home

uninstall.exe

Gogo Network Club

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The application uninstall.exe by Gogo Network Club has been detected as adware by 16 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program iWebar by iWebar. It is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.
Publisher:
Gogo Network Club  (signed and verified)

MD5:
df36cde57af8c79f487c2aa65940fc08

SHA-1:
f11873fa326a5f81a0b1bbab34d0b9ba4132d8ac

SHA-256:
ec576a4a54c6f5064d3bfd5871009cbfa469d0b915f2f827b2ca6ee9e6e73f0c

Scanner detections:
16 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:
4/26/2024 11:49:06 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/CrossRider.Gen7
7.11.182.130

AVG
Generic
2015.0.3305

Baidu Antivirus
PUA.Win32.CrossRider
4.0.3.141031

Dr.Web
Trojan.Crossrider.38416
9.0.1.0336

ESET NOD32
Win32/Toolbar.CrossRider.AW (variant)
8.10649

Fortinet FortiGate
W32/GoogUpdate.AW!tr
12/2/2014

Kaspersky
not-a-virus:WebToolbar.Win32.CrossRider
15.0.0.494

McAfee
Artemis!E0870427386B
5600.6928

NANO AntiVirus
Riskware.Win32.Crossrider.dibnus
0.28.6.62995

Panda Antivirus
Trj/Genetic.gen
14.12.02.08

Qihoo 360 Security
Win32/Virus.Adware.a87
1.0.0.1015

Reason Heuristics
Adware.iWebar.GogoNetworkClub.J
14.10.31.6

Sophos
Generic PUA ML
4.98

Trend Micro House Call
Suspicious_GEN.F47V1110
7.2.336

Vba32 AntiVirus
Trojan.GoogUpdate
3.12.26.3

Zillya! Antivirus
Trojan.GoogUpdate.Win32.4263
2.0.0.1981

File size:
85.9 KB (87,968 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\iwebar\uninstall.exe

Digital Signature
Signed by:
Gogo Network Club

Authority:
COMODO CA Limited

Valid from:
8/19/2014 1:00:00 AM

Valid to:
8/20/2015 12:59:59 AM

Subject:
CN=Gogo Network Club, O=Gogo Network Club, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Nicosia, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
75BF783471861CAD78DE03A20768BF56

File PE Metadata
Compilation timestamp:
10/30/2014 9:37:47 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:nQ6otM/lNlQ1WU1AUkpMQcF6jsWjcdTc7S9V5JW1:Q6GM/BNUS0DTL9V5I

Entry address:
0x4F2B

Entry point:
E8, 10, 59, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 38, 2E, 41, 00, E8, 1F, 0A, 00, 00, E8, 7E, 24, 00, 00, 0F, B7, F0, 6A, 02, E8, A3, 58, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 84, 52, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Code size:
52 KB (53,248 bytes)

Program Uninstaller
Program name:
iWebar

Display publisher:
iWebar

Display version:
1.35.9.29

Uninstall string:
C:\Program Files\iWebar\Uninstall.exe /fcp=1


Remove uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.