» uninstalldt.exe
Overview
Analysis
File Details
Behaviors (1)

uninstalldt.exe

Search Results, LLC

The application uninstalldt.exe, “Uninstall DefaultTab” by Search Results has been detected as adware by 7 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program Defaulttab by Search Results, LLC.

File name:

uninstalldt.exe

Publisher:

Search Results, LLC (signed and verified)

Product:

Search Results, LLC

Description:

Uninstall DefaultTab

Version:

1.0.10.0

MD5:

b2e7588c1c222076fcd3c27742ad3b7f

SHA-1:

20107b1a3462c1f63ad0135af2c1b36011d3ce5c

SHA-256:

c6d7acfd6713b6c02a2625ea49934dda345b585a808ec02f770819711da443e4

Scanner detections:

7 / 68

Status:

Adware

Analysis date:

4/19/2024 9:43:10 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

Baidu Antivirus

Adware.Win32.DefaultTab

4.0.3.1497

Dr.Web

Adware.Plugin.196

9.0.1.0250

Emsisoft Anti-Malware

Android.Adware.Kuguo

8.14.09.07.05

Reason Heuristics

PUP.SearchResults.L

14.9.7.17

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10374

VIPRE Antivirus

Threat.4729122

29708

File size:

633.6 KB (648,840 bytes)

Product version:

1.0.2.0

Search Results, LLC

Trademarks:

Search Results, LLC

Original file name:

uninstalldt.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\windows defender\en-us\systemprofile\appdata\roaming\defaulttab\defaulttab\uninstalldt.exe

Digital Signature

Signed by:

Search Results, LLC

Authority:

COMODO CA Limited

Valid from:

4/24/2012 8:00:00 PM

Valid to:

4/25/2014 7:59:59 PM

Subject:

CN="Search Results, LLC", O="Search Results, LLC", STREET="2751 Hennepin Ave S #252", L=Minneapolis, S=MN, PostalCode=55405, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00B6815DF3B6D64839E008D65B53EF0170

File PE Metadata

Compilation timestamp:

6/19/1992 6:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:TEgKLQkQ0lglWlzfhJmFej/xktHJbKc6G3lF0KqcIe6fKmjGlQKt:TE/dalW/oSM/TF6g6fKnt

Entry address:

0x1A9001

Entry point:

60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 90, 1A, 00, 83, BD, 88, 04, 00, 00, 00, 89, 9D, 88, 04, 00, 00, 0F, 85, CB, 03, 00, 00, 8D, 85, 94, 04, 00, 00, 50, FF, 95, A9, 0F, 00, 00, 89, 85, 8C, 04, 00, 00, 8B, F0, 8D, 7D, 51, 57, 56, FF, 95, A5, 0F, 00, 00, AB, B0, 00, AE, 75, FD, 38, 07, 75, EE, 8D, 45, 7A, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72, 74, 75, 61, 6C, 46, 72, 65, 65, 00, 56, 69, 72, 74... 
[+]

Entropy:

7.9687

Packer / compiler:

ASPack v2.12

Code size:

1.3 MB (1,379,328 bytes)

Program Uninstaller

Program name:

Defaulttab

Display publisher:

Search Results, LLC

Display version:

2.4.8.2

Uninstall string:

"C:\Windows\system32\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\uninstalldt.exe"

Remove uninstalldt.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.