pmxg.dll

PremierOpinion

VoiceFive Networks, Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The module pmxg.dll by VoiceFive Networks has been detected as adware by 33 anti-malware scanners. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
VoiceFive Networks, Inc.  (signed and verified)

Product:
PremierOpinion

Version:
1, 3, 326, 1

MD5:
27ac9f9316cb72aae2483ca24472c117

SHA-1:
a211ec1277bac5805ed58c446bac1c02c6a1dfb7

SHA-256:
78ee743674dfac6cc44f17b31b4863137fcc70a68072362913c4ee0c040acac5

Scanner detections:
33 / 68

Status:
Adware

Analysis date:
12/23/2024 3:26:54 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Adware.Heur.hu9@R03oQtpi
377

Agnitum Outpost
Adware.Agent
7.1.1

AhnLab V3 Security
Trojan/Win32.ADH
2014.06.15

Avira AntiVirus
TR/Spy.123520
7.11.160.254

avast!
Win32:Relevant-AC [PUP]
2014.9-160124

AVG
RelevantKnowledge
2017.0.2855

Baidu Antivirus
Adware.Win32.RK
4.0.3.16124

Bitdefender
Gen:Adware.Heur.hu9@R03oQtpi
1.0.20.120

Clam AntiVirus
PUA.RelevantKnowledge
0.98/18155

Comodo Security
UnclassifiedMalware
18866

Dr.Web
Adware.OSSProxy
9.0.1.024

Emsisoft Anti-Malware
Gen:Adware.Heur.hu9@R03oQtpi
8.16.01.24.08

ESET NOD32
Win32/Adware.RK.AM (variant)
10.9946

Fortinet FortiGate
Riskware/OSS
1/24/2016

F-Secure
Gen:Adware.Heur.hu9@R03oQtpi
11.2016-24-01_1

G Data
Gen:Adware.Heur.hu9@R03oQtpi
16.1.24

IKARUS anti.virus
Gen:Adware
t3scan.1.1.103.0

K7 AntiVirus
Riskware
13.178.12292

Malwarebytes
PUP.Optional.RelevantKnowledge
v2016.01.24.08

McAfee
Proxy-OSS
5600.6511

MicroWorld eScan
Gen:Adware.Heur.hu9@R03oQtpi
17.0.0.72

NANO AntiVirus
Riskware.Win32.OSSProxy.cxdphk
0.28.0.60100

Norman
Adware.A!genr
11.20160124

Prevx
Medium Risk Malware
3.0

Qihoo 360 Security
Win32/Trojan.Spy.ddb
1.0.0.1015

Reason Heuristics
PUP.TMRG.VoiceFiveNetworks (M)
16.1.24.8

Rising Antivirus
PE:Trojan.Win32.Generic.125F5103!308236547
23.00.65.16122

Sophos
Generic Proxy-OSS Application
4.98

SUPERAntiSpyware
Spyware.RelevantKnowledge
9366

Trend Micro House Call
TROJ_GEN.R4FH1HN
7.2.24

Vba32 AntiVirus
Signed-AdWare.Win32.Relevant
3.12.26.3

VIPRE Antivirus
Adware.Win32.RelevantKnowledge.a
31316

ViRobot
Adware.Agent.119424
2011.4.7.4223

File size:
121.3 KB (124,232 bytes)

Product version:
1, 3, 326, 1

Copyright:
Copyright (C) 2001-2008

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\windows\temp\{random}.tmp\pmxg.dll

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
8/9/2009 8:00:00 PM

Valid to:
10/5/2012 7:59:59 PM

Subject:
CN="VoiceFive Networks, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="VoiceFive Networks, Inc.", L=Reston, S=VA, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7FE867AFCDCA794F00B81D64E13D7A0B

File PE Metadata
Compilation timestamp:
3/9/2010 4:43:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
1536:E5CKTz3gBOY63rOf42HLqeLobXhec7Mdph4eB9f86DW8EToB9oeJh8Y0oAx2kE/M:Sr0P5a8EToB9oeJ/Ax2kE/+mIP

Entry address:
0x104EA

Entry point:
6A, 0C, 68, 38, 3F, 01, 10, E8, 76, 02, 00, 00, 33, C0, 40, 89, 45, E4, 33, FF, 89, 7D, FC, 8B, 75, 0C, 3B, F7, 75, 0C, 39, 3D, 94, 82, 01, 10, 0F, 84, AC, 00, 00, 00, 3B, F0, 74, 05, 83, FE, 02, 75, 31, A1, AC, 84, 01, 10, 3B, C7, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D0, 89, 45, E4, 39, 7D, E4, 0F, 84, 85, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, E5, FE, FF, FF, 89, 45, E4, 3B, C7, 74, 72, 8B, 5D, 10, 53, 56, FF, 75, 08, E8, EF, 01, 00, 00, 89, 45, E4, 83, FE, 01, 75, 0E, 3B, C7, 75, 0A, 53, 57, FF...
 
[+]

Entropy:
5.8078

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
72 KB (73,728 bytes)

Remove pmxg.dll - Powered by Reason Core Security