home

Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll

PINWID LTD

This is part of the Linkury/SnapDo monetization software, a web browser toolbar used to hijack a user's search in order to collect revenues. The SmartBar is a a potentially unwanted toolbar and Windows Gadget that is advertising supported (adware). The module Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll by PINWID has been detected as adware by 4 anti-malware scanners. Additionally, the file is typically installed by a number of programs including Muvic Smartbar by Pinwid Ltd. and Snap.Do Engine by ReSoft Ltd., both potentially unwanted software.
Publisher:
PINWID LTD  (signed and verified)

Version:
1.2.0.0

MD5:
1b6ca865f93f69a0620a97bfdcb4746e

SHA-1:
d785bf030e466b1e6d5a87b81556f6698a9e0410

SHA-256:
a21221bdef6e2202342aad8af13465e0d90af0b784da1c4d7587bcfa4110db93

Scanner detections:
4 / 68

Status:
Adware

Analysis date:
4/20/2024 2:28:01 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Pindi
2015.0.3415

G Data
Win32.Application.Linkury
14.7.24

Reason Heuristics
PUP.PINWID.p
14.7.11.21

VIPRE Antivirus
Threat.4783962
31088

File size:
47 KB (48,160 bytes)

Product version:
1.2.0.0

Original file name:
Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\smartbar\application\smartbar.resources.socialnetssharer.xmlserializers.dll

Digital Signature
Signed by:
PINWID LTD

Authority:
COMODO CA Limited

Valid from:
2/4/2014 4:00:00 PM

Valid to:
2/5/2015 3:59:59 PM

Subject:
CN=PINWID LTD, O=PINWID LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46733, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D9AC9FC9A1B1E8FD63013E3CCE7B0578

File PE Metadata
Compilation timestamp:
6/15/2014 7:22:13 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:4LvmVsIcSOPdGpY+SEcDqX3prI9qnhCxYPLg8l43mZ:1bcRg6ZEcDqX3prI9qMEl

Entry address:
0x86BE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.4683

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
28 KB (28,672 bytes)

The file Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll has been discovered within the following programs.

Muvic Smartbar  by Pinwid Ltd.
This adware injects advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of banners and text-links (roll-overs) as well as some popup ads.
www.browse-search.com/?
80% remove it
Muvic Smartbar Engine  by Pinwid Ltd.
This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.
82% remove it
Snap.Do  by ReSoft Ltd.
Snap.Do is a web browser addin/toolbar (depending on the browser it is installed within) that plugs into all the major web browsers including Internet Explorer, Chrome and Firefox. Snap.
snap.do
85% remove it
Snap.Do Engine  by ReSoft Ltd.
Snap.
83% remove it
 
Powered by Should I Remove It?

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.