home

uninstalldt.exe

Search Results, LLC

The application uninstalldt.exe, “Uninstall DefaultTab” by Search Results has been detected as adware by 8 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program DefaultTab by Search Results, LLC.
Publisher:
Search Results, LLC  (signed and verified)

Product:
Search Results, LLC

Description:
Uninstall DefaultTab

Version:
1.0.6.0

MD5:
0b77ddfc9c45a0255e53718fb35a054d

SHA-1:
8fa2d844bfcf2ab3aba53f1f9b3d62d51b9ea2b3

SHA-256:
a3bc75ac3b890db2643ded3b3bc94f13648a0312a155ad4bf8b7fa08684c50c6

Scanner detections:
8 / 68

Status:
Adware

Analysis date:
5/8/2024 6:51:01 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

Baidu Antivirus
Adware.Win32.DefaultTab
4.0.3.141016

Dr.Web
Trojan.Damaged.1
9.0.1.0289

Emsisoft Anti-Malware
Android.Adware.Kuguo
8.14.10.16.08

ESET NOD32
Win32/Toolbar.DefaultTab.E potentially unwanted application
8.7.0.302.0

Reason Heuristics
PUP.SearchResults.L
14.10.16.8

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10296

VIPRE Antivirus
Threat.4729122
29708

File size:
621.6 KB (636,552 bytes)

Product version:
1.0.2.0

Copyright:
Search Results, LLC

Trademarks:
Search Results, LLC

Original file name:
uninstalldt.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\defaulttab\defaulttab\uninstalldt.exe

Digital Signature
Signed by:
Search Results, LLC

Authority:
COMODO CA Limited

Valid from:
4/25/2012 3:00:00 AM

Valid to:
4/26/2014 2:59:59 AM

Subject:
CN="Search Results, LLC", O="Search Results, LLC", STREET="2751 Hennepin Ave S #252", L=Minneapolis, S=MN, PostalCode=55405, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B6815DF3B6D64839E008D65B53EF0170

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:0pG44ICVjh1dXiyBGJa3pigJiPrEUXgdUv0oeeCZnwMDU/cmayQhX5:h44ICVjz5mepiks19WdwMA/vxoX5

Entry address:
0x192001

Entry point:
60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 20, 19, 00, 83, BD, 88, 04, 00, 00, 00, 89, 9D, 88, 04, 00, 00, 0F, 85, CB, 03, 00, 00, 8D, 85, 94, 04, 00, 00, 50, FF, 95, A9, 0F, 00, 00, 89, 85, 8C, 04, 00, 00, 8B, F0, 8D, 7D, 51, 57, 56, FF, 95, A5, 0F, 00, 00, AB, B0, 00, AE, 75, FD, 38, 07, 75, EE, 8D, 45, 7A, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72, 74, 75, 61, 6C, 46, 72, 65, 65, 00, 56, 69, 72, 74...
 
[+]

Entropy:
7.9716

Packer / compiler:
ASPack v2.12

Code size:
1.3 MB (1,350,144 bytes)

Program Uninstaller
Program name:
DefaultTab

Display publisher:
Search Results, LLC

Display version:
2.3.1.0

Uninstall string:
"C:\users\{user}\appdata\roaming\defaulttab\defaulttab\uninstalldt.exe"


Remove uninstalldt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.