» FindRight.IEUpdate.dll
Overview
Analysis
File Details
Programs (1)

FindRight.IEUpdate.dll

FindRight

This is the Internet Explorer add-on for the Yontoo FindRight branded web browser plugin (injects banner, text-link and popup ads). The component is responisble for registering the Browser Helper Object into IE and keeping it registered. The module FindRight.IEUpdate.dll by FindRight has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program FindRight by Yontoo Technology, Inc. which is a potentially unwanted software program.

File name:

Publisher:

FindRight (signed and verified)

Version:

1.0.5151.28645

MD5:

780b8d0faa45956f840646a891a46387

SHA-1:

073389118011dac71eee80f1df76762a57a37d80

SHA-256:

009d165f067751d9af8bf122c16a9ece081c4e8048788e19f4901de0edd41df2

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Part of the Yontoo distributed ad-supported web browser add-on for Internet Explorer.

Analysis date:

4/26/2024 11:04:48 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.FindRight.R

14.2.12.10

File size:

81.8 KB (83,744 bytes)

Product version:

1.0.5151.28645

Original file name:

FindRight.IEUpdate.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\Program Files\findright\bin\plugins\findright.ieupdate.dll

Digital Signature

Signed by:

FindRight

Authority:

VeriSign, Inc.

Valid from:

11/27/2013 2:00:00 AM

Valid to:

11/28/2014 1:59:59 AM

Subject:

CN=FindRight, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=FindRight, L=San Diego, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

316898120EF6443A93FBD11BC136B0B4

File PE Metadata

Compilation timestamp:

2/7/2014 5:54:59 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:oNGjVoc477kkxBQ37pDmq2LYPYGPN6IsttoujfGxbe6Gvp+meLZGeltU:oMod77k93dD7kYzQ3QKdvZe1Ge/

Entry address:

0x144EE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.0784

Code size:

73.5 KB (75,264 bytes)

The file FindRight.IEUpdate.dll has been discovered within the following program.

FindRight by Yontoo Technology, Inc.

This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.

myfindright.com/support

83% remove it

Remove FindRight.IEUpdate.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.