» googlechromeremoteplugin.dll
Overview
Analysis
File Details
Programs (1)

googlechromeremoteplugin.dll

GoogleChromeRemotePlugin

PINWID LTD

The module googlechromeremoteplugin.dll by PINWID has been detected as adware by 19 anti-malware scanners. This file is typically installed with the program BeeCoupons Smartbar by Pinwid Ltd. which is a potentially unwanted software program.

File name:

Publisher:

PINWID LTD (signed and verified)

Product:

GoogleChromeRemotePlugin

Description:

nprt

Version:

1, 0, 0, 1

MD5:

acc21e3bf3b7d9314572edf1071ef90b

SHA-1:

2651b5e78ce905e2cd9c221796b7a52869486510

SHA-256:

361c25646d696645e0ca3a8e6d786c6a7a917004b8304c0d5442ac881372e973

Scanner detections:

19 / 68

Status:

Adware

Analysis date:

4/26/2024 3:32:43 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Linkury.B

821

Agnitum Outpost

PUA.Toolbar.Linkury

7.1.1

Avira AntiVirus

Adware/Linkury.D

7.11.112.250

AVG

MalSign.Pindi

2015.0.3299

Baidu Antivirus

Adware.Win32.Linkury

4.0.3.14115

Bitdefender

Adware.Linkury.B

1.0.20.1545

Emsisoft Anti-Malware

Adware.Linkury

8.14.11.05.07

ESET NOD32

Win32/Toolbar.Linkury

8.9692

G Data

Adware.Linkury

14.11.24

McAfee

Artemis!ACC21E3BF3B7

5600.6955

MicroWorld eScan

Adware.Linkury.B

15.0.0.927

NANO AntiVirus

Riskware.Win32.Linkury.ddpups

0.28.2.61861

nProtect

Adware.Linkury.B

14.08.06.01

Panda Antivirus

PUP/LinkUry

14.11.05.07

Reason Heuristics

PUP.PINWID.Y

14.11.5.19

Sophos

Generic PUA JF

4.98

Trend Micro House Call

TROJ_GEN.F47V0130

7.2.309

VIPRE Antivirus

Trojan.Win32.Generic

28346

XVirus List

Win.Detected

2.3.31

File size:

166 KB (170,016 bytes)

Product version:

1, 0, 0, 1

Original file name:

nprt.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\smartbar\application\amfclgbdpgndipgoegfpkkgobahigbcl\googlechromeremoteplugin.dll

Digital Signature

Signed by:

PINWID LTD

Authority:

COMODO CA Limited

Valid from:

2/4/2014 4:00:00 PM

Valid to:

2/5/2015 3:59:59 PM

Subject:

CN=PINWID LTD, O=PINWID LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46733, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D9AC9FC9A1B1E8FD63013E3CCE7B0578

File PE Metadata

Compilation timestamp:

2/27/2013 6:39:05 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:yHSpZO6SL37VU8PevV6fnwA9/Pnnhvfx4ZceAi6xz/WhF75WrgURzjAx6:1ufnN9fsHAtxz/IydM

Entry address:

0xB42C

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 3A, 7D, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, 58, 54, 02, 10, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, 5C, 54, 02, 10, 5D, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, 5D, C3, E8, 57, 57, 00, 00, 85, C0, 75, 06, B8, C0, 55, 02, 10, C3, 83, C0, 08, C3, E8, 44, 57, 00, 00, 85, C0, 75... 
[+]

Entropy:

6.4604

Code size:

115.5 KB (118,272 bytes)

The file googlechromeremoteplugin.dll has been discovered within the following program.

BeeCoupons Smartbar by Pinwid Ltd.

This adware injects itself into the user's web browser (IE, Chrome and Firefox) and will display out-of context advertising on web sites that are not associated with the software or its affiliate partners.

www.browse-search.com

88% remove it

Remove googlechromeremoteplugin.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.