» Interop.WMPLib.dll
Overview
Analysis
File Details
Programs (4)

Interop.WMPLib.dll

Assembly imported from type library 'WMPLib'.

PINWID LTD

The file Interop.WMPLib.dll, re-signed by PINWID LTD, is an Interop assembly that has been intergated by a 3rd-party into a .Net application, even though the assembly itself is most likely safe, it has been recompiled by a potentially unwanted program. Additionally, the file is typically installed by a number of programs including Muvic Smartbar by Pinwid Ltd. and Snap.Do Engine by ReSoft Ltd., both potentially unwanted software.

File name:

Interop.WMPLib.dll

Publisher:

PINWID LTD (signed and verified)

Product:

Assembly imported from type library 'WMPLib'.

Version:

1.0.0.0

MD5:

42a872bf1517c925164e93294e27c022

SHA-1:

cf2c5f087610b9571f2840979bd35a43b7ba0cee

SHA-256:

164679f203ede5741a653c4920a13637f8b0ddfd83962a3d3ee37cb1f2070ac8

Scanner detections:

11 / 68

Status:

Adware

Analysis date:

4/26/2024 8:39:12 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Smartbar.V

5547769

AVG

Pindi

2016.0.3099

Bitdefender

Adware.Smartbar.V

1.0.20.725

Bkav FE

W32.HfsAdware

1.3.0.6379

Emsisoft Anti-Malware

Adware.Smartbar.V

10.0.0.5366

F-Secure

Adware.Smartbar.V

5.14.151

G Data

Adware.Smartbar

15.5.25

MicroWorld eScan

Adware.Smartbar.V

16.0.0.435

nProtect

Adware.Smartbar.V

15.03.30.01

Reason Heuristics

PUP.ResignedInterop.PINWID.N

14.7.11.21

VIPRE Antivirus

Threat.5063753

40432

File size:

343 KB (351,264 bytes)

Product version:

1.0.0.0

Original file name:

Interop.WMPLib.dll

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\smartbar\application\interop.wmplib.dll

Digital Signature

Signed by:

PINWID LTD

Authority:

COMODO CA Limited

Valid from:

2/4/2014 4:00:00 PM

Valid to:

2/5/2015 3:59:59 PM

Subject:

CN=PINWID LTD, O=PINWID LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46733, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D9AC9FC9A1B1E8FD63013E3CCE7B0578

File PE Metadata

Compilation timestamp:

3/18/2013 7:30:55 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:ps9ufI5qF01WVSIvrY0A9zG1wUd843qREjmdgvyQsbOlIn6BUz2NwfCJ8reVYXKk:ps9ufI5qF01WVSIvrY0A9zG1wUd843qL

Entry address:

0x51FFE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.7138

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

324 KB (331,776 bytes)

The file Interop.WMPLib.dll has been discovered within the following programs.

Muvic Smartbar by Pinwid Ltd.

This adware injects advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of banners and text-links (roll-overs) as well as some popup ads.

www.browse-search.com/?

80% remove it

Muvic Smartbar Engine by Pinwid Ltd.

This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.

82% remove it

Snap.Do by ReSoft Ltd.

Snap.Do is a web browser addin/toolbar (depending on the browser it is installed within) that plugs into all the major web browsers including Internet Explorer, Chrome and Firefox. Snap.

snap.do

85% remove it

Snap.Do Engine by ReSoft Ltd.

Snap.

83% remove it

Remove Interop.WMPLib.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.