» SmartbarInternetExplorerBHO.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

SmartbarInternetExplorerBHO.dll

SmartbarInternetExplorerBHO

ReSoft LTD.

The module SmartbarInternetExplorerBHO.dll by ReSoft has been detected as adware by 6 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘SmartbarInternetExplorerBHOEngine’. This file is typically installed with the program Snap.Do by ReSoft Ltd. which is a potentially unwanted software program.

File name:

Publisher:

ReSoft LTD. (signed and verified)

Product:

SmartbarInternetExplorerBHO

Version:

1.0.0.0

MD5:

672ff2eb8fe8d008030c110e5c7a4fef

SHA-1:

602728989a2cffe79843f3db5484cf3c7a532448

SHA-256:

b73f6b787d65b0532d010455f9d9df946b13ee27c36506d2da45f8f3c05ad92b

Scanner detections:

6 / 68

Status:

Adware

Analysis date:

4/25/2024 1:41:52 PM UTC (today)

Scan engine

Detection

Engine version

Boost by Reason

Optional.BHO.ReSoft.BB

188838

ESET NOD32

MSIL/Toolbar.Linkury (variant)

8.9427

Panda Antivirus

PUP/LinkUry

14.08.08.01

Reason Heuristics

PUP.BHO.ReSoft.BB

14.8.8.1

Trend Micro House Call

HV_ZYX_BK08328F.TOMC

7.2.220

VIPRE Antivirus

Adware.Linkury

28350

File size:

145.5 KB (149,024 bytes)

Product version:

1.0.0.0

Original file name:

SmartbarInternetExplorerBHO.dll

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\smartbar\application\smartbarinternetexplorerbho.dll

Digital Signature

Signed by:

ReSoft LTD.

Authority:

COMODO CA Limited

Valid from:

7/31/2013 9:00:00 PM

Valid to:

8/1/2015 8:59:59 PM

Subject:

CN=ReSoft LTD., O=ReSoft LTD., STREET=4th Hanevi'im, L=Tel Aviv, S=Israel, PostalCode=64356, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

51FA31336CEC649121E9A908289950D2

File PE Metadata

Compilation timestamp:

3/2/2014 9:04:07 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:IUxfkpTX4TuQZNYRKUfAjtledhTmtaFyQHGvCXsedOGRc9izzr4yff8teLvHHEj/:IUxg9Ub6GvCi09s2o2skAieigkQ7

Entry address:

0x241E6

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 40, 02, 00, 0C, 00, 00, 00, E8, 31, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

136.5 KB (139,776 bytes)

Internet Explorer BHO

CLSID:

{31ad400d-1b06-4e33-a59a-90c2c140cba0}

CLSID name:

SmartbarInternetExplorerBHOEngine

The file SmartbarInternetExplorerBHO.dll has been discovered within the following program.

Snap.Do by ReSoft Ltd.

Snap.Do is a web browser addin/toolbar (depending on the browser it is installed within) that plugs into all the major web browsers including Internet Explorer, Chrome and Firefox. Snap.

snap.do

85% remove it

Remove SmartbarInternetExplorerBHO.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.