home

uninstall.exe

Crossrider Advanced Technologies

Part of the Crossrider framework, a web browser extension that will deliver advertisements such as coupons, price-comparisons, display media, affiliate links, banners, popups/popunders and other links. The application uninstall.exe by Crossrider Advanced Technologies has been detected as adware by 2 anti-malware scanners. This is the uninstaller utility registered in the Windows Control Panel for the program Radio Canyon by Radio Canyon. This file is typically installed with the program Radio Canyon by Bright circle investments Ltd. which is a potentially unwanted software program. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.
Publisher:
Crossrider Advanced Technologies  (signed and verified)

MD5:
6fc4e2003f3b20178ee96e65bdabf548

SHA-1:
d39b89fbf29e6ec7be1a1c0e9d87d70078ad45fc

SHA-256:
c86351c86135885ce3dfe7969c38b56b4413c7dae5a244ee7b420e945bc48601

Scanner detections:
2 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:
4/16/2024 1:24:29 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Crossrider.CrossriderAdvancedTechnologies (M)
16.2.4.6

File size:
104.7 KB (107,224 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\radio canyon\uninstall.exe

Digital Signature
Signed by:
Crossrider Advanced Technologies

Authority:
COMODO CA Limited

Valid from:
9/24/2012 3:00:00 AM

Valid to:
9/25/2015 2:59:59 AM

Subject:
CN=Crossrider Advanced Technologies, O=Crossrider Advanced Technologies, STREET=40 Lilienblum St, L=Tel-Aviv, S=Israel, PostalCode=65133, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B9966EA31AF5750F30968D041D15669B

File PE Metadata
Compilation timestamp:
11/4/2014 11:37:38 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:l4ZzgOmYUYRZyiyUZ2d83JqdNYMUT3Vbw7MtajcFERusWjcd2edVXuksQa:SHmYUYRZyH03JMNtpAdqx2YVXuL

Entry address:
0x53C4

Entry point:
E8, E9, 63, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 48, 6F, 41, 00, E8, 26, 0A, 00, 00, E8, 85, 24, 00, 00, 0F, B7, F0, 6A, 02, E8, 7C, 63, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 5D, 5D, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
6.4593

Code size:
67 KB (68,608 bytes)

Program Uninstaller
Program name:
Radio Canyon

Display publisher:
Radio Canyon

Display version:
1.35.9.29

Uninstall string:
C:\Program Files\Radio Canyon\Uninstall.exe /fcp=1


The file uninstall.exe has been discovered within the following program.

Radio Canyon  by Bright circle investments Ltd.
Radio Canyon (Porter Studio Plus) is an adware program (supported by various types of advertising) that is usually bundled by third party installers and download managers.
88% remove it
 
Powered by Should I Remove It?

Remove uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.