home

internet speed checker-buttonutil.dll

Porter Studio Plus

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module internet speed checker-buttonutil.dll by Porter Studio Plus has been detected as adware by 9 anti-malware scanners. This file is typically installed with the program Internet Speed Checker by Sailor Project which is a potentially unwanted software program. The ButtonUtil module (32-bit version) uses the Crossrider web extension monetization toolkit and will perform a number of helper integration activities on the user's web browser's as well as the Window's Shell in order to install the addon. It is distributed as part of the Brightcircle group of browser-extensions.
Publisher:
Porter Studio Plus  (signed and verified)

MD5:
27f1bb173666b8f8808db0905d5c3c31

SHA-1:
93aaea51ef0d90228f24ac0aca9507e3ee2a6c97

SHA-256:
732b4670bedeb89646b17ce07b9cf2e2e065da3db1030208453e2a048e2c60d6

Scanner detections:
9 / 68

Status:
Adware

Explanation:
Part of the Crossrider toolbar platform. Distributed through the Brightcircle investments brand.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Porter Studio Plus.

Analysis date:
4/25/2024 4:13:06 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/CrossRider.pq
7.11.195.162

avast!
Win32:Malware-gen
2014.9-150719

Dr.Web
Trojan.Crossrider.37778
9.0.1.0200

ESET NOD32
Win32/Toolbar.CrossRider.BD (variant)
9.10878

F-Prot
W32/S-89e9aa96
v6.4.7.1.166

Kaspersky
not-a-virus:AdWare.NSIS.Adwapper
14.0.0.1714

Reason Heuristics
PUP.Crossrider.PorterStudioPlus.b
14.11.3.21

Sophos
AppRider
4.98

VIPRE Antivirus
Trojan.Win32.Generic
35736

File size:
377.9 KB (386,976 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\internet speed checker\internet speed checker-buttonutil.dll

Digital Signature
Signed by:
Porter Studio Plus

Authority:
COMODO CA Limited

Valid from:
10/20/2014 2:00:00 AM

Valid to:
10/21/2015 1:59:59 AM

Subject:
CN=Porter Studio Plus, O=Porter Studio Plus, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B7BA41CFBA8D50AF9A2A64362C08FA91

File PE Metadata
Compilation timestamp:
10/30/2014 9:37:41 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:SOxlNI70yQx217Ry7YxSyITrE+TBvvCwXhYpI7+ZH:SaDyKoy80BrE+TRvDxiIyZH

Entry address:
0x26A33

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 01, 9A, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, A8, B4, 04, 10, E8, 0E, 36, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 28, 31, 05, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 80, 48, 04, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
250 KB (256,000 bytes)

The file internet speed checker-buttonutil.dll has been discovered within the following program.

Internet Speed Checker  by Sailor Project
Internet Speed Checker is an adware web browser application that displays banner ads as well as contextual link ads that are injected in the web page.
62% remove it
 
Powered by Should I Remove It?

Remove internet speed checker-buttonutil.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.