» lt0.x64.dll
Overview
Analysis
File Details

lt0.x64.dll

or

The module lt0.x64.dll has been detected as a potentially unwanted program by 17 anti-malware scanners.

File name:

lt0.x64.dll

Publisher:

Product:

Description:

for users

Version:

editor

MD5:

84edfe1e17ad997a15e7ebf67d1fc1dc

SHA-1:

2d91993eb9ae33c23c1b10d9d877b6de4f9f5c58

SHA-256:

befd183bbd6f3a8da9c9a0693c009b1104dc4e9faa8ffe82bb2faf36619aa2d3

Scanner detections:

17 / 68

Status:

Potentially unwanted

Analysis date:

4/27/2024 3:56:36 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Generic.725925

835

AegisLab AV Signature

AdWare.Win64.MegaSearch

2.1.4+

AhnLab V3 Security

PUP/Win64.MultiPlug

2014.10.04

AVG

Generic_r

2015.0.3313

Baidu Antivirus

Adware.Win64.MultiPlug

4.0.3.141022

Bitdefender

Application.Generic.725925

1.0.20.1475

Comodo Security

ApplicUnwnt

19699

ESET NOD32

Win64/Adware.MultiPlug (variant)

8.10509

Fortinet FortiGate

Adware/MultiPlug

10/22/2014

F-Secure

Application.Generic.725925

11.2014-22-10_4

G Data

Application.Generic.725925

14.10.24

Malwarebytes

PUP.Optional.MultiPlug

v2014.10.22.04

McAfee

RDN/Generic PUP.x!cmz

5600.6969

MicroWorld eScan

Application.Generic.725925

15.0.0.885

Panda Antivirus

Trj/CI.A

14.10.22.04

Reason Heuristics

Threat.Win.Reputation.IMP

14.10.22.16

Trend Micro House Call

TROJ_GEN.R02KH06IG14

7.2.295

File size:

686.5 KB (702,976 bytes)

Product version:

Original file name:

for users

File type:

Dynamic link library (Win64 DLL)

Language:

English (United States)

Common path:

C:\ProgramData\deal2deoalite\lt0.x64.dll

Registration

CLSID:

{4EA3B097-06ED-B5E7-5BC7-F04B3303A7DB}

ProgID:

DEal2deealit.2.0

COM registered:

Yes

File PE Metadata

Compilation timestamp:

9/11/2014 4:02:44 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:rMSZrhWJZHWaeCGKZam5s5Z989JSPpRoUv2PC4g0lYiSYp6mBVvffYTI91Ch162R:rM0r4JZ9xIpReCrGGM6mBxze1m

Entry address:

0x7A11C

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, B7, 67, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, C8, CD, 02, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF... 
[+]

Entropy:

5.7717

Code size:

539 KB (551,936 bytes)

Remove lt0.x64.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.