Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

1.0.0.1 6.25%
1.0.0.1 6.25%
1.0.0.1 25.00%
1.0.0.1 62.50%
(Note, lucky leap publishes each variation of this file with the same version, but the hashes are unique.)

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegQueryValueExW, RegQueryInfoKeyW, RegOpenKeyExW, RegEnumKeyExW, RegDeleteValueW, RegDeleteKeyW, RegCreateKeyExW, RegCloseKey, RegSetValueExW
kernel32.dll
ReleaseMutex, WaitForSingleObject, CreateMutexW, FindResourceExW, FreeLibrary, GetModuleFileNameW, GetModuleHandleW, GetProcAddress, LoadLibraryExW, LoadResource, LockResource, LeaveCriticalSection, lstrcmpiW, FindResourceW, MultiByteToWideChar, EncodePointer, DecodePointer, GetThreadLocale, SetThreadLocale, SetEndOfFile, SetFilePointer, EnterCriticalSection, DisableThreadLibraryCalls, InterlockedDecrement, InterlockedIncrement, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, GetLastError, SizeofResource, RaiseException, CreateFileW, WriteConsoleW, SetStdHandle, ReadConsoleW, EnumSystemLocalesW, GetUserDefaultLCID, IsValidLocale, GetLocaleInfoW, LCMapStringW, LoadLibraryW, OutputDebugStringW, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetSystemTimeAsFileTime, GetCurrentProcessId, QueryPerformanceCounter, GetModuleFileNameA, GetOEMCP, GetACP, IsValidCodePage, SetFilePointerEx, ReadFile, HeapDestroy, HeapAlloc, HeapReAlloc, HeapFree, HeapSize, GetProcessHeap, IsDebuggerPresent, IsProcessorFeaturePresent, GetCPInfo, RtlUnwind, GetCommandLineA, GetCurrentThreadId, ExitProcess, GetModuleHandleExW, Sleep, GetStdHandle, WriteFile, UnhandledExceptionFilter, SetUnhandledExceptionFilter, SetLastError, GetCurrentProcess, TerminateProcess, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, GetStartupInfoW, WideCharToMultiByte, GetStringTypeW, GetFileType, CloseHandle, FlushFileBuffers, GetConsoleCP, GetConsoleMode
ole32.dll
StringFromGUID2, CoTaskMemFree, CoCreateGuid, CoTaskMemAlloc, CoCreateInstance, CLSIDFromString, CoTaskMemRealloc
shell32.dll
SHGetFolderPathW
shlwapi.dll
PathAppendW
user32.dll
CharNextW, CharLowerBuffW
Export table
DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

luckyleapbho.dll

lucky leap by lucky leap (Signed)

Remove luckyleapbho.dll
Version:   1.0.0.1
MD5:   86c127216533486a18e491da485ae71b
SHA1:   90fe559addf2fcc006cf0d5f40486ae7386c365f
SHA256:   39efd0078a33e88f3d3fab499989374528c9b79e56c679ccda06c7b7a6ae7323
Warning 7 antivirus scanners has detected malware.

Overview

luckyleapbho.dll is malware that is loaded as dynamic link library that runs in the context of Internet Explorer. It is installed in Internet Explorer as a Browser Helper Object (BHO) which has full acess to the web browser's behaviors and content. This is typically installed with the program lucky leap 3.0.0 published by Yontoo Technology, Inc. and is most likely removed by most users once installed (80% removed). The file is digitally signed by lucky leap which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:luckyleapbho.dll
Publisher:luckyleap
Product name:lucky leap
Typical file path:C:\Program Files\lucky leap\luckyleapbho.dll
Original name:lucky leapIEClient.dll
File version:1.0.0.1
Size:145.78 KB (149,280 bytes)
Build date:8/29/2013 11:34 PM
Certificate
Issued to:lucky leap
Authority (CA):VeriSign
Effective date:Monday, August 12, 2013
Expiration date:Thursday, August 13, 2015
Digital DNA
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
lucky leap
 Yontoo Technology, Inc.
  80% remove
From the privacy policy - "We use the information we collect from and receive about users to provide the Software to you, to measure and improve the Software, to personalize your experience by delivering relevant content, advertising, and marketing messages, and to provide you with customer support and respond to inquiries. We may use aggregated, anonymous data about use of and activity on the Software to assist us in this regard and su...

BehaviorsBehaviors

Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
  • BHO CLSID: {d77aa852-def3-43cb-a3f5-bd679de72f32}

MalwareMalware detections

Based on 40+ industry antivirus scanners, 7 of them detected the following malware.
Antivirus engineEngine versionDetection
Dr.Web 8.13.10.10 Adware.Plugin.100
ESET NOD32 7.8848 probably a variant of Win32/BrowseFox.A
Malwarebytes 1.75.0.1 PUP.Optional.LuckyLeap.A
McAfee 5.600.1067 Artemis!86C127216533
McAfee Gateway Anti-Malware v2013-dat Artemis!86C127216533
Trend Micro HouseCall 9.700.0.1001 TROJ_GEN.F47V0901
VIPRE Antivirus 21868 Yontoo (fs)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 37.50%
Windows 7 Professional 18.75%
Windows 7 Ultimate 18.75%
Microsoft Windows XP 6.25%
Windows 8 Pro 6.25%
Windows 8 Enterprise 6.25%
Windows Vista Home Premium 6.25%

Distribution by countryDistribution by country

United States installs about 40.00% of lucky leap.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 36.36%
Hewlett-Packard 18.18%
Acer 13.64%
MSI 9.09%
Compaq 9.09%
ASUS 9.09%
American Megatrends 4.55%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE