home

AddressBarInstance.dll

Smart Address Bar

Think Tank Labs, LLC

The module AddressBarInstance.dll, “Smart Address Bar DLL” by Think Tank Labs has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including Lipocodes Suggestor by LipoCodes Software and Smart Suggestor by Think Tank Labs, LLC, both potentially unwanted software.
Publisher:
Think Tank Labs, LLC  (signed and verified)

Product:
Smart Address Bar

Description:
Smart Address Bar DLL

Version:
1.0.0.17

MD5:
c45130b20ac78080ba3d40cf2fc9efde

SHA-1:
754bfd0731125bfc6a2f410c2a940d232f73f991

SHA-256:
b1c45cfb49d6d107debcbbe138ddfce7bdea542e47c45324d6d64ec2c84e2bc5

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/26/2024 8:27:17 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ThinkTankLabs
15.4.24.0

File size:
172.8 KB (176,944 bytes)

Product version:
1.0.0.17

Copyright:
© 2011 Think Tank Labs, LLC

Original file name:
AddressBarInstance.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\wintoflash suggestor\addressbarinstance.dll

Digital Signature
Signed by:
Think Tank Labs, LLC

Authority:
GoDaddy.com, Inc.

Valid from:
4/13/2011 11:47:41 PM

Valid to:
4/11/2012 11:41:13 PM

Subject:
CN="Think Tank Labs, LLC", O="Think Tank Labs, LLC", L=Newport, S=CA, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B68DF215AD36D

File PE Metadata
Compilation timestamp:
12/21/2011 10:33:22 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:ExNQxylEAB80wEh77nIOL+M04c68bm1jeUyYZx5TpKR0h:EHL77nIO6M0478bm1jVyafpq0

Entry address:
0x11A33

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, A6, 73, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, 68, C0, 1A, 01, 10, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 50, 69, 02, 10, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, CC, CC...
 
[+]

Entropy:
6.4635

Code size:
124 KB (126,976 bytes)

The file AddressBarInstance.dll has been discovered within the following programs.

Lipocodes Suggestor  by LipoCodes Software
Lipocodes Suggestor is an adware application that runs in the web browser as a toolbar and web extension.
lipocodes.com/suggestor/features.html
77% remove it
Search Fairy  by Results Media Ltd
Search Fairy is a Results Media is a web browser extension and browser helper object (BHO) for Internet Explorer and distributed through Results Media. The Search Fairy extension includes a search bar which provides modified search redirection results and a search provider.
searchfairy.com/features.html
66% remove it
Smart Suggestor  by Think Tank Labs, LLC
Smart Suggestor is a web browser extension and browser helper object (BHO) for Internet Explorer and distributed through Results Media. The Smart Suggestor extension includes a search bar which provides modified search redirection results and a search provider.
smartsuggestor.com/features.html
72% remove it
 
Powered by Should I Remove It?

Remove AddressBarInstance.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.