5/5 - (1 votes)

SmartBar, Potentially Unwanted Software.

The SmartBar program falls into the category of Optional Potentially Unwanted Software (LPI/PUP).

LPIs typically install as a program or browser extension and are loaded every time the system starts. It can be installed with the Linkury Smartbar, Messenger SmartBar, Snap.Do, or Muvic programs. It redirects the search to feed.snapdo.com & feed.snap.do servers.


Potentially Unwanted Software (PUP/LPI) can launch services, start scheduled tasks, and create shortcuts on your Desktop. All these operations are done with or without your consent according to the terms of its user contract. Once installed, an LPI can modify certain parameters of your browsers such as search pages, the start page or even your error page. It can collect your browsing habits and communicate them to a server using the tracking method. While browsing, it may display advertisements (coupons) and advertising banners (popups). The goal of this program is often to make money by generating web traffic to sponsored sites.


Potentially unwanted software (LPI) or Potentialy Unwanted Programs (PUP) are the cause of many infections. The most common example is adware. InstallCore, Crossrider, Graftor ou Boxore which pollute the Registry and your data storage units. They are usually installed without your knowledge by downloading freeware. Indeed some sites use the repackaging method, an operation which consists of redoing the software installation module by adding download options. These options allow you to add other software such as browser toolbars, adware, potentially unwanted software, intrusive advertising software, or even browser hijackers.


A browser hijacker, or hijacker, is an application that modifies certain settings of your internet browsers without your consent. These are usually the home pages, search pages and settings of your internet service provider. This mainly involves redirecting traffic from start and/or search pages to a dedicated server which collects information on your browsing habits. The goal of this app is to make money by driving web traffic to its own search engine.


Spyware (spyware) and adware (adwares) unwanted files, just like malware, can use the writing flaws of legitimate software or those of operating systems. It is therefore essential to have official software and that it has automatic updating. Likewise, your Windows operating system must be programmed in automatic update mode and activated, so that you can have the latest updates for critical security vulnerabilities.

Features

– It installs as a process launched at system startup (RP),
– It hijacks the start page of the Google Chrome (G0) browser,
– It replaces the search page of the Google Chrome (G1) browser,
– It installs an extension program for the Mozilla Firefox (M2) browser,
– It modifies the start page of the Internet Explorer browser (R0),
– It modifies the search page of the Internet Explorer (R1) browser,
– It is installed in the Registry Base in order to be launched each time the system is started (O4),
– It is installed as a program (O42),
– It creates multiple “Software” registry keys,
– It is installed in the Windows prefetcher folder (O45),
– It creates a ShareTools MSconfig StartupReg registry key (O53),
– It modifies the Internet search provider (O69),
– It places an MSI package file in the System Installer folder (O93)

Preview in reports

Recorded on 19/05/2013
[MD5.0D3D27DFC1939A42A1738A116738F795] – (.Smartbar – Smartbar.) — C:\Users\Coolman\AppData\Local\Smartbar\Application\QuickShare.exe [20248] [PID.2208]
G1 – GCS: Preference [User Data\Default] https://feed.snapdo.com
G0 – GCSP: Preference [User Data\Default][HomePage] https://feed.snapdo.com
G0 – GCSP: Preference [User Data\Default] https://feed.snapdo.com
G2 – GCE: Preference [User Data\Default] [eehfnepnmclpcobedfhlofbalebekkaj] SnapDo v.0.55, (Enabled)
P2 – EXT: (…) — C:\Program Files\Mozilla Firefox\browser\searchplugins\findit.xml
M2 – MFEP: prefs.js [Coolman – jp0sfyci.default\firefox@splashurl.com] [] SnapDo v0.57 (..)
M3 – MFPP: Plugins – [Coolman] — C:\Users\Coolman\AppData\Roaming\Mozilla\Firefox\Profiles\zuzkxm51.default\searchplugins\SafeFinder Search.xml
R0 – HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://feed.snapdo.com
R1 – HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://feed.snap.do
R1 – HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://feed.snapdo.com
R1 – HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://feed.snap.do
A1 – HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://feed.snapdo.com
A1 – HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://feed.snapdo.com
O4 – HKCU\..\Run: [Browser Infrastructure Helper] . (.Smartbar – Smartbar.) — C:\Users\Coolman\AppData\Local\Smartbar\Application\QuickShare.exe
O4 – HKUS\S-1-5-21-3457901039-3679683318-3372754741-1001\..\Run: [Browser Infrastructure Helper] . (.Smartbar – Smartbar.) — C:\Users\Coolman\AppData\Local\Smartbar\Application\QuickShare.exe
O42 – Software: SafeFinder – (.Linkury.) [HKLM] — {970B39E9-E1A1-41EA-945D-74F2655EE1F2}
O42 – Software: Linkury Smartbar – (.Linkury Inc..) [HKLM][64Bits] — {70D3EBFD-C613-49DB-A444-A4BD720DE1E9}
O42 – Software: Messenger Plus! Community Smartbar – (.Linkury Inc..) [HKLM] — {B279C6DE-B056-4BF3-A3E7-89EB1CFA755E}
O42 – Software: Snap.Do Engine – (.ReSoft Ltd..) [HKCU][64Bits] — {ca63c0e0-1a55-478e-abea-f87edffb859a}
O42 – Software: Muvic – (.ReSoft Ltd..) [HKLM][64Bits] — {5C6D3D3E-4CF5-46F2-AAC0-74F51582D46D}
O42 – Software: Muvic Engine – (.ReSoft Ltd..) [HKCU][64Bits] — {7f87743d-dc1b-45e4-9dab-1d05947fc99e}
O42 – Software: SnapDo – (.Resoft.) [HKLM] — {05202FF6-224A-47F2-AB89-9A163D2694FC}
[HKCU\Software\SmartbarBackup]
[HKCU\Software\SmartbarLog]
[HKCU\Software\Smartbar]
[HKCU\Software\AppDataLow\Software\Smartbar]
O45 – LFCP:[MD5.6DDC42EA17982D469D32CC06376F5858] – 10/06/2013 – 15:05:49 —A- – C:\Windows\Prefetch\SMARTBAR.EXE-082EF61D.pf
O53 – SMSR:HKLM\…\startupreg\Browser Infrastructure Helper [Key] . (…) — C:\Users\Coolman\AppData\Local\Smartbar\Application\Smartbar.exe
O69 – SBI: prefs.js [Barathon – xbf6y44m.default] user_pref(“extensions.helperbar.SmartbarDisabled”, false);
O69 – SBI: prefs.js [Barathon – xbf6y44m.default] user_pref(“extensions.helperbar.Visibility”, false);
O69 – SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] – (Web Search) – https://feed.snapdo.com
[MD5.F00AAEC2069BA6B88074D8FBFC4174B8] [SPRF][09/05/2013] (.No owner – Linkury.Installer.MsiWrapper.) — C:\Users\Coolman\AppData\Local\Temp\SmartbarExeInstaller.exe [8192280]
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Browser Infrastructure Helper
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5C6D3D3E-4CF5-46F2-AAC0-74F51582D46D}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{70D3EBFD-C613-49DB-A444-A4BD720DE1E9}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B279C6DE-B056-4BF3-A3E7-89EB1CFA755E}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ca63c0e0-1a55-478e-abea-f87edffb859a}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7f87743d-dc1b-45e4-9dab-1d05947fc99e}]
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}]
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}]
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\SmartbarBackup]
[HKCU\Software\SmartbarLog]
[HKCU\Software\Smartbar]
C:\Users\Coolman\AppData\Local\Smartbar
[MD5.34215B7EC78637C167C5CEBD6B3F4B98] [WIS][2012-11-03] (.ReSoft Ltd. – Snap.Do.) — C:\Windows\Installer\23a9118.msi [7688192]

Alias

Malwarebytes PUP.Optional.SmartBar.A

Associate Editors

ReSoft Ltd,
Linkury Inc,
CreativeToolbars

Some products

SafeFinder (Linkury)
Linkury Smartbar (Linkury Inc)
Messenger Plus! Community Smartbar (Linkury Inc)
Snap.Do Engine (ReSoft Ltd)
Smartbar
Muvic (ReSoft Ltd)
Muvic Engine (ReSoft Ltd)
SnapDo (Resoft)

MD5 encryption

6DDC42EA17982D469D32CC06376F5858
0D3D27DFC1939A42A1738A116738F795

Serial number

How to remove SmartBar?

Delete with Windows

Delete with ZHPCleaner

   Delete with ZHPSuite


Responsibility :   The principle of absence of responsibility of the original site, with regard to the contents of the targeted target sites, is recalled by the judgment of September 19, 2001 of the Paris Court of Appeal. The comments I make here reflect my opinion and are suggestions - the visitor is not obliged to follow them.

About the Author

Back to top