home

plus-hd-2.6-bho.dll

Plus-HD-2.6

Kimahri Software inc.

This web browser extension uses the Crossrider toolbar creation and distribution platform. The module plus-hd-2.6-bho.dll by Kimahri Software inc has been detected as adware by 23 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘CrossriderApp0033440’. This is the Browser Helper Object (BHO) for the Crossrider web browser platform for Internet Explorer. Instead of utilizing a traditional IE Toolbar, it installs a BHO in the browser in order to manage the functionality of the addon. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.
Publisher:
Plus HD  (signed by Kimahri Software inc.)

Product:
Plus-HD-2.6

Description:
Plus-HD-2.6 BHO

Version:
1.1.153.50

MD5:
2162966379bc4dcf426c3f0d0b4985d6

SHA-1:
f2bcf8654217100bbbdd95946de2130f1b8e93b1

SHA-256:
e306272fb9cbea5c4e662d46a473e9b60bae88cea900315968b09dfa884cec92

Scanner detections:
23 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Kimahri Software inc..

Analysis date:
5/3/2024 10:06:34 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Generic.611579
1125

AVG
Generic5
2014.0.3613

Baidu Antivirus
Adware.Win32.Lyckriks
4.0.3.1415

Bitdefender
Adware.Generic.611579
1.0.20.25

Bkav FE
W32.Clodd68.Trojan
1.3.0.4613

Dr.Web
Trojan.Crossrider.7
9.0.1.0360

Emsisoft Anti-Malware
Adware.Generic.611579
8.14.01.05.05

ESET NOD32
Win32/Toolbar.CrossRider (variant)
7.9079

Fortinet FortiGate
Adware/Lyckriks
1/5/2014

F-Secure
Adware.Generic.611579
11.2014-05-01_1

G Data
Adware.Generic.611579
14.1.22

IKARUS anti.virus
not-a-virus:AdWare.Win32.Lyckriks
t3scan.2.2.29

K7 AntiVirus
Riskware
13.174.10272

Kaspersky
not-a-virus:AdWare.Win32.Lyckriks
14.0.0.4511

Malwarebytes
PUP.Optional.PlusHD.A
v2013.12.26.06

McAfee
Artemis!2162966379BC
5600.7269

MicroWorld eScan
Adware.Generic.611579
15.0.0.15

Panda Antivirus
Suspicious file
14.01.05.05

Reason Heuristics
PUP.BHO.KimahriSoftwareinc.O
14.2.16.9

Sophos
Generic PUA GA
4.95

Trend Micro House Call
TROJ_GEN.R0C1H07JO13
7.2.5

Vba32 AntiVirus
AdWare.Lyckriks
3.12.24.3

VIPRE Antivirus
Crossrider
23588

File size:
588.9 KB (602,984 bytes)

Product version:
1.1.153.50

Copyright:
Copyright 2011

Original file name:
Plus-HD-2.6.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\plus-hd-2.6\plus-hd-2.6-bho.dll

Digital Signature
Signed by:
Kimahri Software inc.

Authority:
COMODO CA Limited

Valid from:
3/7/2013 1:00:00 AM

Valid to:
3/7/2016 12:59:59 AM

Subject:
CN=Kimahri Software inc., O=Kimahri Software inc., STREET=666 Sherbrooke Rue w, L=Montreal, S=Quebec, PostalCode=H3A 1E7, C=CA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A1BB8569950C0B2080A11A0E2F618B33

File PE Metadata
Compilation timestamp:
8/12/2013 11:44:08 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:21SkF27hRMjXzOTPNMs5KbIioB/6c3Y1UozaYBFRGTXL3nHfPlanR:21Sq27hKjXzOTh5KbIioB/6c3Y1U1YBz

Entry address:
0x4836D

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, AC, B1, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 99, AF, FF, FF, 59, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, A1, F8, 4B, 08, 10, 33, C5, 89, 45, FC, 8B, 55, 18, 53, 33, DB, 56, 57, 3B, D3, 7E, 1F, 8B, 45, 14, 8B, CA, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, C2, 2B, C1, 48, 3B, C2, 7D, 01, 40, 89, 45, 18...
 
[+]

Code size:
402 KB (411,648 bytes)

Internet Explorer BHO
Display name:
CrossriderApp0033440

CLSID:
{11111111-1111-1111-1111-110311341140}

CLSID name:
Plus-HD-2.6


Remove plus-hd-2.6-bho.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.