home

uninstall.exe

Kimahri Software inc.

This adware uses the Crossrider platform to build and distribute this web browser advertising injection extension. Once installed in the browser it will hijack various browser settings (homepage, search) and may interfere and track behaviors as well as deliver ads. The application uninstall.exe by Kimahri Software inc has been detected as adware by 10 anti-malware scanners. This is the uninstaller utility registered in the Windows Control Panel for the program V-9.1HD by V-9.1HD. This file is typically installed with the program V-9.1HD by Evangelion Group which is a potentially unwanted software program. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.
Publisher:
Kimahri Software inc.  (signed and verified)

MD5:
70fabfdbb78cd02f2db26367c83b7948

SHA-1:
a1b849539d214a7bd5e34b1585a5717330414e09

SHA-256:
dfb21842c74eebf8527be5baa5e6ae49a415c30e7a05f3f5d6b27fd66a114f97

Scanner detections:
10 / 68

Status:
Adware

Explanation:
May modify the web browser's settings including changing the homepage and search provider in addition to delivering ads (by injecting banner and text-links directly in the webpage).

Analysis date:
4/26/2024 8:05:30 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Skodna
2016.0.3006

Baidu Antivirus
Adware.Win32.CrossRider
4.0.3.15825

G Data
Win32.Application.Shopperpro
15.8.24

IKARUS anti.virus
PUA.Plush
t3scan.1.7.5.0

NANO AntiVirus
Riskware.Win32.AdLoad.dcdysq
0.28.2.61861

Panda Antivirus
Adware/Goobzo
15.08.25.07

Qihoo 360 Security
HEUR/Malware.QVM10.Gen
1.0.0.1015

Reason Heuristics
PUP.Brightcicrle.Brightcircle (M)
15.7.24.14

Vba32 AntiVirus
AdWare.AdLoad
3.12.26.3

VIPRE Antivirus
Threat.4792716
32210

File size:
87.4 KB (89,448 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\v-9.1hd\uninstall.exe

Digital Signature
Signed by:
Kimahri Software inc.

Authority:
COMODO CA Limited

Valid from:
3/7/2013 12:00:00 AM

Valid to:
3/6/2016 11:59:59 PM

Subject:
CN=Kimahri Software inc., O=Kimahri Software inc., STREET=666 Sherbrooke Rue w, L=Montreal, S=Quebec, PostalCode=H3A 1E7, C=CA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A1BB8569950C0B2080A11A0E2F618B33

File PE Metadata
Compilation timestamp:
6/25/2014 11:03:33 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:L/pq4X6fI3SLe0A1gEMcVSFlDWaJsWjcd+TSyJSY:9q86Lerdil2+TSyJT

Entry address:
0x571B

Entry point:
E8, 60, 5B, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 78, 3F, 41, 00, E8, 1F, 0A, 00, 00, E8, 3D, 33, 00, 00, 0F, B7, F0, 6A, 02, E8, F3, 5A, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, D4, 54, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
6.2682

Code size:
54.5 KB (55,808 bytes)

Program Uninstaller
Program name:
V-9.1HD

Display publisher:
V-9.1HD

Display version:
1.34.6.10

Uninstall string:
C:\Program Files (x86)\V-9.1HD\Uninstall.exe /fcp=1


The file uninstall.exe has been discovered within the following program.

V-9.1HD  by Evangelion Group
Plus-HD-9.1c (Freeven) is an adware program that runs within the user's web browser and will modify various browser settings such as changing the search provider.
crossrider.com/install/61776-plus-hd-9-1c
86% remove it
 
Powered by Should I Remove It?

Remove uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.