home

avg-9a33834e-e957-471b-8c3b-2a0b39fec83f.tmp

Search Results, LLC

The file avg-9a33834e-e957-471b-8c3b-2a0b39fec83f.tmp by Search Results has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Search Results, LLC  (signed and verified)

MD5:
94489d0a08713ce9ada64b468f6f57e7

SHA-1:
948d07600fc5802389cd19ea1444a854801b1524

SHA-256:
5fe0fe0a1e6bbfbfa4f9d8293bd980c3cb127c8f311327e80d5d9830543a0128

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/25/2024 11:42:09 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.9.30.17

File size:
431.6 KB (441,976 bytes)

Common path:
C:\ProgramData\avg2012\temp\avg-9a33834e-e957-471b-8c3b-2a0b39fec83f.tmp

Digital Signature
Signed by:
Search Results, LLC

Authority:
COMODO CA Limited

Valid from:
4/25/2012 3:00:00 AM

Valid to:
4/26/2014 2:59:59 AM

Subject:
CN="Search Results, LLC", O="Search Results, LLC", STREET="2751 Hennepin Ave S #252", L=Minneapolis, S=MN, PostalCode=55405, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B6815DF3B6D64839E008D65B53EF0170

File PE Metadata
Compilation timestamp:
1/23/2014 9:42:09 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:hpToVVvubiiaosfgkl1UOCh4bL4zLykYZzoRPSHQKWEvHf8Vypm2G2Ag8la:70VaDaoagkc7KbknykjYQGvH0VIEla

Entry address:
0x2EDA2

Entry point:
4A, 42, C3, F1, 6E, C3, 7B, 43, 8E, DE, 0D, 69, F3, 21, 3B, 3B, 8E, C5, 1A, 98, 8B, 5A, 60, 5F, 7F, CB, 90, 33, 36, C1, 56, AE, 93, 0D, 30, 60, 92, AF, C8, 38, 92, DF, 0A, B2, D2, 13, 73, 9E, 3A, E3, 3F, 86, EB, EC, 26, 97, 1D, 06, D5, 2B, B2, 08, CD, AB, 47, 4C, F6, 83, 82, E8, 96, 35, 07, 51, 6F, FA, D4, 8F, DF, 58, 02, D3, 3B, 66, D9, E0, D8, 4E, E7, 55, DF, FB, F9, 24, CA, 98, AA, 67, 01, C4, 0A, DD, C1, EA, 1F, 66, 5D, F8, 1A, E1, 87, 64, 04, A6, 9B, DD, 4C, 8F, 2C, 15, 52, BC, 2F, 40, 97, 72, D0, DB...
 
[+]

Entropy:
7.7189  (probably packed)

Code size:
293.5 KB (300,544 bytes)

Remove avg-9a33834e-e957-471b-8c3b-2a0b39fec83f.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.