Should I remove SpeedMon?
What percent of users and experts removed it?
83% remove it17% keep it
What do people think about it?
(click star to rate)
How common is it?
Global Rank #19,767
Reach 0.0112%
Lifespan of installation (until removal)
< 3.63 days
107.14 days >
Average installed length: 56.29 days
Versions
| Version | Distribution |
| 0.5b |
100.00% |
|
Rankings
- #19,762 Microsoft Visual Studio 11 Developer Preview Pre-Clean Tool
- #19,763 QNAP myQNAPcloud Connect by QNAP Systems
- #19,764 Topaz DeNoise 6
- #19,765 Blackmagic Design Desktop Video
- #19,766 Alien Shooter by Oberon Media
- #19,767 SpeedMon
- #19,768 Kabel Deutschland Launchpad by F-Secure
- #19,769 Warner Bros. Digital Copy Manager
- #19,770 Idle Crawler by MILE 27 LTD
- #19,771 John's Background Switcher 4.7 by johnsadventures.com
- #19,772 DownloadnSave by WebPick Internet Holdings
SpeedMon
What is SpeedMon?
Identified as a version of the CMI/ConvertAd family of malware ad-injectors, this adware which is typically bundled with third-party applications in unwanted software bundles will hijack the user's browser (Internet Explorer, Chrome and Firefox) and display unwanted ads. When running, the process will monitor and capture internet traffic and insert advertisements over existing ads or by placing new ads in white space. In either case, these ads are low in quality and even dangerous in many cases as they might be infected with malware javascript (malvertising). In addition to displaying these unwanted ads, the software runs as startup in the local application data via a registry run key and sends commands to the controlling server to request new ads based on the context of what the user is doing. This action will also report back to the server what domains the user visits, what URLs they enter as well as in some cases might send back cookies. If the sites visited are not SSL encrypted passwords and usernames might be sent to the server compromising the privacy and security of the user.
Overview
It adds registry entry for the current user which will allow the program to automatically start each time it is rebooted. A scheduled task is added to Windows Task Scheduler in order to launch the program at various scheduled times (the schedule varies depending on the version). The primary executable is named speedmon.exe. A majority of users end up uninstalling this less than a week of it being installed. The setup package generally installs about 3 files and is usually about 1.58 MB (1,655,494 bytes).
- Malware detected in the program
- Automatically starts with Windows
- Connects to the Internet
- Displays unwanted advertisements
- The experts agree, you should remove it!
Warning, multiple anti-virus scanners have detected possible malware in SpeedMon.
| speedmon.exe (ecc0cb6ed6cb58f6f2495d1522d014f1) has been flagged by the following 11 scanners: |
| Anti-Virus software | Version | Detection |
| AVware |
1.5.0.21 |
Trojan.Win32.Generic!BT |
| Baidu-International |
4.0.3.15816 |
Trojan.Win32.Astori.C |
| ESET-NOD32 |
9.12102 |
a variant of Win32/RiskWare.Astori.C |
| Fortinet FortiGate |
8/16/2015 |
Riskware/Astori |
| K7 AntiVirus |
13.2016902 |
Riskware |
| K7GW |
13.2016902 |
Riskware ( 004bf57d1 ) |
| McAfee |
5600.6671 |
RDN/Generic PUP.x!cxb |
| McAfee-GW-Edition |
7.6671 |
RDN/Generic PUP.x!cxb |
| Sophos |
4.98 |
Generic PUA BC (PUA) |
| VIPRE Antivirus |
42940 |
Trojan.Win32.Generic!BT |
| ViRobot |
2014.3.20.0 |
Trojan.Win32.A.PSW-Tepfer.840206[h] |
Program details
Installation folder: C:\users\user\appdata\roaming\speedmon
Uninstaller: C:\users\user\appdata\Roaming\SpeedMon\speedmon.exe /uninstall
Estimated size: 1.58 MB
Files installed by SpeedMon
| Program executable: | speedmon.exe (Malware detected) |
| Name: | BandwidthMon |
| Bandwidth monitor |
| Path: | C:\users\user\appdata\roaming\speedmon\speedmon.exe |
| MD5: | ecc0cb6ed6cb58f6f2495d1522d014f1 |
Additional files:
-
iexplore.exe (by Microsoft) - Internet Explorer
Behaviors exhibited
Scheduled Task
- iexplore.exe is scheduled as a task with the class '{AE682E52-3FA8-4616-B0C6-9E2223B32B12}' (runs on registration).
Scheduled Task (Boot/Login)
- speedmon.exe is automatically launched at startup through a scheduled task named InetStat_Reg_HKCURun_S-1-5-21-1175799772-1304748557-4146839955-1001.
Startup File (User Run)
- speedmon.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'SpeedMon' and executes as C:\users\user\appdata\Roaming\SpeedMon\speedmon.exe.
Network connections
- iexplore.exe connects to 80.97.208.77 (port 80).
- iexplore.exe connects to 74.125.226.123 (74.125.226.123 port 80).
- iexplore.exe connects to 85.195.102.29 (port 443).
- iexplore.exe connects to kul06s06-in-f23.1e100.net (173.194.126.119 port 443).
- iexplore.exe connects to 50.116.194.24 (port 80).
- iexplore.exe connects to 65.255.46.188 (port 80).
- iexplore.exe connects to 209.234.225.243 (209.234.225.243 port 80).
- iexplore.exe connects to channel-ecmp-13-prn1.facebook.com (69.171.235.16 port 80).
- iexplore.exe connects to ec2-46-51-216-25.ap-southeast-1.compute.amazonaws.com (46.51.216.25 port 80).
- iexplore.exe connects to ir1.fp.vip.ne1.yahoo.com (98.138.253.109 port 80).
Plus 58 more
Resource utilization averages
Show technical details
| iexplore.exe |
| Memory: | 173.91 MB | |
| Total CPU: | 0.0027823518% | |
| Kernel CPU: | 0.00109893% | |
| User CPU: | 0.00168342% | |
| Switches/sec: | 171 | |
How do I remove SpeedMon?
You can uninstall SpeedMon from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program SpeedMon, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove SpeedMon.
- If for some reason uninstallation fails, please install Microsoft's uninstall fixer utility which will help fix problems with programs that can't be uninstalled at support.microsoft.com.
OS VERSIONS
Win 10 50%
Win 7 2%
|
|
WHEN IT STARTS
Auto-starting? Yes
(Found in the run registry)
|
|
USER ACTIONS
 |
Uninstall it 83%
Keep it 17%
|
|
Windows
Which Windows OS versions does it run on?
| Windows 7 |
50.45% |
|
| Windows 10 |
49.55% |
|
Which OS releases does it run on? |
| Windows 7 Home Premium |
35.45% |
|
| Windows 8.1 |
30.00% |
|
| Windows 7 Professional |
8.64% |
|
| Windows 10 Home |
6.36% |
|
| Windows 7 Ultimate |
5.00% |
|
| Windows 8.1 Pro |
4.55% |
|
Geography
91.48% of installs come from Germany
Which countries install it?
| Germany |
91.48% |
| United States |
3.14% |
| France |
1.79% |
| Austria |
1.35% |
| United Kingdom |
0.90% |
| Switzerland |
0.45% |
| Italy |
0.45% |
| Turkey |
0.45% |
PC manufacturers
What PC manufacturers (OEMs) have it installed?
| Medion |
35.51% |
|
| Acer |
21.74% |
|
| Hewlett-Packard |
9.42% |
|
| Dell |
7.25% |
|
| ASUS |
7.25% |
|
| Lenovo |
6.52% |
|
| Toshiba |
4.35% |
|
| GIGABYTE |
2.90% |
|
| Samsung |
2.90% |
|
| Intel |
2.17% |
|
Common models |
| Acer Aspire TC-605 |
3.17% |
|
| MEDION MS-7800 |
2.38% |
|
| Acer Aspire ES1-711 |
1.59% |
|
| Acer Aspire E5-771G |
1.59% |
|
| Acer Aspire 7741 |
1.59% |
|
| Dell Inspiron One 19A |
1.59% |
|