» SmartbarInternetExplorerBHO.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (2)

SmartbarInternetExplorerBHO.dll

SmartbarInternetExplorerBHO

ReSoft LTD.

The module SmartbarInternetExplorerBHO.dll by ReSoft has been detected as adware by 6 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘SmartbarInternetExplorerBHOEngine’. Additionally, the file is typically installed by a number of programs including Snap.Do by ReSoft Ltd. and Muvic Smartbar by Pinwid Ltd., both potentially unwanted software.

File name:

Publisher:

ReSoft LTD. (signed and verified)

Product:

SmartbarInternetExplorerBHO

Version:

1.0.0.0

MD5:

3868b20559b30999684e00213b792e80

SHA-1:

3a6c6f6279e5c550ae65c673d614c4fe8203f49f

SHA-256:

63ce4d0a15454ce1e3a35e9f3d723a3a102b1b85e1ea77004a5619662d878691

Scanner detections:

6 / 68

Status:

Adware

Analysis date:

4/27/2024 12:52:15 AM UTC (today)

Scan engine

Detection

Engine version

Boost by Reason

Optional.BHO.ReSoft.BB

188838

ESET NOD32

MSIL/Toolbar.Linkury (variant)

8.9427

Panda Antivirus

PUP/LinkUry

14.08.08.01

Reason Heuristics

PUP.BHO.ReSoft.BB

14.8.8.1

Trend Micro House Call

HV_ZYX_BK08328F.TOMC

7.2.220

VIPRE Antivirus

Adware.Linkury

28350

File size:

146 KB (149,536 bytes)

Product version:

1.0.0.0

Original file name:

SmartbarInternetExplorerBHO.dll

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\smartbar\application\smartbarinternetexplorerbho.dll

Digital Signature

Signed by:

ReSoft LTD.

Authority:

COMODO CA Limited

Valid from:

7/31/2013 7:00:00 PM

Valid to:

8/1/2015 6:59:59 PM

Subject:

CN=ReSoft LTD., O=ReSoft LTD., STREET=4th Hanevi'im, L=Tel Aviv, S=Israel, PostalCode=64356, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

51FA31336CEC649121E9A908289950D2

File PE Metadata

Compilation timestamp:

3/20/2014 7:36:10 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:uIznuXlkpTX4TuQZNYRKUfAjtledhTmtaFyQHGvCXsedOGRc9izzr4yff8teLvHt:uITuXu9Ub6GvCi09s2o2skAieiV5ryMT

Entry address:

0x2420A

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.1230

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

137 KB (140,288 bytes)

Internet Explorer BHO

CLSID:

{31ad400d-1b06-4e33-a59a-90c2c140cba0}

CLSID name:

SmartbarInternetExplorerBHOEngine

The file SmartbarInternetExplorerBHO.dll has been discovered within the following programs.

Muvic Smartbar by Pinwid Ltd.

This adware injects advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of banners and text-links (roll-overs) as well as some popup ads.

www.browse-search.com/?

80% remove it

Snap.Do by ReSoft Ltd.

Snap.Do is a web browser addin/toolbar (depending on the browser it is installed within) that plugs into all the major web browsers including Internet Explorer, Chrome and Firefox. Snap.

snap.do

85% remove it

Remove SmartbarInternetExplorerBHO.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.