» uninstall.exe
Overview
Analysis
File Details
Programs (1)

uninstall.exe

ContentExplorer Uninstaller

Lake Ventures LLC

This adware bundler is distributed through Adknowledge's advertising supported software managers. The application uninstall.exe, “ContentExplorer Uninstall” by Lake Ventures has been detected as adware by 18 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer. This file is typically installed with the program ContentExplorer by Lake Ventures LLC which is a potentially unwanted software program. The setup program bundles additional offers, mostly adware, using the InstallBrain installer, a pay-per-install monetization download manager. InstallBrain will also install a background updater service that will update any installed browser add-ons and plug-ins.

File name:

uninstall.exe

Publisher:

ContentExplorer.net (signed by Lake Ventures LLC)

Product:

ContentExplorer Uninstaller

Description:

ContentExplorer Uninstall

Version:

1.0.0.0

MD5:

ea037c2b3f9a5d7e709346b28506dd3e

SHA-1:

b5beef99fc596f46b92169b980450f30f9fb4545

SHA-256:

d843b2835bbe47ce4f0d0fd5ae7ae2aef218b4f6e9001173125d2024e45154dc

Scanner detections:

18 / 68

Status:

Adware

Explanation:

Uses the InstallBrain monetization platform from iBario to deliver bundled adware both search toolbars and PC optimizers from Performersoft.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

4/26/2024 6:32:38 PM UTC (today)

Scan engine

Detection

Engine version

AegisLab AV Signature

AdWare.W32.InstallBrain

2.1.4+

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

avast!

Win32:IBryte-MC [PUP]

2014.9-160215

Baidu Antivirus

Adware.Win32.iBryte

4.0.3.16215

Bkav FE

W32.HfsAdware

1.3.0.7062

Comodo Security

ApplicUnwnt

23010

Dr.Web

Trojan.iBryte.501

9.0.1.046

ESET NOD32

MSIL/Adware.iBryte.T application

10.7.0.302.0

F-Secure

Suspicious:W32/Malware.42127319c2!Online

11.2016-15-02_2

G Data

Win32.Application.Agent.60OZMS

16.2.25

IKARUS anti.virus

PUA.Downloader

t3scan.1.7.8.0

NANO AntiVirus

Riskware.Win32.BPlug.djpkri

0.30.0.65070

Panda Antivirus

Generic Suspicious

16.02.15.02

Quick Heal

PUA.Lakeventur.Gen

2.16.14.00

Reason Heuristics

PUP.Adknowledge.LakeVentures.Bundler (M)

16.2.15.2

Sophos

Generic PUA EC

4.98

Trend Micro House Call

Suspicious_GEN.F47V0129

7.2.46

VIPRE Antivirus

Threat.5064620

42326

File size:

127.7 KB (130,800 bytes)

Product version:

1.0.0.0

Original file name:

uninstall.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Adknowledge Fusion

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\roaming\contentexplorer\uninstall.exe

Digital Signature

Signed by:

Lake Ventures LLC

Authority:

GoDaddy.com, Inc.

Valid from:

12/17/2013 8:22:44 PM

Valid to:

12/17/2014 8:22:44 PM

Subject:

CN=Lake Ventures LLC, O=Lake Ventures LLC, L=Aliso Viejo, S=California, C=US

Issuer:

SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

2B14BBCA37F140

File PE Metadata

Compilation timestamp:

8/2/2014 3:00:46 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:rrKlcLBKFvS1eyMaf8buKyownReoFPmVXNFyP:fKGLBKFvS1eyMakbqownReoJmhvyP

Entry address:

0x1E50A

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

113.5 KB (116,224 bytes)

The file uninstall.exe has been discovered within the following program.

ContentExplorer by Lake Ventures LLC

From the Terms and Conditions: "Content Explorer is ad-supported. During general internet usage on sites where Content Explorer operates, users may see additional banner, search, pop-up, pop-under, and in-text link advertisements.

ContentExplorer.net

85% remove it

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.