home

76gdqd25boset4.dll

and data used database

The module 76gdqd25boset4.dll has been detected as a potentially unwanted program by 17 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘NextCoup’.
Publisher:
and data used database

Product:
and data used database

Description:
database

Version:
is created simple

MD5:
30ee38084a09c14e245b72e1f5c5e12b

SHA-1:
2a8e64dd8f8622b7c21b6d38edcb401ea687edd3

SHA-256:
c8e09481a7b8c097d12b60cd965e10ca97611255188e85fba65d3b69c07205a2

Scanner detections:
17 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 3:20:16 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Graftor.153998
838

AegisLab AV Signature
AdWare.W32.MegaSearch
2.1.4+

AhnLab V3 Security
Adware/Win32.MultiPlug
2014.10.20

Avira AntiVirus
ADWARE/MultiPlug.Gen
7.11.179.162

avast!
Win32:MultiPlug-IY [PUP]
2014.9-141019

Baidu Antivirus
Adware.Win32.MultiPlug
4.0.3.141019

Bitdefender
Gen:Variant.Adware.Graftor.153998
1.0.20.1460

Emsisoft Anti-Malware
Gen:Variant.Adware.Graftor.153998
8.14.10.19.08

ESET NOD32
Win32/AdWare.MultiPlug.BN (variant)
8.10587

F-Secure
Gen:Variant.Adware.Graftor.153998
11.2014-19-10_1

G Data
Gen:Variant.Adware.Graftor.153998
14.10.24

Malwarebytes
PUP.Optional.MultiPlug
v2014.10.19.08

McAfee
MultiPlug
5600.6972

MicroWorld eScan
Gen:Variant.Adware.Graftor.153998
15.0.0.876

Qihoo 360 Security
HEUR/QVM30.1.Malware.Gen
1.0.0.1015

Reason Heuristics
Threat.Win.Reputation.IMP
14.10.19.20

Sophos
MultiPlug
4.98

File size:
624.5 KB (639,488 bytes)

Product version:
and data used database

Copyright:
Copyright (C) 2014

Original file name:
database

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\nextcoup\76gdqd25boset4.dll

File PE Metadata
Compilation timestamp:
10/19/2014 10:04:37 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:qV4RG56yKQR0XuemD33e10dfaHmNOtQ/:w4RG7KL8335lE6

Entry address:
0x5DF81

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 6D, 5B, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, F0, 82, 07, 10, E8, 50, 0B, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 98, 2D, 08, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 80, F6, 06, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
421.5 KB (431,616 bytes)

Internet Explorer BHO
Display name:
NextCoup

CLSID:
{2e4c5081-ea62-4544-acdf-da2925943196}


Remove 76gdqd25boset4.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.