» Smartbar.Resources.LanguageSettings.resources.dll
Overview
Analysis
File Details
Programs (1)

Smartbar.Resources.LanguageSettings.resources.dll

Smartbar.Resources.LanguageSettings

PINWID LTD

This is part of the Linkury/SnapDo monetization software, a web browser toolbar used to hijack a user's search in order to collect revenues. The SmartBar is a a potentially unwanted toolbar and Windows Gadget that is advertising supported (adware). The module Smartbar.Resources.LanguageSettings.resources.dll by PINWID has been detected as adware by 22 anti-malware scanners. This file is typically installed with the program Muvic Smartbar by Pinwid Ltd. which is a potentially unwanted software program.

File name:

Publisher:

PINWID LTD (signed and verified)

Product:

Smartbar.Resources.LanguageSettings

Version:

1.0.0.0

MD5:

5bc33858768cc6404cb7a729eceaa12d

SHA-1:

907f1c785361e1f0bd3712df12c7d919893e93fe

SHA-256:

9cdc24c98f302fde41a284e64e10dadacfe4b225df10e986e739ae8e917b059e

Scanner detections:

22 / 68

Status:

Adware

Analysis date:

4/16/2024 11:29:54 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Adware.Heur.bm9@gLmfnGp

541

Avira AntiVirus

APPL/Linkury.Gen2

7.11.174.252

Arcabit

Adware.Heur.E0D0EB

1.0.0.425

AVG

Pindi

2016.0.3019

Baidu Antivirus

PUA.Win32.Smartbar

4.0.3.15812

Bitdefender

Gen:Adware.Heur.bm9@gLmfnGp

1.0.20.1120

Bkav FE

W32.HfsAdware

1.3.0.6379

Comodo Security

UnclassifiedMalware

22127

Dr.Web

Trojan.Revizer.726

9.0.1.0224

Emsisoft Anti-Malware

Gen:Adware.Heur.bm9@gLmfnGp

8.15.08.12.04

F-Secure

Gen:Adware.Heur.bm9@gLmfnGp

11.2015-12-08_4

G Data

Gen:Adware.Heur.bm9@gLmfnGp

15.8.25

McAfee

Artemis!DC716CB5373A

5600.6675

MicroWorld eScan

Gen:Adware.Heur.bm9@gLmfnGp

16.0.0.672

Norman

Gen:Adware.Heur.bm9@gLmfnGp

11.20150812

nProtect

Adware.Smartbar.V

15.03.30.01

Panda Antivirus

PUP/ProtectiumBrowser

15.08.12.04

Reason Heuristics

PUP.Resoft.PINWID (M)

15.8.12.16

SUPERAntiSpyware

Adware.Pinwid/Variant

9696

Trend Micro House Call

Suspicious_GEN.F47V0912

7.2.224

Trend Micro

TROJ_GEN.R03EC0OD115

10.465.12

VIPRE Antivirus

Threat.4150696

39676

File size:

24.5 KB (25,120 bytes)

Product version:

1.0.0.0

Original file name:

Smartbar.Resources.LanguageSettings.resources.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\smartbar\application\nl\smartbar.resources.languagesettings.resources.dll

Digital Signature

Signed by:

PINWID LTD

Authority:

COMODO CA Limited

Valid from:

2/4/2014 4:00:00 PM

Valid to:

2/5/2015 3:59:59 PM

Subject:

CN=PINWID LTD, O=PINWID LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46733, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D9AC9FC9A1B1E8FD63013E3CCE7B0578

File PE Metadata

Compilation timestamp:

2/12/2014 10:19:43 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:fQIg4/wFXTbC0IVqQkUA9Fbc22E5KIylIuvTVR8fAAF1LdiJYnhCxYPLg8l4Z:oIg4/WXTfIAQkUoFbrevJ6oqIYMElI

Entry address:

0x5B5E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.8986

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

15 KB (15,360 bytes)

The file Smartbar.Resources.LanguageSettings.resources.dll has been discovered within the following program.

Muvic Smartbar by Pinwid Ltd.

This adware injects advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of banners and text-links (roll-overs) as well as some popup ads.

www.browse-search.com/?

80% remove it

Remove Smartbar.Resources.LanguageSettings.resources.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.