home

megabrowsebho.dll

Mega Browse

Part of the Yontoo adware component, a web browser plugin that injects unwanted ads in the browser. The module megabrowsebho.dll by Mega Browse has been detected as adware by 18 anti-malware scanners. This file is typically installed with the program Mega Browse by Yontoo Technology, Inc. which is a potentially unwanted software program. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
Publisher:
Mega Browse  (signed and verified)

Product:
Mega Browse

Version:
1.0.0.3

MD5:
98c5b007b50ba7b2a1cefe8f10b1f069

SHA-1:
e408a44bde0f8769f4ec1b5eaf78217d02bd0fce

SHA-256:
a43cfbb23c525b99f01f3350970f56249c50f6865bfdaf6db54e4ae70bb048d7

Scanner detections:
18 / 68

Status:
Adware

Explanation:
Injects advertising in the web browser in various formats.

Analysis date:
4/26/2024 2:18:35 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Agent
7.1.1

Comodo Security
Application.Win32.Altbrowse.AK
18079

Dr.Web
Trojan.BPlug.28
9.0.1.0105

ESET NOD32
Win32/BrowseFox (variant)
8.9658

Fortinet FortiGate
Adware/Agent
4/15/2014

IKARUS anti.virus
not-a-virus:AdWare.Win32.Agent
t3scan.1.6.1.0

K7 AntiVirus
Unwanted-Program
13.176.11711

Kaspersky
not-a-virus:AdWare.Win32.Agent
14.0.0.4013

Malwarebytes
PUP.Optional.MegaBrowse.A
v2014.04.15.11

McAfee
Artemis!98C5B007B50B
5600.7160

NANO AntiVirus
Riskware.Win32.Agent.cqycvd
0.28.0.59048

Quick Heal
AdWare.Agent.ahbx (Not a Virus)
4.14.12.00

Reason Heuristics
Adware.Yontoo.MegaBrowse.N
14.4.15.11

Sophos
Generic PUA OE
4.98

SUPERAntiSpyware
Adware.BrowseFox/Variant
10664

Trend Micro House Call
TROJ_GEN.F47V0311
7.2.105

Vba32 AntiVirus
AdWare.Agent
3.12.26.0

VIPRE Antivirus
Yontoo
28186

File size:
243.8 KB (249,632 bytes)

Product version:
1.0.0.3

Copyright:
(c) Mega Browse. All rights reserved.

Original file name:
Mega BrowseIEClient.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\mega browse\megabrowsebho.dll

Digital Signature
Signed by:
Mega Browse

Authority:
VeriSign, Inc.

Valid from:
1/22/2014 1:00:00 AM

Valid to:
1/23/2015 12:59:59 AM

Subject:
CN=Mega Browse, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mega Browse, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
151F3F44EFA5ADB264205FBF9F779B3D

File PE Metadata
Compilation timestamp:
3/11/2014 5:22:09 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:yLvOFJPJ/EihAhq+hilsvFoWn+v543+lEIaIRFPBJ5c/6:yLvwhh2q+IWogWEIT3q/6

Entry address:
0x12844

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 41, 8D, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 40, 2D, 03, 10, E8, BD, 01, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 24, 68, 03, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 9C, A1, 02, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
159 KB (162,816 bytes)

The file megabrowsebho.dll has been discovered within the following program.

Mega Browse  by Yontoo Technology, Inc.
This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.
megabrowse.biz/support
82% remove it
 
Powered by Should I Remove It?

Remove megabrowsebho.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.