uninstall.exe

ContentExplorer Uninstaller

Lake Ventures LLC

This adware bundler is distributed through Adknowledge's advertising supported software managers. The application uninstall.exe, “ContentExplorer Uninstall” by Lake Ventures has been detected as adware by 18 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer. This is the uninstaller utility registered in the Windows Control Panel for the program ContentExplorer by ContentExplorer.net. The setup program bundles additional offers, mostly adware, using the InstallBrain installer, a pay-per-install monetization download manager. InstallBrain will also install a background updater service that will update any installed browser add-ons and plug-ins.
Publisher:
ContentExplorer.net  (signed by Lake Ventures LLC)

Product:
ContentExplorer Uninstaller

Description:
ContentExplorer Uninstall

Version:
1.0.0.0

MD5:
453ede422d5952e5703eb959e5267bd3

SHA-1:
b2b1e8e71da3c04595beb3f5b7850d0d4569423f

SHA-256:
6cce000c733e8fe647cf7884505f71c0970e0f9ea78e5f0a6f94464438b4e7bb

Scanner detections:
18 / 68

Status:
Adware

Explanation:
Uses the InstallBrain monetization platform from iBario to deliver bundled adware both search toolbars and PC optimizers from Performersoft.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/18/2024 2:10:52 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
AdWare.W32.InstallBrain
2.1.4+

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

avast!
Win32:IBryte-MC [PUP]
2014.9-160215

Baidu Antivirus
Adware.Win32.iBryte
4.0.3.16215

Bkav FE
W32.HfsAdware
1.3.0.7062

Comodo Security
ApplicUnwnt
23010

Dr.Web
Trojan.iBryte.501
9.0.1.046

ESET NOD32
MSIL/Adware.iBryte.T application
10.7.0.302.0

F-Secure
Suspicious:W32/Malware.42127319c2!Online
11.2016-15-02_2

G Data
Win32.Application.Agent.60OZMS
16.2.25

IKARUS anti.virus
PUA.Downloader
t3scan.1.7.8.0

NANO AntiVirus
Riskware.Win32.BPlug.djpkri
0.30.0.65070

Panda Antivirus
Generic Suspicious
16.02.15.09

Quick Heal
PUA.Lakeventur.Gen
2.16.14.00

Reason Heuristics
PUP.Adknowledge.LakeVentures.Bundler (M)
16.2.15.9

Sophos
Generic PUA EC
4.98

Trend Micro House Call
Suspicious_GEN.F47V0129
7.2.46

VIPRE Antivirus
Threat.5064620
42326

File size:
127.7 KB (130,800 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2013

Original file name:
uninstall.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adknowledge Fusion

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\contentexplorer\uninstall.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
12/17/2013 8:22:44 PM

Valid to:
12/17/2014 8:22:44 PM

Subject:
CN=Lake Ventures LLC, O=Lake Ventures LLC, L=Aliso Viejo, S=California, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B14BBCA37F140

File PE Metadata
Compilation timestamp:
12/8/2014 9:00:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:4rKlYnBKFvSEeyMaf8buK2opmf3L0iAFyZ:eKqnBKFvSEeyMakb+opmf3AiWyZ

Entry address:
0x1E50E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
113.5 KB (116,224 bytes)

Program Uninstaller
Program name:
ContentExplorer

Display publisher:
ContentExplorer.net

Display version:
8.4

Uninstall string:
C:\users\{user}\appdata\roaming\contentexplorer\uninstall.exe


Remove uninstall.exe - Powered by Reason Core Security