» smtu.dll
Overview
Analysis
File Details
Programs (1)

smtu.dll

smtu

PINWID LTD

The module smtu.dll by PINWID has been detected as adware by 8 anti-malware scanners. This file is typically installed with the program Muvic Smartbar by Pinwid Ltd. which is a potentially unwanted software program.

File name:

smtu.dll

Publisher:

PINWID LTD (signed and verified)

Product:

smtu

Version:

1.0.0.0

MD5:

808a2a8f9b1d081270d45404044afea0

SHA-1:

5fb7e106cc787ee2a6972f7711cf0c6f7dc9aa1c

SHA-256:

f608e9f1542e6fd44e8a0efc85a5c58de2442088d3b0c20809e3fcd703dd76e1

Scanner detections:

8 / 68

Status:

Adware

Analysis date:

4/26/2024 5:54:17 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Pindi

2016.0.3019

Baidu Antivirus

PUA.MSIL.Linkury

4.0.3.15812

ESET NOD32

MSIL/Toolbar.Linkury (variant)

9.10646

G Data

Win32.Application.Linkury

15.8.24

Reason Heuristics

PUP.Resoft.PINWID (M)

15.8.12.16

Rising Antivirus

PE:Trojan.Win32.Generic.17461AF3!390470387

23.00.65.15810

Trend Micro House Call

Suspicious_GEN.F47V0912

7.2.224

VIPRE Antivirus

Adware.Linkury

33490

File size:

30 KB (30,752 bytes)

Product version:

1.0.0.0

Original file name:

smtu.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\smartbar\application\smtu.dll

Digital Signature

Signed by:

PINWID LTD

Authority:

COMODO CA Limited

Valid from:

2/4/2014 4:00:00 PM

Valid to:

2/5/2015 3:59:59 PM

Subject:

CN=PINWID LTD, O=PINWID LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46733, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D9AC9FC9A1B1E8FD63013E3CCE7B0578

File PE Metadata

Compilation timestamp:

2/12/2014 10:20:03 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:usAKyjyiY1NPnFE3YO9Xgvxkkkkkkc0s7s8trhykCax7a89/tWgI7KFK/m8nhCxE:bSQqoRZkkkkkkc0u889V3IEKO8MEl1

Entry address:

0x737E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.4445

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

21 KB (21,504 bytes)

The file smtu.dll has been discovered within the following program.

Muvic Smartbar by Pinwid Ltd.

This adware injects advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of banners and text-links (roll-overs) as well as some popup ads.

www.browse-search.com/?

80% remove it

Remove smtu.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.