home

uninstall.exe

IE Toolbar

Zorba Networks SL

The application uninstall.exe, “IE Toolbar Uninstall” by Zorba Networks SL has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. This file is typically installed with the program RechercherWeb Toolbar by Conduit Ltd. which is a potentially unwanted software program.
Publisher:
Zorba Networks SL  (signed and verified)

Product:
IE Toolbar

Description:
IE Toolbar Uninstall

Version:
4, 2, 0, 21

MD5:
9db0fd0de53187fed4fd1180364c1ac0

SHA-1:
65b04e4887f0db245aa472f166631c65b8bbdb29

SHA-256:
300c0cc144f1f0af93ad8898eabbc07c9f089d96c962dc026d65b42b110eb8e8

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 2:57:43 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ZorbaNetworks.Installer (M)
16.2.4.4

File size:
45.7 KB (46,808 bytes)

Product version:
4, 2, 0, 21

Copyright:
Copyright © 2001-2009. All rights reserved.

Original file name:
uninstall.exe

File type:
Executable application (Win32 EXE)

Language:
Russian (Russia)

Common path:
C:\Program Files\rechercherweb toolbar\uninstall.exe

Digital Signature
Signed by:
Zorba Networks SL

Authority:
The USERTRUST Network

Valid from:
12/1/2010 1:00:00 AM

Valid to:
12/2/2011 12:59:59 AM

Subject:
CN=Zorba Networks SL, O=Zorba Networks SL, STREET=Jativa 11, L=Madrid, S=Madrid, PostalCode=28007, C=ES

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00F76718D8D4283725CF8801D7DED56F05

File PE Metadata
Compilation timestamp:
7/16/2010 10:55:08 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
768:wZE8w9LlgD9z/4vt+aEjzaXEjoF6FwW/JK6RUvgCb2DLkyN:wZE3LKDZjaEjza0jJLbRUvN2DY

Entry address:
0x1281

Entry point:
E8, B6, 15, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 58, AD, 40, 00, 89, 0D, 54, AD, 40, 00, 89, 15, 50, AD, 40, 00, 89, 1D, 4C, AD, 40, 00, 89, 35, 48, AD, 40, 00, 89, 3D, 44, AD, 40, 00, 66, 8C, 15, 70, AD, 40, 00, 66, 8C, 0D, 64, AD, 40, 00, 66, 8C, 1D, 40, AD, 40, 00, 66, 8C, 05, 3C, AD, 40, 00, 66, 8C, 25, 38, AD, 40, 00, 66, 8C, 2D, 34, AD, 40, 00, 9C, 8F, 05, 68, AD, 40, 00, 8B, 45, 00, A3, 5C, AD, 40, 00, 8B, 45, 04, A3, 60, AD, 40, 00, 8D, 45, 08, A3, 6C, AD, 40...
 
[+]

Code size:
24.5 KB (25,088 bytes)

The file uninstall.exe has been discovered within the following program.

RechercherWeb Toolbar  by Conduit Ltd.
This is a Conduit toolbar installed in the user's Web browsers (IE, Chrome and Firefox) that collects and stores information about your web browsing habits and sends this information to Conduit so they can suggest services or provide ads via the toolbar.
64% remove it
 
Powered by Should I Remove It?

Remove uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.