home

uninstalldt.exe

Search Results, LLC

The application uninstalldt.exe, “Uninstall DefaultTab” by Search Results has been detected as adware by 9 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program Defaulttab by Search Results, LLC.
Publisher:
Search Results, LLC  (signed and verified)

Product:
Search Results, LLC

Description:
Uninstall DefaultTab

Version:
1.0.7.0

MD5:
9d64148137e382f20fc1553eb46aeac1

SHA-1:
5a70afea578d440bda29a561e7d35fbf1f4db32e

SHA-256:
1fff845b3b2d3a135634f250190805113052dcff15d10527a7e23cb20016b451

Scanner detections:
9 / 68

Status:
Adware

Analysis date:
4/25/2024 1:28:20 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

Baidu Antivirus
PUA.Win32.DefaultTab
4.0.3.15413

Dr.Web
Trojan.Damaged.1
9.0.1.0103

Emsisoft Anti-Malware
Android.Adware.Kuguo
8.15.04.13.01

ESET NOD32
Win32/Toolbar.DefaultTab.E potentially unwanted application
9.7.0.302.0

herdProtect (fuzzy)
variant of uninstalldt.exe.vir (Adware)
2015.7.15.10

Reason Heuristics
PUP.Installer.SearchResults
15.4.13.9

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
9938

VIPRE Antivirus
Threat.4729122
29708

File size:
629.1 KB (644,232 bytes)

Product version:
1.0.2.0

Copyright:
Search Results, LLC

Trademarks:
Search Results, LLC

Original file name:
uninstalldt.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\defaulttab\defaulttab\uninstalldt.exe

Digital Signature
Signed by:
Search Results, LLC

Authority:
COMODO CA Limited

Valid from:
4/24/2012 8:00:00 PM

Valid to:
4/25/2014 7:59:59 PM

Subject:
CN="Search Results, LLC", O="Search Results, LLC", STREET="2751 Hennepin Ave S #252", L=Minneapolis, S=MN, PostalCode=55405, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B6815DF3B6D64839E008D65B53EF0170

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:UPQj3qiS4Y5UbUjOJGgehnJOntSdX30t1+gD7J5Uxnb99KpvUmI9Nm2:ma3qi2u4J94nDtjD7jUxnx9KpvrQNm2

Entry address:
0x197001

Entry point:
60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 70, 19, 00, 83, BD, 88, 04, 00, 00, 00, 89, 9D, 88, 04, 00, 00, 0F, 85, CB, 03, 00, 00, 8D, 85, 94, 04, 00, 00, 50, FF, 95, A9, 0F, 00, 00, 89, 85, 8C, 04, 00, 00, 8B, F0, 8D, 7D, 51, 57, 56, FF, 95, A5, 0F, 00, 00, AB, B0, 00, AE, 75, FD, 38, 07, 75, EE, 8D, 45, 7A, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72, 74, 75, 61, 6C, 46, 72, 65, 65, 00, 56, 69, 72, 74...
 
[+]

Entropy:
7.9689

Packer / compiler:
ASPack v2.12

Code size:
1.3 MB (1,365,504 bytes)

Program Uninstaller
Program name:
Defaulttab

Display publisher:
Search Results, LLC

Display version:
2.4.4.1

Uninstall string:
"C:\users\{user}\appdata\roaming\defaulttab\defaulttab\uninstalldt.exe"


Remove uninstalldt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.