home

uninstall.exe

Softacular

This is a self-extracting archive and installer. This is the uninstaller utility registered in the Windows Control Panel for the program BrowserSafeguard with RocketTab by BrowserSafeguard with RocketTab.
Publisher:
Softacular  (signed and verified)

Version:
1.0.5412.14593

MD5:
397f81075e7982612a9dd776342591c9

SHA-1:
8256264983442054654e64342b280cf8f5236ecc

SHA-256:
b1446ffd9aea9ec244b21caa30269a165e63d52d6aed9f867daf9f40cd198f1c

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/19/2024 11:12:33 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Softacular
2015.0.3308

Kaspersky
not-a-virus:AdWare.MSIL.RocketTab
14.0.0.3036

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

VIPRE Antivirus
AdKnowledge
34284

File size:
3.8 MB (3,942,112 bytes)

Product version:
1.0.5412.14593

Original file name:
Installer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\search extensions\uninstall.exe

Digital Signature
Signed by:
Softacular

Authority:
COMODO CA Limited

Valid from:
3/24/2014 1:00:00 AM

Valid to:
3/25/2015 12:59:59 AM

Subject:
CN=Softacular, O=Softacular, STREET="4600 Madison Ave, 10th FL", L=Kansas City, S=Missouri, PostalCode=64112, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
753A79B32D5A96BF1872FDE1AC60DEEA

File PE Metadata
Compilation timestamp:
10/26/2014 10:06:37 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:jzITJPwLJVJeTo46btu+hG0rAQZmucE87JW7b3fkN9wNNxvwZCY2ktQsYjTtw6of:j8NoLPJDRzZUE87c3fsaHO2pR1of

Entry address:
0x3B8470

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
3.7 MB (3,892,736 bytes)

Program Uninstaller
Program name:
BrowserSafeguard with RocketTab

Display publisher:
BrowserSafeguard with RocketTab

Uninstall string:
"C:\Program Files\Search Extensions\uninstall.exe" /u=true /UserID=72b06a2d-33d9-4300-acc6-350fe83997b1 /SourceID=jfaquew|a129 /ImplementationID=browsersafeguard-rockettab-ptn /UC=20141026


The file uninstall.exe has been discovered within the following programs.

“RocketTab”  by Adknowledge
RocketTab is a web browser extension that injects display advertising in the user's browser. Ads are displayed in the form of banners and contextual text-links and are both injected in white space areas of the HTML page or over existing ads of the underlying web site.
85% remove it
Rockettab  by Rich River Media, LLC
RocketTab is an adware program that injects advertising in the user's web browser by creating a local proxy server and routing all Internet traffic through that proxy. By re-routing traffic the service will be able to include various ads in the HTML of the displaying web page.
rockettab.com
88% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to ec2-54-83-200-155.compute-1.amazonaws.com  (54.83.200.155:80)

Scan uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.