Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Relationships
Discount Buddy.dll
Discount Buddy by Excellent Apps (Signed)
Version: | 1.1.153.4 |
MD5: | 28aedc071adb1f0f65b89ab16e36a16c |
SHA1: | 7a5085554447339125cb72cc6618fc0d64727edd |
SHA256: | 86664aaa0263f5435af4d066854b5cc77f755412e6e1e16b2b64594ac4cf8e72 |
Warning 10 antivirus scanners has detected malware.
Overview
discount buddy.dll is malware that is loaded as dynamic link library that runs in the context of Internet Explorer. It is installed in Internet Explorer as a Browser Helper Object (BHO) which has full acess to the web browser's behaviors and content. This is typically installed with the program Discount Buddy published by 215 Apps and is most likely removed by most users once installed (80% removed). The file is digitally signed by Excellent Apps which was issued by the Thawte certificate authority (CA). This particular version is usually found on Windows 7 Home Premium (6.1.7601.65536).
Details
File name: | discount buddy.dll |
Publisher: | 215 Apps |
Product name: | Discount Buddy |
Description: | Discount Buddy BHO |
Typical file path: | C:\Program Files\discount buddy\discount buddy.dll |
File version: | 1.1.153.4 |
Size: | 687.88 KB (704,392 bytes) |
Certificate |
Issued to: | Excellent Apps |
Authority (CA): | Thawte |
Effective date: | Tuesday, August 28, 2012 |
Expiration date: | Thursday, August 29, 2013 |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following program will install this file
It aggressive adware created and distributed by 50onRed and is typically included in various 3rd party software bundles that displays advertisements as you browse the web by injecting them directly into the web pages you visit. When you install the plug-in, it also has a background process that will attempt to disabled other 'conflicting' extensions that might interfere with it, this includes other competing products as well as some sec...
Behaviors
Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
- BHO CLSID: {11111111-1111-1111-1111-110211671166}
Malware detections
Based on 40+ industry antivirus scanners, 10 of them detected the following malware.
Antivirus engine | Engine version | Detection |
Comodo Internet Security |
17771 |
ApplicUnwnt |
Emsisoft Anti-Malware |
None |
Riskware.Win32.Toolbar.CrossRider.AMN (A) |
ESET NOD32 |
7.9411 |
a variant of Win32/Toolbar.CrossRider.H |
Ikarus |
T3.1.5.6.0 |
AdWare.Win32.CouponCompanion |
K7 AntiVirus |
9.175.11136 |
Trojan ( 0048c1901 ) |
K7GW |
9.175.11136 |
Trojan ( 0048c1901 ) |
Kingsoft |
2013.04.09.267 |
Win32.Troj.Generic.a.(kcloud) |
McAfee |
6.4.564 |
Artemis!28AEDC071ADB |
McAfee Gateway Anti-Malware |
v2013-dat |
Artemis!28AEDC071ADB |
VIPRE Antivirus |
26378 |
GamePlayLabs (v) |
Distribution by Windows OS
OS version | distribution |
Windows 7 Home Premium |
100.00% |
|
Distribution by PC manufacturer
PC Manufacturer | distribution |
Hewlett-Packard |
100.00% |
|