ieoptimizer.dll

Savingsbull

This browser add-on is developed and distributed by AdPeak, Inc. The module ieoptimizer.dll by Savingsbull has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘IEOptimizer’. This file is typically installed with the program Savings Bull by Adpeak, Inc. which is a potentially unwanted software program.
Publisher:
Savingsbull  (signed and verified)

MD5:
4b2637d1d05b95a25406b949d9d9d49d

SHA-1:
ae7038c74b0cc19a571a5748ab029f6b7a55f4d1

SHA-256:
49cf8903beea91bc5f6fb5dae7d52ff5a1d4037763f19b986c26de7e0dee8738

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 7:31:38 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Savingsbull.L
14.2.21.17

File size:
84.8 KB (86,800 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\savingsbull\ieoptimizer.dll

Digital Signature
Signed by:

Authority:
GoDaddy.com, Inc.

Valid from:
1/16/2014 9:47:15 PM

Valid to:
1/16/2015 9:47:15 PM

Subject:
CN=Savingsbull, O=Savingsbull, L=Sarasota, S=Florida, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
0428C93A073E5E

Registration
CLSID:
{10AD2C61-0898-4348-8600-14A342F22AC3}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
2/18/2014 5:17:23 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:UEoPoRf6SYnWXqb8VakcQnUBIeK9ip2pe9S/54jRE:mESSKbNIeKDpe9o54dE

Entry address:
0x2FE6

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 43, 2F, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 50, 44, 01, 10, 89, 0D, 4C, 44, 01, 10, 89, 15, 48, 44, 01, 10, 89, 1D, 44, 44, 01, 10, 89, 35, 40, 44, 01, 10, 89, 3D, 3C, 44, 01, 10, 66, 8C, 15, 68, 44, 01, 10, 66, 8C, 0D, 5C, 44, 01, 10, 66, 8C, 1D, 38, 44, 01, 10, 66, 8C, 05, 34, 44, 01, 10, 66, 8C, 25, 30, 44, 01, 10, 66, 8C, 2D, 2C, 44, 01, 10, 9C, 8F, 05, 60, 44...
 
[+]

Entropy:
6.4045

Code size:
53.5 KB (54,784 bytes)

Internet Explorer BHO
CLSID:
{10AD2C61-0898-4348-8600-14A342F22AC3}

CLSID name:
IEOptimizer


The file ieoptimizer.dll has been discovered within the following program.

Savings Bull  by Adpeak, Inc.
Savings Bull is an adware extension that plugs into the user's web browser for IE, Chrome and Firefox and will display additional advertisements in search engines such as Bing and Google. It installs itself as a browser extension/toolbar and runs as a background process.
www.savingsbull.com
80% remove it
 
Powered by Should I Remove It?

Remove ieoptimizer.dll - Powered by Reason Core Security