home

uninstall.exe

Shareaza

Bandoo Media Inc

The application uninstall.exe, “Shareaza Uninstall” by Bandoo Media Inc has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program Shareaza by Bandoo Media Inc. This file is typically installed with the program Shareaza by Bandoo Media Inc which is a potentially unwanted software program.
Publisher:
Bandoo Media Inc  (signed and verified)

Product:
Shareaza

Description:
Shareaza Uninstall

Version:
9.0.0.135011

MD5:
d2d9fc66b8eaf54cb6465d01f9bb3c20

SHA-1:
ec136d6593e9fc35b21ea9009c964b82b5d5d499

SHA-256:
2c99809be746e3efe26697541a006a54c9f113ea250ee9a4c7b2a00b919b17d6

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
May bundle additional software offers in the setup installer included a branded Ask.com Toolbar (Movies/Music Toolbar).

Analysis date:
4/26/2024 9:11:41 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.BandooMedia.J
14.6.23.12

File size:
228 KB (233,520 bytes)

Product version:
9.0.0.135011

Copyright:
Copyright (C) 2013

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\Program Files\shareaza applications\shareaza\uninstall.exe

Digital Signature
Signed by:
Bandoo Media Inc

Authority:
Thawte, Inc.

Valid from:
2/9/2014 2:00:00 AM

Valid to:
10/6/2014 2:59:59 AM

Subject:
CN=Bandoo Media Inc, O=Bandoo Media Inc, L=Panama City, S=Panama, C=PA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
34D16C5DA8C64FA202CC6BDB73876214

File PE Metadata
Compilation timestamp:
5/30/2013 11:09:15 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:nX47XeUNR/73juLav2zsV1pzV677noHKitH:nXM173jT/V1pzIfoHp

Entry address:
0x38AF

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 68, A2, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 90, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 90, 40, 00, 55, FF, 15, BC, 92, 40, 00, 6A, 08, A3, 98, EB, 47, 00, E8, 25, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, EA, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 64, A2, 40, 00, FF, 15, 80, 91, 40, 00, 68, 4C, A2, 40, 00, 68, A0, 6A, 47, 00, E8, 8F, 27, 00, 00, FF, 15, B0, 90, 40, 00, 50, BF, A0, F0, 4C, 00, 57, E8, 7D, 27, 00, 00...
 
[+]

Entropy:
7.5154

Packer / compiler:
Nullsoft install system v2.x

Code size:
29.5 KB (30,208 bytes)

Program Uninstaller
Program name:
Shareaza

Display publisher:
Bandoo Media Inc

Display version:
9.0.0.135011

Uninstall string:
"C:\Program Files (x86)\Shareaza Applications\Shareaza\uninstall.exe"


The file uninstall.exe has been discovered within the following program.

Shareaza  by Bandoo Media Inc
Publisher's description - “Shareaza is a peer-to-peer client for Windows that allows you to download any file-type found on several popular P2P networks. Shareaza can connect to up to 4 separate Peer-to-Peer networks, providing access to hundreds of thousands of diverse users, all from one single program.”
shareaza.sourceforge.net
65% remove it
 
Powered by Should I Remove It?

Remove uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.