» snapdo.exe
Overview
Analysis
File Details
Programs (1)

snapdo.exe

ReSoft LTD.

The application snapdo.exe by ReSoft has been detected as adware by 16 anti-malware scanners. This file is typically installed with the program Snap.Do by ReSoft Ltd. which is a potentially unwanted software program.

File name:

snapdo.exe

Publisher:

Smartbar (signed by ReSoft LTD.)

Product:

Smartbar

Version:

1.18.1.10742

MD5:

a7c290f7c980a1e034ccaa8ca6d747a8

SHA-1:

1764033839c8d593ca99ec87528865a2806a8ae0

SHA-256:

631367f1d75b0861801959fa027b6b670da3414faf787281829612065ffca8d9

Scanner detections:

16 / 68

Status:

Adware

Analysis date:

5/10/2024 8:34:21 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Win-AppCare/Agent.K.20552

14.10.19

Avira AntiVirus

SPR/Linkury.D

7.11.144.8

avast!

Win32:SmartBar-A [PUP]

2014.9-141019

AVG

AdInject.Resoft

2015.0.3316

Baidu Antivirus

Adware.Win32.Agent

4.0.3.141019

Boost by Reason

Optional.ReSoft.G

188838

Dr.Web

Trojan.MulDrop4.24551

9.0.1.0292

Emsisoft Anti-Malware

Riskware.Win32.Toolbar.Linkury.AMN

8.14.10.19.06

ESET NOD32

Win32/Toolbar.Linkury (variant)

8.8514

Kaspersky

not-a-virus:AdWare.MSIL.Agent

14.0.0.3076

McAfee

Artemis!246D1E8E1F57

5600.6972

Reason Heuristics

PUP.ReSoft.G

14.10.19.18

Trend Micro House Call

TROJ_GEN.F47V0619

7.2.292

Trend Micro

ADW_LINKURY

10.465.19

Vba32 AntiVirus

AdWare.MSIL.Agent

3.12.26.0

VIPRE Antivirus

Adware.Linkury

19212

File size:

20.5 KB (20,992 bytes)

Product version:

1.18.1.10742

Original file name:

Smartbar.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\smartbar\application\snapdo.exe

Digital Signature

Signed by:

ReSoft LTD.

Authority:

COMODO CA Limited

Valid from:

7/30/2012 8:00:00 AM

Valid to:

7/31/2013 7:59:59 AM

Subject:

CN=ReSoft LTD., O=ReSoft LTD., STREET=4th Hanevi'im, L=Tel Aviv, S=Israel, PostalCode=64356, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

7ABDE829D4244ADA77EE42C7A70C0FA3

File PE Metadata

Compilation timestamp:

6/3/2013 10:24:34 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:y7dbUx3jS82wkSFya5+yVIldORoD9mVamEt92Zw3iaISbrnhCxYPLg85:CbW32MGmA97iaISrME5

Entry address:

0x4D9E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 10, 00, 00, 00, 18, 00, 00, 80, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.3671

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

11.5 KB (11,776 bytes)

The file snapdo.exe has been discovered within the following program.

Snap.Do by ReSoft Ltd.

Snap.Do is a web browser addin/toolbar (depending on the browser it is installed within) that plugs into all the major web browsers including Internet Explorer, Chrome and Firefox. Snap.

snap.do

85% remove it

Remove snapdo.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.