» jsloader.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (2)

jsloader.dll

Brwoser Companion Helper plug-in for Internet Explorer

Blabbers Communications Ltd

Part of Blabbers, a potentially unwanted browser application that may hijack or interfere with the browser's standard web searching behaviors in order to display ads. The module jsloader.dll, “Browser Companion Helper plug-in” by Blabbers Communications has been detected as adware by 19 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘script helper for ie’. Additionally, the file is typically installed by a number of programs including BrowserCompanion by Blabbers Communications LTD and GinyasBrowserCompanion by Blabbers Communications LTD, both potentially unwanted software.

File name:

jsloader.dll

Publisher:

Blabbers Communications Ltd (signed and verified)

Product:

Brwoser Companion Helper plug-in for Internet Explorer

Description:

Browser Companion Helper plug-in

Version:

1.0.2.1

MD5:

0a94d445eb7ee2f196c79b706b09a7ef

SHA-1:

650b8a3ee8e81ec2238ba1a0d3433fa0dd06b833

SHA-256:

86e0916a515c00622379455c3b7f42cc6da68c5e1ffbee404dc3df0feee5a6b8

Scanner detections:

19 / 68

Status:

Adware

Analysis date:

4/25/2024 2:18:24 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Generic.661208

858

Agnitum Outpost

Riskware.Agent

7.1.1

Baidu Antivirus

Trojan.Win32.BrowserCompanion

4.0.3.14929

Bitdefender

Adware.Generic.661208

1.0.20.1360

Boost by Reason

Optional.BHO.BlabbersCommunications.I

188838

Dr.Web

Adware.Shopper.303

9.0.1.0240

Emsisoft Anti-Malware

Adware.Generic.661208

8.14.09.29.01

ESET NOD32

Win32/BrowserCompanion

7.9082

F-Secure

Adware.Generic.661208

11.2014-29-09_2

G Data

Adware.Generic.661208

14.9.24

IKARUS anti.virus

AdWare.SuspectCRC

t3scan.2.2.29

K7 AntiVirus

Trojan

13.176.11496

MicroWorld eScan

Adware.Generic.661208

15.0.0.816

NANO AntiVirus

Trojan.Win32.Shopper.cthmym

0.28.0.58491

Reason Heuristics

PUP.BHO.BlabbersCommunications.I

14.8.7.17

Sophos

Generic PUA JE

4.98

Trend Micro House Call

ADW_BLABBERS

7.2.240

Trend Micro

ADW_BLABBERS

10.465.28

VIPRE Antivirus

Trojan.Win32.Generic

27560

File size:

220.3 KB (225,584 bytes)

Product version:

1.0.2.1

Original file name:

jsloader.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\browsercompanion\jsloader.dll

Digital Signature

Signed by:

Blabbers Communications Ltd

Authority:

The USERTRUST Network

Valid from:

2/9/2011 4:00:00 PM

Valid to:

2/10/2012 3:59:59 PM

Subject:

CN=Blabbers Communications Ltd, O=Blabbers Communications Ltd, STREET=Arad 3, L=Tel Aviv, S=Israel, PostalCode=43034, C=IL

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

00D561643A7697D633BCB565E2E1EF7365

File PE Metadata

Compilation timestamp:

12/7/2009 10:02:52 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

3072:mEdkxLrlyQcOi0Ldbajqr3TMVaQqPf+aUCGbwyRfyGL9sQmAQHMu3VdK6j:miTH0Rb+UjmaQq+aU/bpbxCXY6j

Entry address:

0x16DD6

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, A3, 69, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, 68, C0, 55, 01, 10, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, F0, FA, 02, 10, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, 6A... 
[+]

Entropy:

6.3091

Code size:

143 KB (146,432 bytes)

Internet Explorer BHO

Display name:

script helper for ie

CLSID:

{00cbb66b-1d3b-46d3-9577-323a336acb50}

CLSID name:

Browser Companion Helper

The file jsloader.dll has been discovered within the following programs.

BrowserCompanion by Blabbers Communications LTD

BrowserCompanion is a third party web browser potentially unwanted add-in that used to be bundled with various freeware products including PC Performer. The maker of this program is a known adware distributor, so caution should be taken.

www.ginyas.com

85% remove it

GinyasBrowserCompanion by Blabbers Communications LTD

Ginyas Browser Companion is a browser extension (Browser Helper Object in IE) that promises to save time and money for users while shopping online. It is often install on a computer bundled with various third party programs.

ginyas.com

61% remove it

Remove jsloader.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.