Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Additional versions
Relationships
extension32.dll
By Bit Cocktail Ltd. (Signed)
| Version: | 2.0.0.586 |
| MD5: | f78cf61d4e49e0cccf0e706df5208d65 |
| SHA1: | 3602ed6725ce4319d3ff1418239925988ea3cfcc |
| SHA256: | 72e1eeb8b31fff56c40dff022aea371e1e612dfd1f2ae8b0302fc02134cb5f4f |
Warning 3 antivirus scanners has detected malware.
Overview
extension32.dll is malware that is loaded as dynamic link library that runs in the context of Internet Explorer. It is installed in Internet Explorer as a Browser Helper Object (BHO) which has full acess to the web browser's behaviors and content. It is installed with a couple of know programs including Updater By SweetPacks 2.0.0.566 published by SweetIM Technologies Ltd. and Updater By SweetPacks 2.0.0.586 published by SweetIM Technologies Ltd.. The file is digitally signed by Bit Cocktail Ltd. which was issued by the Thawte certificate authority (CA).
Details
| File name: | extension32.dll |
| Typical file path: | C:\Program Files\plazy\extension32.dll |
| Original name: | Extension.dll |
| File version: | 2.0.0.586 |
| Size: | 165.34 KB (169,304 bytes) |
| Build date: | 5/16/2013 1:10 AM |
| Certificate |
| Issued to: | Bit Cocktail Ltd. |
| Authority (CA): | Thawte |
| Digital DNA |
| PE subsystem: | Windows GUI |
| File packed: | No |
| .NET CLR: | No |
More details
Programs
The following programs will install this file
|
SweetIM Technologies Ltd. |
|
Updater By SweetPacks (from Perion) is designed to monitor and keep the SweetPacks programs automatically up to date. It checks for software updates and automatically downloads and installs them if found. It does so by adding a startup entry to the registry to automatically load each time a user logs into windows and remotely checks its server for updates by adding a Windows firewall exception. If an update is found it will silently ins...
Behaviors
Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
- BHO CLSID: {7D4F1959-3F72-49d5-8E59-F02F8AA6815D}
- BHO CLSID: {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
- BHO CLSID: {7D99783A-E6BF-4a1a-A923-4DAA5ADF3D66}
- BHO CLSID: {1F30D846-4BEF-4246-B19E-7E503B0E6639}
- BHO CLSID: {336D0C35-8A85-403a-B9D2-65C292C39087}
- BHO CLSID: {FEFE89E5-A43F-4f4b-8211-B11D91D02135}
- BHO CLSID: {A6629839-6636-4998-95D6-2B0F52141861}
- BHO CLSID: {70481DB1-0A21-4ae4-AEB8-AD820E7052C4}
- BHO CLSID: {121C6AF3-6778-4360-AFDB-57BD4E3E4343}
Malware detections
Based on 40+ industry antivirus scanners, 3 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| ESET NOD32 |
7.8722 |
a variant of Win32/Toolbar.Perion.A |
| Malwarebytes |
1.75.0.1 |
PUP.Optional.SweetPacks.A |
| Sophos |
4.91.0 |
BitCocktail |
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
26.47% |
|
| Windows 8 |
20.59% |
|
| Windows Vista Home Premium |
17.65% |
|
| Windows 7 Ultimate N |
11.76% |
|
| Microsoft Windows XP |
8.82% |
|
| Windows 8 Pro |
5.88% |
|
| Windows 7 Ultimate |
2.94% |
|
| Windows 7 Starter |
2.94% |
|
| Windows 7 Professional |
2.94% |
|
Distribution by country
United States installs about 79.41% of extension32.dll.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Toshiba |
55.56% |
|
| Hewlett-Packard |
19.44% |
|
| Sony |
11.11% |
|
| Gateway |
5.56% |
|
| ASUS |
5.56% |
|
| GIGABYTE |
2.78% |
|
