» wpc_mystartsearch.exe
Overview
Analysis
File Details

wpc_mystartsearch.exe

3417_wpc_mystartsearch

768

The application wpc_mystartsearch.exe has been detected as a potentially unwanted program by 16 anti-malware scanners.

File name:

Publisher:

768

Product:

3417_wpc_mystartsearch

Description:

768

Version:

6,3,7601,2068

MD5:

803b92cb8ef6bf7438649a404946a3ab

SHA-1:

89c075607e493897beb24873a470c1db6215a478

SHA-256:

a6814922a02c20b3e0ce1f50f3687a7722068cf27181f33949588abcd3541cfc

Scanner detections:

16 / 68

Status:

Potentially unwanted

Analysis date:

12/26/2024 1:01:50 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Riskware.Agent

7.1.1

avast!

Win32:WrongInf-A [Susp]

2014.9-150504

Baidu Antivirus

Adware.Win32.ELEX

4.0.3.1582

Bkav FE

W32.HfsAdware

1.3.0.6379

Clam AntiVirus

W32.Sality-56

0.98/21511

Comodo Security

Win32.Kashu.B

22000

ESET NOD32

Win32/ELEX.DY potentially unwanted (variant)

9.11722

herdProtect (fuzzy)

variant of tti_omniboxes.exe (Adware)

2015.8.2.18

IKARUS anti.virus

Trojan.Win32.Genome

t3scan.1.8.9.0

K7 AntiVirus

Adware

13.204.16108

Malwarebytes

PUP.Optional.Omniboxes.A

v2015.08.02.06

NANO AntiVirus

Virus.Win32.Sality.bgiylc

0.30.24.1357

Quick Heal

PUA.MSJDGBTIR.OD6

8.15.14.00

Reason Heuristics

Threat.Win.Reputation.IMP

15.5.4.12

Sophos

Elex

4.98

VIPRE Antivirus

Threat.4655019

39486

File size:

470.8 KB (482,070 bytes)

Product version:

6,3,7601,2068

mysl

Original file name:

768

File type:

Executable application (Win32 EXE)

Language:

English

Common path:

C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\temp\wpc_mystartsearch.exe

File PE Metadata

Compilation timestamp:

3/27/2015 10:00:20 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:4ICUcYNzj0jO2WMux0Y7XZir3RYA2vfPW17aTBFZMf1sJKqmk:C2/fXC2Jir3Klvf47aTfZMfimk

Entry address:

0x1F7DC

Entry point:

E8, 94, 6F, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, B4, BB, 46, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, A8, 80, 46, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, B4, BB, 46, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85... 
[+]

Code size:

335.5 KB (343,552 bytes)

Remove wpc_mystartsearch.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.