» onlinehdtv.exe
Overview
Analysis
File Details
Programs (1)
Downloads (1)

onlinehdtv.exe

Terra Firma Internet Consulting LTD

The application onlinehdtv.exe by Terra Firma Internet Consulting has been detected as adware by 13 anti-malware scanners. This file is typically installed with the program OnlineHDTV by OnlineHD.TV. The setup installer will bundle multiple adware offers during download and setup (based on the user's geographical location) including toolbars, extensions and coupon utilities. The file has been seen being downloaded from cmp.online-hd.tv.

File name:

onlinehdtv.exe

Publisher:

AtdheNetTVApp (signed by Terra Firma Internet Consulting LTD)

Product:

AtdheNetTVApp

Version:

2.0.0.1

MD5:

d324512df996bcdb5334156dfce69e8c

SHA-1:

56969f6413b66af39951cae44b15fa1286f8f12e

SHA-256:

0e0de12e15587fc950f7973d83ae08964a4722c69329ffb6e1f1afb59855e023

Scanner detections:

13 / 68

Status:

Adware

Explanation:

Bundles a number of adware programs in the installer.

Analysis date:

2/25/2025 6:54:02 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Generic.542265

1057

avast!

Win32:Downloader-TPG [PUP]

2014.9-140128

Bitdefender

Adware.Generic.542265

1.0.20.370

Dr.Web

Adware.Downware.625

9.0.1.028

Emsisoft Anti-Malware

Adware.Generic.542265

8.14.03.15.09

F-Secure

Adware.Generic.542265

11.2014-15-03_7

G Data

Adware.Generic.542265

14.3.22

herdProtect (fuzzy)

variant of onlinehdtvapp.exe (Adware)

2014.3.15.9

Malwarebytes

PUP.Optional.DealPly.A

v2014.01.28.11

MicroWorld eScan

Adware.Generic.542265

15.0.0.222

Reason Heuristics

PUP.TerraFirmaInternetConsulting.K

14.8.7.23

Trend Micro House Call

TROJ_GEN.F47V1021

7.2.28

VIPRE Antivirus

CoolMirage Ltd

24664

File size:

810.6 KB (830,056 bytes)

Product version:

2.0.0.1

Original file name:

AtdheNetTVApp.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\onlinehd.tv\onlinehdtv.exe

Digital Signature

Signed by:

Terra Firma Internet Consulting LTD

Authority:

Thawte, Inc.

Valid from:

5/21/2012 3:00:00 AM

Valid to:

5/15/2013 2:59:59 AM

Subject:

CN=Terra Firma Internet Consulting LTD, O=Terra Firma Internet Consulting LTD, L=Tel Aviv, S=Israel, C=IL

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

0A1E86793244EC30F46537E0AE0F0FB3

File PE Metadata

Compilation timestamp:

10/10/2012 10:01:00 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:vcpo37S8PkU27J43DGT/r2EBmeiGL8HopRLtd8elohMdiEJKXn+JsEU7+iT6g:v5kKGTDJseiGL8IDdCh5XnSU7+g

Entry address:

0x21375

Entry point:

E8, 62, 74, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63, FC, FF, E0, 5B, C9, C2, 08, 00, 58, 59, 87, 04, 24, FF, E0, 58, 59, 87, 04, 24, FF, E0, 58, 59, 87, 04, 24, FF, E0, 8B, FF, 55, 8B, EC, 51, 51, 53, 56, 57, 64, 8B, 35, 00, 00, 00, 00, 89, 75, FC, C7, 45, F8, F1, 13, 42, 00, 6A, 00, FF, 75, 0C, FF, 75, F8, FF, 75, 08, E8, EF, 06, 01, 00, 8B, 45, 0C, 8B... 
[+]

Entropy:

6.8907

Code size:

203.5 KB (208,384 bytes)

The file onlinehdtv.exe has been discovered within the following program.

OnlineHDTV by OnlineHD.TV

About 6% of users remove it

The file onlinehdtv.exe has been seen being distributed by the following URL.

http://cmp.online-hd.tv/OnlineHDTVApp.exe

Remove onlinehdtv.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.