» rSetp.dll
Overview
Analysis
File Details

rSetp.dll

The file rSetp.dll has been detected as a potentially unwanted program by 31 anti-malware scanners. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.

File name:

rSetp.dll

Description:

ProcessMon

Version:

4.0.8.01

MD5:

b1b2abed851c83de4950a689d44765a9

SHA-1:

7d9ee57e6b31be22989d9e368ffca124ccb92404

Scanner detections:

31 / 68

Status:

Potentially unwanted

Explanation:

Uses the DomainIQ download manager to bundle additional potentially unwanted software without adequate consent.

Analysis date:

4/27/2024 1:35:28 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.DomaIQ.5

833

AegisLab AV Signature

AdWare.MSIL.DomaIQ

2.1.4+

Agnitum Outpost

PUA.DomaIQ

7.1.1

Avira AntiVirus

APPL/DomaIQ.Gen

7.11.175.170

avast!

Win32:DomaIQ-CK [PUP]

2014.9-141025

AVG

DomaIQ

2015.0.3311

Baidu Antivirus

Adware.Win32.DomaIQ

4.0.3.141025

Bitdefender

Gen:Variant.Application.Bundler.DomaIQ.5

1.0.20.1490

Dr.Web

Trojan.Packed.26326

9.0.1.0298

ESET NOD32

MSIL/DomaIQ (variant)

8.10486

Fortinet FortiGate

Adware/MSIL_DomaIQ

10/25/2014

F-Prot

W32/A-54578af9

v6.4.7.1.166

F-Secure

Gen:Variant.Application.Bundler

11.2014-25-10_7

G Data

Gen:Variant.Application.Bundler.DomaIQ

14.10.24

IKARUS anti.virus

Application.Hidden_Key

t3scan.1.7.8.0

K7 AntiVirus

Unwanted-Program

13.183.13521

Kaspersky

not-a-virus:AdWare.MSIL.DomaIQ

14.0.0.3048

Malwarebytes

Adware.DomaIQ

v2014.10.25.07

McAfee

PUP-FJP

5600.6967

Microsoft Security Essentials

TrojanDownloader:Win32/Tugspay.A

1.11005

MicroWorld eScan

Gen:Variant.Application.Bundler.DomaIQ.5

15.0.0.894

NANO AntiVirus

Trojan.Win32.DomaIQ.cwibsk

0.28.2.62440

Panda Antivirus

Trj/CI.A

14.10.25.07

Qihoo 360 Security

Win32/Virus.Adware.639

1.0.0.1015

Quick Heal

AdWare.MSIL.r4 (Not a Virus)

10.14.14.00

Rising Antivirus

PE:Trojan.Win32.Generic.16AB1FFC!380313596

23.00.65.141023

Sophos

DomainIQ pay-per install

4.98

Trend Micro House Call

TROJ_GEN.R0CBC0PEC14

7.2.298

Trend Micro

TROJ_GEN.R0CBC0PEC14

10.465.25

VIPRE Antivirus

Trojan.Win32.Generic

33544

Zillya! Antivirus

Adware.DomaIQ.Win32.216

2.0.0.1938

File size:

426 KB (436,224 bytes)

Product version:

4.0.8.01

Original file name:

rSetp.dll

Common path:

C:\Documents and Settings\{user}\Local settings\temp\jkic8.tmp

File PE Metadata

Compilation timestamp:

3/28/2014 11:04:53 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:HP2DSZ21TbYFfzEp8gw28WV2Gd4+Sn6U8QHYrT:vWa65bwWjAiQHAT

Entry address:

0x4083E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

250.5 KB (256,512 bytes)

Remove rSetp.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.