Lrcnta.exe

Lrcnta

PINWID LTD

The application Lrcnta.exe by PINWID has been detected as adware by 2 anti-malware scanners. Additionally, the file is typically installed by a number of programs including Muvic Smartbar Engine by Pinwid Ltd. and Snap.Do by ReSoft Ltd., both potentially unwanted software.
Publisher:
PINWID LTD  (signed and verified)

Product:
Lrcnta

Version:
1.0.0.0

MD5:
50a2362eeb579837b531ad3e7e273ca3

SHA-1:
c842bb7b3a389c0995b7b6629408f48caed34884

SHA-256:
dbc58e6f52a440d965fb8ea33a0408761e2520040234e6c2135149155df1d777

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
3/14/2014 2:10:06 AM UTC  (nine months ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.PINWID.G
14.3.13.22

VIPRE Antivirus
Adware.Linkury
26906

File size:
22 KB (22,560 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
Lrcnta.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\user\appdata\local\smartbar\application\lrcnta.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
2/4/2014 7:00:00 PM

Valid to:
2/5/2015 6:59:59 PM

Subject:
CN=PINWID LTD, O=PINWID LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46733, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D9AC9FC9A1B1E8FD63013E3CCE7B0578

File PE Metadata
Compilation timestamp:
2/25/2014 4:52:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:WUtMGkKB83cci+umc9PQer7wciES8+toI4jMfcxWnhCxYPLg8l4:U6WmFQd8uoIeGgWMEl

Entry address:
0x517E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.4822

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
12.5 KB (12,800 bytes)

The file Lrcnta.exe has been discovered within the following programs.

Muvic Smartbar  by Pinwid Ltd.
This adware injects advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of banners and text-links (roll-overs) as well as some popup ads.
www.browse-search.com/?
80% remove it
Muvic Smartbar Engine  by Pinwid Ltd.
This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.
82% remove it
Snap.Do  by ReSoft Ltd.
Snap.Do is a web browser addin/toolbar (depending on the browser it is installed within) that plugs into all the major web browsers including Internet Explorer, Chrome and Firefox. Snap.
snap.do
85% remove it
 
Powered by Should I Remove It?

There are 10 known variations of Lrcnta.exe.

7 / 68      (Adware)
Lrcnta.exe  1.0.0.0  (90692f541ed6dd90112e997b6dd7bef8870f4683)

7 / 68      (Adware)
Lrcnta.exe  1.0.0.0  (d0c4b168bdeea7e7504605062097f664b6329b47)

7 / 68      (Adware)
Lrcnta.exe  1.0.0.0  (aa0cdd353fa4086e1711731089135eedeab250c6)

5 / 68      (Adware)
Lrcnta.exe  1.0.0.0  (f527581a4dd535897636a714e30969b79bde7712)

5 / 68      (Adware)
Lrcnta.exe  1.0.0.0  (79e9c78afc3418ff7eedb3ab8a4833bc9acc820e)

5 / 68      (Adware)
Lrcnta.exe  1.0.0.0  (81626e9946a9e87d6ae6a76179c296bc3a68e066)

5 / 68      (Adware)
Lrcnta.exe  1.0.0.0  (2a97bed5580dc49453c67280c754e23df79859b0)

3 / 68      (Adware)
Lrcnta.exe  1.0.0.0  (6cc1b376ce5010d9095df63cde723eb26c2d73b3)

3 / 68      (Adware)
Lrcnta.exe  1.0.0.0  (311bf7bb7d4a284322b01b3ae83068506658497b)

1 / 68      (Adware)
Lrcnta.exe  1.0.0.0  (7461ab46e0033e231bf316d7660cbc7190d0430f)

11 / 68    (Adware)
smartbarfirefoxremoteplugin_27.dll  (4daaf48aabce45e5033c7a5172ced0360e6eb2f2)

9 / 68      (Adware)
installer.exe  (2ecfac6c3fc4e13f894d89a3cfa89c57bb1039ce)

3 / 68      (Adware)
srpts.exe  (50c1ec642a5a5258c17db267c6ff3768449106cc)

3 / 68      (Adware)
srpt.dll  (65fcd4cb2f73a97e38c0a7e93fd45328a5e301e9)

2 / 68      (Adware)
Smartbar.Communication.NamedPipe.dll  (778f38ae4a151a337b6a846cd551dce2759cde0c)

2 / 68      (Adware)
Smartbar.Communication.dll  (0c756d33ed8662a26c11c862adfbcfb705a6928b)

3 / 68      (Adware)
srptc.dll  (8ddc81202b07814c5f01d582b8491b17149a12c3)

2 / 68      (Adware)
Smartbar.Common.dll  (53776c68d7f2bb104aa35585dab3d15cf6a0b208)

2 / 68      (Adware)
srptm.exe  (bd4dc01cc4472486b8c6ba87eb9a8eb2a991d708)

3 / 68      (Adware)
srut.dll  (559656c5c50d651482f0697368373652b1828394)

3 / 68      (Adware)
sppsm.dll  (c145eafae7afd3e087a726fdac42520952363021)

3 / 68      (Adware)
spusm.dll  (50afa9026144ed5316773e055f7a056f392b530d)

3 / 68      (Adware)
Smartbar.Resources.HistoryAndStatsWrapper.dll  (bd0f6d1e02f99c56d0a386a4eeffdf18dacb8952)

2 / 68      (Adware)
Smartbar.Personalization.Common.dll  (2254806f1e6bfe4030e5e63b342af4bbaff1a5e1)

2 / 68      (Adware)
Smartbar.Infrastructure.Utilities.dll  (da628bf41c53488a6146dc50aa94a0796a3c624f)

3 / 68      (Adware)
srbs.dll  (aeaa3beebed0f09e9c43a254665f4400dc04019b)

Detection Incidence by Country