home

autocompleteplus_ie_ie-installer.exe

AutoComplete+ Personal

Cloud Power LLC

The application autocompleteplus_ie_ie-installer.exe, “AutoComplete+ Personal Installer” by Cloud Power has been detected as adware by 9 anti-malware scanners. The program is a setup application that uses the Nullsoft Install System installer. This web browser addon will display additional advertisements in the user's browser including popup, banner, contextual hyperlinks as well as affiliate links.
Publisher:
AutoComplete+  (signed by Cloud Power LLC)

Product:
AutoComplete+ Personal

Description:
AutoComplete+ Personal Installer

Version:
1.22.150.150

MD5:
06898c88fbad25b4241d073166d200b2

SHA-1:
d09bacaee6c03d2bc4f20c78cda1ed511735d080

SHA-256:
ac0436dd4387156f7b579877c4d61582085f011da1187808b05292a249e5c7fe

Scanner detections:
9 / 68

Status:
Adware

Explanation:
Browser extension that injects additional advertisements (banner and text links) on web pages.

Analysis date:
4/25/2024 6:56:59 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/CrossRider.Gen2
7.11.163.200

Baidu Antivirus
Adware.Win32.CrossRider
4.0.3.141118

Comodo Security
Heur.Suspicious
18956

ESET NOD32
Win32/Toolbar.CrossRider
8.10147

K7 AntiVirus
Riskware
13.181.12834

McAfee
Artemis!DE3661F53D89
5600.6943

NANO AntiVirus
Riskware.Win32.GamePlayLabs.cxfutx
0.28.2.60990

Reason Heuristics
PUP.Installer.CloudPower.a
14.11.18.11

Rising Antivirus
NS:PUF.SilenceInstaller!1.9DDF
23.00.65.141116

File size:
1.1 MB (1,192,064 bytes)

Copyright:
Copyright AutoComplete+

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Install System

Language:
English (United States)

Common path:
C:\users\{user}\downloads\autocompleteplus_ie_ie-installer.exe

Digital Signature
Signed by:
Cloud Power LLC

Authority:
COMODO CA Limited

Valid from:
5/28/2012 8:00:00 PM

Valid to:
5/29/2015 7:59:59 PM

Subject:
CN=Cloud Power LLC, O=Cloud Power LLC, STREET=5375 Beechwood Ln, L=Los Altos, S=CA, PostalCode=94024, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
444FE815BC180B87BEEC9346E8588153

File PE Metadata
Compilation timestamp:
1/5/2010 7:09:32 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
24576:RTqmx9pp5fE3/7WA2d4vN8s7CqH7tYZInbfg8hbipzC92mb:tTx9pp5K/7b26vN8AjxYZInblApzC4mb

Entry address:
0x4044

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, E8, 97, 52, 00, 00, C7, 04, 24, 01, 80, 00, 00, E8, 43, 4F, 00, 00, 56, C7, 04, 24, 00, 00, 00, 00, E8, A6, 52, 00, 00, A3, 88, 5C, 42, 00, 53, C7, 04, 24, 08, 00, 00, 00, E8, 26, 32, 00, 00, A3, 38, 5D, 42, 00, 8D, 85, 84, FE, FF, FF, 51, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, A4, B2, 40, 00, E8, D0, 51, 00, 00, 83, EC, 14, C7, 44, 24, 04, A5, B2, 40, 00, C7, 04, 24, 68, 5D...
 
[+]

Entropy:
7.9740  (probably packed)

Code size:
33 KB (33,792 bytes)

Remove autocompleteplus_ie_ie-installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.