home

SmarterPower.IEUpdate.dll

SmarterPower

This is the Internet Explorer add-on for the Yontoo SmarterPower branded web browser plugin (injects banner, text-link and popup ads). The component is responisble for registering the Browser Helper Object into IE and keeping it registered. The module SmarterPower.IEUpdate.dll by SmarterPower has been detected as adware by 9 anti-malware scanners. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
Publisher:
SmarterPower  (signed and verified)

Version:
1.0.5408.18901

MD5:
dd04ad429ab64b4f4f112bb53dd8b423

SHA-1:
4608c0ab5bd2c3523758c063343df9881be39859

SHA-256:
fbe58442e2fa80ce5ab9c3432ef7eb8a34ab708233010b660f43204230c0527d

Scanner detections:
9 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser add-on for Internet Explorer.

Analysis date:
4/25/2024 11:20:10 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/BrowseFox.Gen
7.11.180.154

AVG
Generic
2015.0.3313

Baidu Antivirus
Adware.Win64.BrowseFox
4.0.3.141022

ESET NOD32
Win64/BrowseFox (variant)
8.10604

IKARUS anti.virus
AdWare.Agent
t3scan.1.7.8.0

Malwarebytes
PUP.Optional.Sanbreel.A
v2014.10.22.05

Reason Heuristics
Adware.Yontoo.SmarterPower.U
14.10.22.17

Sophos
Browse Fox
4.98

VIPRE Antivirus
Threat.4741131
33706

File size:
655.2 KB (670,968 bytes)

Product version:
1.0.5408.18901

Original file name:
SmarterPower.IEUpdate.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\smarterpower\bin\plugins\smarterpower.ieupdate.dll

Digital Signature
Signed by:
SmarterPower

Authority:
VeriSign, Inc.

Valid from:
8/5/2014 1:00:00 AM

Valid to:
8/6/2015 12:59:59 AM

Subject:
CN=SmarterPower, O=SmarterPower, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
38D7C83A73CB4E3AC85648608E3170D8

File PE Metadata
Compilation timestamp:
10/22/2014 7:30:05 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:66PBXzXq2nN0skAy0YXcDQP1Htu52zZ/nuMMItgoq+oqO6cItK8VGlK:66JXz62N0XAy0YMDQPm5q76oqH4vNVGI

Entry address:
0xA397A

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 71, 00, 00, 00, BC, 39, 0A, 00, BC, 1B, 0A, 00, 52, 53, 44, 53, 0D, 38, 3E, 2F, EB, 95, F7, 4D, 80, D4, 0D, E1, CB, 1C, 5F, 70, 01, 00, 00, 00, 44, 3A, 5C, 55, 74, 69, 6C, 69, 74, 69, 65, 73, 5C, 33, 6D, 71, 33, 63, 67, 35, 76, 2E, 34, 65, 6F, 5C, 44, 65, 73, 6B, 74, 6F, 70, 5C, 44, 65, 73, 6B...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
647 KB (662,528 bytes)

Remove SmarterPower.IEUpdate.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.