» SuperSocket.ClientEngine.Core.dll
Overview
Analysis
File Details
Programs (1)

SuperSocket.ClientEngine.Core.dll

SuperSocket ClientEngine

Naruto Source

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module SuperSocket.ClientEngine.Core.dll, “SuperSocket.ClientEngine.Core for .NET 2.0” by Naruto Source has been detected as adware by 28 anti-malware scanners. This file is typically installed with the program Browsers Apps by Naruto Source which is a potentially unwanted software program. The library is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.

File name:

Publisher:

SuperSocket (signed by Naruto Source)

Product:

SuperSocket ClientEngine

Description:

SuperSocket.ClientEngine.Core for .NET 2.0

Version:

0.3.0.0

MD5:

d566b935912993467765ad4514320b31

SHA-1:

5439c9b62fae954ee326e505c70477476a4daa07

SHA-256:

2959beb4d680dafbe9ddf6e49c1d2d8f1e849338470ab87ae49e4266cfaade39

Scanner detections:

28 / 68

Status:

Adware

Explanation:

May modify the web browser's settings including changing the homepage and search provider in addition to delivering ads (by injecting banner and text-links directly in the webpage).

Analysis date:

4/24/2024 8:09:07 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Agent.PDC

6473648

AhnLab V3 Security

Win-PUP/CrossRider

2015.01.29

Avira AntiVirus

Adware/CrossRider.pq

7.11.170.194

avast!

Win32:Crossrider-AA [PUP]

150101-1

AVG

Generic

2016.0.3216

Baidu Antivirus

Adware.Win32.GoogUpdate

4.0.3.15128

Bitdefender

Adware.Agent.PDC

1.0.20.140

Clam AntiVirus

Win.Trojan.Googupdate-11

0.98/19419

Emsisoft Anti-Malware

Adware.Agent.PDC

9.0.0.4799

ESET NOD32

Win32/Toolbar.CrossRider.BM potentially unwanted application

7.0.302.0

F-Prot

W32/S-6d94a1a8

v6.4.7.1.166

F-Secure

Adware.Agent.PDC

5.13.68

G Data

Adware.Agent.PDC

15.1.25

IKARUS anti.virus

PUA.Plush

t3scan.1.7.5.0

K7 AntiVirus

Unwanted-Program

13.185.14098

Kaspersky

not-a-virus:AdWare.NSIS.Adwapper

15.0.0.543

McAfee

Artemis!5117FA4C2AB8

5600.6872

MicroWorld eScan

Adware.Agent.PDC

16.0.0.84

NANO AntiVirus

Trojan.Win32.GoogUpdate.djdgga

0.28.6.63474

nProtect

Trojan/W32.Agent.26472.D

14.09.03.01

Panda Antivirus

Trj/Chgt.E

15.01.28.11

Qihoo 360 Security

Win32/Virus.Adware.970

1.0.0.1015

Reason Heuristics

PUP.Brightcircle

15.1.28.12

Sophos

PUA 'AppRider' (of type Adware)

5.09

SUPERAntiSpyware

Trojan.Agent/Gen-GoogUpdate

10088

Trend Micro House Call

Suspicious_GEN.F47V0816

7.2.28

Vba32 AntiVirus

Trojan.GoogUpdate

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

32782

File size:

25.9 KB (26,472 bytes)

Product version:

0.3.0.0

Original file name:

SuperSocket.ClientEngine.Core.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\Program Files\browsers apps\supersocket.clientengine.core.dll

Digital Signature

Signed by:

Naruto Source

Authority:

COMODO CA Limited

Valid from:

7/27/2014 7:00:00 PM

Valid to:

7/28/2015 6:59:59 PM

Subject:

CN=Naruto Source, O=Naruto Source, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

1CE82906A7F364268F66771839675655

File PE Metadata

Compilation timestamp:

4/11/2014 9:22:22 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:Nqu27nH/DYYxTFBA5Wuj6LV466g8qtBYo1gY5Ll8JTJ:NqdhxTFBAkuugXNJ

Entry address:

0x6A2E

Entry point:

FF, 25, 00, 20, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.7616

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

19 KB (19,456 bytes)

The file SuperSocket.ClientEngine.Core.dll has been discovered within the following program.

Browsers Apps by Naruto Source

Browsers Apps (Freeven) is an advertising-supported web browser toolbar/extension that will make the following changes to the browser's settings: - Changes the default home page and new tabs and protect these search settings - Changes the default search engine in your Internet Browser, including the browser's built-in search box - Adds an addition of alternative error page functionality, such as “Page Not Found” and DNS errors - Tracks usage behavior.

crossrider.com/install/61787-browsers-app

82% remove it

Remove SuperSocket.ClientEngine.Core.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.