basicserve_bscsrvwebd.exe
The application basicserve_bscsrvwebd.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. The file has been seen being downloaded from patch.checksquarespot.com.
File name:
basicserve_bscsrvwebd.exe
MD5:
ed694f988cb6ba0465e5d25e61a0b893
SHA-1:
3318066a58ecd452cfa675abf53165157da09987
SHA-256:
ebdb9c3e73caaf955348c44ab96cb1e53dd97ab0adc0579351b4973508ca250a
Scanner detections:
27 / 68
Status:
Potentially unwanted
Analysis date:
12/27/2024 12:56:40 AM UTC (today)
Scan engine
Detection
Engine version
Avira AntiVirus
ADWARE/Adware.Gen
7.11.108.72
avast!
Win32:Adware-AQG [PUP]
2014.9-130809
Baidu Antivirus
AdWare.Win32.OneStep
4.0.3.131126
Bitdefender
Trojan.Generic.9003604
1.0.20.1105
Boost by Reason
Optional.V
188163
Comodo Security
UnclassifiedMalware
17124
Dr.Web
Trojan.Searcher.1040
9.0.1.0221
Emsisoft Anti-Malware
Trojan.Generic.9003604
8.13.08.09.02
ESET NOD32
Win32/Adware.OneStep.CF
7.8932
Fortinet FortiGate
Riskware/OneStep
8/9/2013
F-Secure
Trojan.Generic.9003604
11.2013-26-11_3
G Data
Trojan.Generic.9003604
13.8.22
IKARUS anti.virus
AdWare.Win32.EoRezo
t3scan.2.0.3.0
K7 AntiVirus
Riskware
13.173.9906
Malwarebytes
Adware.OneStep
v2013.11.26.09
McAfee
Artemis!ED694F988CB6
5600.7162
MicroWorld eScan
Trojan.Generic.9003604
14.0.0.990
NANO AntiVirus
Trojan.Win32.OneStep.bpgzhz
0.26.0.55532
Norman
Troj_Generic.LWCGS
11.20130809
nProtect
Trojan.Generic.9003604
13.06.28.06
Panda Antivirus
Trj/CI.A
13.08.09.02
Rising Antivirus
Trojan.Win32.Generic.1490F648
23.00.65.131124
SUPERAntiSpyware
Adware.Zwangi
10668
Trend Micro House Call
TROJ_SPNR.0CE913
7.2.221
Trend Micro
TROJ_SPNR.0CE913
10.465.09
VIPRE Antivirus
Trojan.Win32.Generic
22494
File size:
1003.8 KB (1,027,914 bytes)
File type:
Executable application (Win32 EXE)
Common path:
C:\users\{user}\downloads\basicserve_bscsrvwebd.exe
Compilation timestamp:
2/17/2007 4:48:44 AM
CTPH (ssdeep):
24576:7Ei/W9Oz/4G5huYbTKd0yAoy26sPUjveLWXWMJyj28rgNt:IDOznKIKXAm6sMjveLoV9t
Code size:
23 KB (23,552 bytes)
The file basicserve_bscsrvwebd.exe has been seen being distributed by the following URL.