home

Uninstall.exe

GeniusBox.Uninstaller

Joltlogic

This adware bundler is distributed through Adknowledge's advertising supported software managers. The application Uninstall.exe by Joltlogic has been detected as adware by 14 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer. This is the uninstaller utility registered in the Windows Control Panel for the program GeniusBox 2.0 by GeniusBox 2.0. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
Publisher:
Joltlogic  (signed and verified)

Product:
GeniusBox.Uninstaller

Version:
1.0.0.0

MD5:
809f7031d04dd613d24f4136e1594ad0

SHA-1:
bd9d99de033aed64d1e9ef4dad1ebdf2bdc07b5a

SHA-256:
b810d332eec2a515d2c50b8f455fe865d61d59b4ecb1de6f329c64f8430e1c71

Scanner detections:
14 / 68

Status:
Adware

Explanation:
Injects advertising in the web browser in various formats.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/26/2024 5:06:33 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/BrowseFox.Gen4
7.11.213.138

avast!
Win32:IBryte-JX [PUP]
2014.9-150305

AVG
Generic
2016.0.3179

Bkav FE
W32.HfsAdware
1.3.0.6379

ESET NOD32
MSIL/Adware.iBryte (variant)
9.11270

Fortinet FortiGate
Adware/IBryte
3/5/2015

IKARUS anti.virus
PUA.BrowserFox
t3scan.1.8.6.0

K7 AntiVirus
Adware
13.194.14966

McAfee
Artemis!821A99433B1F
5600.6835

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.Bundler.Adknowledge
15.3.5.21

Sophos
Generic PUA ND
4.98

Trend Micro House Call
Suspicious_GEN.F47V0213
7.2.64

VIPRE Antivirus
AdKnowledge
38126

File size:
745.2 KB (763,104 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
Uninstall.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adknowledge Fusion

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\browser extensions\uninstall.exe

Digital Signature
Signed by:
Joltlogic

Authority:
COMODO CA Limited

Valid from:
7/15/2014 5:00:00 PM

Valid to:
7/16/2015 4:59:59 PM

Subject:
CN=Joltlogic, O=Joltlogic, STREET=4600 Madison Ave FL 10, L=Kansas City, S=Missouri, PostalCode=64112, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
5EE011413A702F6705B25B34B674F3AB

File PE Metadata
Compilation timestamp:
3/4/2015 2:28:43 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:33IGMSRRlWgb2oS5MJgECaqfc/+lm5gT5OrDrYMkku1Gw+31kHXS4RLrZKoBcaVu:nXVRmZoS5MCE3q02lKgtOrDrKESS45Zo

Entry address:
0xBA29E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9202

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
737 KB (754,688 bytes)

Program Uninstaller
Program name:
GeniusBox 2.0

Display publisher:
GeniusBox 2.0

Display version:
2.0

Uninstall string:
"C:\users\{user}\appdata\local\browser extensions\uninstall.exe"


Remove Uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.