home

opnsqr64.exe

OpinionSquare

TMRG, Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The application opnsqr64.exe by TMRG has been detected as adware by 7 anti-malware scanners. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
TMRG, Inc.  (signed by TMRG, Inc.)

Product:
OpinionSquare

Version:
1.0.8.1 (Build 8.1)

MD5:
a12b98a500aaae097fbb0aa7572adf13

SHA-1:
de01e254129387960681f50881755f45ba8ee691

SHA-256:
963a8f571f39497da98df928aeb617316b4c1870fd35ffddb238407b251e80fd

Scanner detections:
7 / 68

Status:
Adware

Analysis date:
6/2/2024 5:46:22 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
RelevantKnowledge
2015.0.3407

F-Prot
W64/Relevant.A2.gen
v6.4.7.1.166

K7 AntiVirus
Adware
13.170.9164

Panda Antivirus
Suspicious file
14.07.20.02

Reason Heuristics
PUP.TMRG.I
14.8.7.22

SUPERAntiSpyware
PUP.RelevantKnowledge
10472

VIPRE Antivirus
Adware.Win32.RelevantKnowledge.a
20164

File size:
199.5 KB (204,336 bytes)

Product version:
1.0.8.1 (Build 8.1)

Copyright:
Copyright © 2001-2004

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\opinionsquare\opnsqr64.exe

Digital Signature
Signed by:
TMRG, Inc.

Authority:
Thawte, Inc.

Valid from:
7/20/2011 5:00:00 PM

Valid to:
1/11/2013 3:59:59 PM

Subject:
CN="TMRG, Inc.", O="TMRG, Inc.", L=Reston, S=Virginia, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3E610C00C4D725B9689279CC88EEA594

File PE Metadata
Compilation timestamp:
6/19/2012 9:00:50 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
3072:v8Uq2LUqdKtkETTnK/LZHwZs8/EF+Yfs8IAgKb+MEk5ok2sM6:DqoQtksGFwZs8a+Yfs5P5+7z

Entry address:
0xCB7C

Entry point:
48, 83, EC, 28, E8, DF, 7B, 00, 00, 48, 83, C4, 28, E9, 56, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 8B, C1, 49, 83, F8, 08, 72, 53, 0F, B6, D2, 49, B9, 01, 01, 01, 01, 01, 01, 01, 01, 49, 0F, AF, D1, 49, 83, F8, 40, 72, 1E, 48, F7, D9, 83, E1, 07, 74, 06, 4C, 2B, C1, 48, 89, 10, 48, 03, C8, 4D, 8B, C8, 49, 83, E0, 3F, 49, C1, E9, 06, 75, 39, 4D, 8B, C8, 49, 83, E0, 07, 49, C1, E9, 03, 74, 11, 66, 66, 66, 90, 90, 48, 89, 11, 48, 83, C1, 08, 49, FF, C9, 75, F4...
 
[+]

Entropy:
6.1713

Code size:
129 KB (132,096 bytes)

Remove opnsqr64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.