home

dsrsetup.exe

Keep-My-Search LTD

The application dsrsetup.exe by Keep-My-Search has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program Yahoo! Search by Pay-By-Ads.
Publisher:
Keep-My-Search LTD  (signed and verified)

Version:
1.3.0.0

MD5:
871b5208fad6c12da7a16804f415cc0c

SHA-1:
38ab7ddef2d9f8b6c28e7227cc0b0bf76b9f8f8a

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/4/2024 5:06:00 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Montiera (M)
17.1.23.0

File size:
472.8 KB (484,096 bytes)

Copyright:
All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\pay-by-ads\yahoo! search\1.4.2.5\dsrsetup.exe

Digital Signature
Signed by:
Keep-My-Search LTD

Authority:
DigiCert Inc

Valid from:
9/8/2014 2:00:00 AM

Valid to:
11/12/2015 1:00:00 PM

Subject:
CN=Keep-My-Search LTD, O=Keep-My-Search LTD, L=Tel Aviv, C=IL

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
087407E453FFF7E46DB51873975E63CB

File PE Metadata
Compilation timestamp:
9/22/2015 9:55:53 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x3804A

Entry point:
E8, 63, 85, 00, 00, E9, 89, FE, FF, FF, B8, F7, 10, 44, 00, A3, 60, 54, 46, 00, C7, 05, 64, 54, 46, 00, ED, 07, 44, 00, C7, 05, 68, 54, 46, 00, A1, 07, 44, 00, C7, 05, 6C, 54, 46, 00, DA, 07, 44, 00, C7, 05, 70, 54, 46, 00, 43, 07, 44, 00, A3, 74, 54, 46, 00, C7, 05, 78, 54, 46, 00, 6F, 10, 44, 00, C7, 05, 7C, 54, 46, 00, 5F, 07, 44, 00, C7, 05, 80, 54, 46, 00, C1, 06, 44, 00, C7, 05, 84, 54, 46, 00, 4D, 06, 44, 00, C3, 8B, FF, 55, 8B, EC, E8, 96, FF, FF, FF, 83, 7D, 08, 00, 74, 05, E8, 51, 90, 00, 00, DB...
 
[+]

Code size:
315 KB (322,560 bytes)

Program Uninstaller
Program name:
Yahoo! Search

Display publisher:
Pay-By-Ads

Uninstall string:
"C:\Program Files\Pay-By-Ads\Yahoo! Search\1.4.2.5\dsrsetup.exe" /uninstl


Remove dsrsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.