home

avg antivirus free.exe

taskhost

Smart Secure Software S.l.

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application avg antivirus free.exe by Smart Secure Software S.l has been detected as adware by 25 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer. The file has been seen being downloaded from ttb.downhq.com.
Publisher:
Smart Secure Software S.l.  (signed and verified)

Product:
taskhost

Version:
5. 4. 5. 4

MD5:
60d88100f3ee5d334e38ea8984d090aa

SHA-1:
a47d16aeb4d8b741105a225f24bb1c0fd5b27e56

SHA-256:
6f41617782750e759b0c9936fcadbecf12234c4e236f4035613c7acdb559bf50

Scanner detections:
25 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
5/15/2024 8:03:51 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Strictor.74697
6353544

Agnitum Outpost
PUA.Downloader
7.1.1

AhnLab V3 Security
PUP/Win32.SoftPulse
2015.01.17

Avira AntiVirus
APPL/Softpulse.oanf
7.11.201.216

avast!
SoftPulse-CR [PUP]
150101-1

AVG
Generic
2016.0.3227

Bitdefender
Gen:Variant.Strictor.74697
1.0.20.80

Comodo Security
Application.Win32.SoftPulse.D
20727

Dr.Web
Trojan.Domaiq.100
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Strictor.74697
9.0.0.4799

ESET NOD32
Win32/SoftPulse.U potentially unwanted application
7.0.302.0

F-Prot
W32/S-700373fd
v6.4.7.1.166

F-Secure
Gen:Variant.Strictor.74697
5.13.68

G Data
Gen:Variant.Strictor.74697
15.1.24

K7 AntiVirus
Unwanted-Program
13.191.14667

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.2632

Malwarebytes
PUP.Optional.SoftPulse
v2015.01.16.01

McAfee
SoftPulse
5600.6883

MicroWorld eScan
Gen:Variant.Strictor.74697
16.0.0.48

NANO AntiVirus
Riskware.Win32.Agent.dmazvb
0.30.0.64448

Panda Antivirus
Trj/Genetic.gen
15.01.16.01

Reason Heuristics
PUP.Softpulse.SmartSecureSoftwareSl
15.1.16.12

Sophos
PUA 'Smart Secure Software' (of type Adware)
5.09

VIPRE Antivirus
Threat.5064683
36694

Zillya! Antivirus
Adware.Agent.Win32.35025
2.0.0.2037

File size:
1 MB (1,075,408 bytes)

Product version:
6. 5. 4. 6

Copyright:
Copyright (C) 2014

Original file name:
taskhost.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Softpulse SoftwareBundler

Language:
Spanish (Spain, International Sort)

Common path:
C:\users\{user}\downloads\avg antivirus free.exe

Digital Signature
Signed by:
Smart Secure Software S.l.

Authority:
Thawte, Inc.

Valid from:
6/17/2014 1:00:00 AM

Valid to:
6/18/2015 12:59:59 AM

Subject:
CN=Smart Secure Software S.l., O=Smart Secure Software S.l., L=Adeje, S=Santa Cruz de Tenerife, C=ES

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7F616522D287E85A40984A2C01C414C1

File PE Metadata
Compilation timestamp:
1/8/2015 10:53:07 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:rQP1WIt/PcyQzktVF72ofLFCQUeXkS96WJW09:09WiHcWFdFCBk9vWs

Entry address:
0x13216E

Entry point:
60, E8, 00, 00, 00, 00, 58, 05, 9F, 02, 00, 00, 8B, 30, 03, F0, 2B, C0, 8B, FE, 66, AD, C1, E0, 0C, 8B, C8, 50, AD, 2B, C8, 03, F1, 8B, C8, 57, 51, 49, 8A, 44, 39, 06, 88, 04, 31, 75, F6, 8B, D6, 8B, CF, E8, 5C, 00, 00, 00, 5E, 5A, 2B, C0, 89, 04, 32, B4, 10, 2B, D0, 2B, C9, 3B, CA, 73, 26, 8B, D9, AC, 41, 24, FE, 3C, E8, 75, F2, 43, 83, C1, 04, AD, 0B, C0, 78, 06, 3B, C2, 73, E5, EB, 06, 03, C3, 78, DF, 03, C2, 2B, C3, 89, 46, FC, EB, D6, E8, 00, 00, 00, 00, 5F, 81, C7, 8C, FF, FF, FF, B0, E9, AA, B8, 9B...
 
[+]

Entropy:
7.6607

Packer / compiler:
ASPack v1.08.04

Code size:
229.5 KB (235,008 bytes)

The file avg antivirus free.exe has been seen being distributed by the following URL.

http://ttb.downhq.com/download/request/.../DgkZkiPO?__tc=1420768115.504&fileName=avg-antivirus-free

Remove avg antivirus free.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.