home

vmnetdrv32.exe

Atom Security OOO

The application vmnetdrv32.exe, “Network Maintenance Service” by Atom Security OOO has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a windows Service named “Time Control Service v3”.
Publisher:
RapidLights, Inc.  (signed by Atom Security OOO)

Description:
Network Maintenance Service

Version:
5.8.2425.0

MD5:
ac94dc51bb67e54509783e9ba6b061ff

SHA-1:
1f96902664a61a8fd31e314c47e0a4aa9f457674

SHA-256:
202b392717cb812ed12265247bde3f90b69cfe4df7abb6afeb1017c348dfb437

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/28/2024 4:42:50 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.AtomSecu.Service
17.3.5.5

File size:
67.2 MB (70,429,376 bytes)

Product version:
5.8.0.0

Copyright:
Copyright (C) 2016 RapidLights, Inc.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\timecontrolsvc\vmnetdrv32.exe

Digital Signature
Signed by:
Atom Security OOO

Authority:
COMODO CA Limited

Valid from:
6/4/2015 5:30:00 AM

Valid to:
6/4/2018 5:29:59 AM

Subject:
CN=Atom Security OOO, OU=development, O=Atom Security OOO, STREET="Academician Koptyuga Prospect, 4,office 158", L=Novosibirsk, S=nso, PostalCode=630090, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
2F74D159839B911DB6F1DFF991E70893

File PE Metadata
Compilation timestamp:
1/22/2017 10:08:21 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

Entry address:
0xC27130

Entry point:
55, 8B, EC, E8, E8, 40, 05, 00, E8, 93, FD, FF, FF, 5D, C3, CC, 55, 8B, EC, 8B, 45, 08, 8B, 4D, 0C, 89, 08, 5D, C3, CC, CC, CC, 55, 8B, EC, 51, A1, DC, 69, 63, 04, 89, 45, FC, 8B, 4D, 0C, F7, D1, 23, 4D, FC, 8B, 55, 08, 23, 55, 0C, 0B, CA, 89, 0D, DC, 69, 63, 04, 8B, 45, FC, 8B, E5, 5D, C3, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 51, C7, 45, FC, 00, 00, 00, 00, A1, DC, 69, 63, 04, 83, E0, 01, 74, 0A, 6A, 0A, E8, C4, CA, 00, 00, 83, C4, 04, E8, CC, 3D, FE, FF, 89, 45, FC, 83, 7D, FC, 00, 74, 0A, 6A, 16, E8...
 
[+]

Entropy:
4.8132

Developed / compiled with:
Microsoft Visual C++

Code size:
14.2 MB (14,894,080 bytes)

Service
Display name:
Time Control Service v3

Service name:
TimeSvc3

Type:
Win32ShareProcess


Remove vmnetdrv32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.