home

productsremovaltool.exe

Smartbar.Resources.ProductsRemovalTool

Veristaff.com Inc

This is part of the Linkury/SnapDo monetization software, a web browser toolbar used to hijack a user's search in order to collect revenues. The SmartBar is a a potentially unwanted toolbar and Windows Gadget that is advertising supported (adware). The application productsremovaltool.exe by Veristaff.com Inc has been detected as adware by 3 anti-malware scanners. This file is typically installed with the program ShowPass Smartbar by ReSoft Ltd. which is a potentially unwanted software program.
Publisher:
Veristaff.com Inc  (signed and verified)

Product:
Smartbar.Resources.ProductsRemovalTool

Version:
1.0.0.0

MD5:
254f39ad390dedb73057e2e3c95476fc

SHA-1:
49a7737ce312c2f7d345c289bee5fb960df634e5

SHA-256:
82a9cd7445a0e323856932aa1ec2759f16ff06c79bdada0671e997f5100dd4b2

Scanner detections:
3 / 68

Status:
Adware

Analysis date:
4/25/2024 7:14:30 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
AdWare.Linkury
t3scan.1.6.1.0

Reason Heuristics
PUP.Veristaff.T
14.7.28.8

VIPRE Antivirus
Threat.4783962
31208

File size:
119.8 KB (122,664 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2012

Original file name:
Smartbar.Resources.ProductsRemovalTool.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\smartbar\application\productsremovaltool.exe

Digital Signature
Signed by:
Veristaff.com Inc

Authority:
DigiCert Inc

Valid from:
7/8/2014 9:00:00 PM

Valid to:
7/14/2015 9:00:00 AM

Subject:
CN=Veristaff.com Inc, O=Veristaff.com Inc, L=Wilmington, S=Delaware, C=US

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0B0EA10F13BB9EB2057BECB9A30F59D4

File PE Metadata
Compilation timestamp:
7/22/2014 4:05:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:DnD6uO8YJcChFsnpaYBh034WGMECLJhzWs5We/h:yJDFaC341FCXzWih

Entry address:
0x1D8AE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
110.5 KB (113,152 bytes)

The file productsremovaltool.exe has been discovered within the following program.

ShowPass Smartbar  by ReSoft Ltd.
ShowPass Smartbar is an adware program (supported by various types of advertising) that is usually bundled by third party installers and download managers.
snap.do
63% remove it
 
Powered by Should I Remove It?

Remove productsremovaltool.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.