» netupdsrv.exe
Overview
Analysis
File Details

netupdsrv.exe

The application netupdsrv.exe has been detected as a potentially unwanted program by 28 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

netupdsrv.exe

Version:

1.2.0.5

MD5:

9b7c0d632d0e03df4382087108e6e130

SHA-1:

8374d780c9b0be7e49ccae2946f980fc9f6337f4

SHA-256:

04ff42ad587bf2f38241ecba0748ffb7f86646b9b11ff727d8de3e4f7509a7c4

Scanner detections:

28 / 68

Status:

Potentially unwanted

Analysis date:

5/4/2024 8:13:48 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Netfilter.2

488

Agnitum Outpost

PUA.Amonetize

7.1.1

AhnLab V3 Security

PUP/Win32.Amonetiz

2015.09.16

Avira AntiVirus

ADWARE/Amonetize.Gen7

8.3.2.2

Arcabit

Trojan.Adware.Netfilter.2

1.0.0.527

avast!

Win32:Evo-gen [Susp]

2014.9-151004

AVG

BundleApp

2016.0.2966

Baidu Antivirus

Adware.Win32.Amonetize

4.0.3.15104

Bitdefender

Gen:Variant.Adware.Netfilter.2

1.0.20.1385

Comodo Security

Application.Win32.Amonetize.DZ

23241

Dr.Web

Trojan.Amonetize.501

9.0.1.0277

Emsisoft Anti-Malware

Gen:Variant.Adware.Netfilter

8.15.10.04.10

ESET NOD32

Win32/Amonetize.DZ potentially unwanted (variant)

9.12258

Fortinet FortiGate

Riskware/Amonetize

10/4/2015

F-Prot

W32/NetFilter.B.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Adware.Netfilter

11.2015-04-10_1

G Data

Gen:Variant.Adware.Netfilter

15.10.25

Kaspersky

UDS:DangerousObject.Multi.Generic

14.0.0.1325

Malwarebytes

PUP.Optional.Amonetize

v2015.10.04.10

McAfee

Artemis!9B7C0D632D0E

5600.6622

MicroWorld eScan

Gen:Variant.Adware.Netfilter.2

16.0.0.831

Panda Antivirus

Trj/Genetic.gen

15.10.04.10

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1015

Reason Heuristics

PUP.Amonetize.Meta (M)

15.10.4.22

Rising Antivirus

PE:Adware.NetFilter!6.2395[F1]

23.00.65.151002

Sophos

Amonetize (PUA)

4.98

SUPERAntiSpyware

Adware.Netfilter/Variant

9589

VIPRE Antivirus

Amonetize

43780

File size:

186.5 KB (190,976 bytes)

Product version:

1.2.0.5

Original file name:

updaters.exe

File type:

Executable application (Win32 EXE)

Language:

Ingilizce (Birlesik Krallik)

Common path:

C:\windows\syswow64\netupdsrv.exe

File PE Metadata

Compilation timestamp:

7/30/2015 10:39:25 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

10.0

CTPH (ssdeep):

1536:/gWHN3Q5mYTjIMZZEPavKAIKh2WkEATmaRbGYdpqo20DKNVBQ1pALKeIE2JInLAJ://zUXvRh2WeKizf2DVgKgPwd6aJyb

Entry address:

0x11F25

Entry point:

E8, 2C, 96, 00, 00, E9, 95, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 14, B3, 42, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 14, B3, 42, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F... 
[+]

Code size:

140 KB (143,360 bytes)

Remove netupdsrv.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.