» Smartbar.Infrastructure.Utilities.dll
Overview
Analysis
File Details
Programs (4)

Smartbar.Infrastructure.Utilities.dll

SmartbarGUI

PINWID LTD

This is part of the Linkury/SnapDo monetization software, a web browser toolbar used to hijack a user's search in order to collect revenues. The SmartBar is a a potentially unwanted toolbar and Windows Gadget that is advertising supported (adware). The module Smartbar.Infrastructure.Utilities.dll by PINWID has been detected as adware by 2 anti-malware scanners. Additionally, the file is typically installed by a number of programs including Muvic Smartbar Engine by Pinwid Ltd. and LPT System Updater Service by Linkury Ltd., both potentially unwanted software.

File name:

Publisher:

PINWID LTD (signed and verified)

Product:

SmartbarGUI

Version:

1.2.0.0

MD5:

ae0688163a293e7a5ea7e0ee92f04969

SHA-1:

da628bf41c53488a6146dc50aa94a0796a3c624f

SHA-256:

8e7e602601151afece2b9b0a304c0123742f080ddc5b799d2c25f301875ec05b

Scanner detections:

2 / 68

Status:

Adware

Analysis date:

4/19/2024 8:33:08 PM UTC (today)

Scan engine

Detection

Engine version

AVG

MalSign.Pindi

2015.0.3526

Reason Heuristics

PUP.PINWID.FF

14.3.13.22

File size:

161.5 KB (165,408 bytes)

Product version:

1.2.0.0

Original file name:

Smartbar.Infrastructure.Utilities.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\Program Files\lpt\smartbar.infrastructure.utilities.dll

Digital Signature

Signed by:

PINWID LTD

Authority:

COMODO CA Limited

Valid from:

2/4/2014 4:00:00 PM

Valid to:

2/5/2015 3:59:59 PM

Subject:

CN=PINWID LTD, O=PINWID LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46733, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D9AC9FC9A1B1E8FD63013E3CCE7B0578

File PE Metadata

Compilation timestamp:

2/25/2014 1:49:34 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:duuPMBTKqpaL3GLjcJQS4eCs3PGxPGRmjrk65vPPSgjB8CxQa0x+W:YDKqA3GLjeLCsfG5GRc95vPPSgjB8lV+

Entry address:

0x28192

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 02, 00, 0C, 00, 00, 00, 94, 31, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.3718

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

152.5 KB (156,160 bytes)

The file Smartbar.Infrastructure.Utilities.dll has been discovered within the following programs.

LPT System Updater Service by Linkury Ltd.

This is a potentially unwanted web browser extension this is distributed and installed by PINWID LTD, ReSoft LTD., MY POP SHOP LTD and Linkury. It will display advertisements including banners and popups in the user's web browser.

81% remove it

Muvic Smartbar by Pinwid Ltd.

This adware injects advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of banners and text-links (roll-overs) as well as some popup ads.

www.browse-search.com/?

80% remove it

Muvic Smartbar Engine by Pinwid Ltd.

This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.

82% remove it

Snap.Do by ReSoft Ltd.

Snap.Do is a web browser addin/toolbar (depending on the browser it is installed within) that plugs into all the major web browsers including Internet Explorer, Chrome and Firefox. Snap.

snap.do

85% remove it

Remove Smartbar.Infrastructure.Utilities.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.