srprl.dll

srprl

PINWID LTD

The module srprl.dll by PINWID has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including SavePass Smartbar by Pinwid Ltd. and LPT System Updater Service by Linkury Ltd., both potentially unwanted software.
Publisher:
PINWID LTD  (signed and verified)

Product:
srprl

Version:
1.0.0.0

MD5:
e4cf949292ebdc3e8e0b48ac6d3b98ff

SHA-1:
8fc446d2cdf6a0caeafc96c1aadab76b1cef2cb3

SHA-256:
b8047f5b3d32b8275ab2a13f1d7ec82e99854d58371ec2fda070b26436206d87

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
3/20/2014 5:48:49 PM UTC  (seven months ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.PINWID.F
14.3.20.13

File size:
52.5 KB (53,792 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2012

Original file name:
srprl.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\users\user\appdata\local\lpt\srprl.dll

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
2/4/2014 4:00:00 PM

Valid to:
2/5/2015 3:59:59 PM

Subject:
CN=PINWID LTD, O=PINWID LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46733, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D9AC9FC9A1B1E8FD63013E3CCE7B0578

File PE Metadata
Compilation timestamp:
3/2/2014 4:21:06 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:lwpaaSEyK332ht3nQETtLCbIvr9mXsmpIwzaSPqUpDQDQQUM8kv/c/t59x91k5Se:99CEvUcjQvDQxTJwnKIFT/PMEl

Entry address:
0xCD26

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5871

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
43.5 KB (44,544 bytes)

The file srprl.dll has been discovered within the following programs.

LPT System Updater Service  by Linkury Ltd.
This is a potentially unwanted web browser extension this is distributed and installed by PINWID LTD, ReSoft LTD., MY POP SHOP LTD and Linkury. It will display advertisements including banners and popups in the user's web browser.
81% remove it
SavePass Smartbar  by Pinwid Ltd.
From the EULA: "The Toolbar interacts with your computer by: Displaying advertisements, including without limitation by inserting into web pages or displaying over parts of such web pages advertisements, banners or coupons that would not otherwise appear; Converting words on pages you view into hyperlinks that are linked to advertisements; Communicating with our servers to check for new offers, the placement of offers, the date and time you install and uninstall the Toolbar, and whether an updated version of the Toolbar is available; Monitoring and recording the domain name of each page you view, the advertisements that appear on these pages, and the advertisements that you click.
www.browse-search.com
82% remove it
SavePass Smartbar Engine  by PinWid Ltd.
This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.
80% remove it
 
Powered by Should I Remove It?

The following container packages srprl.dll in it.

3 / 68      (Adware)
lptinstaller.msi  (e5d562fc4770d2619e7213cb2f986bcb1aefeaa2)

There are 12 known variations of srprl.dll.

8 / 68      (Adware)
srprl.dll  1.0.0.0  (b3d924c764343dcc45bbef2b20026e4168716e88)

8 / 68      (Adware)
srprl.dll  1.0.0.0  (6bd7cb3165beaba6763756f58a4dea1f9e528abe)

8 / 68      (Adware)
srprl.dll  1.0.0.0  (9d10502772e2810315782da0a3d26f82b55e97d6)

6 / 68      (Adware)
srprl.dll  1.0.0.0  (e37c1f31bd0336d767848ea92365296484ccc182)

5 / 68      (Adware)
srprl.dll  1.0.0.0  (1bf7ef5808298a06b911c4d1811487ad9295f1b8)

5 / 68      (Adware)
srprl.dll  1.0.0.0  (107049e37266c8eeb7076c987d835f499a78d4ce)

5 / 68      (Adware)
srprl.dll  1.0.0.0  (6ec4c57ae9c743e66dbd538d2ea26022b9ac6c04)

5 / 68      (Adware)
srprl.dll  1.0.0.0  (ede6bafb1677abb2ad3c57451a8b57450239c276)

4 / 68      (Adware)
srprl.dll  1.0.0.0  (30888f72b13178be8583e3274fde87836c9f9378)

3 / 68      (Adware)
srprl.dll  1.0.0.0  (dd210a0ee49fc5df817b03c89cf411076d425a07)

3 / 68      (Adware)
srprl.dll  1.0.0.0  (516bd36c52dbe4c96bad31772dcbdcbb88ede503)

3 / 68      (Adware)
srprl.dll  1.0.0.0  (53aaa664d73d491e37d9181be9e112e8b7b7e949)

11 / 68    (Adware)
smartbarfirefoxremoteplugin_27.dll  (4daaf48aabce45e5033c7a5172ced0360e6eb2f2)

9 / 68      (Adware)
installer.exe  (2ecfac6c3fc4e13f894d89a3cfa89c57bb1039ce)

3 / 68      (Adware)
srpts.exe  (50c1ec642a5a5258c17db267c6ff3768449106cc)

3 / 68      (Adware)
srpt.dll  (65fcd4cb2f73a97e38c0a7e93fd45328a5e301e9)

2 / 68      (Adware)
Smartbar.Communication.NamedPipe.dll  (778f38ae4a151a337b6a846cd551dce2759cde0c)

2 / 68      (Adware)
Smartbar.Communication.dll  (0c756d33ed8662a26c11c862adfbcfb705a6928b)

3 / 68      (Adware)
srptc.dll  (8ddc81202b07814c5f01d582b8491b17149a12c3)

2 / 68      (Adware)
Smartbar.Common.dll  (53776c68d7f2bb104aa35585dab3d15cf6a0b208)

2 / 68      (Adware)
srptm.exe  (bd4dc01cc4472486b8c6ba87eb9a8eb2a991d708)

3 / 68      (Adware)
srut.dll  (559656c5c50d651482f0697368373652b1828394)

3 / 68      (Adware)
sppsm.dll  (c145eafae7afd3e087a726fdac42520952363021)

3 / 68      (Adware)
spusm.dll  (50afa9026144ed5316773e055f7a056f392b530d)

3 / 68      (Adware)
Smartbar.Resources.HistoryAndStatsWrapper.dll  (bd0f6d1e02f99c56d0a386a4eeffdf18dacb8952)

2 / 68      (Adware)
Smartbar.Personalization.Common.dll  (2254806f1e6bfe4030e5e63b342af4bbaff1a5e1)

2 / 68      (Adware)
Smartbar.Infrastructure.Utilities.dll  (da628bf41c53488a6146dc50aa94a0796a3c624f)

3 / 68      (Adware)
srbs.dll  (aeaa3beebed0f09e9c43a254665f4400dc04019b)

Detection Incidence by Country