SmarterPower.FirstRun.exe

FirstRun

SmarterPower

The Yontoo branded FirstRun executable is distributed as part of a Yontoo product bundle and is desigend to install components of this ad-supported (injection) program as well as 'call home' to inform the server that the extension was installed and may request additional instructions. The application SmarterPower.FirstRun.exe by SmarterPower has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program SmarterPower by Yontoo Technology, Inc. which is a potentially unwanted software program.
Publisher:
SmarterPower  (signed and verified)

Product:
FirstRun

Version:
1.0.0.0

MD5:
1f5a7f41ac66eb4cf3aaa796e52f4fe6

SHA-1:
3fd4d33eb3ad53dc6dbf353595d2a459a34da237

SHA-256:
b9bba74920ed65b4796fb98971e29f50bb07076d5a090cee1117dab619792d46

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo ad injection web browser add-on.

Analysis date:
12/23/2024 11:43:59 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo (M)
17.3.8.0

File size:
1.1 MB (1,123,576 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
SmarterPower.FirstRun.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\smarterpower\smarterpower.firstrun.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
8/5/2014 9:00:00 AM

Valid to:
8/6/2015 8:59:59 AM

Subject:
CN=SmarterPower, O=SmarterPower, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
38D7C83A73CB4E3AC85648608E3170D8

File PE Metadata
Compilation timestamp:
8/27/2014 3:48:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x1121F6

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 10, 00, 00, 00, 20, 00, 00, 80, 18, 00, 00, 00, 3C, 03, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 38, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 50, 00, 00, 00, 5C, 40, 11, 00, E0, 02, 00, 00, 00, 00, 00, 00, E0, 02, 34, 00, 00, 00, 56, 00, 53, 00, 5F, 00, 56, 00, 45, 00, 52, 00, 53, 00, 49, 00, 4F, 00, 4E, 00...
 
[+]

Entropy:
7.9252

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.1 MB (1,114,624 bytes)

The file SmarterPower.FirstRun.exe has been discovered within the following program.

SmarterPower  by Yontoo Technology, Inc.
SmarterPower is an advertising supported browser extension also known as adware and is designed to deliver ads to the user's Internet browser as banners, context text-links and transitionals ads. The injected ads are not affiliated with the underlying website on which they appear.
smarterpowerunite.com/support
87% remove it
 
Powered by Should I Remove It?

Remove SmarterPower.FirstRun.exe - Powered by Reason Core Security