home

qxlixppsb.dll

Time Lapse Solutions

This is part of an adware program designed to inject advertising in the web browser (banners, text-links) as well as modify the normal behavior of the browser. Part of the Injekt brand of unwanted programs. The module qxlixppsb.dll by Time Lapse Solutions has been detected as adware by 27 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup.
Publisher:
Time Lapse Solutions  (signed and verified)

Version:
1.0.0.1

MD5:
b24e831919e08f99b7cff1e037c2ef41

SHA-1:
c68fabd79dc65feccee3e93f9e3c2bc1139a801e

SHA-256:
b23bd9c92554f8bdaee08ee893b6869e04eeaa9f4a3f7013b8431c067b27daa0

Scanner detections:
27 / 68

Status:
Adware

Explanation:
Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:
4/24/2024 1:16:58 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.PullUpdate.T
5650986

Agnitum Outpost
PUA.PullUpdate
7.1.1

AhnLab V3 Security
PUP/Win32.PullUpdate
2015.04.21

Avira AntiVirus
ADWARE/PullUpdate.Gen
3.6.1.96

AVG
Potentially harmful program Downloader.DIQ
2014.0.4311

Baidu Antivirus
Adware.Win32.PullUpdate
4.0.3.15421

Bitdefender
Adware.PullUpdate.T
1.0.20.555

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Adware.Yontoo.64, Adware.Yontoo.55
9.0.1.05190

Emsisoft Anti-Malware
Adware.PullUpdate.T
9.0.0.4799

ESET NOD32
MSIL/Adware.PullUpdate.K.gen application
7.0.302.0

Fortinet FortiGate
Adware/PullUpdate
4/21/2015

F-Secure
Adware.PullUpdate.T
5.13.68

G Data
Adware.PullUpdate
15.4.25

K7 AntiVirus
Adware
13.202.15655

Malwarebytes
PUP.Optional.ZombieInvasion.A
v2015.04.21.07

MicroWorld eScan
Adware.PullUpdate.T
16.0.0.333

NANO AntiVirus
Riskware.Win32.SaMon.dniyss
0.30.20.1219

nProtect
Adware.PullUpdate.T
15.04.20.01

Panda Antivirus
PUP/ZombieNews
15.04.21.07

Qihoo 360 Security
HEUR/QVM30.1.Malware.Gen
1.0.0.1015

Quick Heal
PUA.MSJDGBTIR.OD5
4.15.14.00

Reason Heuristics
Threat.Injekt.TimeLapseSolutions
15.4.21.3

Sophos
Generic PUA MG
4.98

Trend Micro House Call
TROJ_GEN.R08NH09DI15
7.2.111

Vba32 AntiVirus
AdWare.Agent
3.12.26.3

VIPRE Antivirus
Threat.4872425
39354

File size:
1.2 MB (1,240,552 bytes)

Product version:
1.0.0.1

Copyright:
Copyright (C) 2014

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\ProgramData\application data\xnbgbyi\dat\qxlixppsb.dll

Digital Signature
Signed by:
Time Lapse Solutions

Authority:
Symantec Corporation

Valid from:
1/26/2015 10:00:00 AM

Valid to:
4/27/2016 9:59:59 AM

Subject:
CN=Time Lapse Solutions, O=Time Lapse Solutions, L=St. James, S=St. James, C=BB

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
088D68E27F37630FE9E23AD19AC872B3

File PE Metadata
Compilation timestamp:
4/17/2015 2:26:37 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:nacspd7H7eksXiAmzzgZad2s8/gymL1XVJ1nHnEYcZ44444WRcEwP:n6pdDS1XjsTdq/ghBtnHnEYm444445EW

Entry address:
0x2670

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 59, 26, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 30, BD, 00, 10, 89, 0D, 2C, BD, 00, 10, 89, 15, 28, BD, 00, 10, 89, 1D, 24, BD, 00, 10, 89, 35, 20, BD, 00, 10, 89, 3D, 1C, BD, 00, 10, 66, 8C, 15, 48, BD, 00, 10, 66, 8C, 0D, 3C, BD, 00, 10, 66, 8C, 1D, 18, BD, 00, 10, 66, 8C, 05, 14, BD, 00, 10, 66, 8C, 25, 10, BD, 00, 10, 66, 8C, 2D, 0C, BD, 00, 10, 9C, 8F, 05, 40, BD...
 
[+]

Entropy:
7.9779  (probably packed)

Code size:
28 KB (28,672 bytes)

Remove qxlixppsb.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.