home

smoi32.dll

SBWatchman

Goobzo LTD

The module smoi32.dll, “Search Module Plus Update Service” by Goobzo has been detected as adware by 15 anti-malware scanners. This file is typically installed with the program Search Module Plus by Goobzo LTD which is a potentially unwanted software program.
Publisher:
Search Module Plus Ltd.  (signed by Goobzo LTD)

Product:
SBWatchman

Description:
Search Module Plus Update Service

Version:
2, 1, 8, 525

MD5:
1f163d26289f5052c2f5d7879c81e674

SHA-1:
120e968ef3604e2f7d7d96a873e659460cd6124e

SHA-256:
672a959a074a218d53958d6ca88c731c485fd74fb22de5f1efae22f260ef360f

Scanner detections:
15 / 68

Status:
Adware

Analysis date:
4/16/2024 4:21:15 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Graftor.171099
6496598

AhnLab V3 Security
Win-PUP/CrossRider
2015.02.01

avast!
Win32:Adware-CDO [PUP]
150101-1

AVG
Skodna
2016.0.3213

Bitdefender
Gen:Variant.Graftor.171099
1.0.20.155

Emsisoft Anti-Malware
Gen:Variant.Graftor.171099
9.0.0.4799

ESET NOD32
Win32/SBWatchman.C potentially unwanted application
7.0.302.0

F-Secure
Gen:Variant.Graftor.171099
5.13.68

G Data
Gen:Variant.Graftor.171099
15.1.25

IKARUS anti.virus
AdWare.Win32.SBWatchman
t3scan.1.8.6.0

Kaspersky
not-a-virus:AdWare.Win32.Shopper
15.0.0.543

MicroWorld eScan
Gen:Variant.Graftor.171099
16.0.0.93

Reason Heuristics
PUP.Goobzo
15.1.31.7

Sophos
PUA 'Goobzo' (of type Adware)
5.09

VIPRE Antivirus
Threat.4792716
36666

File size:
401.9 KB (411,496 bytes)

Product version:
2, 1, 8, 525

Copyright:
Copyright (C) 2014

Original file name:
smu.exe

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\common files\goobzo\gbupdateplus\smoi32.dll

Digital Signature
Signed by:
Goobzo LTD

Authority:
Thawte, Inc.

Valid from:
5/2/2013 1:00:00 AM

Valid to:
5/3/2015 12:59:59 AM

Subject:
CN=Goobzo LTD, O=Goobzo LTD, L=Haifa, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
120B25DDE57B88636AD4D97D23B99C88

File PE Metadata
Compilation timestamp:
1/31/2015 7:10:17 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:LqSfx/mSFuJvrcuQ/QFFVHyH9ObAndcpggpC0gEHvkoQbvnmDUOtoqgGZ9oZ:eQ/mXJjuoF/SH9Ok+pBC0gEHgbq5sZ

Entry address:
0x3533B

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 4B, 05, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, CC, FE, FF, FF, 59, 5D, C2, 0C, 00, 6A, 14, 68, 48, F6, 04, 10, E8, AE, 04, 00, 00, FF, 35, 14, CC, 05, 10, 8B, 35, A4, D3, 03, 10, FF, D6, 59, 89, 45, E4, 83, F8, FF, 75, 0C, FF, 75, 08, FF, 15, 80, D3, 03, 10, 59, EB, 67, 6A, 08, E8, A4, 05, 00, 00, 59, 83, 65, FC, 00, FF, 35, 14, CC, 05, 10, FF, D6, 89, 45, E4, FF, 35, 10, CC, 05, 10, FF, D6, 59, 59, 89, 45, E0, 8D, 45, E0, 50, 8D, 45, E4, 50, FF, 75...
 
[+]

Entropy:
6.3338

Code size:
237.5 KB (243,200 bytes)

The file smoi32.dll has been discovered within the following program.

Search Module Plus  by Goobzo LTD
Goobzo's Search Module Plus is a web browser toolbar/extension that will insert itself into IE, Firefox or Chrome and will modify the search and home page providers of the targeted browser. Once installed Search Module Plus changes Windows host file and DNS settings.
79% remove it
 
Powered by Should I Remove It?

Remove smoi32.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.