home

hdtotal1.3-bho.dll

hdtotal1.3

hdtotal

This web browser extension uses the Crossrider toolbar creation and distribution platform. The module hdtotal1.3-bho.dll has been detected as adware by 8 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘CrossriderApp0053360’. This is the Browser Helper Object (BHO) for the Crossrider web browser platform for Internet Explorer. Instead of utilizing a traditional IE Toolbar, it installs a BHO in the browser in order to manage the functionality of the addon.
Publisher:
hdtotal

Product:
hdtotal1.3

Description:
hdtotal1.3 BHO

Version:
1.1.153.7

MD5:
9486e1a71d99c3c61fc639f825e96f25

SHA-1:
531eab44111487fd336cf59e293f0135b623dc07

SHA-256:
af624b244981154bf343a8818ab5fae2e77f4f20eeba5525798d4cbd2ac39fbe

Scanner detections:
8 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application.

Analysis date:
4/19/2024 10:44:01 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
MultiBundle.R
2015.0.3503

herdProtect (fuzzy)
variant of hdtotal1.1-bho.dll (Adware)
2014.6.13.2

Malwarebytes
PUP.Optional.HDTotal.A
v2014.04.16.06

McAfee
Artemis!9486E1A71D99
5600.7159

Reason Heuristics
PUP.Crossrider.BHO.N
14.4.16.6

Sophos
AppRider
4.98

Trend Micro House Call
TROJ_GEN.F47V0406
7.2.106

VIPRE Antivirus
Crossrider
27278

File size:
490 KB (501,760 bytes)

Product version:
1.1.153.7

Copyright:
Copyright 2011

Original file name:
hdtotal1.3.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\hdtotal1.3\hdtotal1.3-bho.dll

File PE Metadata
Compilation timestamp:
3/10/2014 9:06:35 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:qBUIlh2A7YbWgFwSLWpPtkm5CMrWUs0g46TPZWPpPE:qBUIlIAjgFwSLWpPtkm0MrWmgbTBWRPE

Entry address:
0x37BC2

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 52, BC, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 28, AE, 06, 10, E8, BF, 46, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, D0, 08, 07, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 28, BF, 05, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.4966

Developed / compiled with:
Microsoft Visual C++

Code size:
329 KB (336,896 bytes)

Internet Explorer BHO
Display name:
CrossriderApp0053360

CLSID:
{11111111-1111-1111-1111-110511331160}

CLSID name:
hdtotal1.3


Remove hdtotal1.3-bho.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.