» Smartbar.Personalization.BusinessEntities.dll
Overview
Analysis
File Details

Smartbar.Personalization.BusinessEntities.dll

Smartbar.Personalization.BusinessEntities

This is part of the Linkury/SnapDo monetization software, a web browser toolbar used to hijack a user's search in order to collect revenues. The SmartBar is a a potentially unwanted toolbar and Windows Gadget that is advertising supported (adware). The module Smartbar.Personalization.BusinessEntities.dll has been detected as adware by 15 anti-malware scanners.

File name:

Publisher:

Microsoft* (Invalid match)

Product:

Smartbar.Personalization.BusinessEntities

Version:

1.2.0.0

MD5:

23e853e38a07c1608cadf1e5b3c0d2e3

SHA-1:

e74023f6c79b8bfc5d9e272e8a4c9d5e87512659

SHA-256:

24262d090256621f58684b081159386a6a63e7a96abc76638718fbcb22c4db13

Scanner detections:

15 / 68

Status:

Adware

Analysis date:

4/26/2024 12:32:22 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Linkury.B

857

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

Bitdefender

Adware.Linkury.B

1.0.20.1370

Dr.Web

Trojan.Damaged.1

9.0.1.0274

Emsisoft Anti-Malware

PDF:Exploit.PDF-JS.FX

8.14.10.01.12

ESET NOD32

Win32/Toolbar.Linkury.G potentially unwanted application

8.7.0.302.0

G Data

Win32.Application.Linkury

14.10.24

McAfee

Artemis!9D1CD3007779

5600.6991

MicroWorld eScan

Adware.Linkury.B

15.0.0.822

nProtect

Adware.Linkury.B

14.08.06.01

Panda Antivirus

PUP/LinkUry

14.10.01.12

Reason Heuristics

Threat.Win.Reputation.IMP

14.10.1.0

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10327

Trend Micro House Call

Suspicious_GEN.F47V0613

7.2.274

VIPRE Antivirus

Adware.Linkury

23598

File size:

91.5 KB (93,696 bytes)

Product version:

1.2.0.0

Original file name:

Smartbar.Personalization.BusinessEntities.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\smartbar\application\smartbar.personalization.businessentities.dll

File PE Metadata

Compilation timestamp:

1/21/2013 4:09:32 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:ferwU6uXduJap00dfSQJvhRkTmvSO5tqfsl3xNKaisQm2fIk/NgzOJh45RSVFpj/:ENuJap06fxJvbkSvl5tqfshNKaisQm2/

Entry address:

0x183CE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 10, 00, 00, 00, 18, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 30, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 48, 00, 00, 00, 58, A0, 01, 00, C4, 03... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

89 KB (91,136 bytes)

Remove Smartbar.Personalization.BusinessEntities.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.