home

SuperSocket.ClientEngine.Protocol.dll

SuperSocket ClientEngine

Naruto Source

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module SuperSocket.ClientEngine.Protocol.dll, “SuperSocket.ClientEngine.Protocol for .NET 2.0” by Naruto Source has been detected as adware by 27 anti-malware scanners. This file is typically installed with the program Browsers Apps by Naruto Source which is a potentially unwanted software program. The library is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. It is distributed as part of the Brightcircle group of browser-extensions.
Publisher:
SuperSocket  (signed by Naruto Source)

Product:
SuperSocket ClientEngine

Description:
SuperSocket.ClientEngine.Protocol for .NET 2.0

Version:
0.3.0.0

MD5:
dbf087b8ce2f50213dbdc57125e8c81a

SHA-1:
39cd09e297ebf14fe8bbac036058ad007dd03a79

SHA-256:
4ecc8099f10ee2b5a89bc646fc11a30b401095a210f6ebf184c6c667aa42d348

Scanner detections:
27 / 68

Status:
Adware

Explanation:
May modify the web browser's settings including changing the homepage and search provider in addition to delivering ads (by injecting banner and text-links directly in the webpage). Distributed through the Brightcircle investments brand.

Analysis date:
4/25/2024 8:49:47 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Agent.PDC
737

AhnLab V3 Security
Win-PUP/CrossRider
2015.01.25

Avira AntiVirus
Adware/CrossRider.pq
7.11.182.78

avast!
Win32:Crossrider-AA [PUP]
2014.9-150128

AVG
Generic
2016.0.3215

Baidu Antivirus
PUA.Win32.CrossRider
4.0.3.15128

Bitdefender
Adware.Agent.PDC
1.0.20.140

Clam AntiVirus
Win.Trojan.Googupdate-13
0.98/21411

Emsisoft Anti-Malware
Adware.Agent.PDC
8.15.01.28.12

ESET NOD32
Win32/Toolbar.CrossRider.BM (variant)
9.10644

F-Prot
W32/S-6d94a1a8
v6.4.7.1.166

F-Secure
Adware.Agent.PDC
11.2015-28-01_4

G Data
Adware.Agent.PDC
15.1.24

IKARUS anti.virus
PUA.Plush
t3scan.1.7.5.0

K7 AntiVirus
Unwanted-Program
13.185.14098

Kaspersky
not-a-virus:AdWare.NSIS.Adwapper
14.0.0.2572

McAfee
Artemis!EC394F2DF43B
5600.6871

MicroWorld eScan
Adware.Agent.PDC
16.0.0.84

NANO AntiVirus
Trojan.Win32.GoogUpdate.dkjwbo
0.30.0.64812

nProtect
Trojan/W32.Agent.19816
14.10.30.01

Panda Antivirus
Trj/Chgt.D
15.01.28.12

Qihoo 360 Security
Win32/Virus.Adware.970
1.0.0.1015

Reason Heuristics
PUP.Brightcircle
15.1.28.12

Sophos
PUA 'AppRider' (of type Adware)
59

SUPERAntiSpyware
Trojan.Agent/Gen-Artemis
10088

Trend Micro House Call
Suspicious_GEN.F47V0818
7.2.28

Vba32 AntiVirus
Trojan.GoogUpdate
3.12.26.3

File size:
19.4 KB (19,816 bytes)

Product version:
0.3.0.0

Copyright:
Copyright © clientengine.codeplex.com 2012

Original file name:
SuperSocket.ClientEngine.Protocol.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\browsers apps\supersocket.clientengine.protocol.dll

Digital Signature
Signed by:
Naruto Source

Authority:
COMODO CA Limited

Valid from:
7/27/2014 7:00:00 PM

Valid to:
7/28/2015 6:59:59 PM

Subject:
CN=Naruto Source, O=Naruto Source, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
1CE82906A7F364268F66771839675655

File PE Metadata
Compilation timestamp:
4/11/2014 9:22:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:50K1XmogLQQkmW8GdaO6cWmgLq055Ll8A:dXm/n6dkmgLq0yA

Entry address:
0x51CE

Entry point:
FF, 25, 00, 20, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 10, 00, 00, 00, 18, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 30, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 48, 00, 00, 00, 58, 60, 00, 00, 44, 04...
 
[+]

Entropy:
5.9557

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
12.5 KB (12,800 bytes)

The file SuperSocket.ClientEngine.Protocol.dll has been discovered within the following program.

Browsers Apps  by Naruto Source
Browsers Apps (Freeven) is an advertising-supported web browser toolbar/extension that will make the following changes to the browser's settings: - Changes the default home page and new tabs and protect these search settings - Changes the default search engine in your Internet Browser, including the browser's built-in search box - Adds an addition of alternative error page functionality, such as “Page Not Found” and DNS errors - Tracks usage behavior.
crossrider.com/install/61787-browsers-app
82% remove it
 
Powered by Should I Remove It?

Remove SuperSocket.ClientEngine.Protocol.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.