» color my facebook 2-bho.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

color my facebook 2-bho.dll

Color My Facebook 2

Duval

This web browser extension uses the Crossrider toolbar creation and distribution platform. The module color my facebook 2-bho.dll, “Color My Facebook 2 BHO” has been detected as adware by 25 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘CrossriderApp0030297’. This file is typically installed with the program Color My Facebook 2 by Duval which is a potentially unwanted software program. According to Microsoft Security Essentials, this AddLyrics variant installs itself as a Chrome extension, an Internet Explorer add-on, and a Firefox plug-in and displays advertisements in the browser, and also display the lyrics to songs viewed on YouTube.

File name:

Publisher:

Duval

Product:

Color My Facebook 2

Description:

Color My Facebook 2 BHO

Version:

1.1.153.27

MD5:

bd37fa7b6069ec6100922b37bf63f56b

SHA-1:

44f9b9548a5460c781ad83d85292a25a79dfb922

SHA-256:

c4a4a09a448538aaa2058a7153771107472da83374d8f0956060d11a0dcba161

Scanner detections:

25 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:

4/24/2024 9:50:36 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Generic.633342

1138

AVG

Generic5

2014.0.3616

Baidu Antivirus

Adware.Win32.Lyckriks

4.0.3.131223

Bitdefender

Adware.Generic.633342

1.0.20.1785

Bkav FE

W32.Clodd68.Trojan

1.3.0.4613

Comodo Security

ApplicUnwnt

17154

Dr.Web

Trojan.Crossrider.7

9.0.1.0357

Emsisoft Anti-Malware

Adware.Generic.611579

8.14.01.02.10

ESET NOD32

Win32/Toolbar.CrossRider (variant)

7.9175

Fortinet FortiGate

Adware/Lyckriks

12/23/2013

F-Secure

Adware.Generic.633342

11.2013-23-12_2

G Data

Adware.Generic.633342

13.12.22

IKARUS anti.virus

not-a-virus:AdWare.Win32.Lyckriks

t3scan.2.2.29

K7 AntiVirus

Riskware

13.174.10509

Kaspersky

not-a-virus:AdWare.Win32.Lyckriks

14.0.0.4577

Malwarebytes

PUP.Optional.ColorMyFacebook2.A

v2013.12.23.04

McAfee

Artemis!BD37FA7B6069

5600.7272

Microsoft Security Essentials

Adware:Win32/AddLyrics

1.163.1557.3

MicroWorld eScan

Adware.Generic.633342

14.0.0.1071

NANO AntiVirus

Trojan.Win32.Crossrider.cpffpi

0.28.0.56692

Panda Antivirus

Suspicious file

14.01.02.10

Sophos

Generic PUA EE

4.96

Trend Micro House Call

TROJ_GEN.R0C1H07JO13

7.2.2

Vba32 AntiVirus

AdWare.Lyckriks

3.12.24.3

VIPRE Antivirus

Crossrider

24386

File size:

584.5 KB (598,528 bytes)

Product version:

1.1.153.27

Original file name:

Color My Facebook 2.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\color my facebook 2\color my facebook 2-bho.dll

File PE Metadata

Compilation timestamp:

8/12/2013 11:44:08 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:a1SkF27hRMjXzOTPNMs5KbIioB/6c3Y1UozaYMF/GTXL3nHpPlan:a1Sq27hKjXzOTh5KbIioB/6c3Y1U1YMA

Entry address:

0x4836D

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, AC, B1, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 99, AF, FF, FF, 59, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, A1, F8, 4B, 08, 10, 33, C5, 89, 45, FC, 8B, 55, 18, 53, 33, DB, 56, 57, 3B, D3, 7E, 1F, 8B, 45, 14, 8B, CA, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, C2, 2B, C1, 48, 3B, C2, 7D, 01, 40, 89, 45, 18... 
[+]

Code size:

402 KB (411,648 bytes)

Internet Explorer BHO

Display name:

CrossriderApp0030297

CLSID:

{11111111-1111-1111-1111-110311021197}

CLSID name:

Color My Facebook 2

The file color my facebook 2-bho.dll has been discovered within the following programs.

Color My Facebook 2 by Duval

The Color My Facebook web browser add-in by AugustinDuval is designed to allow users to change the color of the Facebook web pages. It uses the Crossrider Toolbar platform and utilizes a download installer that bundles additional software.

colormyfacebook.com

62% remove it

Remove color my facebook 2-bho.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.