home

smartbarfirefoxremoteplugin_28.dll

VERISTAFF.COM LTD

The module smartbarfirefoxremoteplugin_28.dll by VERISTAFF.COM has been detected as adware by 21 anti-malware scanners. This file is typically installed with the program SafeFinder Smartbar by Linkury Ltd. which is a potentially unwanted software program.
Publisher:
VERISTAFF.COM LTD  (signed and verified)

MD5:
987c1cf5f88f834718f3d0d46444c748

SHA-1:
bc668d47384072468e7ab4eaea6a78fbec8f019d

SHA-256:
155b17a8fa0883904f5edffa3ac4683d34b4454d261b8c0aef6e1303746420cd

Scanner detections:
21 / 68

Status:
Adware

Analysis date:
4/20/2024 12:03:16 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Smartbar.O
799

Agnitum Outpost
PUA.Toolbar.Linkury
7.1.1

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

AVG
MPomp
2015.0.3277

Baidu Antivirus
PUA.Win32.Linkury
4.0.3.141128

Bitdefender
Adware.Smartbar.O
1.0.20.1660

Emsisoft Anti-Malware
Adware.Smartbar.O
8.14.11.28.01

ESET NOD32
Win32/Toolbar.Linkury.D potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/Toolbar_Linkury
11/28/2014

F-Secure
Adware.Smartbar.O
11.2014-28-11_6

G Data
Adware.Smartbar
14.11.24

IKARUS anti.virus
PUA.Linkury
t3scan.1.6.1.0

McAfee
Artemis!2BB72146046C
5600.6933

MicroWorld eScan
Adware.Smartbar.O
15.0.0.996

nProtect
Adware.Smartbar.O
14.10.31.01

Panda Antivirus
PUP/LinkUry
14.11.28.01

Qihoo 360 Security
HEUR/QVM30.1.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.VERISTAFFCOM.EE
14.12.4.0

SUPERAntiSpyware
Trojan.Agent/Gen-PWS
10211

Trend Micro House Call
Suspicious_GEN.F47V0619
7.2.332

VIPRE Antivirus
Adware.Linkury
30674

File size:
98 KB (100,368 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\smartbar\application\helperbar@helperbar.com\components\smartbarfirefoxremoteplugin_28.dll

Digital Signature
Signed by:
VERISTAFF.COM LTD

Authority:
COMODO CA Limited

Valid from:
9/15/2014 8:00:00 AM

Valid to:
9/16/2015 7:59:59 AM

Subject:
CN=VERISTAFF.COM LTD, OU=514841295, O=VERISTAFF.COM LTD, STREET=Shenkar 14, L=Hertzlya, S=TLV, PostalCode=4672514, C=IL

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
2AF13BF1274B91869E8E8BA9B16282CA

File PE Metadata
Compilation timestamp:
2/11/2014 8:45:50 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:FSCwdau0xUiKofO7wp8qnqCCz2nV4GkvK6a520se9dric3:FSMa7ofJpeDz35K6a52Fe9X

Entry address:
0x4E63

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 77, 3E, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 60, 67, 01, 10, 00, 75, 18, E8, B6, 40, 00, 00, 6A, 1E, E8, 00, 3F, 00, 00, 68, FF, 00, 00, 00, E8, 4C, 33, 00, 00, 59, 59, 85, DB, 74, 04, 8B, C3, EB, 03, 33, C0, 40, 50, 6A, 00, FF, 35, 60, 67, 01, 10, FF, 15, 8C, 10, 01, 10, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5E, 39, 05, 90, 6D, 01, 10, 74, 0D, 53...
 
[+]

Entropy:
6.5071

Code size:
62 KB (63,488 bytes)

The file smartbarfirefoxremoteplugin_28.dll has been discovered within the following program.

SafeFinder Smartbar  by Linkury Ltd.
SafeFinder displays advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of search-related ads, banner and video ads, and text-links (roll-overs) as well as some popup ads.
www.linkury.com/faq/s/faq.aspx?company=SafeFinder
67% remove it
 
Powered by Should I Remove It?

Remove smartbarfirefoxremoteplugin_28.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.