» updatesmarterpower.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (2)

updatesmarterpower.exe

SmarterPower

Part of the Yontoo web browser plugin (delivers advertisements to the web browser in the form of injected banners, text-links, popups, etc.) the updater mechanism for SmarterPower will automatically keep the extension patched by downloaded new functionality which is auto-enabled by default. The application updatesmarterpower.exe by SmarterPower has been detected as adware by 11 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Update SmarterPower”. Additionally, the file is typically installed by a number of programs including SmarterPower by Yontoo Technology, Inc. and Buzzdock by Alactro LLC, both potentially unwanted software. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.

File name:

Publisher:

SmarterPower (signed and verified)

Version:

1.0.5373.29468

MD5:

30c138dba6e6cf06bf9ae22ca6bddadd

SHA-1:

4ceda5f9570e832cccda29a903dd52c34a22b1ec

SHA-256:

eaa3cf66eec1095e47fb9b8241088a99c3ead8e8d1e0878434e066623d4cf878

Scanner detections:

11 / 68

Status:

Adware

Explanation:

Part of the Yontoo adware web browser extension update process.

Analysis date:

5/11/2024 12:01:39 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

ADWARE/BrowseFox.Gen

7.11.173.16

AVG

Generic

2015.0.3348

Baidu Antivirus

Adware.Win32.BrowseFox

4.0.3.14918

ESET NOD32

Win32/BrowseFox (variant)

8.10434

Kaspersky

not-a-virus:HEUR:AdWare.MSIL.Kranet

14.0.0.3235

Malwarebytes

PUP.Optional.SmarterPower.A

v2014.09.18.01

Panda Antivirus

Trj/Chgt.G

14.09.18.01

Qihoo 360 Security

Win32/Virus.Adware.e4c

1.0.0.1015

Reason Heuristics

Adware.Yontoo.SmarterPower.S

14.9.18.1

Sophos

Browse Fox

4.98

VIPRE Antivirus

Yontoo

33214

File size:

317.7 KB (325,368 bytes)

Product version:

1.0.5373.29468

Original file name:

SmarterPower.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\smarterpower\updatesmarterpower.exe

Digital Signature

Signed by:

SmarterPower

Authority:

VeriSign, Inc.

Valid from:

8/5/2014 9:00:00 AM

Valid to:

8/6/2015 8:59:59 AM

Subject:

CN=SmarterPower, O=SmarterPower, L=Santa Monica, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

38D7C83A73CB4E3AC85648608E3170D8

File PE Metadata

Compilation timestamp:

9/18/2014 2:22:33 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:Xhp1/h4zLGwlWUT2T41rWvcsXPN+FQk/ghWpWvo5wwXtCgw7END0BQZSOiw5Cz15:Xhp1/YT1YgtFw72D0BQZGew5B

Entry address:

0x4F336

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.0811

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

309 KB (316,416 bytes)

Service

Display name:

Update SmarterPower

Type:

Win32OwnProcess

The file updatesmarterpower.exe has been discovered within the following programs.

Buzzdock by Alactro LLC

This is a web browser extension that injects advertising. From the EULA: "Buzzdock is free to download and use. Buzzdock is supported by advertising, and users will see additional ads on websites where Buzzdock features operate.

www.buzzdock.com/faq-support

79% remove it

SmarterPower by Yontoo Technology, Inc.

SmarterPower is an advertising supported browser extension also known as adware and is designed to deliver ads to the user's Internet browser as banners, context text-links and transitionals ads. The injected ads are not affiliated with the underlying website on which they appear.

smarterpowerunite.com/support

87% remove it

Remove updatesmarterpower.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.