home

ServUTray.exe

Serv-U FTP 服务器

Rhino Software, Inc. +1(262) 560-9627

The application ServUTray.exe has been detected as a potentially unwanted program by 16 anti-malware scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘ServUTrayIcon’. The setup routine uses the RevenYou.Com Pay Per Install platform (OutBrowse) which bundles additional software offers inclduing toolbars, extensions, PC utilities as well as other PUPs.
Publisher:
Rhino Software, Inc. +1(262) 560-9627

Product:
Serv-U FTP 服务器

Description:
Serv-U 系统托盘状态程序

Version:
6, 4, 0, 2

MD5:
1c3d527a4a7d604669d8c7513da2cbc8

SHA-1:
e847d710f5b2b5f1c7ca09d5b15ed22be0817fef

SHA-256:
11aa4bb14ee3881d7a73b0b5b601453887cbd1db1148f12fe4c14e10be8a8c86

Scanner detections:
16 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Analysis date:
8/19/2025 1:24:24 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/Servu.102400
8.3.3.4

AVG
ServU
2018.0.2438

Comodo Security
UnclassifiedMalware
26152

ESET NOD32
Win32/ServU-Daemon.AA potentially unsafe (variant)
11.14483

Fortinet FortiGate
Riskware/Serv_U
3/16/2017

F-Prot
W32/MalwareS.BKAS
v6.4.7.1.166

F-Secure
Riskware:W32/ServU
11.2017-16-03_5

G Data
Win32.Application.Agent.I91UQL
17.3.25

IKARUS anti.virus
not-a-virus:Server-FTP.Win32.Serv-U
t3scan.2.1.16.0

K7 AntiVirus
Unwanted-Program
13.245.21578

Kaspersky
not-a-virus:Server-FTP.Win32.Serv-U
14.0.0.-1316

McAfee
Generic PUP
5600.6094

NANO AntiVirus
Riskware.Win32.ServU.bqmgb
1.0.70.13328

VIPRE Antivirus
Server-FTP.Win32.Serv-U.gen (not malicious)
53956

ViRobot
ServerFTP.ServU.102400[h]
2014.3.20.0

Zillya! Antivirus
Adware.OutBrowse.Win32.77761
2.0.0.3127

File size:
100 KB (102,400 bytes)

Product version:
6, 4, 0, 2

Copyright:
版权所有 (c) 1995-2007 - Rhino Software, Inc.

Trademarks:
Serv-U 是 Rhino Software, Inc. 的商标

Original file name:
ServUTray.exe

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
1/29/2007 10:04:02 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x2D5D

Entry point:
E8, 2F, 55, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, E0, 68, 41, 00, 89, 0D, DC, 68, 41, 00, 89, 15, D8, 68, 41, 00, 89, 1D, D4, 68, 41, 00, 89, 35, D0, 68, 41, 00, 89, 3D, CC, 68, 41, 00, 66, 8C, 15, F8, 68, 41, 00, 66, 8C, 0D, EC, 68, 41, 00, 66, 8C, 1D, C8, 68, 41, 00, 66, 8C, 05, C4, 68, 41, 00, 66, 8C, 25, C0, 68, 41, 00, 66, 8C, 2D, BC, 68, 41, 00, 9C, 8F, 05, F0, 68, 41, 00, 8B, 45, 00, A3, E4, 68, 41, 00, 8B, 45, 04, A3, E8, 68, 41, 00, 8D, 45, 08, A3, F4, 68, 41, 00, 8B...
 
[+]

Entropy:
5.7577

Code size:
64 KB (65,536 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ServUTrayIcon

Command:
C:\serv-u\servutray.exe


Remove ServUTray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.