» sense-bho64.dll
Overview
Analysis
File Details
Programs (1)

sense-bho64.dll

Sense

Porter Studio Plus

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module sense-bho64.dll by Porter Studio Plus has been detected as adware by 7 anti-malware scanners. This file is typically installed with the program Sense by Object Browser which is a potentially unwanted software program. This is the 64-bit version of the Browser Helper Object (BHO) for the Crossrider web browser platform for Internet Explorer. Instead of utilizing a traditional IE Toolbar, Crossrider installs a BHO in the browser in order to manage the functionality of Object Browser addon. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.

File name:

sense-bho64.dll

Publisher:

Object Browser (signed by Porter Studio Plus)

Product:

Sense

Description:

Sense BHO

Version:

1000.1000.1000.1000

MD5:

0c7ae369b138d3f66bc0427237313b37

SHA-1:

55e306a28986364f12ac9210bed6a2ae920ce4e7

SHA-256:

a1f12f5867545c9610c3f28a10ec1f247872acf314b6b888e8a7f239bfbd0c4b

Scanner detections:

7 / 68

Status:

Adware

Explanation:

Part of the Crossrider toolbar platform. It will run as a BHO in Internet Explorer.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Porter Studio Plus.

Analysis date:

4/19/2024 5:48:56 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

ADWARE/CrossRider.Gen4

7.11.182.116

AVG

Generic

2015.0.3305

ESET NOD32

Win64/Toolbar.Crossrider (variant)

8.10646

Malwarebytes

PUP.Optional.Sense.A

v2014.10.30.08

Qihoo 360 Security

Win32/Virus.Adware.de5

1.0.0.1015

Reason Heuristics

PUP.Crossrider.PorterStudioPlus.L

14.11.3.21

VIPRE Antivirus

Threat.4789396

34232

File size:

791.9 KB (810,912 bytes)

Product version:

1000.1000.1000.1000

Original file name:

Sense.dll

File type:

Dynamic link library (Win64 DLL)

Language:

English (United States)

Common path:

C:\Program Files\sense\sense-bho64.dll

Digital Signature

Signed by:

Porter Studio Plus

Authority:

COMODO CA Limited

Valid from:

10/20/2014 3:00:00 AM

Valid to:

10/21/2015 2:59:59 AM

Subject:

CN=Porter Studio Plus, O=Porter Studio Plus, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00B7BA41CFBA8D50AF9A2A64362C08FA91

Registration

CLSIDs:

{11111111-1111-1111-1111-110611191115}, {22222222-2222-2222-2222-220622192215}

ProgIDs:

cb53b500f3e90131a6091fb939dcadf40061915.BHO.1, cb53b500f3e90131a6091fb939dcadf40061915.Sandbox.1

COM registered:

Yes

File PE Metadata

Compilation timestamp:

10/29/2014 10:34:24 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:ptFi9LqMflD5CcwAzCB4irMiaRKXNc1ttc2TrDqB8OS+L:ptFi9r9D5CQE4i4DR2c1njTWF

Entry address:

0x5CFC4

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 7F, C9, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, F0, DE, 05, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF... 
[+]

Code size:

519 KB (531,456 bytes)

The file sense-bho64.dll has been discovered within the following program.

Sense by Object Browser

Sense is a potentially unwanted web browser extension that will attempt to modify the user's home and search page settings as well as display advertisements in the browser. The software will attach to IE, Chrome and Firefox.

85% remove it

Remove sense-bho64.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.