» Smartbar.Resources.HistoryAndStatsWrapper.dll
Overview
Analysis
File Details
Programs (2)

Smartbar.Resources.HistoryAndStatsWrapper.dll

Smartbar.Resources.HistoryAndStatsWrapper

VERISTAFF.COM LTD

This is part of the Linkury/SnapDo monetization software, a web browser toolbar used to hijack a user's search in order to collect revenues. The SmartBar is a a potentially unwanted toolbar and Windows Gadget that is advertising supported (adware). The module Smartbar.Resources.HistoryAndStatsWrapper.dll by VERISTAFF.COM has been detected as adware by 7 anti-malware scanners. Additionally, the file is typically installed by a number of programs including LPT System Updater Service by Linkury Ltd. and SafeFinder Smartbar by Linkury Ltd., both potentially unwanted software.

File name:

Publisher:

VERISTAFF.COM LTD (signed and verified)

Product:

Smartbar.Resources.HistoryAndStatsWrapper

Version:

1.2.0.0

MD5:

0784039971d3e1914c73b713ef3d20a8

SHA-1:

82a451ceac179b0f4ad0d07bd02bc5b55cc034b3

SHA-256:

50e2d9b711bc651f3d5c9acebb00559a1efad85991a1053eb6af9ceb6a4f8ac1

Scanner detections:

7 / 68

Status:

Adware

Analysis date:

4/16/2024 8:57:51 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

APPL/Linkury.Gen2

7.11.189.70

AVG

Generic

2015.0.3277

Baidu Antivirus

PUA.MSIL.Linkury

4.0.3.141128

ESET NOD32

MSIL/Toolbar.Linkury.I potentially unwanted application

7.0.302.0

G Data

Win32.Application.Linkury

14.11.24

Reason Heuristics

PUP.Smartbar.VERISTAFFCOM.h

14.12.4.0

VIPRE Antivirus

Threat.4783962

35088

File size:

157 KB (160,784 bytes)

Product version:

1.2.0.0

Original file name:

Smartbar.Resources.HistoryAndStatsWrapper.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\smartbar\application\smartbar.resources.historyandstatswrapper.dll

Digital Signature

Signed by:

VERISTAFF.COM LTD

Authority:

COMODO CA Limited

Valid from:

9/15/2014 8:00:00 AM

Valid to:

9/16/2015 7:59:59 AM

Subject:

CN=VERISTAFF.COM LTD, OU=514841295, O=VERISTAFF.COM LTD, STREET=Shenkar 14, L=Hertzlya, S=TLV, PostalCode=4672514, C=IL

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

2AF13BF1274B91869E8E8BA9B16282CA

File PE Metadata

Compilation timestamp:

11/19/2014 10:17:06 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:WFYbd04xkJQtuQEpDuDGw59aiPHCOyfL9A:V0dKtuQEpiqw7aiPYA

Entry address:

0x26C56

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.4198

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

147.5 KB (151,040 bytes)

The file Smartbar.Resources.HistoryAndStatsWrapper.dll has been discovered within the following programs.

LPT System Updater Service by Linkury Ltd.

This is a potentially unwanted web browser extension this is distributed and installed by PINWID LTD, ReSoft LTD., MY POP SHOP LTD and Linkury. It will display advertisements including banners and popups in the user's web browser.

81% remove it

SafeFinder Smartbar by Linkury Ltd.

SafeFinder displays advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of search-related ads, banner and video ads, and text-links (roll-overs) as well as some popup ads.

www.linkury.com/faq/s/faq.aspx?company=SafeFinder

67% remove it

Remove Smartbar.Resources.HistoryAndStatsWrapper.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.