home

drvinst01.exe

inethnfd

The application drvinst01.exe, “inethnfd installer” has been detected as a potentially unwanted program by 32 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Product:
inethnfd

Description:
inethnfd installer

Version:
1.0.3.888

MD5:
1d13f771241f87911b5bd370101f37f0

SHA-1:
af7035f969bcda478e5e888becae71b566da473c

SHA-256:
4ff8e12e2e0bbf058cb63e6cfff8478685ea1ddefa800168368711f2198d6991

Scanner detections:
32 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 3:11:52 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.SwiftBrowse.AJ
868

Agnitum Outpost
Trojan.DL.Agent
7.1.1

AhnLab V3 Security
Adware/Win32.Agent
2014.08.19

Avira AntiVirus
Adware/SwiftBrowse.E
7.11.167.230

avast!
Win32:Malware-gen
2014.9-140919

AVG
Generic_r
2015.0.3346

Baidu Antivirus
Trojan.Win32.Downloader
4.0.3.14919

Bitdefender
Adware.SwiftBrowse.AJ
1.0.20.1310

Comodo Security
UnclassifiedMalware
19241

Dr.Web
Adware.Downware.7489
9.0.1.0262

Emsisoft Anti-Malware
Adware.SwiftBrowse.AJ
8.14.09.19.09

ESET NOD32
Win32/RiskWare.NetFilter (variant)
8.10277

Fortinet FortiGate
W32/Agent.HEQJ!tr
9/19/2014

F-Secure
Gen:Variant.Adware.Netfilter.2
11.2014-19-09_6

G Data
Adware.SwiftBrowse.AJ
14.9.24

IKARUS anti.virus
PUA.NetFilter
t3scan.1.7.5.0

K7 AntiVirus
Riskware
13.183.13086

Kaspersky
Trojan-Downloader.Win32.Agent
14.0.0.3225

Malwarebytes
PUP.Optional.OffersWizard.A
v2014.09.19.09

McAfee
RDN/Downloader.a!sj
5600.7002

Microsoft Security Essentials
Trojan:Win32/Comame!gmb
1.10903

MicroWorld eScan
Adware.SwiftBrowse.AJ
15.0.0.786

NANO AntiVirus
Trojan.Win32.Agent.dborhz
0.28.2.61721

nProtect
Adware.SwiftBrowse.AJ
14.08.18.01

Panda Antivirus
Trj/Genetic.gen
14.09.19.09

Qihoo 360 Security
Malware.Radar01.Gen
1.0.0.1015

Quick Heal
TrojanDownloader.Agent.r5
9.14.14.00

Sophos
Amonetize
4.98

Trend Micro House Call
TROJ_SPNR.0BHH14
7.2.262

Trend Micro
TROJ_SPNR.0BHH14
10.465.19

Vba32 AntiVirus
Trojan.Amon.9709
3.12.26.3

VIPRE Antivirus
Amonetize
32344

File size:
447.5 KB (458,193 bytes)

Copyright:
Copyright 2013-2014

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\drvinst01.exe

File PE Metadata
Compilation timestamp:
12/5/2009 5:50:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:XzffUNt3YueP43MJmYcSRDq6hSYh9CzeNkGGNaLMJteByc4QkP/KALDY6+s3tWut:7UAju8Z9tX2ze2772yco/p7ndf3

Entry address:
0x323F

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 98, 27, 7A, 00, E8, 09, 2C, 00, 00, A3, E4, 26, 7A, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, DC, 79, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, E0, 1E, 7A, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 80, 7A, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.9694

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

Remove drvinst01.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.