home

iixs2ruax.dll

The module iixs2ruax.dll has been detected as a potentially unwanted program by 41 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘TeableoVieower’. The library is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.
MD5:
ca2143e8080b6088c79f3cd8e0cbeb6c

SHA-1:
c6b32be210ccfd357449b95b7ff14f96b5d9443c

SHA-256:
0b804f20656b33ae6306046e6e56651d18f31de57294d343bb693d95ba3a63be

Scanner detections:
41 / 68

Status:
Potentially unwanted

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
4/23/2024 6:07:09 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.Ramnit.N
1022

Agnitum Outpost
Win32.Nimnul.Gen.2
7.1.1

AhnLab V3 Security
Win32/Ramnit.G
14.04.19

Avira AntiVirus
W32/Ramnit.C
7.11.142.34

avast!
Win32:RmnDrp
2014.9-140419

AVG
Win32/Zbot.F
2015.0.3500

Baidu Antivirus
Virus.Win32.Nimnul.$a
4.0.3.14419

Bitdefender
Win32.Ramnit.N
1.0.20.545

Bkav FE
W32.InjectAdwaredDwnA1.PE
1.3.0.4959

Clam AntiVirus
W32.Ramnit-1
0.98/18355

Comodo Security
Virus.Win32.Ramnit.K
18072

Dr.Web
Trojan.Crossrider.2200
9.0.1.0109

Emsisoft Anti-Malware
Win32.Ramnit.N
8.14.04.19.01

ESET NOD32
Win32/Ramnit
8.9653

Fortinet FortiGate
W32/Ramnit.C
4/19/2014

F-Prot
W32/Ramnit.E
v6.4.7.1.166

F-Secure
Win32.Ramnit.N
11.2014-19-04_7

G Data
Win32.Ramnit
14.4.24

IKARUS anti.virus
AdWare.MegaSearch
t3scan.1.6.1.0

K7 AntiVirus
Virus
13.176.11696

Kaspersky
Virus.Win32.Nimnul
14.0.0.3995

Malwarebytes
PUP.Optional.MultiPlug.A
v2014.04.19.01

McAfee
W32/Ramnit.a
5600.7156

Microsoft Security Essentials
Virus:Win32/Ramnit.J
1.10401

MicroWorld eScan
Win32.Ramnit.N
15.0.0.327

NANO AntiVirus
Virus.Win32.Nimnul.bqjjnb
0.28.0.59048

Norman
Ramnit.AS
11.20140419

nProtect
Virus/W32.SpyEye
14.04.08.01

Panda Antivirus
W32/Cosmu.E
14.04.19.01

Qihoo 360 Security
Virus.Win32.Ramnit.A
1.0.0.1015

Quick Heal
W32.Ramnit.A
4.14.12.00

Reason Heuristics
Threat.Win.Reputation.IMP
14.4.19.1

Rising Antivirus
PE:Win32.Mgr.b!1594784
23.00.65.14417

Sophos
W32/Ramnit-A
4.98

SUPERAntiSpyware
Adware.Multiplug/Variant
10657

Total Defense
Win32/Ramnit.C
37.0.10866

Trend Micro House Call
PE_RAMNIT.DEN
7.2.109

Trend Micro
PE_RAMNIT.DEN
10.465.19

Vba32 AntiVirus
Virus.Win32.Nimnul.b
3.12.26.0

VIPRE Antivirus
Virus.Win32.Ramnit.b
28148

ViRobot
Win32.Nimnul.A
2011.4.7.4223

File size:
413.5 KB (423,424 bytes)

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\ProgramData\teableovieower\iixs2ruax.dll

File PE Metadata
Compilation timestamp:
1/29/2014 5:25:01 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:ia1hBN8iUHKm8ypDBmRx5+MjZ02x2JNBKFZUZR2fa0Ko8yEI0Z:ia1hBIHKm4Rqa62YyuR2faRuEI0Z

Entry address:
0x335F1

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 83, 52, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, A0, 2E, 05, 10, E8, 70, 0D, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 8C, AE, 05, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 40, B5, 04, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
5.8704

Developed / compiled with:
Microsoft Visual C++

Code size:
260.5 KB (266,752 bytes)

Internet Explorer BHO
Display name:
TeableoVieower

CLSID:
{F4B3F48F-DD95-971D-7C05-AA6C3B58F02E}


Remove iixs2ruax.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.