SmartbarInternetExplorerBHO.dll

SmartbarInternetExplorerBHO

ReSoft LTD.

The module SmartbarInternetExplorerBHO.dll by ReSoft has been detected as adware by 6 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘SmartbarInternetExplorerBHOEngine’. Additionally, the file is typically installed by a number of programs including Snap.Do by ReSoft Ltd. and Muvic Smartbar by Pinwid Ltd., both potentially unwanted software.
Remove SmartbarInternetExplorerBHO.dll - Powered by Reason Core Security
Publisher:
ReSoft LTD.  (signed and verified)

Product:
SmartbarInternetExplorerBHO

Version:
1.0.0.0

MD5:
3868b20559b30999684e00213b792e80

SHA-1:
3a6c6f6279e5c550ae65c673d614c4fe8203f49f

SHA-256:
63ce4d0a15454ce1e3a35e9f3d723a3a102b1b85e1ea77004a5619662d878691

Scanner detections:
6 / 68

Status:
Adware

Analysis date:
8/30/2015 6:55:34 PM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.BHO.ReSoft.BB
188838

ESET NOD32
MSIL/Toolbar.Linkury (variant)
8.9427

Panda Antivirus
PUP/LinkUry
14.08.08.01

Reason Heuristics
PUP.BHO.ReSoft.BB
14.8.8.1

Trend Micro House Call
HV_ZYX_BK08328F.TOMC
7.2.220

VIPRE Antivirus
Adware.Linkury
28350

Remove SmartbarInternetExplorerBHO.dll - Powered by Reason Core Security
File size:
146 KB (149,536 bytes)

Product version:
1.0.0.0

Original file name:
SmartbarInternetExplorerBHO.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\smartbar\application\smartbarinternetexplorerbho.dll

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
7/31/2013 7:00:00 PM

Valid to:
8/1/2015 6:59:59 PM

Subject:
CN=ReSoft LTD., O=ReSoft LTD., STREET=4th Hanevi'im, L=Tel Aviv, S=Israel, PostalCode=64356, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
51FA31336CEC649121E9A908289950D2

File PE Metadata
Compilation timestamp:
3/20/2014 7:36:10 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:uIznuXlkpTX4TuQZNYRKUfAjtledhTmtaFyQHGvCXsedOGRc9izzr4yff8teLvHt:uITuXu9Ub6GvCi09s2o2skAieiV5ryMT

Entry address:
0x2420A

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.1230

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
137 KB (140,288 bytes)

Internet Explorer BHO
CLSID:
{31ad400d-1b06-4e33-a59a-90c2c140cba0}

CLSID name:
SmartbarInternetExplorerBHOEngine


The file SmartbarInternetExplorerBHO.dll has been discovered within the following programs.

Muvic Smartbar  by Pinwid Ltd.
This adware injects advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of banners and text-links (roll-overs) as well as some popup ads.
www.browse-search.com/?
80% remove it
Snap.Do  by ReSoft Ltd.
Snap.Do is a web browser addin/toolbar (depending on the browser it is installed within) that plugs into all the major web browsers including Internet Explorer, Chrome and Firefox. Snap.
snap.do
85% remove it
 
Powered by Should I Remove It?

Remove SmartbarInternetExplorerBHO.dll - Powered by Reason Core Security