» the wedownload manager-nova.dll
Overview
Analysis
File Details
Programs (2)

the wedownload manager-nova.dll

The module the wedownload manager-nova.dll has been detected as a potentially unwanted program by 13 anti-malware scanners. Additionally, the file is typically installed by a number of programs including enformation by Robokid Technologies and Sense by Object Browser, both potentially unwanted software. The library is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.

File name:

MD5:

0446d724a1f892daf44c5d9ca8368e5f

SHA-1:

fec570fab1f7aef2b59c54f03eaf39832f8f3fec

SHA-256:

f0f2e8842652ef86dd1886793d3febfddc0181376526428b318be2993e4008c9

Scanner detections:

13 / 68

Status:

Potentially unwanted

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:

4/26/2024 2:41:45 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.AdLoad

7.1.1

AVG

Generic

2015.0.3343

Baidu Antivirus

Adware.Win32.CrossRider

4.0.3.14827

ESET NOD32

Win32/Toolbar.CrossRider.AI (variant)

8.10193

G Data

Win32.Adware.Crossrider

14.8.24

IKARUS anti.virus

AdWare.Win32.Crossrider

t3scan.1.7.5.0

McAfee

Artemis!0446D724A1F8

5600.7026

Panda Antivirus

Trj/Genetic.gen

14.08.27.04

Reason Heuristics

Threat.Win.Reputation.IMP

14.9.22.12

Sophos

AppRider

4.98

Trend Micro House Call

Suspicious_GEN.F47V0712

7.2.239

Vba32 AntiVirus

AdWare.AdLoad

3.12.26.3

VIPRE Antivirus

Threat.4150696

32210

File size:

119 KB (121,856 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\the wedownload manager\the wedownload manager-nova.dll

File PE Metadata

Compilation timestamp:

7/12/2014 8:03:14 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

1536:0dwPoXhgMHbcEl0RzGyetRd1ierk9002uSG+8bc1/JsWjcdvZnydMwf:0BeMQE2zdcd1Z0uG+8guvZnydMwf

Entry address:

0x5F2C

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 3A, 2C, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, E8, 8A, 01, 10, E8, E5, 14, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 4C, B2, 01, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 60, 40, 01, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Entropy:

6.0122

Developed / compiled with:

Microsoft Visual C++

Code size:

69.5 KB (71,168 bytes)

The file the wedownload manager-nova.dll has been discovered within the following programs.

enformation by Robokid Technologies

enformation is an advertising supported (adware) extension that runs in the context of the user's web browser as well as a process in the background.

80% remove it

Sense by Object Browser

Sense is a potentially unwanted web browser extension that will attempt to modify the user's home and search page settings as well as display advertisements in the browser. The software will attach to IE, Chrome and Firefox.

85% remove it

Remove the wedownload manager-nova.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.