home

avs media player.exe

AVS Media Player

Solimba Aplicaciones S.L.

This is the Solimba installer program that will bundle additional offers mostly including adware and various unwanted PC utilities. The application avs media player.exe by Solimba Aplicaciones S.L has been detected as adware by 29 anti-malware scanners. The program is a setup application that uses the Solimba DownloadMR installer. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from d3uetqjthbb4x1.cloudfront.net and multiple other hosts.
Publisher:
Solimba Aplicaciones S.L.  (signed and verified)

Product:
AVS Media Player

Version:
2.1.816.0

MD5:
86c1f0d2b9075139f69224e114922ab3

SHA-1:
dd5bf133877e299cddfef65e2044c4428a81ecb4

SHA-256:
3333dd546a21a377788d6576f15f2e9be09ad02c9808d88dac633b9f84ea469d

Scanner detections:
29 / 68

Status:
Adware

Explanation:
Uses the Solimba installer to bundle adware offers.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/19/2024 3:54:03 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Solimba.I
853

Agnitum Outpost
Adware.Solimba
7.1.1

Avira AntiVirus
APPL/Solimba.Gen
7.11.88.224

avast!
NSIS:Dmgr-C [PUP]
2014.9-141004

AVG
Downloader.Generic12
2015.0.3331

Bitdefender
Adware.Solimba.H
1.0.20.1385

Clam AntiVirus
WIN.Adware.Solimba-3
0.98/18155

Comodo Security
ApplicUnwnt
16548

Dr.Web
Adware.Downware.798
9.0.1.0277

Emsisoft Anti-Malware
Adware.Solimba
8.14.10.04.06

ESET NOD32
MSIL/Solimba (variant)
8.8529

Fortinet FortiGate
Riskware/Solimba.C
10/4/2014

F-Prot
W32/Downloader.DQ.gen
v6.4.7.1.166

F-Secure
Adware.Solimba.H
11.2014-04-10_7

G Data
Adware.Solimba
14.10.22

K7 AntiVirus
Riskware
13.170.8961

Kaspersky
not-a-virus:HEUR:WebToolbar.NSIS.Solimba
14.0.0.3151

Malwarebytes
PUP.AdBundler
v2014.10.04.06

McAfee
Artemis!86C1F0D2B907
5600.6987

MicroWorld eScan
Adware.Solimba.I
15.0.0.831

nProtect
Adware.Solimba.H
13.07.05.04

Qihoo 360 Security
Win32/Virus.IM.ee1
1.0.0.1015

Quick Heal
AdWare.MSIL.Solimba.c (Not a Virus)
10.14.12.00

Reason Heuristics
PUP.SolimbaAplicacionesSL.Q
14.10.4.18

Sophos
DownloadMR
4.90

SUPERAntiSpyware
Trojan.Agent/Gen-MSIL
10319

Trend Micro House Call
TROJ_GEN.RCBH1GO
7.2.277

Vba32 AntiVirus
Downware.Morstar
3.12.24.3

VIPRE Antivirus
DownloadMR
19314

File size:
138.6 KB (141,880 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Solimba DownloadMR

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\avs media player.exe

Digital Signature
Signed by:
Solimba Aplicaciones S.L.

Authority:
VeriSign, Inc.

Valid from:
5/15/2011 5:00:00 PM

Valid to:
5/15/2013 4:59:59 PM

Subject:
CN=Solimba Aplicaciones S.L., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Solimba Aplicaciones S.L., L=Badalona, S=Barcelona, C=ES

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
450EE582E26020D5F7632F2BECC6C5BD

File PE Metadata
Compilation timestamp:
8/30/2011 8:46:24 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.21

CTPH (ssdeep):
3072:xnOn7t7XpdpCCTg/sxFgJMeq8KgCeEIRckbs4WN5xWq7IJR0n:xKpdcCrTv8KJyqExkWvJSn

Entry address:
0x4327

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, FF, 15, 74, 83, 42, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 58, 84, 42, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, 98, 84, 42, 00, 56, A3, 40, 6B, 42, 00, C7, 04, 24, 08, 00, 00, 00, E8, 8D, 3B, 00, 00, A3, 9C, 6B, 42, 00, 8D, 85, 84, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 01, B3, 40, 00, FF, 15, AC, 84, 42, 00, 83, EC, 14, C7, 44, 24, 04, 02, B3, 40, 00, C7...
 
[+]

Entropy:
7.2886

Code size:
34.5 KB (35,328 bytes)

The file avs media player.exe has been seen being distributed by the following 2 URLs.

http://d3uetqjthbb4x1.cloudfront.net/2.1.721/.../AVS Media Player.exe

http://d3uetqjthbb4x1.cloudfront.net/2.1.816/.../AVS Media Player.exe

Remove avs media player.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.