torntv v9.0-bho.dll

Torntv V9.0

CoolMirage Ltd.

This web browser extension uses the Crossrider toolbar creation and distribution platform. The module torntv v9.0-bho.dll by CoolMirage has been detected as adware by 47 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘CrossriderApp0051390’. This file is typically installed with the program Torntv V9.0 by InstallDaddy Services Ltd. which is a potentially unwanted software program. This is the Browser Helper Object (BHO) for the Crossrider web browser platform for Internet Explorer. Instead of utilizing a traditional IE Toolbar, it installs a BHO in the browser in order to manage the functionality of the addon.
Remove torntv v9.0-bho.dll - Powered by Reason Core Security
Publisher:
installdaddy  (signed by CoolMirage Ltd.)

Product:
Torntv V9.0

Description:
Torntv V9.0 BHO

Version:
1.1.153.67

MD5:
324acb5de5a6084953c6ff517f5bddaf

SHA-1:
29cbc2bac43e9a0c217e470fbeaf59f849f53d72

SHA-256:
a7033b150cceca543652c1ce4e56be8e7724834fa838d56c98815b2dcb62a98a

Scanner detections:
47 / 68

Status:
Adware

Explanation:
InstallDaddy bunldes adware such as toolbars and unwanted browser extensions.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is CoolMirage Ltd..

Analysis date:
12/4/2016 7:28:36 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.Ramnit.N
911

Agnitum Outpost
Win32.Nimnul.Gen.2
7.1.1

AhnLab V3 Security
Win32/Ramnit.G
2014.07.27

Avira AntiVirus
Adware/CrossRider.A.7929
7.11.154.46

Antiy Labs AVL
GrayWare[AdWare:not-a-virus]/Win32.AdLoad
1.0.0.1

avast!
Win32:RmnDrp
2014.9-140807

AVG
Win32/Zbot.F
2015.0.3389

Baidu Antivirus
Adware.Win32.CrossRider
4.0.3.14610

Bitdefender
Win32.Ramnit.N
1.0.20.1095

Bkav FE
W32.InjectAdwaredDwnA1.PE
1.3.0.4959

Clam AntiVirus
W32.Ramnit-1
0.98/19168

CMC Antivirus
Virus.Win32.Ramit.1!O
1.1.0.977

Commtouch SDK
W32/Ramnit.E
5.4.1.7

Comodo Security
Virus.Win32.Ramnit.K
18989

Dr.Web
Win32.Rmnet.12
9.0.1.0219

Emsisoft Anti-Malware
Win32.Ramnit.N
8.14.08.07.05

ESET NOD32
Win32/Toolbar.CrossRider.AF potentially unwanted application
7.0.302.0

Fortinet FortiGate
Adware/Adload
8/7/2014

F-Prot
W32/Ramnit.E
v6.4.6.5.141

F-Secure
Win32.Ramnit.N
11.2014-07-08_5

G Data
Win32.Ramnit
14.8.24

IKARUS anti.virus
PUA.CrossRider
t3scan.1.6.1.0

Jiangmin
Win32/IRCNite.wi
KV140807

K7 AntiVirus
Virus
13.181.12846

K7 Gateway Antivirus
Virus
13.181.12846

Kaspersky
not-a-virus:AdWare.Win32.AdLoad
14.0.0.3441

Kingsoft AntiVirus
Win32.Troj.Adload.q.(kcloud)
331020.49267

Malwarebytes
PUP.Optional.Sense.A
v2014.08.07.05

McAfee
Artemis!818D7D6B5A8A
5600.7045

McAfee Web Gateway
Artemis!818D7D6B5A8A
7.7045

Microsoft Security Essentials
Threat.Undefined
1.179.1221.0

MicroWorld eScan
Win32.Ramnit.N
15.0.0.657

NANO AntiVirus
Virus.Win32.Nimnul.bqjjnb
0.28.2.60990

Norman
Ramnit.AS
11.20140807

nProtect
Virus/W32.SpyEye
14.07.27.01

Panda Antivirus
Trj/Chgt.A
14.08.07.05

Qihoo 360 Security
HEUR/Malware.QVM30.Gen
1.0.0.1015

Quick Heal
W32.Ramnit.A
8.14.14.00

Reason Heuristics
PUP.Crossrider.BHO.O
14.8.7.17

Rising Antivirus
PE:Malware.Obscure!1.9C59
23.00.65.14805

Sophos
W32/Ramnit-A
4.98

Total Defense
Win32/Ramnit.C
37.0.11084

Trend Micro House Call
TROJ_GEN.R08NH07FI14
7.2.219

Trend Micro
PE_RAMNIT.DEN
10.465.07

Vba32 AntiVirus
Virus.Win32.Nimnul.b
3.12.26.3

VIPRE Antivirus
Threat.4789396
30086

ViRobot
Win32.Nimnul.A
2011.4.7.4223

Remove torntv v9.0-bho.dll - Powered by Reason Core Security
File size:
563.9 KB (577,408 bytes)

Product version:
1.1.153.67

Copyright:
Copyright 2011

Original file name:
Torntv V9.0.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\torntv v9.0\torntv v9.0-bho.dll

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
6/6/2013 2:00:00 AM

Valid to:
6/7/2014 1:59:59 AM

Subject:
CN=CoolMirage Ltd., O=CoolMirage Ltd., L=Tel Aviv, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
110F603E63C86349A5F243EA06966F33

File PE Metadata
Compilation timestamp:
6/9/2014 12:06:38 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:J0BgrzgA/ke6Rb+emh6Yw/xOFxOTjBapiGDMYiG1:J08gA/ke6Rb+emUYzFcTjAQgMk1

Entry address:
0x400F7

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 1A, B4, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, E8, 99, 07, 10, E8, BA, 46, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 08, 0A, 08, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 44, A2, 06, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
382.5 KB (391,680 bytes)

Internet Explorer BHO
Display name:
CrossriderApp0051390

CLSID:
{11111111-1111-1111-1111-110511131190}

CLSID name:
Torntv V9.0


The file torntv v9.0-bho.dll has been discovered within the following program.

Torntv V9.0  by InstallDaddy Services Ltd.
This is a potentially unwanted program (PUP) that bundles various additional offers during setup, typically ad-supported (adware) in functionality.
88% remove it
 
Powered by Should I Remove It?

Remove torntv v9.0-bho.dll - Powered by Reason Core Security