home

tfilesys.dll

The module tfilesys.dll has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including Proteus 7 Professional by Labcenter Electronics and SushiLeads by One Call Ltd. The file has been seen being downloaded from cfsapatch.z8games.com and multiple other hosts.
MD5:
c324946ce1884cae603d6f4aa055ac8c

SHA-1:
cab3203eedd68ad0cea45ee47b1d7866bb208b9a

SHA-256:
61d9e6520ef1b93e440f9c235baca40cac8a44cd938a93019acb62f220d02cb9

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 8:24:01 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.VOPackage
16.3.1.9

File size:
44 KB (45,056 bytes)

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\tfilesys\tfilesys.dll

File PE Metadata
OS bitness:
Win64

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

The file tfilesys.dll has been discovered within the following programs.

EZDownloader  by WebPick Internet Holdings Ltd.
EZDownloader is a download manager the bundles various offers including web browser toolbars (Babylon Toolbar, Funmoods and Search.us) and extensions as well as various other potentially unwanted software programs. It wraps various 3rd party software from the download site www.
www.ez-download.com
80% remove it
Proteus 7 Professional  by Labcenter Electronics
Publisher's description - “Proteus is software for microprocessor simulation, schematic capture, and printed circuit board (PCB) design. The Proteus Professional demonstration is intended for prospective customers who wish to evaluate professional level products.”
www.labcenter.com
About 2% of users remove it
Remote Desktop Access (VuuPC)  by CMI Limited
Developed and distributed through bundled installer from Click Me In. The software may be bundled by 3rd-party products using the InstallCore distribution platform.
vuupc.com/terms.html
About 82% of users remove it
SushiLeads  by One Call Ltd
SushiLeads (a PastaLeads variant) is an adware program that installs as a web browser plugin to inject and display advertisements.
81% remove it
 
Powered by Should I Remove It?

The file tfilesys.dll has been seen being distributed by the following 8 URLs.

http://cfsapatch.z8games.com/xtrap/.../XTrapExt.dll

http://cfpatch.z8game.com/xtrap/.../XTrapExt.dll

http://cfpatch.z8game.com/xtrap/.../XTrapExt.dll

http://cfsapatch.z8games.com/xtrap/.../XTrapExt.dll

http://cfpatch.z8game.com/xtrap/.../XTrapExt.dll

http://cfsapatch.z8games.com/xtrap/.../XTrapExt.dll

http://d10huri5h4o4a3.cloudfront.net/jorunasu.exe

http://download.mc.ogplanet.com/xtrap/.../XTrapExt.dll

Remove tfilesys.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.