore
9/20/2014

F-Prot
W32/Agent.MC.gen
v6.4.6.5.141

F-Secure
Application.InstallCore.AV
11.2014-20-09_7

G Data
Application.InstallCore.AV
14.9.24

herdProtect (fuzzy)
variant of flvplayersetup.exe (Adware)
2014.12.3.11

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.7.5.0

K7 AntiVirus
Trojan
13.183.13286

Malwarebytes
Adware.Agent
v2014.09.20.10

McAfee
Artemis!7AEF06CB0928
5600.7001

MicroWorld eScan
Application.InstallCore.AV
15.0.0.789

NANO AntiVirus
Trojan.Win32.InstallCore.vnwkg
0.28.2.61942

nProtect
Trojan/W32.Agent.485896.E
14.09.07.01

Qihoo 360 Security
Malware.QVM11.Gen
1.0.0.1015

Quick Heal
Trojan.Rimod.A8
9.14.12.00

Reason Heuristics
PUP.Installer.InstallCore.J
14.9.20.22

Rising Antivirus
PE:PUF.InstallCore!1.9DE1
23.00.65.14918

Sophos
Install Core Installer
4.98

SUPERAntiSpyware
Adware.InstallCore
10200

Trend Micro House Call
TROJ_GEN.R0C1B01AI14
7.2.263

Vba32 AntiVirus
WebToolbar.InstallCore
3.12.26.3

VIPRE Antivirus
Threat.4150696
32210

Zillya! Antivirus
Adware.InstallCore.Win32.18
2.0.0.1914

File size:
474.5 KB (485,896 bytes)

Product version:
3.1.0.0

Copyright:
Copyright © InstallCore

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\uninstall.exe

Digital Signature
Signed by:
Install Core

Authority:
The USERTRUST Network

Valid from:
2/1/2011 7:00:00 PM

Valid to:
2/2/2012 6:59:59 PM

Subject:
CN=Install Core, O=Install Core, STREET=Nisim Aloni 21, L=Tel Aviv, S=Tel Aviv, PostalCode=62919, C=IL

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
2BCA6BFDAB7E5637BA8E7E9C6400CC75

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:sN/A8C7i+4KCdmWt/ji18C5tqB7fta+BQNw2sQMM0B+5:OVC7i+4KCsk+FtqBzo8Ow2sQMM0B+5

Entry address:
0x1070C0

Entry point:
60, BE, 00, 00, 4A, 00, 8D, BE, 00, 10, F6, FF, C7, 87, 10, 87, 0B, 00, 16, 21, 34, 86, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46...
 
[+]

Entropy:
7.8662

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:
416 KB (425,984 bytes)

Remove uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.