home

timeAdd.exe

HOW SOFT

The application timeAdd.exe by HOW SOFT has been detected as a potentially unwanted program by 10 anti-malware scanners.
Publisher:
하우소프트  (signed by HOW SOFT)

Description:
timeAdd

Version:
2013.7.18.2

MD5:
c6b6ce72b32c5aa47d0bb8781478ca49

SHA-1:
b71d72de748f5cbed4d2ee46e9cc1307ada99baf

SHA-256:
71c97bce9bbeb1964adffacdb23121378897a3498907a255785a56f7d21649e1

Scanner detections:
10 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 5:12:11 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:HowSoft-A [PUP]
2014.9-151015

AVG
Win32/DH{gQwuICQiJYESPA}
2016.0.2956

Dr.Web
Trojan.Adkor.113
9.0.1.0288

Kaspersky
not-a-virus:AdWare.Win32.Kraddare
14.0.0.1273

Malwarebytes
Trojan.Msidebar
v2015.10.15.11

McAfee
Artemis!C6B6CE72B32C
5600.6612

Quick Heal
AdWare.Kraddare.r9 (Not a Virus)
10.15.14.00

Reason Heuristics
PUP.Hue Communication.HOWSOFT (M)
15.10.15.11

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.4

ViRobot
Adware.WinSearch.672800[h]
2014.3.20.0

File size:
657 KB (672,800 bytes)

Product version:
2013.7.18.2

Copyright:
Copyright(c) 2009 by howcodec All rights reserved.

Original file name:
timeAdd.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\windowsearch\timeadd.exe

Digital Signature
Signed by:
HOW SOFT

Authority:
Thawte, Inc.

Valid from:
1/31/2013 9:00:00 AM

Valid to:
3/3/2015 8:59:59 AM

Subject:
CN=HOW SOFT, OU=IT Team, O=HOW SOFT, L=Guro-gu, S=SEOUL, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7BA3F775C5D05768F56F97039538592C

File PE Metadata
Compilation timestamp:
7/18/2013 2:14:36 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:xAZNh0QU3vMAkBAmEEMg/7TzQBJQ5d/eSR4cFK2nIw93B8hM:KZzXHTBAuMk7TzQg5BRScDahM

Entry address:
0x8CAA8

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, 8C, AE, 48, 00, E8, 97, A2, F7, FF, 68, 24, CB, 48, 00, 6A, FF, 6A, 00, E8, 5D, A4, F7, FF, 8B, D8, 85, DB, 74, 51, E8, 2A, A5, F7, FF, 85, C0, 75, 48, A1, C8, FA, 48, 00, 8B, 00, E8, E2, 12, FD, FF, A1, C8, FA, 48, 00, 8B, 00, B2, 01, E8, AC, 31, FD, FF, 8B, 0D, 24, FD, 48, 00, A1, C8, FA, 48, 00, 8B, 00, 8B, 15, 78, 6B, 48, 00, E8, D4, 12, FD, FF, A1, C8, FA, 48, 00, 8B, 00, E8, 00, 14, FD, FF, 85, DB, 74, 06, 53, E8, D6, A3, F7, FF, 5B, E8, 84, 7E, F7, FF, 74, 69, 6D, 65...
 
[+]

Entropy:
6.6180

Developed / compiled with:
Microsoft Visual C++

Code size:
556 KB (569,344 bytes)

Remove timeAdd.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.