home

IEPlugin.dll

Bandoo

Bandoo Media Inc

The module IEPlugin.dll by Bandoo Media Inc has been detected as a potentially unwanted program by 5 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Bandoo IE Plugin’.
Publisher:
Bandoo Media Inc.  (signed by Bandoo Media Inc)

Product:
Bandoo

Description:
Bandoo IE Plugin

Version:
6.0

MD5:
a53c9750f6b2d67275806832f35470e6

SHA-1:
c45b0eec221205676937257677286beb330c6b4c

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
4/24/2024 5:55:26 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/Bandoo.AA.25
7.11.141.52

Comodo Security
UnclassifiedMalware
18044

ESET NOD32
Win32/Adware.Bandoo.AA (variant)
8.9635

Reason Heuristics
PUP.Optional.BandooMedia.I
14.9.2.16

Trend Micro House Call
TROJ_GEN.F47V0829
7.2.245

File size:
2.3 MB (2,444,688 bytes)

Product version:
6.0.0.98636

Copyright:
Copyright (c) 2011

Original file name:
IEPlugin.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\bandoo\plugins\ie\ieplugin.dll

Digital Signature
Signed by:
Bandoo Media Inc

Authority:
Thawte, Inc.

Valid from:
10/5/2010 9:00:00 PM

Valid to:
10/5/2012 8:59:59 PM

Subject:
CN=Bandoo Media Inc, O=Bandoo Media Inc, L=Panama City, S=Panama, C=PA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
5915CD3A113B9B2AE7B497DDDFCDF8F5

Registration
CLSID:
{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

ProgID:
BandooIEPlugin.BandooIEPlugin.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
1/12/2011 9:41:10 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:krE1woKtOXT2gHVVyv8arB1qrvQc0OqKugg/T6d9RyMPMFLKuA:sE6oGOXT26yHrB1YQ0UiAZa

Entry address:
0x1289E7

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 03, FC, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, CC, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 0F, 03, C1, 1B, C9, 0B, C1, 59, E9, 2A, F2, FF, FF, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 07, 03, C1, 1B, C9, 0B, C1, 59, E9, 14, F2, FF, FF, 75, 01, C3, 55, 8B, EC, 83, EC, 00, 50, 52, 53, 56, 57, 6A, 00, FF, 75, 04, E8, E7, FE, 00, 00, 59, 59, 5F, 5E, 5B, 5A, 58, 8B, E5, 5D, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1...
 
[+]

Code size:
1.7 MB (1,764,864 bytes)

Internet Explorer BHO
Display name:
Bandoo IE Plugin

CLSID:
{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

CLSID name:
BandooIEPlugin Class


Remove IEPlugin.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.