» NeroDigitalExt.dll
Overview
Analysis
File Details
Behaviors (1)

NeroDigitalExt.dll

Nero Digital Tools

Private Certificate

The library NeroDigitalExt.dll, “Nero Digital Shell Extension” has been detected as malware by 3 anti-virus scanners.

File name:

NeroDigitalExt.dll

Publisher:

Nero AG (signed by Private Certificate)

Product:

Nero Digital Tools

Description:

Nero Digital Shell Extension

Version:

3, 1, 0, 13

MD5:

bef89f5e8b172f9c63103b71335a322d

SHA-1:

0bf1e7bdfa3418d0283f71abaa7681b36ab7b4fa

SHA-256:

7aec16a95240aa66d2bf04e8dde7b2f8787b735142f246135c60462c7b07d73c

Scanner detections:

3 / 68

Status:

Malware

Analysis date:

4/19/2024 2:20:33 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/Floxif.H virus

6.3.12010.0

F-Prot

W32/Floxif.B

4.6.5.141

F-Secure

Win32.Floxif.A

5.16.24

File size:

2 MB (2,115,391 bytes)

Product version:

3, 1, 0, 13

Original file name:

NeroDigitalExt.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\common files\nero\lib\nerodigitalext.dll

Digital Signature

Signed by:

Private Certificate

Authority:

Unizeto Technologies S.A.

Valid from:

3/9/2010 3:59:40 AM

Valid to:

6/7/2010 4:59:40 AM

Subject:

E=knekeman@hotmail.com, CN=Klaas Nekeman, O=Private Certificate, C=NL

Issuer:

CN=Certum Level I CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:

06EF70

File PE Metadata

Compilation timestamp:

5/27/2008 2:28:43 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

Entry address:

0xB0440

Entry point:

E9, 4E, EA, F5, FF, 75, 05, E8, 38, 05, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, CD, FE, FF, FF, 59, C2, 0C, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 3C, 6D, 14, 10, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 3C, 6D, 14, 10, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF... 
[+]

Entropy:

6.6500

Packer / compiler:

Xtreme-Protector v1.05

Code size:

724 KB (741,376 bytes)

Approved Shell Extension

Name:

NeroDigitalIconHandler

CLSID:

{B327765E-D724-4347-8B16-78AE18552FC3}

CLSID name:

NeroDigitalIconHandler Class

Remove NeroDigitalExt.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.