home

windismartsvc.exe

ModinSmart Service

USENET

The application windismartsvc.exe, “ModinSmart Diagnostics Service” by USENET has been detected as a potentially unwanted program by 17 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Windows MineService Diagnostics Service”.
Publisher:
PT.USENET  (signed by USENET)

Product:
ModinSmart Service

Description:
ModinSmart Diagnostics Service

Version:
1, 0, 0, 9

MD5:
0a1d600a4f1dd064310021086eec941f

SHA-1:
998d8cf5df8b4bcb65d9c57dce9ca9bf6e2afdc1

SHA-256:
eb824a77fa2a0761ad5efa647f369d2ec9aef0a29ba9a6f00298a4f36b7bf3f3

Scanner detections:
17 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 4:32:01 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Generic.407858
357

Avira AntiVirus
SPR/Tool.86928
7.11.125.80

avast!
Win32:Adware-ADQ [PUP]
2014.9-160213

AVG
Generic5
2017.0.2835

Bitdefender
Application.Generic.407858
1.0.20.220

Comodo Security
UnclassifiedMalware
17614

ESET NOD32
Win32/Adware.Kraddare.FQ (variant)
10.9293

F-Secure
Application.Generic.407858
11.2016-13-02_7

G Data
Application.Generic.407858
16.2.24

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.2.29

Malwarebytes
Adware.Korad.Gen
v2016.02.13.07

MicroWorld eScan
Application.Generic.407858
17.0.0.132

NANO AntiVirus
Trojan.Win32.Kraddare.cohirs
0.28.0.57029

Panda Antivirus
Suspicious file
16.02.13.07

Sophos
Kraddare
4.96

Trend Micro House Call
TROJ_GEN.R0CBH0ALQ13
7.2.44

VIPRE Antivirus
Trojan.Win32.Generic
25450

File size:
84.9 KB (86,928 bytes)

Product version:
1, 0, 0, 9

Copyright:
Copyright (C) 2009

Trademarks:
ModinSmart

Original file name:
windismartsvc.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\syswow64\windismartsvc.exe

Digital Signature
Signed by:
USENET

Authority:
VeriSign, Inc.

Valid from:
4/1/2011 9:00:00 AM

Valid to:
4/1/2012 8:59:59 AM

Subject:
CN=USENET, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=USENET, L=Kumingan Barat No.8, S=Jakarta, C=ID

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
135E046F1C85E3B019A1844C115E3464

File PE Metadata
Compilation timestamp:
12/7/2011 6:57:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:rW0Un8vBR6cPlePiPn1RpVSpE1H8SwIYPWVkSzEqhCEjKPlquPJskmLtlMUH1G/F:rTxeuqpEcSLVkSLjlaJHmLtlq/EDA

Entry address:
0x5DEE

Entry point:
55, 8B, EC, 6A, FF, 68, 40, D2, 40, 00, 68, 68, 9D, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 6C, D1, 40, 00, 33, D2, 8A, D4, 89, 15, D4, 35, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, D0, 35, 41, 00, C1, E1, 08, 03, CA, 89, 0D, CC, 35, 41, 00, C1, E8, 10, A3, C8, 35, 41, 00, 33, F6, 56, E8, A2, 10, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 51, 3D, 00, 00, FF, 15, 68, D1, 40, 00, A3, 28, 4C, 41, 00, E8...
 
[+]

Entropy:
5.4157

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
48 KB (49,152 bytes)

Service
Display name:
Windows MineService Diagnostics Service

Description:
Enables the diagnostic of MineService.

Type:
Win32OwnProcess


Remove windismartsvc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.