https://www.displayfusion.com/Discussions/RSS/?TopicID=4c571eef-9a1c-4e37-8d6e-9dca96dd26ad DisplayFusion RSS: Webroot SecureAnywhere flagging APPHOOKWIN6032.DLL as W32.Obfuscated.Gen in 7.3.1 Wed, 27 May 2026 19:09:47 GMT en hourly 1 https://www.displayfusion.com/Discussions/RSS/?TopicID=4c571eef-9a1c-4e37-8d6e-9dca96dd26ad https://www.displayfusion.com/Discussions/View/webroot-secureanywhere-flagging-apphookwin6032dll-as-w32obfuscatedgen-in-731/?ID=4c571eef-9a1c-4e37-8d6e-9dca96dd26ad#4 Thu, 24 Sep 2015 18:01:19 GMT Binary Fortress Software https://www.displayfusion.com/Discussions/View/webroot-secureanywhere-flagging-apphookwin6032dll-as-w32obfuscatedgen-in-731/?ID=4c571eef-9a1c-4e37-8d6e-9dca96dd26ad#4 DisplayFusion @Evahn: Thanks for the heads up, and thanks for submitting it to Webroot! Glad to hear they were able to quickly confirm it was a false positive

Please let us know if you need anything else at all. ]]> https://www.displayfusion.com/Discussions/View/webroot-secureanywhere-flagging-apphookwin6032dll-as-w32obfuscatedgen-in-731/?ID=4c571eef-9a1c-4e37-8d6e-9dca96dd26ad#3 Thu, 24 Sep 2015 02:07:09 GMT Binary Fortress Software https://www.displayfusion.com/Discussions/View/webroot-secureanywhere-flagging-apphookwin6032dll-as-w32obfuscatedgen-in-731/?ID=4c571eef-9a1c-4e37-8d6e-9dca96dd26ad#3 DisplayFusion I submitted this issue to Webroot SecureAnywhere support and they've confirmed it was a false positive and updated the status of this file to "Good".

From Webroot support:
In regards to you Display Fusion Query, We have sent the file information to our threat research team, who have determined that this file has been Marked Incorrectly and is a False Positive. We have white-listed these processes in our database, this should resolve the issues you were experiencing.

Please run a scan to update your determinations and then try to reproduce the issue. As the Threat determination database was previously Detecting the file as "Bad" it is expected behavior that the Agent was detecting and removing.


So I believe you will need to go to each of the affected workstations in the portal and select to restore the DLL from quarantine.

Good luck ]]> https://www.displayfusion.com/Discussions/View/webroot-secureanywhere-flagging-apphookwin6032dll-as-w32obfuscatedgen-in-731/?ID=4c571eef-9a1c-4e37-8d6e-9dca96dd26ad#2 Thu, 24 Sep 2015 00:35:51 GMT Binary Fortress Software https://www.displayfusion.com/Discussions/View/webroot-secureanywhere-flagging-apphookwin6032dll-as-w32obfuscatedgen-in-731/?ID=4c571eef-9a1c-4e37-8d6e-9dca96dd26ad#2 DisplayFusion I'm seeing this as well on my Windows 10 system with DisplayFusion 7.3.1 after updating from DisplayFusion 7.3. Is this version of DisplayFusion 7.3.1 actually safe to use? ]]> https://www.displayfusion.com/Discussions/View/webroot-secureanywhere-flagging-apphookwin6032dll-as-w32obfuscatedgen-in-731/?ID=4c571eef-9a1c-4e37-8d6e-9dca96dd26ad Wed, 23 Sep 2015 23:25:40 GMT Binary Fortress Software https://www.displayfusion.com/Discussions/View/webroot-secureanywhere-flagging-apphookwin6032dll-as-w32obfuscatedgen-in-731/?ID=4c571eef-9a1c-4e37-8d6e-9dca96dd26ad DisplayFusion We deployed Display Fusion 7.3.1 to a few workstations this morning and started receiving notifications that Webroot SecureAnywhere AV had flagged the APPHOOKWIN6032.DLL as "Bad" due to W32.Obfuscated.Gen which I assume means some indication of obfuscation present.
I've created an over-ride as I'm sure that is a false positive but maybe something for the Devs to look into as this issue was not present in v7.3 only in this last update.

APPHOOKWIN6032_CBB09B03-FA28-479C-8E95-DBDE025F65AB.DLL, W32.Obfuscated.Gen, %programfiles%\displayfusion\hooks\,

http://snup.webrootcloudav.com/SkyStoreFileUploader/upload.aspx?MD5=FCBAAB1526B90975F9DC9AFB19F63043
FCBAAB1526B90975F9DC9AFB19F63043, 4 mins 54 secs ]]>