_setup.dll

InstallShield

Macrovision Corporation

Publisher:
Macrovision Corporation  (signed and verified)

Product:
InstallShield

Description:
FLEXnet (R) InstallShield (R) Setup Launcher Resources

Version:
12.0.49974

MD5:
30ebd4e80b1dda05eac709a1dc5965b4

SHA-1:
2418232370026574baabc84b105f6dd9e458ad86

SHA-256:
8802e54ce01babf7bb22d0da5c83bebc5c05d0ccd73566a5f836690e9278a696

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 2:55:14 PM UTC  (today)

File size:
160.9 KB (164,784 bytes)

Product version:
12.0

Copyright:
Copyright (C) 2006 Macrovision Corporation

Original file name:
_setup2k.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\_setup.dll

Digital Signature
Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
2/10/2006 12:00:00 AM

Valid to:
2/20/2008 11:59:59 PM

Subject:
CN=Macrovision Corporation, OU=ENGINEERING, O=Macrovision Corporation, L=Schaumburg, S=Illinois, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
036939C475D53C1D70992DB8A87EB7D3

File PE Metadata
Compilation timestamp:
5/16/2006 6:22:23 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:Eb9YfMX0E9QsJB9cWe7Ka2coNfCp5CzQQfnlS6LlwYKU7:EKlua8NfCp5CcS7

Entry address:
0x1000

Entry point:
6A, 01, 58, C2, 0C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.3265

Code size:
4 KB (4,096 bytes)

The file _setup.dll has been discovered within the following programs.

Alta Star HUD LITE 3 for Networks  by Alta Star Software
www.hudlite.com
About 1% of users remove it
CTI OS Client  by Cisco Systems, Inc.
Publisher's description - “CTI OS is a server-based integration solution that enables all objects to exist on the CTI OS server. The client-side objects, through which the developer can interact with the CTI OS CIL, is conceptually thought of as a thin proxy for server-side objects.”
www.cisco.com
8% remove it
CTI OS Silent Monitor  by Cisco Systems, Inc.
Publisher's description - “The silent monitor functionality resides in a separate silent monitor service, rather than in the CIL. This is necessary to support both Citrix and mobile agent environments. C++ agent and supervisor desktops communicate with the silent monitor service via TCP connection.”
7% remove it
www.dawnofwargame.com/homepage.php
About 4% of users remove it
Harukoi Otome  by NEXTON
Harukoi Otome is a digital anime video game distributed on the MangaGamer.com portal.
www.mangagamer.com
About 8% of users remove it
NTI Backup Now 5  by NewTech Infosystems
Publisher's description - “Backup all or selected files and folders from local and mapped drivesEasy backup of emails and documents Easy backup of your PC desktop profile and configuration data Secure 128-bit or 256-bit data encryption Open File Module (OFM) gives your Windows backup the power to backup any open locked or in-use file ensuring that your information will run without interruption twenty four hours day seven days a week.”
www.ntius.com
12% remove it
OpenEdge 10.2B  by PSC
About 5% of users remove it
www.pixela.co.jp
About 6% of users remove it
Skyward PaC  by Skyward, Inc.
www.Skyward.com
About 6% of users remove it
Supreme Commander  by Gas Powered Games
Supreme Commander is a real-time strategy computer game focused on using a giant bipedal mech called an Armored Command Unit.
www.gaspowered.com
About 3% of users remove it
 
Latest 20 of 20 programs
Powered by Should I Remove It?

The file _setup.dll has been seen being distributed by the following 5 URLs.

http://bmssco/.../_Setup.dll

http://200.73.35.244:8080/webclient/.../_Setup.dll

Scan _setup.dll - Powered by Reason Core Security