home

Smartbar.exe

ReSoft LTD.

This is part of the Linkury/SnapDo monetization software, a web browser toolbar used to hijack a user's search in order to collect revenues. The SmartBar is a a potentially unwanted toolbar and Windows Gadget that is advertising supported (adware). The application Smartbar.exe by ReSoft has been detected as adware by 9 anti-malware scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Browser Infrastructure Helper’. Additionally, the file is typically installed by a number of programs including ToolbarFR by ReSoft Ltd. and Shopping Helper Smartbar by ReSoft Ltd., both potentially unwanted software.
Publisher:
Smartbar  (signed by ReSoft LTD.)

Product:
Smartbar

Version:
1.153.63.12705

MD5:
593eb3b509c6e91690f5ebf5bac9f03a

SHA-1:
101f325d8bbaed84dbcf1ffbc4dfff57b5b35d38

SHA-256:
1581d624816a02b68da33c52e8f7b9927e2c3f7dacdb11334c3f784902882aa6

Scanner detections:
9 / 68

Status:
Adware

Analysis date:
5/2/2024 4:43:23 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SmartBar-A [PUP]
2014.9-140808

Boost by Reason
Optional.Startup.ReSoft.I
188838

Dr.Web
Adware.Linkury.1
9.0.1.0357

ESET NOD32
Win32/Toolbar.Linkury (variant)
7.9139

herdProtect (fuzzy)
variant of snapdo.exe (Adware)
2013.12.28.14

IKARUS anti.virus
PUA.Linkury
t3scan.1.6.1.0

Reason Heuristics
PUP.Startup.ReSoft.I
14.8.8.0

Trend Micro House Call
TROJ_GEN.F47V1021
7.2.357

VIPRE Antivirus
Adware.Linkury
24066

File size:
20.5 KB (21,024 bytes)

Product version:
1.153.63.12705

Original file name:
Smartbar.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\smartbar\application\smartbar.exe

Digital Signature
Signed by:
ReSoft LTD.

Authority:
COMODO CA Limited

Valid from:
8/1/2013 1:00:00 AM

Valid to:
8/2/2015 12:59:59 AM

Subject:
CN=ReSoft LTD., O=ReSoft LTD., STREET=4th Hanevi'im, L=Tel Aviv, S=Israel, PostalCode=64356, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
51FA31336CEC649121E9A908289950D2

File PE Metadata
Compilation timestamp:
10/9/2013 2:50:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:EtbUx3jS87wkSFyPELK5+yVIldORoDkmVamEt92Zw3UILRjstkJnhCxYPLg8JQDD:IbW32nMaQmA97UINEIMEmDD

Entry address:
0x4D7E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
11.5 KB (11,776 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Browser Infrastructure Helper

Command:
C:\users\{user}\appdata\local\smartbar\application\smartbar.exe startup


The file Smartbar.exe has been discovered within the following programs.

Shopping Helper Smartbar  by ReSoft Ltd.
This toolbar/web browser extension is typically installed as an optional offer, users generally have this bundled with 3rd party software.
snap.do
65% remove it
ToolbarFR  by ReSoft Ltd.
This is a potentially unwanted ad-supported (adware) web browser toolbar for Orange.
83% remove it
 
Powered by Should I Remove It?

Remove Smartbar.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.