» uninstall.exe
Overview
Analysis
File Details
Programs (1)

uninstall.exe

Small Island Development

This is the uninstall module for the Injekt branded web browser extension program which injects advertising in the web browser as well as modifies the browser settings. The uninstaller is registered within Control Panel > Add/Remove Programs. The application uninstall.exe by Small Island Development has been detected as adware by 12 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This file is typically installed with the program Movie Wizard by Small Island Development which is a potentially unwanted software program.

File name:

uninstall.exe

Publisher:

Small Island Development (signed and verified)

MD5:

190fa137a327395fe9d6ff088bae1cc0

SHA-1:

5bd3c9da436de1861871f50b88cc60e125c6f680

SHA-256:

166df8ebb8f72cf8fc89b89701ca1b68f44e9c59b6d35212fba61fb5f06f04dd

Scanner detections:

12 / 68

Status:

Adware

Explanation:

Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:

4/26/2024 2:26:40 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Generic

2016.0.3154

Bkav FE

W32.HfsAdware

1.3.0.6379

Dr.Web

Adware.Yontoo.68

9.0.1.090

herdProtect (fuzzy)

variant of a5c8775ff899b4e084afa1c3d95746dfb7b70486844bc35fb09666f76702d097.exe (Adware)

2015.7.5.0

K7 AntiVirus

Riskware

13.202.15641

NANO AntiVirus

Riskware.Win32.Yontoo.dqmuin

0.30.16.1110

Panda Antivirus

Adware/TVWizard

15.03.31.03

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1015

Quick Heal

PUA.Adware.OD6

3.15.14.00

Reason Heuristics

PUP.Installer.Injekt

15.3.31.4

Trend Micro House Call

Suspicious_GEN.F47V0321

7.2.90

Vba32 AntiVirus

AdWare.SaMon

3.12.26.3

File size:

524.5 KB (537,072 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\ProgramData\moviewizard\uninstall.exe

Digital Signature

Signed by:

Small Island Development

Authority:

Symantec Corporation

Valid from:

12/24/2014 1:00:00 AM

Valid to:

2/23/2016 12:59:59 AM

Subject:

CN=Small Island Development, O=Small Island Development, L=St. James, S=St. James, C=BB

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

2ACB4CDCE993E485342ABFA2BCA95A17

File PE Metadata

Compilation timestamp:

3/20/2015 5:08:15 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:tzllhnfOJRrmOLX9G08A8lyHt/g4xdMDlF3rxzBDHthi:tpwRyEoyHtvbMD/xNDH/i

Entry address:

0x429CF

Entry point:

E8, F0, D4, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, EC, 84, 47, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, 60, 60, 47, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, EC, 84, 47, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85, B8, 01, 00... 
[+]

Code size:

390.5 KB (399,872 bytes)

The file uninstall.exe has been discovered within the following program.

Movie Wizard by Small Island Development

Movie Wizard (INJEKT) is an adware program (supported by various types of advertising) that is usually bundled by third party installers and download managers.

82% remove it

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.