home

internet speed checker-buttonutil64.dll

Naruto Source

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module internet speed checker-buttonutil64.dll by Naruto Source has been detected as adware by 12 anti-malware scanners. The ButtonUtil module (64-bit version) uses the Crossrider web extension platform and will perform a number of helper integration on the user's web browser's as well as the Window's Shell in order to install the addon. It is distributed as part of the Brightcircle group of browser-extensions.
Publisher:
Naruto Source  (signed and verified)

MD5:
e27275fd4110d45f7fbdbd9531b97d84

SHA-1:
3c8d74e18b64732c9f99db9fac4c1f61231b3650

SHA-256:
198c54771271de71e0155b75835799b467c5947babb37771777c84ea072f8a4e

Scanner detections:
12 / 68

Status:
Adware

Explanation:
Part of the Crossrider toolbar platform. Distributed through the Brightcircle investments brand.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Naruto Source.

Analysis date:
4/26/2024 6:16:17 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/CrossRider.pq
7.11.172.254

avast!
Win32:Crossrider-AA [PUP]
2014.9-141203

AVG
Generic
2015.0.3342

Baidu Antivirus
Adware.Win64.Crossrider
4.0.3.14123

ESET NOD32
Win64/Toolbar.Crossrider.G potentially unwanted application
8.7.0.302.0

herdProtect (fuzzy)
variant of thetorntv v10-buttonutil64.dll (Adware)
2014.12.5.15

Kaspersky
not-a-virus:AdWare.NSIS.Adwapper
14.0.0.3207

McAfee
Artemis!E27275FD4110
5600.6998

Panda Antivirus
Trj/Chgt.G
14.09.23.12

Qihoo 360 Security
Win32/Virus.Adware.970
1.0.0.1015

Reason Heuristics
PUP.Crossrider.NarutoSource.d
14.9.23.12

VIPRE Antivirus
Threat.4150696
34232

File size:
477.9 KB (489,320 bytes)

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\Program Files\internet speed checker\internet speed checker-buttonutil64.dll

Digital Signature
Signed by:
Naruto Source

Authority:
COMODO CA Limited

Valid from:
7/28/2014 2:00:00 AM

Valid to:
7/29/2015 1:59:59 AM

Subject:
CN=Naruto Source, O=Naruto Source, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
1CE82906A7F364268F66771839675655

File PE Metadata
Compilation timestamp:
9/16/2014 12:02:42 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:Nk25ZyCWpfeUp4rCPfAjg3C/2ehWWKKJ5Mcspz9UTH6yqVriWaEGg1TByEkYM9Yc:NIf1+cs6DxiWaEX1TAEkYM6xhs

Entry address:
0x2F5DC

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, EF, A9, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 90, 07, 04, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF...
 
[+]

Code size:
317 KB (324,608 bytes)

Remove internet speed checker-buttonutil64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.