home

ActiveProtection.dll

DoctoAV Software Active Monitor

AS INTERNET LTD

The library ActiveProtection.dll has been detected as malware by 1 anti-virus scanner.
Publisher:
DoctoAV Software  (signed by AS INTERNET LTD)

Product:
DoctoAV Software Active Monitor

Version:
2, 0, 1, 1

MD5:
c1aa3d1a165a533f1333d60a1c859b1a

SHA-1:
fc8969e18754793dc00794cb60c7f854f9ac2ac1

SHA-256:
8216b93f09079b39ed49a6a02883777b6c54453c1f74cf41614293298e1de3a4

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
4/19/2024 4:45:11 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.5.11

File size:
919.5 KB (941,536 bytes)

Product version:
19, 0, 2, 1

Copyright:
(c) DoctoAV Software. All rights reserved.

Trademarks:
DoctoAV Software

Original file name:
ActiveProtection.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\doctoantivirus\activeprotection.dll

Digital Signature
Signed by:
AS INTERNET LTD

Authority:
GlobalSign nv-sa

Valid from:
4/24/2013 11:14:58 AM

Valid to:
4/24/2016 11:14:58 AM

Subject:
CN=AS INTERNET LTD, O=AS INTERNET LTD, L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121E2858CCC5F8EA3765CA30CD1701D5B5E

File PE Metadata
Compilation timestamp:
5/10/2014 9:04:38 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x592F4

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, D0, D7, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 83, EC, 10, 53, FF, 75, 10, 8D, 4D, F0, E8, AF, 94, FF, FF, 33, DB, 39, 5D, 08, 75, 2B, E8, 75, D0, FF, FF, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 57, CA, FF, FF, 83, C4, 14, 38, 5D, FC, 74, 07, 8B, 45, F8, 83, 60, 70, FD, B8, FF, FF, FF, 7F, EB, 5D, 39, 5D, 0C, 74, D0, 8B, 45, F0, 8B, 48, 10, 3B, CB, 75, 0F, FF, 75, 0C, FF, 75, 08, E8, E6...
 
[+]

Code size:
624.5 KB (639,488 bytes)

Remove ActiveProtection.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.