home

thehdvid-codec v10-bho64.dll

TheHDvid-Codec V10

Sailor Project

This potentially unwanted Internet browser extension is built upon and distributed using the free Crossrider platform and will deliver advertisements to the web browser in various formats such as banner, text hyper-links, inline text and transitional ads. The module thehdvid-codec v10-bho64.dll, “TheHDvid-Codec V10 BHO” by Sailor Project has been detected as adware by 17 anti-malware scanners. This is the 64-bit version of the Browser Helper Object (BHO) for the Crossrider web browser platform for Internet Explorer. Instead of utilizing a traditional IE Toolbar, Crossrider installs a BHO in the browser in order to manage the functionality of home addon. It is distributed as part of the Brightcircle group of browser-extensions.
Publisher:
home  (signed by Sailor Project)

Product:
TheHDvid-Codec V10

Description:
TheHDvid-Codec V10 BHO

Version:
1000.1000.1000.1000

MD5:
7180832b929124f63f3559243ee01cf2

SHA-1:
88b9a486cc9015ae8aa90b7517499ee9437a3540

SHA-256:
2c1c13e591de5d2a72ac91c4c931988c33d7844a56275f1ee675ff6a23589c9f

Scanner detections:
17 / 68

Status:
Adware

Explanation:
Part of the Crossrider toolbar platform. It will run as a BHO in Internet Explorer. Distributed through the Brightcircle investments brand.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Sailor Project.

Analysis date:
4/25/2024 10:26:44 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Toolbar.Crossrider
7.1.1

Avira AntiVirus
ADWARE/CrossRider.Gen2
7.11.163.240

AVG
Generic
2015.0.3396

Baidu Antivirus
Adware.Win64.Crossrider
4.0.3.14927

Dr.Web
Adware.Toolbar.232
9.0.1.0270

ESET NOD32
Win64/Toolbar.Crossrider.F potentially unwanted application
8.7.0.302.0

herdProtect (fuzzy)
variant of go hd-bho64.dll (Adware)
2014.9.10.20

IKARUS anti.virus
AdWare.Adload
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.180.12498

Kaspersky
not-a-virus:WebToolbar.Win32.CroRi
15.0.0.494

Malwarebytes
PUP.Optional.GoHD.A
v2014.07.31.06

McAfee
Artemis!501F3553CAF5
5600.6994

Panda Antivirus
Adware/Goobzo
14.09.27.03

Qihoo 360 Security
Win32/Trojan.Adware.37e
1.0.0.1015

Reason Heuristics
PUP.Crossrider.SailorProject.Y
14.7.31.17

Trend Micro House Call
TROJ_GEN.F47V0115
7.2.270

VIPRE Antivirus
Threat.4789396
31208

File size:
822.9 KB (842,600 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
TheHDvid-Codec V10.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\thehdvid-codec v10\thehdvid-codec v10-bho64.dll

Digital Signature
Signed by:
Sailor Project

Authority:
COMODO CA Limited

Valid from:
7/18/2014 1:00:00 AM

Valid to:
7/19/2015 12:59:59 AM

Subject:
CN=Sailor Project, O=Sailor Project, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
47C5F145C734CD3D086C0A102176F0A1

Registration
CLSIDs:
{11111111-1111-1111-1111-110611181157}, {22222222-2222-2222-2222-220622182257}

ProgIDs:
CrossriderApp0061857.BHO.1, CrossriderApp0061857.Sandbox.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
7/24/2014 11:02:33 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:PGgWQjJHmdYAeovRIRpP0hsC1Tm9sLNkaH/h4MadQbaupnDxAHjVQzvjEGsU:PGg/JHmzLvREWhsGT0jVfU

Entry address:
0x5F8E8

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, EB, CB, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 8C, 1B, 06, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF...
 
[+]

Entropy:
6.2535

Code size:
543 KB (556,032 bytes)

Remove thehdvid-codec v10-bho64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.