home

SDUpdSvc.exe

Spybot - Search & Destroy

Safer Networking Ltd.

It runs as a separate (within the context of its own process) windows Service named “Spybot-S&D 2 Updating Service”. This file is installed with the program Spybot - Search & Destroy.
Publisher:
Safer-Networking Ltd.  (signed by Safer Networking Ltd.)

Product:
Spybot - Search & Destroy

Description:
Spybot-S&D 2 Background update service

Version:
2.1.18.76

MD5:
d31398d4bb4907b517b6e784c2100c4a

SHA-1:
7affecd6ee83fc3f6f2cfaffbc82d7ab9d57db97

SHA-256:
36bdb2bfac2c0adf8c6df6d1511ecf43c8f6ed7d4d76244dc5232ad97ba5e9c9

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/23/2024 2:15:13 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.131209

File size:
1009.5 KB (1,033,688 bytes)

Product version:
2.1.18.0

Copyright:
© 2008-2013 Safer-Networking Ltd. All rights reserved.

Trademarks:
Spybot® and Spybot - Search & Destroy® are registered trademarks.

Original file name:
SDUpdSvc.exe

File type:
Executable application (Win32 EXE)

Language:
English (Ireland)

Common path:
C:\Program Files\spybot - search & destroy 2\sdupdsvc.exe

Digital Signature
Signed by:
Safer Networking Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/20/2012 5:00:00 PM

Valid to:
4/7/2015 4:59:59 PM

Subject:
CN=Safer Networking Ltd., OU=Security Solutions, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Safer Networking Ltd., L=Greystones, S=County Wicklow, C=IE

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1ABEE452F106342568D826705DC1F4B1

File PE Metadata
Compilation timestamp:
5/16/2013 1:56:33 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:u60f0LEpjJIqb9D3iYa0YCh3kdLItMWqlf//6A0mRsoTUtLgZE:VPch3/FYCVkdSKh367mRRTUxgu

Entry address:
0xBDCDC

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, 34, 52, 4B, 30, E8, 1F, 38, F4, FF, B8, 94, DD, 4B, 30, E8, CD, 4C, F4, FF, 33, C0, 55, 68, 79, DD, 4B, 30, 64, FF, 30, 64, 89, 20, E8, 46, 08, F5, FF, BA, B4, DD, 4B, 30, E8, E8, FD, F4, FF, A1, 14, A7, 4C, 30, 8B, 00, 80, 78, 34, 00, 74, 10, A1, 14, A7, 4C, 30, 8B, 00, E8, BF, 49, F4, FF, 84, C0, 74, 0C, A1, 14, A7, 4C, 30, 8B, 00, 8B, 10, FF, 52, 38, 8B, 0D, C8, 63, 4C, 30, A1, 14, A7, 4C, 30, 8B, 00, 8B, 15, B8, 48, 4B, 30, 8B, 18, FF, 53, 34, A1, 14, A7, 4C, 30, 8B, 00...
 
[+]

Entropy:
6.3770

Developed / compiled with:
Microsoft Visual C++

Code size:
752 KB (770,048 bytes)

Service
Display name:
Spybot-S&D 2 Updating Service

Service name:
SDUpdateService

Description:
Downloads Spybot updates and installs them.

Type:
Win32OwnProcess


4 Windows Firewall Allowed Programs
Name:
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

Name:
E:\spybot-\Spybot - Search & Destroy 2\SDUpdSvc.exe

Name:
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

Name:
D:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe


The file SDUpdSvc.exe has been discovered within the following program.

Spybot - Search & Destroy  by Safer-Networking Ltd.
Spybot Search & Destroy (S&D) is a spyware and adware removal computer program compatible with Microsoft Windows. It scans the computer hard disk and/or RAM for malicious software.
www.safer-networking.org
8% remove it
 
Powered by Should I Remove It?

Scan SDUpdSvc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.