home

uninstall.exe

The application uninstall.exe has been detected as a potentially unwanted program by 43 anti-malware scanners. The program is a setup application that uses the Nullsoft Install System installer, however the file is not signed with an authenticode signature from a trusted source. This is the uninstaller utility registered in the Windows Control Panel for the program VLC media player by VideoLAN. The installer uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars.
MD5:
755a34339d4a7430133309aafa6d5a2d

SHA-1:
c4ab17f1d7bcbd0a9b5a7ce6c1f6e4c04d149bac

SHA-256:
52a95f2159ecdd7945d5e782461d2b452f4c026df98f848ac87bea865f53e34a

Scanner detections:
43 / 68

Status:
Potentially unwanted

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
4/19/2024 6:33:28 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Solimba.1
857

Agnitum Outpost
Trojan.Adware
7.1.1

AhnLab V3 Security
ASD.Prevention
2013.06.28

Avira AntiVirus
W32/Sality.AT
7.11.30.172

avast!
Kukacka
140929-0

AVG
Win32/Sality
2014.0.4025

Baidu Antivirus
Trojan.MSIL.Solimba
4.0.3.14101

Bitdefender
Gen:Variant.Adware.Solimba.1
1.0.20.1370

Bkav FE
W32.Sality.PE
1.3.0.4959

Clam AntiVirus
WIN.Adware.Solimba-3
0.98/18355

Comodo Security
Application.Win32.Solimba.a
15261

Dr.Web
Win32.Sector.21
9.0.1.05190

Emsisoft Anti-Malware
Win32.Sality
14.10.01

ESET NOD32
Win32/Sality.NBA virus
7.0.302.0

Fortinet FortiGate
Adware/Fam.NB
10/1/2014

F-Prot
W32/Sality.E.gen
4.6.5.141

F-Secure
Gen:Variant.Adware.Solimba.1
11.2014-01-10_4

G Data
Gen:Variant.Adware.Solimba
14.10.22

IKARUS anti.virus
AdWare.Solimba
t3scan.2.0.3.0

K7 AntiVirus
Unwanted-Program
13.160.8223

Kaspersky
Virus.Win32.Sality
15.0.0.494

Malwarebytes
PUP.Offerware
v2014.10.01.01

McAfee
Artemis!395ECAAEE6AD
5600.6991

Microsoft Security Essentials
Threat.Undefined
1.185.1680.0

MicroWorld eScan
Gen:Variant.Adware.Solimba.1
15.0.0.822

NANO AntiVirus
Riskware.Win32.Downware.cruvdx
0.28.0.58101

Norman
Solimba.DIMI
11.20141001

nProtect
Trojan/W32.Agent.178856.B
13.02.15.02

Panda Antivirus
W32/Sality.AA
14.10.01.02

Qihoo 360 Security
HEUR/Malware.QVM20.Gen
1.0.0.1015

Quick Heal
AdWare.MSIL.Solimba.c (Not a Virus)
10.14.12.00

Reason Heuristics
Threat.Win.Reputation.IMP
14.10.1.1

Rising Antivirus
Trojan.Win32.Generic.13FD7DA9
23.00.65.14929

Sophos
DownloadMR
4.93

SUPERAntiSpyware
Trojan.Agent/Gen-Solimba
10327

Total Defense
Win32/Sality.AA
37.0.11207

Trend Micro House Call
TROJ_GEN.RCBOHLU
7.2.274

Trend Micro
TROJ_GEN.RCBCOEK
10.465.01

Vba32 AntiVirus
Downware.Morstar
3.12.24.3

VIPRE Antivirus
DownloadMR
26878

ViRobot
Win32.Sality.N
2011.4.7.4223

XVirus List
Win32.Detected
2.7.5

Zillya! Antivirus
Virus.Sality.Win32.20
2.0.0.1939

File size:
340.8 KB (348,945 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Install System

Common path:
C:\Program Files\videolan\vlc\uninstall.exe

File PE Metadata
Compilation timestamp:
1/5/2012 9:21:23 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.22

CTPH (ssdeep):
6144:zLaocyLCSk96kADcL8umAQZzx2Q+zKERJ0lgQ/lI+3L8:zuobUBL8nzgVygqw

Entry address:
0x4327

Entry point:
60, 78, 0C, 8D, 1D, 0B, D6, 2D, 72, 8D, 15, 26, 56, 84, B3, 68, 08, F8, 3F, 00, 0F, AF, E8, 0D, 51, 3A, C8, D0, EB, 03, 0F, B7, D3, EB, 06, 87, F0, FF, C0, 85, D3, 53, 86, FB, E8, 00, 00, 00, 00, F6, C4, 5A, 89, FD, 81, FA, DA, 04, 00, 00, 76, 08, 1B, CD, 8D, 15, C5, 83, F5, B9, 0F, AF, D7, 2D, 78, 63, 00, 00, 88, E1, 8D, 1D, 2C, 12, F5, B4, 2D, 92, 25, 00, 00, 5F, EB, 0A, 8B, CD, F7, C1, E9, 06, 03, BF, FE, C9, 70, 0A, 80, F1, 75, F3, 8D, 15, D1, C7, 3D, 43, 81, F9, D2, CB, 00, 00, 77, 06, 28, E6, F3, 0F...
 
[+]

Entropy:
7.6246

Code size:
34.5 KB (35,328 bytes)

Program Uninstaller
Program name:
VLC media player

Display publisher:
VideoLAN

Display version:
2.1.5

Uninstall string:
C:\Program Files\VideoLAN\VLC\uninstall.exe


Remove uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.