home

fizzplatinumbho.dll

PlayFizz Library

GPV Entertainment, LLC

The module fizzplatinumbho.dll by GPV Entertainment has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘PlayFizz Platinum Content Add-on’. This file is typically installed with the program PlayFizz.
Publisher:
PlayFizz  (signed by GPV Entertainment, LLC)

Product:
PlayFizz Library

Description:
Platinum Library

Version:
2.1.148.6

MD5:
e840bd22fb84b695162b178c4ade4b48

SHA-1:
ca2b6b3ec9c06de41b07c21989cc26b6243e9690

SHA-256:
3dd9454c57ee555fc5f3d6cb7ed9eda664880180f0ab9fb4a4a75fe9bc4776d3

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/24/2024 8:29:51 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.BHO.GPVEntertainment.P
14.11.21.23

File size:
318.4 KB (325,992 bytes)

Product version:
2.1.0.0

Copyright:
(c) PlayFizz LLC. All rights reserved.

Original file name:
ExplorerModule.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\fizzplatinum\fizzplatinumbho.dll

Digital Signature
Signed by:
GPV Entertainment, LLC

Authority:
GoDaddy.com, Inc.

Valid from:
9/7/2012 2:18:56 AM

Valid to:
8/29/2013 1:31:25 PM

Subject:
CN="GPV Entertainment, LLC", O="GPV Entertainment, LLC", L=San Francisco, S=CA, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
4EE308636E9AF0

File PE Metadata
Compilation timestamp:
4/4/2013 7:00:17 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:mGX+HYBMBwVw2qWgAN1P7ppcZUPUwaAkHtvfLZnaZjlgBBTqvw5U5BW3vSJvc8H:duHKMBRWf/ncyUTXHznugHEZSSRc8H

Entry address:
0x24761

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, E6, 8D, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 6A, 0C, 68, F0, 6C, 04, 10, E8, 8C, 2E, 00, 00, 6A, 0E, E8, 8B, 23, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, 00, A9, 04, 10, BA, FC, A8, 04, 10, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, D5, D5, FF, FF, 59, FF, 76, 04, E8, CC, D5, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00...
 
[+]

Entropy:
6.4904

Code size:
239 KB (244,736 bytes)

Internet Explorer BHO
Display name:
PlayFizz Platinum Content Add-on

CLSID:
{757FAD76-20D9-4973-BD64-9208ED0A0624}


The file fizzplatinumbho.dll has been discovered within the following program.

PlayFizz  by PlayFizz
The PlayFizz browser extension is bundled with various PlayFizz downloadable games. It is a web browser extension that changes the browsers search and home pages as well as delivers.
www.PlayFizz.com
37% remove it
 
Powered by Should I Remove It?

Remove fizzplatinumbho.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.