» Smartbar.Infrastructure.Utilities.dll
Overview
Analysis
File Details
Programs (1)

Smartbar.Infrastructure.Utilities.dll

SmartbarGUI

MY POP SHOP LTD

This is part of the Linkury/SnapDo monetization software, a web browser toolbar used to hijack a user's search in order to collect revenues. The SmartBar is a a potentially unwanted toolbar and Windows Gadget that is advertising supported (adware). The module Smartbar.Infrastructure.Utilities.dll by MY POP SHOP has been detected as adware by 19 anti-malware scanners. This file is typically installed with the program LPT System Updater Service by Linkury Ltd. which is a potentially unwanted software program.

File name:

Publisher:

MY POP SHOP LTD (signed and verified)

Product:

SmartbarGUI

Version:

1.2.0.0

MD5:

65af2b4e31036220ab9f73c30418be70

SHA-1:

88bc72f217c32411331dd3644bb0a940fd088f3a

SHA-256:

66d1ad89e047f6871007a729447b438a45bc566a1ced126f1addf92534652c07

Scanner detections:

19 / 68

Status:

Adware

Analysis date:

5/7/2024 7:00:19 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Smartbar.O

832

Avira AntiVirus

APPL/Linkury.Gen2

7.11.179.12

AVG

Mypopshop

2015.0.3310

Bitdefender

Adware.Smartbar.O

1.0.20.1490

Dr.Web

Trojan.Damaged.1

9.0.1.0298

Emsisoft Anti-Malware

Adware.Smartbar.O

8.14.10.25.06

ESET NOD32

Win32/Toolbar.Linkury.G potentially unwanted application

8.7.0.302.0

F-Secure

Adware.Smartbar.O

11.2014-25-10_7

G Data

Adware.Smartbar

14.10.24

IKARUS anti.virus

PUA.Linkury

t3scan.1.6.1.0

McAfee

Artemis!D4B9E59C902E

5600.6966

MicroWorld eScan

Adware.Smartbar.O

15.0.0.894

nProtect

Adware.Smartbar.O

14.10.16.01

Panda Antivirus

PUP/LinkUry

14.10.25.06

Qihoo 360 Security

HEUR/QVM23.0.Malware.Gen

1.0.0.1015

Reason Heuristics

PUP.Smartbar.MYPOPSHOP.FF

14.10.25.18

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10277

Trend Micro House Call

Suspicious_GEN.F47V0619

7.2.298

VIPRE Antivirus

Adware.Linkury

30636

File size:

162 KB (165,896 bytes)

Product version:

1.2.0.0

Original file name:

Smartbar.Infrastructure.Utilities.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\lpt\smartbar.infrastructure.utilities.dll

Digital Signature

Signed by:

MY POP SHOP LTD

Authority:

COMODO CA Limited

Valid from:

7/6/2014 8:00:00 PM

Valid to:

7/7/2015 7:59:59 PM

Subject:

CN=MY POP SHOP LTD, O=MY POP SHOP LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46725, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

4A7D93FD75281A37A4ADCDCD636D3ADB

File PE Metadata

Compilation timestamp:

10/6/2014 7:59:38 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:VHIRWRd6xV9JDwXPGxPGanG8SuA8DFg3AyLERJ:uRW+xV9dw/G5GAi85gzLUJ

Entry address:

0x28242

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.3499

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

153 KB (156,672 bytes)

The file Smartbar.Infrastructure.Utilities.dll has been discovered within the following program.

LPT System Updater Service by Linkury Ltd.

This is a potentially unwanted web browser extension this is distributed and installed by PINWID LTD, ReSoft LTD., MY POP SHOP LTD and Linkury. It will display advertisements including banners and popups in the user's web browser.

81% remove it

Remove Smartbar.Infrastructure.Utilities.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.