» srbu.dll
Overview
Analysis
File Details
Programs (1)

srbu.dll

srbu

MY POP SHOP LTD

The module srbu.dll by MY POP SHOP has been detected as adware by 10 anti-malware scanners. This file is typically installed with the program LPT System Updater Service by Linkury Ltd. which is a potentially unwanted software program.

File name:

srbu.dll

Publisher:

MY POP SHOP LTD (signed and verified)

Product:

srbu

Version:

1.0.0.0

MD5:

56b4bb0cfec644dffb1d524a5fa26ddf

SHA-1:

d7a18975f29e2c8760e2d9698a2cd89de179a7aa

SHA-256:

7efba27cc9f7fe0205593ea877f5f0e30307b9c1de87ad4db25b1ab03a5b08eb

Scanner detections:

10 / 68

Status:

Adware

Analysis date:

4/19/2024 11:12:35 AM UTC (today)

Scan engine

Detection

Engine version

AVG

MalSign.MPomp

2015.0.3507

ESET NOD32

MSIL/Toolbar.Linkury (variant)

8.10155

G Data

Win32.Application.Linkury

14.8.24

IKARUS anti.virus

PUA.Linkury

t3scan.1.6.1.0

Malwarebytes

PUP.Optional.Linkury

v2014.08.08.12

McAfee

Artemis!20E952FC8CAE

5600.7045

Panda Antivirus

PUP/LinkUry

14.04.12.07

Reason Heuristics

PUP.MYPOPSHOP.E

14.8.8.0

Trend Micro House Call

Suspicious_GEN.F47V0619

7.2.220

VIPRE Antivirus

Adware.Linkury

28196

File size:

43 KB (44,080 bytes)

Product version:

1.0.0.0

Original file name:

srbu.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\Program Files\lpt\srbu.dll

Digital Signature

Signed by:

MY POP SHOP LTD

Authority:

COMODO CA Limited

Valid from:

11/18/2013 6:00:00 PM

Valid to:

11/19/2015 5:59:59 PM

Subject:

CN=MY POP SHOP LTD, O=MY POP SHOP LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46733, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00958B06B6A7C969725A449A396AFA1FDB

File PE Metadata

Compilation timestamp:

4/7/2014 8:57:01 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

768:oIKBxsxherrviqMp8Oj3sVwDdc4gA8IXja7VRMEw2q:oIasHer7iquPnDdc4gA8iGVLwX

Entry address:

0xA642

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.4778

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

34 KB (34,816 bytes)

The file srbu.dll has been discovered within the following program.

LPT System Updater Service by Linkury Ltd.

This is a potentially unwanted web browser extension this is distributed and installed by PINWID LTD, ReSoft LTD., MY POP SHOP LTD and Linkury. It will display advertisements including banners and popups in the user's web browser.

81% remove it

Remove srbu.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.