object browser-buttonutil.dll

Goobzo LTD

The module object browser-buttonutil.dll by Goobzo has been detected as adware by 8 anti-malware scanners. This file is typically installed with the program Object Browser which is a potentially unwanted software program. The ButtonUtil module (32-bit version) uses the Crossrider web extension monetization toolkit and will perform a number of helper integration activities on the user's web browser's as well as the Window's Shell in order to install the addon.
Remove object browser-buttonutil.dll - Powered by Reason Core Security
Publisher:
Goobzo LTD  (signed and verified)

MD5:
636159706f60f3d6a243972788389dce

SHA-1:
462e3cef650898a3f0502cb129560318f446a943

SHA-256:
b1fa329614fb76b448b1d99fb18fd1e5955dae35557e9ac92ee77650b36c50fe

Scanner detections:
8 / 68

Status:
Adware

Explanation:
Part of the Crossrider toolbar platform.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Goobzo LTD.

Analysis date:
12/8/2016 7:00:16 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
MalSign.Skodna
2015.0.3447

Dr.Web
DLOADER.Trojan
9.0.1.0161

McAfee
Artemis!636159706F60
5600.7103

McAfee Web Gateway
Artemis!636159706F60
7.7103

Reason Heuristics
PUP.Crossrider.Goobzo.Z
14.8.8.2

Sophos
AppRider
4.97

Trend Micro House Call
TROJ_GEN.F47V0216
7.2.161

VIPRE Antivirus
Crossrider
26552

Remove object browser-buttonutil.dll - Powered by Reason Core Security
File size:
421.9 KB (431,984 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\object browser\object browser-buttonutil.dll

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
5/2/2013 3:00:00 AM

Valid to:
5/3/2015 2:59:59 AM

Subject:
CN=Goobzo LTD, O=Goobzo LTD, L=Haifa, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
120B25DDE57B88636AD4D97D23B99C88

File PE Metadata
Compilation timestamp:
11/10/2013 12:09:41 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:VzRmh9Uih66/GL8s01LWb+UwpXeTGiHj4rpJyO+f:YB/C8s01fOTGij42O+f

Entry address:
0x31758

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 9C, 95, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, E0, 3E, 05, 10, E8, 59, 40, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 98, D1, 05, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 70, C1, 04, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
282.5 KB (289,280 bytes)

The file object browser-buttonutil.dll has been discovered within the following program.

Object Browser  by Object Browser
Object Browser is an adware style application that runs in the web browser as a toolbar and web extension.
66% remove it
 
Powered by Should I Remove It?

Remove object browser-buttonutil.dll - Powered by Reason Core Security