home

videoconvertersetup.exe

The application videoconvertersetup.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. This is the uninstaller utility registered in the Windows Control Panel for the program Video Converter. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.superbvideoconverter.com.
MD5:
ac2ef335c5e6e8fc2965f822f8672604

SHA-1:
e77a88a9cf8bd868d7d8e007e096d5300af81aee

SHA-256:
8739cc5a926947380c5f54d872c841ef567d65b5845638a1361f3f6879978108

Scanner detections:
27 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/19/2024 7:41:02 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Generic.335398
799

Agnitum Outpost
PUA.InstallCore
7.1.1

AhnLab V3 Security
PUP/Win32.InstallCore
2013.12.13

Avira AntiVirus
APPL/Downloader.Gen6
7.11.119.134

AVG
Adware InstallCore.M
2014.0.4189

Bitdefender
Adware.Generic.335398
1.0.20.1655

Bkav FE
W32.HfsAutoA
1.3.0.4613

Clam AntiVirus
Win.Adware.Installcore-156
0.98/18355

Comodo Security
Application.Win32.ClickRun.A
17431

Dr.Web
Adware.InstallCore.53
9.0.1.05190

Emsisoft Anti-Malware
Adware.Generic.335398
9.0.0.4570

ESET NOD32
Win32/InstallCore.AF potentially unwanted application
7.0.302.0

Fortinet FortiGate
Adware/Fam.NB
11/27/2014

F-Prot
W32/InstallCore.V.gen
4.6.5.141

F-Secure
Adware.Generic.335398
11.2014-27-11_5

G Data
Adware.Generic.335398
14.11.22

K7 AntiVirus
Unwanted-Program
13.174.10498

MicroWorld eScan
Adware.Generic.335398
15.0.0.993

NANO AntiVirus
Trojan.Win32.InstallCore.cqrbdq
0.28.0.56692

Panda Antivirus
PUP/MultiToolbar.A
14.11.27.06

Qihoo 360 Security
Malware.QVM20.Gen
1.0.0.1015

Reason Heuristics
Threat.Win.Reputation.IMP
14.11.27.18

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.141125

Sophos
Install Core Click run software
4.96

SUPERAntiSpyware
Adware.InstallCore
10211

Vba32 AntiVirus
BScope.Malware-Cryptor.InstallCore.2691
3.12.24.3

VIPRE Antivirus
Click run software
24312

File size:
1.1 MB (1,144,592 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\videoconvertersetup.exe

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:Dfiqz5+2cFdkTdo2w8krjVSFX3EaQXjN+tMtlzBD:Dfiqz5+2cFd2do2wprhSFkaQXcUlF

Entry address:
0xCE7D0

Entry point:
55, 8B, EC, 83, C4, F0, B8, 20, C4, 41, 00, E8, 30, D8, FF, FF, 8B, C0, 70, 10, 40, 00, 01, 04, 42, 79, 74, 65, 01, 00, 00, 00, 00, FF, 00, 00, 00, 90, 84, 10, 40, 00, 01, 04, 57, 6F, 72, 64, 03, 00, 00, 00, 00, FF, FF, 00, 00, 90, 98, 10, 40, 00, 01, 08, 43, 61, 72, 64, 69, 6E, 61, 6C, 05, 00, 00, 00, 00, FF, FF, FF, FF, 90, B0, 10, 40, 00, 0A, 06, 53, 74, 72, 69, 6E, 67, BC, 10, 40, 00, 0B, 0A, 57, 69, 64, 65, 53, 74, 72, 69, 6E, 67, CC, 10, 40, 00, 0C, 07, 56, 61, 72, 69, 61, 6E, 74, 8D, 40, 00, 24, 11...
 
[+]

Entropy:
7.0202

Developed / compiled with:
Microsoft Visual C++

Code size:
841 KB (861,184 bytes)

Program Uninstaller
Program name:
Video Converter

Uninstall string:
C:\Program Files (x86)\VideoConverter\Uninstall\Uninstall.exe /Uninstall


The file videoconvertersetup.exe has been seen being distributed by the following URL.

http://www.superbvideoconverter.com/default/ga/.../?dl=1

Remove videoconvertersetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.