home

dsrlte.exe

Montiera Technologies LTD

It is part of the Montiera web browser toolbar monetization platform which injects browser search and advertising within the user's web browser. The application dsrlte.exe by Montiera Technologies has been detected as adware by 18 anti-malware scanners. This file is typically installed with the program Yahoo! Search by Pay-by-Ads Ltd which is a potentially unwanted software program. It is also typically executed from the user's temporary directory.
Publisher:
Pay By Ads LTD  (signed by Montiera Technologies LTD)

Version:
1.3.0.0

MD5:
10bb309d76aa3bd20feb3e8e472529fd

SHA-1:
943a660c74eb51a7f2c38779ea02d560fb9c7320

SHA-256:
7e4dd9bd8042da4c5f52a7536d07c90b52e4d05ac1104b1238573e2dbebfa8c3

Scanner detections:
18 / 68

Status:
Adware

Analysis date:
11/5/2024 4:35:09 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Strictor.64185
750

avast!
Win32:Malware-gen
2014.9-150116

AVG
Montiera
2015.0.3370

Baidu Antivirus
PUA.Win32.Montiera
4.0.3.14826

Bitdefender
Gen:Variant.Application.Strictor.64185
1.0.20.80

ESET NOD32
Win32/Toolbar.Montiera.L potentially unwanted application
7.0.302.0

F-Secure
Gen:Variant.Application.Strictor
11.2015-16-01_6

G Data
Gen:Variant.Application.Strictor.64185
15.1.24

K7 AntiVirus
Unwanted-Program
13.188.14440

Kaspersky
not-a-virus:WebToolbar.Win32.Montiera
14.0.0.3172

Malwarebytes
PUP.Optional.PayByAds.A
v2014.08.26.07

McAfee
Artemis!10BB309D76AA
5600.6884

MicroWorld eScan
Gen:Variant.Application.Strictor.64185
16.0.0.48

Panda Antivirus
Trj/Chgt.B
14.09.30.02

Reason Heuristics
PUP.Montiera.MontieraTechnologies
15.1.16.1

Sophos
Generic PUA MA
4.98

Trend Micro House Call
Suspicious_GEN.F47V0808
7.2.273

VIPRE Antivirus
Threat.4791856
32210

File size:
530.9 KB (543,624 bytes)

Copyright:
All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\dsrlte.exe

Digital Signature
Signed by:
Montiera Technologies LTD

Authority:
COMODO CA Limited

Valid from:
7/22/2014 8:00:00 PM

Valid to:
7/23/2015 7:59:59 PM

Subject:
CN=Montiera Technologies LTD, O=Montiera Technologies LTD, STREET=Harbert Samuel 46, L=Tel Aviv, S=Gush Dan, PostalCode=6330303, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CCD3CD85F8C32F5C3FF9264E1A57C07D

File PE Metadata
Compilation timestamp:
7/29/2014 3:02:38 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:WamxmKxJ5SD1ZycgU7YPWlbDr92C2EklQYQLPtV0DztyLkMqkRohs:eoQWhpFEl/QLPtVIyoM1ohs

Entry address:
0x3E8D6

Entry point:
E8, AA, 83, 00, 00, E9, 89, FE, FF, FF, B8, CA, 77, 44, 00, A3, 10, 6A, 46, 00, C7, 05, 14, 6A, 46, 00, C0, 6E, 44, 00, C7, 05, 18, 6A, 46, 00, 74, 6E, 44, 00, C7, 05, 1C, 6A, 46, 00, AD, 6E, 44, 00, C7, 05, 20, 6A, 46, 00, 16, 6E, 44, 00, A3, 24, 6A, 46, 00, C7, 05, 28, 6A, 46, 00, 42, 77, 44, 00, C7, 05, 2C, 6A, 46, 00, 32, 6E, 44, 00, C7, 05, 30, 6A, 46, 00, 94, 6D, 44, 00, C7, 05, 34, 6A, 46, 00, 20, 6D, 44, 00, C3, 8B, FF, 55, 8B, EC, E8, 96, FF, FF, FF, 83, 7D, 08, 00, 74, 05, E8, BB, 8E, 00, 00, DB...
 
[+]

Entropy:
6.5417

Code size:
326.5 KB (334,336 bytes)

The file dsrlte.exe has been discovered within the following program.

Yahoo! Search  by Pay-by-Ads Ltd
This is NOT associated with Yahoo. Pay-By-Ads' Yahoo! Search is an adware web browser application that displays banner ads as well as contextual link ads that are injected in the web page.
66% remove it
 
Powered by Should I Remove It?

Remove dsrlte.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.