» googlechromeremoteplugin.dll
Overview
Analysis
File Details
Programs (1)

googlechromeremoteplugin.dll

GoogleChromeRemotePlugin

Veristaff.com Inc

The module googlechromeremoteplugin.dll by Veristaff.com Inc has been detected as adware by 4 anti-malware scanners. This file is typically installed with the program SafeFinder Smartbar by Linkury Ltd. which is a potentially unwanted software program.

File name:

Publisher:

Veristaff.com Inc (signed and verified)

Product:

GoogleChromeRemotePlugin

Description:

nprt

Version:

1, 0, 0, 1

MD5:

e5aac117f1f692ead42b39102982155a

SHA-1:

79bfa1f0ae1874295691d562b1224426cb2c46b4

SHA-256:

22b71224339f776d333778bca1be7d4dcb67704f24f64136995787d2d9e7cce8

Scanner detections:

4 / 68

Status:

Adware

Analysis date:

4/26/2024 6:03:47 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Toolbar.Linkury

7.1.1

AVG

Veristaff

2015.0.3400

ESET NOD32

Win32/Toolbar.Linkury.D potentially unwanted application

7.0.302.0

Reason Heuristics

PUP.Veristaff.Y

14.7.28.9

File size:

165.3 KB (169,256 bytes)

Product version:

1, 0, 0, 1

Original file name:

nprt.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\smartbar\application\amfclgbdpgndipgoegfpkkgobahigbcl\googlechromeremoteplugin.dll

Digital Signature

Signed by:

Veristaff.com Inc

Authority:

DigiCert Inc

Valid from:

7/8/2014 8:00:00 PM

Valid to:

7/14/2015 8:00:00 AM

Subject:

CN=Veristaff.com Inc, O=Veristaff.com Inc, L=Wilmington, S=Delaware, C=US

Issuer:

CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0B0EA10F13BB9EB2057BECB9A30F59D4

File PE Metadata

Compilation timestamp:

2/27/2013 9:39:05 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:HHSpZO6SL37VU8PevV6fnwA9/Pnnhvfx4ZceAi6xz/WhF75WrgURzjAx6TZ:aufnN9fsHAtxz/IydMQZ

Entry address:

0xB42C

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 3A, 7D, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, 58, 54, 02, 10, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, 5C, 54, 02, 10, 5D, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, 5D, C3, E8, 57, 57, 00, 00, 85, C0, 75, 06, B8, C0, 55, 02, 10, C3, 83, C0, 08, C3, E8, 44, 57, 00, 00, 85, C0, 75... 
[+]

Entropy:

6.4451

Code size:

115.5 KB (118,272 bytes)

The file googlechromeremoteplugin.dll has been discovered within the following program.

SafeFinder Smartbar by Linkury Ltd.

SafeFinder displays advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of search-related ads, banner and video ads, and text-links (roll-overs) as well as some popup ads.

www.linkury.com/faq/s/faq.aspx?company=SafeFinder

67% remove it

Remove googlechromeremoteplugin.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.