home

uninstalldt.exe

Search Results, LLC

The application uninstalldt.exe, “Uninstall DefaultTab” by Search Results has been detected as adware by 10 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program DefaultTab by Search Results, LLC.
Publisher:
Search Results, LLC  (signed and verified)

Product:
Search Results, LLC

Description:
Uninstall DefaultTab

Version:
1.0.6.0

MD5:
f9447d5e6189a0b34c9aace27b3576ca

SHA-1:
c7fe286c3ae44ee7201ce428083ebedf7f9632fb

SHA-256:
f12472b146c401970382e317f415cfdd1fd0d2a08ae463d40d2a7ba98d43bf9d

Scanner detections:
10 / 68

Status:
Adware

Analysis date:
4/16/2024 11:54:35 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

avast!
BHO-ANI [PUP]
2014.9-160213

Baidu Antivirus
Adware.Win32.DefaultTab
4.0.3.16213

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Trojan.Damaged.1
9.0.1.044

Emsisoft Anti-Malware
Android.Adware.Kuguo
8.16.02.13.11

ESET NOD32
Win32/Toolbar.DefaultTab.E potentially unwanted application
10.7.0.302.0

Reason Heuristics
PUP.SearchResults.Installer (M)
16.2.13.11

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
9326

VIPRE Antivirus
Threat.4729122
29708

File size:
621.6 KB (636,552 bytes)

Product version:
1.0.2.0

Copyright:
Search Results, LLC

Trademarks:
Search Results, LLC

Original file name:
uninstalldt.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\defaulttab\defaulttab\uninstalldt.exe

Digital Signature
Signed by:
Search Results, LLC

Authority:
COMODO CA Limited

Valid from:
4/24/2012 5:00:00 PM

Valid to:
4/25/2014 4:59:59 PM

Subject:
CN="Search Results, LLC", O="Search Results, LLC", STREET="2751 Hennepin Ave S #252", L=Minneapolis, S=MN, PostalCode=55405, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B6815DF3B6D64839E008D65B53EF0170

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:/pG44ICVjh1dXiyBGJa3pigJiPrEUXgdUv0oeeCZnwMwU/cmayQhXM:s44ICVjz5mepiks19WdwMF/vxoXM

Entry address:
0x192001

Entry point:
60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 20, 19, 00, 83, BD, 88, 04, 00, 00, 00, 89, 9D, 88, 04, 00, 00, 0F, 85, CB, 03, 00, 00, 8D, 85, 94, 04, 00, 00, 50, FF, 95, A9, 0F, 00, 00, 89, 85, 8C, 04, 00, 00, 8B, F0, 8D, 7D, 51, 57, 56, FF, 95, A5, 0F, 00, 00, AB, B0, 00, AE, 75, FD, 38, 07, 75, EE, 8D, 45, 7A, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72, 74, 75, 61, 6C, 46, 72, 65, 65, 00, 56, 69, 72, 74...
 
[+]

Entropy:
7.9717

Packer / compiler:
ASPack v2.12

Code size:
1.3 MB (1,350,144 bytes)

Program Uninstaller
Program name:
DefaultTab

Display publisher:
Search Results, LLC

Display version:
2.3.3.0

Uninstall string:
"C:\users\{user}\appdata\roaming\defaulttab\defaulttab\uninstalldt.exe"


Remove uninstalldt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.