home

thehdvid-codec v10-buttonutil64.dll

Pess Kess Games

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module thehdvid-codec v10-buttonutil64.dll by Pess Kess Games has been detected as adware by 8 anti-malware scanners. This file is typically installed with the program TheHDvid-Codec V10 by Joseph CM which is a potentially unwanted software program. The ButtonUtil module (64-bit version) uses the Crossrider web extension platform and will perform a number of helper integration on the user's web browser's as well as the Window's Shell in order to install the addon. It is distributed as part of the Brightcircle group of browser-extensions.
Publisher:
Pess Kess Games  (signed and verified)

MD5:
c38224ea29805f1bdff377d7cb13a028

SHA-1:
6e8e48bbe4345ee71e5c04d4d5e74bd804d9e1e3

SHA-256:
f40963d092a5868cc73281ebfb2e32195f77abf50b113f79f6ec60d530b59c84

Scanner detections:
8 / 68

Status:
Adware

Explanation:
Part of the Crossrider toolbar platform. Distributed through the Brightcircle investments brand.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Pess Kess Games.

Analysis date:
4/24/2024 10:48:02 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win64.CrossRider
2014.12.22

Avira AntiVirus
ADWARE/CrossRider.Gen
7.11.197.30

AVG
Generic
2015.0.3253

ESET NOD32
Win32/Toolbar.CrossRider.BM potentially unwanted application
7.0.302.0

Kaspersky
Trojan.NSIS.GoogUpdate
15.0.0.543

Reason Heuristics
PUP.Crossrider.PessKessGames.FF
14.12.22.6

Sophos
PUA 'AppRider' (of type Adware)
5.09

VIPRE Antivirus
Threat.4150696
35418

File size:
503.9 KB (515,992 bytes)

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\Program Files\thehdvid-codec v10\thehdvid-codec v10-buttonutil64.dll

Digital Signature
Signed by:
Pess Kess Games

Authority:
COMODO CA Limited

Valid from:
8/28/2014 3:00:00 AM

Valid to:
8/29/2015 2:59:59 AM

Subject:
CN=Pess Kess Games, O=Pess Kess Games, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00985357810266ED5784B0A15904D65082

File PE Metadata
Compilation timestamp:
10/31/2014 11:38:58 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:DbI2BjX736ofOiLJAsOgIvkbeVATBRfUbFHDfdIZYPCExrvWKoJIA5isKTrMlE9m:J/R3DMon0Hkc9MbhkCeTtxs6qV6A

Entry address:
0x3161C

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 7F, A7, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 50, 47, 04, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF...
 
[+]

Entropy:
6.2503

Code size:
336.5 KB (344,576 bytes)

The file thehdvid-codec v10-buttonutil64.dll has been discovered within the following program.

TheHDvid-Codec V10  by Joseph CM
TheHDvid-Codec is an advertising supported (adware) extension that runs in the context of the user's web browser as well as a process in the background.
crossrider.com/install/61180-thehdvid-codec-v10
83% remove it
 
Powered by Should I Remove It?

Remove thehdvid-codec v10-buttonutil64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.