home

directx.exe

The application directx.exe has been detected as a potentially unwanted program by 19 anti-malware scanners.
Version:
1.0.1.5

MD5:
d064f54ecf667f3ba3b60ae03661f293

SHA-1:
85c007200b54ab7df50ebfc1bd3a7f580e9644fd

SHA-256:
c2b66acf0dfa9ed7231115a3c3cf1205d721eddc8aeb5bcd5d0ea2a3e91b2148

Scanner detections:
19 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallIQ download installer to bundle various adware offers.

Analysis date:
5/7/2024 7:01:47 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.DomaIQ
7.1.1

Avira AntiVirus
APPL/DomaIQ.inaonama
7.11.153.220

avast!
Win32:DomaIQ-S [PUP]
2014.9-141022

AVG
Generic5
2015.0.3314

Baidu Antivirus
Adware.Win32.DomaIQ
4.0.3.141022

Bkav FE
W32.Clod10b.Trojan
1.3.0.4959

Comodo Security
UnclassifiedMalware
18475

Dr.Web
Adware.W3i.28
9.0.1.0295

ESET NOD32
Win32/DomaIQ
8.9910

Fortinet FortiGate
Adware/Fam.NB
10/22/2014

IKARUS anti.virus
Application.Hidden_Key
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.1712333

Kaspersky
not-a-virus:HEUR:AdWare.MSIL.DomaIQ
14.0.0.3065

Malwarebytes
Adware.DomaIQ
v2014.10.22.01

McAfee
Adware-DomalQ
5600.6970

NANO AntiVirus
Trojan.Win32.W3i.cjebxe
0.28.0.60100

Norman
Suspicious_Gen4.EFXQK
11.20141022

Sophos
DomainIQ pay-per install
4.98

VIPRE Antivirus
Trojan.Win32.Generic
30076

File size:
241 KB (246,784 bytes)

Product version:
1.0.1.5

Original file name:
DomaIQ.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\directx_027\directx.exe

File PE Metadata
Compilation timestamp:
6/1/2013 11:41:48 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:tQmOhz1JDc3DitVAkyNSkL/fF+KwImQNkfLM8bi:GmOh3D1yUWyEkfDi

Entry address:
0x37AAE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6578

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
215 KB (220,160 bytes)

Remove directx.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.