home

SearchSettings.exe

Search Settings

Flipora

The application SearchSettings.exe by Flipora has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Search Settings’. This file is typically installed with the program Search Settings by Spigot, Inc. which is a potentially unwanted software program.
Publisher:
Flipora  (signed and verified)

Product:
Search Settings

Version:
2.0.0.1

MD5:
531a1fba95350a3b24d50c2f67be24cc

SHA-1:
fd548270da86123d6874719939098491560b737e

SHA-256:
986e5a1158b2b68628b0456dc950786e4de6f3e1a4b0dd65f0cffba9e0414f9e

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/27/2024 3:28:13 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.8.16.13

File size:
135.3 KB (138,592 bytes)

Product version:
2.0.0.1

Copyright:
Copyright © 2002-2012

Original file name:
SearchSettings.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\searchsettings\searchsettings.exe

Digital Signature
Signed by:
Flipora

Authority:
VeriSign, Inc.

Valid from:
3/29/2012 1:00:00 AM

Valid to:
3/30/2015 12:59:59 AM

Subject:
CN=Flipora, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Flipora, L=Sunnyvale, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4E5D7F106293C44426F134E3A6C47BB9

File PE Metadata
Compilation timestamp:
11/20/2012 8:26:21 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:rKWo1NQrb+jM2rjeOwIzrBosHCiV/k1xkGvyk1njKoW7OkdHvO6V9/YC:rK7NDjMWXnrB5HCixk7k3dOkdHvO6V97

Entry address:
0x8CF0

Entry point:
E8, FE, 3A, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, 8D, 42, FF, 5B, C3, 8D, A4, 24, 00, 00, 00, 00, 8D, 64, 24, 00, 33, C0, 8A, 44, 24, 08, 53, 8B, D8, C1, E0, 08, 8B, 54, 24, 08, F7, C2, 03, 00, 00, 00, 74, 15, 8A, 0A, 83, C2, 01, 3A, CB, 74, CF, 84, C9, 74, 51, F7, C2, 03, 00, 00, 00, 75, EB, 0B, D8, 57, 8B, C3, C1, E3, 10, 56, 0B, D8, 8B, 0A, BF, FF, FE, FE, 7E, 8B, C1, 8B, F7, 33, CB, 03, F0, 03, F9, 83, F1, FF, 83, F0, FF, 33, CF, 33, C6, 83, C2, 04, 81, E1, 00, 01, 01, 81, 75, 1C, 25, 00...
 
[+]

Entropy:
6.3538

Code size:
87.5 KB (89,600 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Search Settings

Command:
C:\Program Files\searchsettings\searchsettings.exe


The file SearchSettings.exe has been discovered within the following program.

Search Settings  by Spigot, Inc.
Search Settings application is a process that runs in the background and prevents other programs from modifying the web browsers search and home page settings.
www.spigot.com/remove-search-settings.html
68% remove it
 
Powered by Should I Remove It?

Remove SearchSettings.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.