home

drvinst001.exe

inethnfd

The application drvinst001.exe, “inethnfd installer” has been detected as a potentially unwanted program by 34 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Product:
inethnfd

Description:
inethnfd installer

Version:
1.0.2.317

MD5:
654e099c34822c03a65e4b944b3815ef

SHA-1:
57ff51d9bd97658ad63ff48b952a70d559159b99

SHA-256:
37b3ec97b31117fb93940ca6cb11323a23a1f65f75f62596a5e1d382dc6a4f10

Scanner detections:
34 / 68

Status:
Potentially unwanted

Analysis date:
4/27/2024 3:52:29 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.SwiftBrowse.AJ
868

Agnitum Outpost
Trojan.DL.Agent
7.1.1

AhnLab V3 Security
Adware/Win32.Agent
2014.08.07

Avira AntiVirus
Adware/SwiftBrowse.E
7.11.165.156

avast!
Win32:Malware-gen
2014.9-140919

AVG
Generic_r
2015.0.3346

Baidu Antivirus
Trojan.Win64.Adload
4.0.3.14919

Bitdefender
Adware.SwiftBrowse.AJ
1.0.20.1310

Comodo Security
UnclassifiedMalware
19110

Dr.Web
Trojan.DownLoader11.19028
9.0.1.0262

Emsisoft Anti-Malware
Adware.SwiftBrowse.AJ
8.14.09.19.09

ESET NOD32
Win32/RiskWare.NetFilter (variant)
8.10217

Fortinet FortiGate
W32/Agent.HEQJ!tr
9/19/2014

F-Secure
Gen:Variant.Adware.SwiftBrowse.3
11.2014-19-09_6

G Data
Adware.SwiftBrowse.AJ
14.9.24

IKARUS anti.virus
PUA.NetFilter
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.183.12981

Kaspersky
Trojan-Downloader.Win32.Agent
14.0.0.3225

Malwarebytes
PUP.Optional.OffersWizard.A
v2014.09.19.09

McAfee
Artemis!654E099C3482
5600.7002

Microsoft Security Essentials
Trojan:Win32/Comame!gmb
1.10802

MicroWorld eScan
Adware.SwiftBrowse.AJ
15.0.0.786

NANO AntiVirus
Trojan.Win32.Agent.dbotfl
0.28.2.61349

Norman
Troj_Generic.VEVAT
11.20140919

nProtect
Adware.SwiftBrowse.AJ
14.08.06.01

Panda Antivirus
Trj/Genetic.gen
14.09.19.09

Qihoo 360 Security
Malware.Radar01.Gen
1.0.0.1015

Rising Antivirus
PE:Trojan.Win32.Generic.17129B10!387095312
23.00.65.14917

Sophos
Amonetize
4.98

Trend Micro House Call
TROJ_GEN.R047C0PH214
7.2.262

Trend Micro
TROJ_GEN.R047C0PH214
10.465.19

Vba32 AntiVirus
Trojan.Amon.9709
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
32006

File size:
446.6 KB (457,334 bytes)

Copyright:
Copyright 2013-2014

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\drvinst001.exe

File PE Metadata
Compilation timestamp:
12/5/2009 5:50:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:v/WPTaPAEHMI+56DtY9LLFUh+jQ0d5gbP6By2yX:v+uPHETHFUh+jQQ5QXX

Entry address:
0x323F

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 98, 27, 7A, 00, E8, 09, 2C, 00, 00, A3, E4, 26, 7A, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, DC, 79, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, E0, 1E, 7A, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 80, 7A, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.9697

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

Remove drvinst001.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.