» Smartbar.Resources.Utilities.dll
Overview
Analysis
File Details
Programs (1)

Smartbar.Resources.Utilities.dll

Smartbar.Resources.Utilities

ReSoft LTD.

This is part of the Linkury/SnapDo monetization software, a web browser toolbar used to hijack a user's search in order to collect revenues. The SmartBar is a a potentially unwanted toolbar and Windows Gadget that is advertising supported (adware). The module Smartbar.Resources.Utilities.dll by ReSoft has been detected as adware by 8 anti-malware scanners. This file is typically installed with the program Snap.Do by ReSoft Ltd. which is a potentially unwanted software program.

File name:

Publisher:

ReSoft LTD. (signed and verified)

Product:

Smartbar.Resources.Utilities

Version:

1.2.0.0

MD5:

db639b901fc64f3aab88e1654129df79

SHA-1:

3086fb54b88e16cc4216fe88738b9af824063030

SHA-256:

204d48a9312ca0da1fbe316ccf8985b1778f274a3bd62894d5731cba54ed4f8b

Scanner detections:

8 / 68

Status:

Adware

Analysis date:

4/25/2024 7:17:16 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

AVG

AdInject.Resoft

2015.0.3316

G Data

Win32.Application.Linkury

14.10.24

IKARUS anti.virus

PUA.Linkury

t3scan.1.6.1.0

Reason Heuristics

PUP.ReSoft.AA

14.10.19.18

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10289

Trend Micro House Call

TROJ_GEN.F47V0820

7.2.292

VIPRE Antivirus

Adware.Linkury

18848

File size:

21.5 KB (22,016 bytes)

Product version:

1.2.0.0

Original file name:

Smartbar.Resources.Utilities.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\smartbar\application\smartbar.resources.utilities.dll

Digital Signature

Signed by:

ReSoft LTD.

Authority:

COMODO CA Limited

Valid from:

7/30/2012 8:00:00 AM

Valid to:

7/31/2013 7:59:59 AM

Subject:

CN=ReSoft LTD., O=ReSoft LTD., STREET=4th Hanevi'im, L=Tel Aviv, S=Israel, PostalCode=64356, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

7ABDE829D4244ADA77EE42C7A70C0FA3

File PE Metadata

Compilation timestamp:

6/3/2013 10:24:07 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:w82CTDIVzaRuVsB3/biGEI8DWSnhCxYPLg8lRt:31IRq+I8KSMElRt

Entry address:

0x50FE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.3027

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

12.5 KB (12,800 bytes)

The file Smartbar.Resources.Utilities.dll has been discovered within the following program.

Snap.Do by ReSoft Ltd.

Snap.Do is a web browser addin/toolbar (depending on the browser it is installed within) that plugs into all the major web browsers including Internet Explorer, Chrome and Firefox. Snap.

snap.do

85% remove it

Remove Smartbar.Resources.Utilities.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.