SmdmFService.exe

SmdmF Service

AZTEC MEDIA INC.

The application SmdmFService.exe by AZTEC MEDIA INC has been detected as adware by 12 anti-malware scanners. It runs as a windows Service named “SmdmF Service”. This file is typically installed with the program Assets Manager by Aztec Media inc. which is a potentially unwanted software program.
Publisher:
Aztec Media Inc  (signed by AZTEC MEDIA INC.)

Product:
SmdmF Service

Version:
5.0.0.16109

MD5:
076b1cd4a7968967c3abc5de8d25bb4a

SHA-1:
54deb5137a88dd9aa5bd8391c39362e3953d1f20

SHA-256:
b18e568a643877a36b43bf27d8c2219af582f18201f8e2e557ca6a571dba601b

Scanner detections:
12 / 68

Status:
Adware

Analysis date:
12/24/2024 6:42:14 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.SearchSuite
2015.05.29

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
UnclassifiedMalware
22264

Dr.Web
Adware.Bandoo.288
9.0.1.0158

ESET NOD32
Win32/Toolbar.SearchSuite.D potentially unwanted (variant)
9.11704

G Data
Win32.Application.Searchsuite
15.6.25

Malwarebytes
PUP.Optional.SettingsManager.A
v2015.06.07.11

McAfee
SearchSuite
5600.6741

NANO AntiVirus
Riskware.Win32.Bandoo.dpprwa
0.30.24.1636

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1015

Quick Heal
PUA.Aztecmedia.Gen
6.15.14.00

Reason Heuristics
PUP.Aztec Media
15.6.7.23

File size:
3.1 MB (3,202,272 bytes)

Product version:
5.0.0.16109

Copyright:
Copyright (c) 2005 - 2015

Original file name:
SmdmFService.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\assets manager\smdmf\smdmfservice.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
4/9/2015 3:00:00 AM

Valid to:
5/19/2016 2:59:59 AM

Subject:
CN=AZTEC MEDIA INC., OU=Development, O=AZTEC MEDIA INC., L=Panama City, S=Panama, C=PA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
4DCD479A23FD2DC0994F996E411C47C1

File PE Metadata
Compilation timestamp:
4/20/2015 3:59:27 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:NmxTqrbJITleeI7Q+csrDroTKE9MS1SnQYts3ixktv2NPF5mHDRMP:jaleeI7Qjsu9MISnQCJPGU

Entry address:
0x147B14

Entry point:
E8, A4, AF, 00, 00, E9, 89, FE, FF, FF, 6A, 10, 68, D8, E6, 6A, 00, E8, A6, 84, 00, 00, 33, C0, 89, 45, E0, 89, 45, FC, 89, 45, E4, 8B, 45, E4, 3B, 45, 10, 7D, 13, 8B, 75, 08, 8B, CE, FF, 55, 14, 03, 75, 0C, 89, 75, 08, FF, 45, E4, EB, E5, C7, 45, E0, 01, 00, 00, 00, C7, 45, FC, FE, FF, FF, FF, E8, 08, 00, 00, 00, E8, AD, 84, 00, 00, C2, 14, 00, 83, 7D, E0, 00, 75, 11, FF, 75, 18, FF, 75, E4, FF, 75, 0C, FF, 75, 08, E8, 4D, F8, FF, FF, C3, 8B, FF, 55, 8B, EC, 83, EC, 20, 53, 57, 33, DB, 6A, 07, 33, C0, 59...
 
[+]

Code size:
2.5 MB (2,599,424 bytes)

Service
Display name:
SmdmF Service

Service name:
SmdmFService

Description:
Serving SmdmF modules functionality

Type:
Win32OwnProcess, InteractiveProcess


The file SmdmFService.exe has been discovered within the following program.

Assets Manager  by Aztec Media inc.
Asset Manager is an adware web browser add-on that injects advertising in the user's browser as well as hijacks various browser settings such as the home page, search provider and new tab page. Its is protected and difficult to remove.
80% remove it
 
Powered by Should I Remove It?

Remove SmdmFService.exe - Powered by Reason Core Security