» pstrmi32.dll
Overview
Analysis
File Details
Programs (1)

pstrmi32.dll

pstri

One Call Ltd

The module pstrmi32.dll by One Call has been detected as adware by 8 anti-malware scanners. This file is typically installed with the program PastaLeads by One Call Ltd which is a potentially unwanted software program.

File name:

pstrmi32.dll

Publisher:

PastaQuotes (signed by One Call Ltd)

Product:

pstri

Description:

Pasta Helper

Version:

1, 0, 0, 15

MD5:

5964f97193b88be0d00a22443a0e1004

SHA-1:

069077d2e7a04a4de52038aa6d90640c7702acf3

SHA-256:

99403b97669ac5987dacc853317c1c35b028be40e6677a4b15d0b1f9adddcb6c

Scanner detections:

8 / 68

Status:

Adware

Analysis date:

4/26/2024 4:59:31 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.PicRec.A

558

Bitdefender

Adware.PicRec.A

1.0.20.1040

Emsisoft Anti-Malware

Adware.PicRec

8.15.07.27.10

F-Secure

Adware.PicRec.A

11.2015-27-07_2

G Data

Adware.PicRec

15.7.24

MicroWorld eScan

Adware.PicRec.A

16.0.0.624

nProtect

Adware.PicRec.A

14.11.14.01

Reason Heuristics

PUP.SimplyTech.OneCall (M)

15.7.27.10

File size:

783.1 KB (801,944 bytes)

Product version:

1, 0, 0, 15

Original file name:

pstri

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\common files\pastaleads\pastaquotes\pstrmi32.dll

Digital Signature

Signed by:

One Call Ltd

Authority:

COMODO CA Limited

Valid from:

12/30/2013 4:00:00 PM

Valid to:

12/31/2014 3:59:59 PM

Subject:

CN=One Call Ltd, O=One Call Ltd, STREET=Zarhin 10, L=Raanana, S=IL, PostalCode=12345, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

3319A851B8E5EE29CCF776BCF148B091

File PE Metadata

Compilation timestamp:

8/22/2014 4:29:29 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

24576:lLa/NYJZFNje30/5scQvItkPHHeRIAfq8EgzE:lnl/5snneiAfqQE

Entry address:

0x444F8

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, FF, 1C, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 80, D1, 0A, 10, E8, 29, 23, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 60, 3E, 0B, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, E0, E6, 08, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Entropy:

6.6369

Developed / compiled with:

Microsoft Visual C++

Code size:

561 KB (574,464 bytes)

The file pstrmi32.dll has been discovered within the following program.

PastaLeads by One Call Ltd

PastaLeads is an advertising supported browser extension also known as adware and is designed to deliver ads to the user's Internet browser as banners, context text-links and transitionals ads. The injected ads are not affiliated with the underlying website on which they appear.

87% remove it

Remove pstrmi32.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.