This file is a support library for an advertising-based software package (potentially unwanted/adware) distributed by 50onRed used to hijack the Internet browser search provider. The module frameworkbho.dll by Engaging Apps has been detected as adware by 7 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Start Savin BHO’. This web browser addon will display additional advertisements in the user's browser including popup, banner, contextual hyperlinks as well as affiliate links.
7 / 68
Browser extension that injects additional advertisements (banner and text links) on web pages.
3/21/2014 4:42:24 PM UTC (four months ago)
Antiy Labs AVL
Trend Micro House Call
282 KB (288,816 bytes)
Dynamic link library (Win32 DLL)
English (United States)
C:\Program Files\start savin\frameworkbho.dll
6/4/2013 12:00:00 AM
6/4/2014 11:59:59 PM
CN=Engaging Apps, O=Engaging Apps, L=Philadelphia, S=Pennsylvania, C=US
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US
3/6/2014 7:50:46 AM
180.5 KB (184,832 bytes)
Internet Explorer BHO
Start Savin BHO
The following container packages frameworkbho.dll in it.
There are numerous known variations of frameworkbho.dll.
Detection Incidence by Country