home

googlechromeremoteplugin.dll

GoogleChromeRemotePlugin

VERISTAFF.COM LTD

The module googlechromeremoteplugin.dll by VERISTAFF.COM has been detected as adware by 18 anti-malware scanners. This file is typically installed with the program SafeFinder Smartbar by Linkury Ltd. which is a potentially unwanted software program.
Publisher:
VERISTAFF.COM LTD  (signed and verified)

Product:
GoogleChromeRemotePlugin

Description:
nprt

Version:
1, 0, 0, 1

MD5:
ce62b75d7589ef485639bc6d4d085f43

SHA-1:
ea369e9044040d0d7155e735aa437cb5e302b250

SHA-256:
9049f2d02aad1578eaf936bfb56dbfc5b21a784d5e6c109aef71391c2e8dd954

Scanner detections:
18 / 68

Status:
Adware

Analysis date:
4/18/2024 12:38:52 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Toolbar.Linkury
7.1.1

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

AVG
AdInject.Resoft
2015.0.3277

Baidu Antivirus
Adware.Win32.Linkury
4.0.3.141128

Dr.Web
Trojan.Damaged.1
9.0.1.0332

Emsisoft Anti-Malware
Win32.Fearso.B@mm
8.14.11.28.01

ESET NOD32
Win32/Toolbar.Linkury.D potentially unwanted application
7.0.302.0

IKARUS anti.virus
PUA.Linkury
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.186.14161

McAfee
Artemis!65C179E59651
5600.6933

NANO AntiVirus
Riskware.Win32.Linkury.ddpups
0.28.2.61721

Panda Antivirus
PUP/LinkUry
14.11.28.01

Qihoo 360 Security
HEUR/QVM30.1.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.VERISTAFFCOM.Y
14.12.4.0

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10211

Trend Micro House Call
TROJ_GEN.F47V1110
7.2.332

VIPRE Antivirus
Threat.4729122
31208

XVirus List
Win.Detected
2.3.31

File size:
166.5 KB (170,512 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright © 1999

Original file name:
nprt.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\smartbar\application\amfclgbdpgndipgoegfpkkgobahigbcl\googlechromeremoteplugin.dll

Digital Signature
Signed by:
VERISTAFF.COM LTD

Authority:
COMODO CA Limited

Valid from:
9/15/2014 8:00:00 AM

Valid to:
9/16/2015 7:59:59 AM

Subject:
CN=VERISTAFF.COM LTD, OU=514841295, O=VERISTAFF.COM LTD, STREET=Shenkar 14, L=Hertzlya, S=TLV, PostalCode=4672514, C=IL

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
2AF13BF1274B91869E8E8BA9B16282CA

File PE Metadata
Compilation timestamp:
2/27/2013 10:39:05 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:5HSpZO6SL37VU8PevV6fnwA9/Pnnhvfx4ZceAi6xz/WhF75WrgURzjAx639V:8ufnN9fsHAtxz/IydMkV

Entry address:
0xB42C

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 3A, 7D, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, 58, 54, 02, 10, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, 5C, 54, 02, 10, 5D, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, 5D, C3, E8, 57, 57, 00, 00, 85, C0, 75, 06, B8, C0, 55, 02, 10, C3, 83, C0, 08, C3, E8, 44, 57, 00, 00, 85, C0, 75...
 
[+]

Entropy:
6.4696

Code size:
115.5 KB (118,272 bytes)

The file googlechromeremoteplugin.dll has been discovered within the following programs.

SafeFinder Smartbar  by Linkury Ltd.
SafeFinder displays advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of search-related ads, banner and video ads, and text-links (roll-overs) as well as some popup ads.
www.linkury.com/faq/s/faq.aspx?company=SafeFinder
67% remove it
 
Powered by Should I Remove It?

Remove googlechromeremoteplugin.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.