SOSVirus » news » PUP.Optional.Amonetize

PUP.Optional.Amonetize

Amonetize is an application that usually installs without your knowledge with free software downloads. Identified the 07/28/2015.

Features:

– It belongs to a family of PUP (Potentially Unwanted Program).
– Vendor : PUP.Optional

Main actions :

– It installs as a process launched at startup of the system (RP),
– It installs as a service to be launched each time the system (O23),(SS/SR).
– It creates to many registry keys ‘Software’
– It creates additional folders (O43),
– It moved to the Windows prefetcher folder (O45).
– It installs as a driver system (O58),
– It creates a Legacy pointing to a malware service, key in the registry. (O64)

ZHPDiag report:

– (…) — C:WINDOWSsystem32nethtsrv.exe
– (…) — C:WINDOWSsystem32netupdsrv.exe
– (.Copyright © 2015 – .) — C:Program FilesConcomConcom.exe
– (.Copyright © 2015 – .) — C:Program FilesNixSrvNixSrv.exe
– (.Copyright © 2015 – .) — C:Program FilesNixSrvpackagesb95f3ef7-d1ee-4f6c-abf8-f8082cd08549NixHost.exe
O23 – Service: NixSrv Service (NixSrv) . (.Copyright © 2015 – .) – C:Program FilesNixSrvNixSrv.exe
O23 – Service: Network HTTP Support Service (NetHttpService) . (…) – C:WINDOWSsystem32nethtsrv.exe
O23 – Service: Network Support Service Updater (ServiceUpdater) . (…) – C:WINDOWSsystem32netupdsrv.exe
O41 – Driver: (nethfdrv) . (.Pas de propriétaire – nethfdrv.sys.) – C:WINDOWSsystem32driversnethfdrv.sys
O41 – Driver: (nethfdrv) . (.nethfdrv – nethfdrv.) – C:Windowssystem32driversnethfdrv.sys
O43 – CFD: 2015/10/05 06:57:10 – [] D — C:Program FilesConcom
O43 – CFD: 2015/08/30 15:41:23 – [] D — C:Program FilesNixSrv
O58 – SDL:09/07/2014 – 08:28:46 —A- . (.Pas de propriétaire – nethfdrv.sys.) — C:WINDOWSsystem32Driversnethfdrv.sys
O64 – Services: CurCS – 09/07/2014 – C:WINDOWSsystem32driversnethfdrv.sys (nethfdrv) .(.Pas de propriétaire – nethfdrv.sys.) – LEGACY_NETHFDRV
O64 – Services: CurCS – 09/07/2014 – C:WINDOWSsystem32nethtsrv.exe (NetHttpService) .(…) – LEGACY_NETHTTPSERVICE
O64 – Services: CurCS – 09/07/2014 – C:WINDOWSsystem32netupdsrv.exe (ServiceUpdater) .(…) – LEGACY_SERVICEUPDATER
SR – Auto NixSrv Service (NixSrv) . (.Copyright © 2015.) – C:Program FilesNixSrvNixSrv.exe
SR – | Auto 09/07/2014 179200 | (NetHttpService) . (…) – C:WINDOWSsystem32nethtsrv.exe
SR – | Auto 09/07/2014 159744 | (ServiceUpdater) . (…) – C:WINDOWSsystem32netupdsrv.exe
SR – Auto Concom Service (Concom) . (.Copyright © 2015.) – C:Program FilesConcomConcom.exe

C:WINDOWSsystem32nethtsrv.exe
C:WINDOWSsystem32netupdsrv.exe
C:WINDOWSsystem32Driversnethfdrv.sys

Alias:

PUP.Optional.Amonetize.A
TR/Dldr.Agent.bvxcd
Win32:Downloader-VLS avast!
Win32/Amonetize.AZ
Adware.Win32.Amonetize
Adware.Downware.1400
a variant of Win32/Amonetize.I
Amonetize (fs)

Remove:

– Remove software in Windows Configuration Panel,
Remove with ZHPcleaner

Diagnose with ZHPDiag

1 Vote2 Votes3 Votes4 Votes5 Votes (No Ratings Yet)
SOSVirusLoading...

Leave a Comment