home

BUSolution.dll

BU Dynamic Link Library

Visual Tools

The module BUSolution.dll by Visual Tools has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including Delta Chrome Toolbar by Visual Tools and Search-Gol Chrome Toolbar by Search-Gol, both potentially unwanted software. This will display context specific advertisements in the browser as well as attempt to modify the browser's search provider.
Publisher:
Visual Tools  (signed and verified)

Product:
BU Dynamic Link Library

Version:
2.0.3.1

MD5:
30fddc8310bdc66dbee77118f86e50c9

SHA-1:
4d48f65e59d52b5881a3adabf9eef1a0c35fed5b

SHA-256:
088471feab873d25f97402f1365fe62e2841f180157df815b2747be1109f6eb3

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 4:36:04 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Babylon (M)
17.3.1.2

File size:
421.5 KB (431,600 bytes)

Product version:
2.0.3.1

Copyright:
Copyright (C) 1997-2013

Original file name:
BUSolution.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\babsolution\shared\busolution.dll

Digital Signature
Signed by:
Visual Tools

Authority:
Thawte, Inc.

Valid from:
1/10/2013 1:00:00 AM

Valid to:
1/11/2015 12:59:59 AM

Subject:
CN=Visual Tools, O=Visual Tools, L=Belgrade, S=Serbia, C=RS

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
789958B0264F06055619270074AFA61F

File PE Metadata
Compilation timestamp:
9/3/2013 12:29:27 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x2FA66

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 23, A2, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 58, D3, 05, 10, E8, 7B, C4, FF, FF, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, E8, 1C, 06, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 38, FF, 04, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
284 KB (290,816 bytes)

The file BUSolution.dll has been discovered within the following programs.

DaleSearch Chrome Toolbar  by Babylon Ltd
Uses the SearchGol Toolbar Platform. As part of the installation process of the Software, publisher may offer changes to your Internet Browser settings.
info.dalesearch.com
66% remove it
Delta Chrome Toolbar  by Visual Tools
Delta Chrome Toolbar is part of the babylon toolbar system, a potentially unwanted program. It has alos been detected as malware by a few antivirus programs. TrendMicro-HouseCall detects it as TROJ_GEN.RCBH1C6 and Norman detects it as Babylon.A.
83% remove it
Hola Chrome Toolbar  by Babylon Ltd
Hola Chrome Toolbar is part of the babylon toolbar system and the Hola Toolbar Platform, a known adware program. It has alos been detected as malware by a few antivirus programs. TrendMicro-HouseCall detects it as TROJ_GEN.RCBH1C6 and Norman detects it as Babylon.A.
info.holasearch.com
82% remove it
MixiDJ chrome Toolbar  by Conduit Ltd.
MixiDJ chrome Toolbar is a Conduit web browser plugin for Chrome that collects and stores information about a user's web browsing habits and sends this information to Conduit in order to provide advertising.
MixiDJV30.OurToolbar.com
66% remove it
Search-Gol Chrome Toolbar  by Search-Gol
SearchGol Toolbar Platform is an ad-supported (users may see additional banner, search, pop-up, pop-under, interstitial and in-text link advertisements) cross web browser plugin for Internet Explorer (BHO) and Firefox/Chrome (plugin) and distributed through various monetization platforms during installation.
info.searchgol.com
67% remove it
VisualBee chrome Toolbar  by VisualBee.com
VisualBee chrome Toolbar is an ad-supported (users may see additional banner and in-text link advertisements) web browser plugin distributed through various monetization platforms during installation.
74% remove it
 
Powered by Should I Remove It?

Remove BUSolution.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.