Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Relationships
divaptonbho.dll
DiVapton by DiVapton (Signed)
Version: | 1.0.0.1 |
MD5: | 0f5a8586a33cb6bab7e93e4b0a9a1c1f |
SHA1: | c88a837e81cea29dcb1595c917878f96534947ee |
SHA256: | 85633d17b901438f03ce16dc64a5433482336f2b41c781ad8375112b3bbdb2f7 |
Warning 4 antivirus scanners has detected malware.
Overview
divaptonbho.dll is malware that is loaded as dynamic link library that runs in the context of Internet Explorer. It is installed in Internet Explorer as a Browser Helper Object (BHO) which has full acess to the web browser's behaviors and content. It is installed with a couple of know programs including DiVapton 1.0.0 published by Yontoo Technology, Inc. and DiVapton published by Yontoo Technology, Inc.. The file is digitally signed by DiVapton which was issued by the VeriSign certificate authority (CA).
Details
File name: | divaptonbho.dll |
Publisher: | DiVapton |
Product name: | DiVapton |
Typical file path: | C:\Program Files\divapton\divaptonbho.dll |
Original name: | DiVaptonIEClient.dll |
File version: | 1.0.0.1 |
Size: | 243.77 KB (249,624 bytes) |
Build date: | 9/30/2013 6:04 PM |
Certificate |
Issued to: | DiVapton |
Authority (CA): | VeriSign |
Effective date: | Wednesday, September 18, 2013 |
Expiration date: | Saturday, September 19, 2015 |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following programs will install this file
This toolbar/web browser extension is ad/search-supported that is typically installed as an optional offer, users generally have this bundled with 3rd party software. During setup, this toolbar will modify the home page and new tab pages to an affiliate search portal using a primary search engine in order to collect shared search revenue.
The software is digitally signed by DiVapton.
Behaviors
Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
- BHO CLSID: {3bf42771-1b8a-4910-b3dc-eb330e40020a}
Malware detections
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
Antivirus engine | Engine version | Detection |
Dr.Web |
8.13.11.25 |
Adware.Plugin.100 |
ESET NOD32 |
7.9073 |
a variant of Win32/BrowseFox.F |
Malwarebytes |
1.75.0.1 |
PUP.Optional.DiVapton.A |
VIPRE Antivirus |
23552 |
Yontoo (fs) |
Distribution by Windows OS
OS version | distribution |
Windows 7 Professional |
33.33% |
|
Windows 7 Home Premium |
33.33% |
|
Windows 8 Enterprise |
33.33% |
|
Distribution by country
Czech Republic installs about 33.33% of DiVapton.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Lenovo |
50.00% |
|
Sony |
50.00% |
|