BSetupObj.DLL

BSetupObj Module

Babylon Ltd.

This is part of the Babylon web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The module BSetupObj.DLL by Babylon has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Babylon by Babylon Ltd which is a potentially unwanted software program. This will display context specific advertisements in the browser as well as attempt to modify the browser's search provider.
Publisher:
Babylon Ltd.  (signed and verified)

Product:
BSetupObj Module

Version:
1, 0, 0, 1

MD5:
49aad5ae47903c710753dc5556bc7acb

SHA-1:
962de4f8faa94fbaca44f83d4f63dc2fd0173e36

SHA-256:
7bc3fa8bfceb7cfdad89f2f50295fd399ff0347ac14011e26e54aa32d5b8c5e5

Scanner detections:
1 / 68

Status:
Adware

Explanation:
The installer may include an offer for the Babylon Toolbar (a homepage/search hijacker), which is potentially installed with minimal user consent.

Analysis date:
12/24/2024 12:10:58 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Babylon (M)
17.1.5.15

File size:
305 KB (312,296 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright 2004

Original file name:
BSetupObj.DLL

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\babylon\babylon-pro\bsetupobj.dll

Digital Signature
Signed by:

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
2/22/2005 2:26:56 PM

Valid to:
2/22/2006 2:26:56 PM

Subject:
CN=Babylon Ltd., OU=Secure Application Development, O=Babylon Ltd., L=Or-Yehuda, S=Or-Yehuda, C=IL

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
3F04DE

File PE Metadata
Compilation timestamp:
1/11/2006 1:22:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x299AD

Entry point:
55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, 30, 27, 04, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, 60, 3C, 04, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, E7, FE, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, A7, A8, FD, FF, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, C3, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, B2, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
208 KB (212,992 bytes)

The file BSetupObj.DLL has been discovered within the following program.

Babylon  by Babylon Ltd
Babylon is a computer dictionary and translation program, developed by Babylon Ltd. Babylon's translation software prompts to add the Babylon Toolbar, identified as a browser hijacker. The toolbar also comes bundled as an add-on with other software downloads.
www.babylon.com/products/babylon
67% remove it
 
Powered by Should I Remove It?

Remove BSetupObj.DLL - Powered by Reason Core Security