» custom.dll
Overview
Analysis
File Details

custom.dll

VenusApp Software

The module custom.dll, “Custom DLL for VenusApp ” has been detected as a potentially unwanted program by 28 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup.

File name:

custom.dll

Publisher:

VenusApp Software

Product:

VenusApp Software

Description:

Custom DLL for VenusApp

Version:

2014.8.

MD5:

eabae93f1ae4aa64408e97289c3c52c8

SHA-1:

b4610f5464e2bffffb1fdca9650644a9a5851154

SHA-256:

a34ed6ccd2cb1a5cde99db09366a55ee229d364e3803c7d2aa6521b43ece13f8

Scanner detections:

28 / 68

Status:

Potentially unwanted

Explanation:

Uses the InstalleRex from WebPick Internet Holdings to install bundled add-ons including toolbars and other web browser extensions.

Analysis date:

4/27/2024 2:56:00 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Kazy.365295

889

Agnitum Outpost

PUA.Downloader

7.1.1

AhnLab V3 Security

PUP/Win32.TSULoader

2014.08.24

Avira AntiVirus

APPL/Kazy.365295.84

7.11.168.242

avast!

Win32:Installer-AQ [PUP]

2014.9-140829

AVG

Downloader.Generic13

2015.0.3367

Baidu Antivirus

Adware.Win32.InstallRex

4.0.3.14829

Bitdefender

Gen:Variant.Application.Kazy.365295

1.0.20.1205

Dr.Web

Adware.Downware.2108

9.0.1.0241

ESET NOD32

Win32/InstalleRex

8.10304

Fortinet FortiGate

W32/AntiFW.B!tr

8/29/2014

F-Prot

W32/TixLoader.A2.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Application.Kazy

11.2014-29-08_6

G Data

Gen:Variant.Application.Kazy.365295

14.8.24

Kaspersky

Trojan.Win32.AntiFW

14.0.0.3332

MicroWorld eScan

Gen:Variant.Application.Kazy.365295

15.0.0.723

NANO AntiVirus

Riskware.Win32.InfoLeak.cvgqot

0.28.2.61721

nProtect

Trojan/W32.AntiFW.93696

14.08.22.01

Panda Antivirus

Trj/AntiAV.O

14.08.29.12

Qihoo 360 Security

Win32/Application.52e

1.0.0.1015

Quick Heal

Trojan.AntiFW.A5

8.14.14.00

Reason Heuristics

Threat.Win.Reputation.IMP

14.8.29.12

Rising Antivirus

PE:Trojan.Win32.Generic.172E9243!388928067

23.00.65.14827

Sophos

InstallRex

4.98

Trend Micro House Call

TROJ_ADLOAD_DD300426.UVPA

7.2.241

Trend Micro

TROJ_ADLOAD_DD300426.UVPA

10.465.29

Vba32 AntiVirus

Downloader.AdLoad

3.12.26.3

Zillya! Antivirus

Trojan.AntiFW.Win32.48

2.0.0.1899

File size:

91.5 KB (93,696 bytes)

Product version:

1.0.0.3

Original file name:

TixDll.dll

File type:

Dynamic link library (Win32 DLL)

Language:

héber (Izrael)

Common path:

C:\ProgramData\installmate\{212fbcc6-8dc0-4516-a7fd-c5e2facc9e30}\custom.dll

File PE Metadata

Compilation timestamp:

12/19/2013 7:35:15 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

1536:K7xcx/juCKV+hVboYrEhySESy9GNGU6u1Go6eOYM++vvnc1gU:K7qxa8NoYr6w5S8o6epM++v/c1z

Entry address:

0xD73C

Entry point:

FF, 74, 24, 04, 8B, 44, 24, 0C, E8, 4A, FF, FF, FF, C2, 0C, 00, 55, 8B, EC, 51, 83, 7D, 0C, 02, 7D, 08, 6A, 57, 58, E9, C0, 00, 00, 00, 53, 56, 8B, 75, 10, 57, FF, 76, 04, FF, 15, 64, 01, 01, 10, 8D, 44, 00, 20, 50, E8, FF, 08, 00, 00, FF, 76, 04, 8B, F8, 68, 50, 22, 01, 10, 57, FF, 15, 3C, 02, 01, 10, 83, C4, 0C, 6A, FF, 57, 6A, 00, E8, F8, 09, 00, 00, 57, 8B, D8, E8, EF, 08, 00, 00, FF, 36, FF, 15, 14, 01, 01, 10, 89, 45, FC, 85, C0, 75, 0B, FF, 15, B4, 00, 01, 10, 89, 45, 0C, EB, 5B, 53, 50, FF, 15, 74... 
[+]

Code size:

59 KB (60,416 bytes)

Remove custom.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.