home

smarterpoweruninstall.exe

The application smarterpoweruninstall.exe has been detected as adware by 4 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. This is the uninstaller utility registered in the Windows Control Panel for the program SmarterPower by SmarterPower. Additionally, the file is typically installed by a number of programs including SmarterPower by Yontoo Technology, Inc. and Buzzdock by Alactro LLC, both potentially unwanted software. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
MD5:
66887c9c2b1967a8a034fa270ac164c1

SHA-1:
25bfe4e8aba5b78bf704b1309b49bbaaae3e0ce0

SHA-256:
443127175d1a54f6d52a271e3861974949a08f8205147153a65b9cef6884b0f8

Scanner detections:
4 / 68

Status:
Adware

Explanation:
This is the installer/uninstaller for the Yontoo branded (smarterpower) adware program. The main protgram is desigend to deliver advertisements to the user's web browser through injection.

Analysis date:
4/20/2024 1:30:24 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.BrowseFox
4.0.3.14823

Clam AntiVirus
Win.Adware.Linkular
0.98/19301

ESET NOD32
Win32/BrowseFox.C potentially unwanted application
7.0.302.0

SUPERAntiSpyware
Adware.BrowseFox/Variant
10404

File size:
234 KB (239,621 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\Program Files\smarterpower\smarterpoweruninstall.exe

File PE Metadata
Compilation timestamp:
12/5/2009 5:52:01 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:oZ+11qXyJny/1RWBT55An0wc2wZm/G/HcX8y:SX0s1s15an08p/G/8V

Entry address:
0x30CB

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 6F, 44, 00, E8, F1, 2B, 00, 00, A3, 84, 6E, 44, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, 9C, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 2E, 44, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, F0, 46, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9141

Packer / compiler:
Nullsoft install system v2.x

Code size:
22.5 KB (23,040 bytes)

Program Uninstaller
Program name:
SmarterPower

Display publisher:
SmarterPower

Display version:
2014.08.23.010713

Uninstall string:
C:\Program Files\SmarterPower\SmarterPoweruninstall.exe


The file smarterpoweruninstall.exe has been discovered within the following programs.

Buzzdock  by Alactro LLC
This is a web browser extension that injects advertising. From the EULA: "Buzzdock is free to download and use. Buzzdock is supported by advertising, and users will see additional ads on websites where Buzzdock features operate.
www.buzzdock.com/faq-support
79% remove it
SmarterPower  by Yontoo Technology, Inc.
SmarterPower is an advertising supported browser extension also known as adware and is designed to deliver ads to the user's Internet browser as banners, context text-links and transitionals ads. The injected ads are not affiliated with the underlying website on which they appear.
smarterpowerunite.com/support
87% remove it
 
Powered by Should I Remove It?

Remove smarterpoweruninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.