home

smartsupporter_idprotectEx.exe

SmartSupporter

DGnetworks

The executable smartsupporter_idprotectEx.exe has been detected as malware by 5 anti-virus scanners. This is the uninstaller utility registered in the Windows Control Panel for the program SmartSupporterExtended.
Publisher:
디지네트웍스  (signed by DGnetworks)

Product:
SmartSupporter

Version:
1.0.0.1

MD5:
de51a1c423fae5c2bfd4de9a00640f78

SHA-1:
c1bd2ef302ba70b585810bf8dac9995d49035823

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
4/25/2024 4:32:53 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Trojan.Fakeav-5471
0.98/22533

ESET NOD32
Win32/TrojanDownloader.FakeAlert.BGT trojan
6.3.12010.0

F-Secure
Trojan.Generic.5461991
5.15.154

Kaspersky
HEUR:Trojan-FakeAV.Win32.Onescan
15.0.2.529

Microsoft Security Essentials
Rogue:Win32/Onescan
1.231.1890.0

File size:
176.1 KB (180,328 bytes)

Product version:
1.0.0.1

Copyright:
Copyright (C) 2010 디지네트웍스 All rights reserved.

Original file name:
smartsupporter_idprotectEx.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Windows\System32\smartsupporter_idprotectex.exe

Digital Signature
Signed by:
DGnetworks

Authority:
VeriSign, Inc.

Valid from:
1/25/2010 10:00:00 PM

Valid to:
1/26/2011 9:59:59 PM

Subject:
CN=DGnetworks, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=DGnetworks, L=Haeundae-gu, S=Pusan, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6B6B50D52CA11236EB3EF401CFC8ED

File PE Metadata
Compilation timestamp:
3/18/2010 11:44:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:ZnC9XS6a5WDnDY1UMLW5eMKLWNPS16DrXt8IB6VW0omqcrR1tI9j+v/:YXSqDY1UmzOPSeJl0hjrHWjg/

Entry address:
0x92280

Entry point:
60, BE, 00, 90, 46, 00, 8D, BE, 00, 80, F9, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Entropy:
7.8545

Packer / compiler:
UPX 2.90LZMA

Code size:
168 KB (172,032 bytes)

Program Uninstaller
Program name:
SmartSupporterExtended

Display version:
1.2

Uninstall string:
C:\WINDOWS\system32\smartsupporter_idprotectEx.exe /delete


Remove smartsupporter_idprotectEx.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.