home

BaiduBarX.DLL

Baidu Toolbar

Baidu Online Network Technology (Beijing) Co., Ltd.

It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Baidu Toolbar BHO’.
Publisher:
Baidu Online Network Technology (Beijing) Co., Ltd.  (signed and verified)

Product:
Baidu Toolbar

Description:
Baidu Toolbar For IE

Version:
2, 0, 5, 29

MD5:
1a155e6b04079d431f99e09805ebd958

SHA-1:
5dc666d0fb093939f628243afdf0925ba44eef7c

SHA-256:
d95329612d5722db8d070ef66989044adc6e5e5fee72059debea1047fd9e5e52

Scanner detections:
4 / 68

Status:
Clean  (4 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/18/2024 8:50:41 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clodab4.Trojan
1.3.0.4959

Dr.Web
Adware.Baidu.4134
9.0.1.042

McAfee
Artemis!3C2B8A41A170
5600.6493

Vba32 AntiVirus
Signed-Adware.Hao123.BaiduBeijingCo
3.12.26.3

File size:
2.2 MB (2,356,144 bytes)

Product version:
2, 0, 5, 29

Copyright:
Copyright 2009

Original file name:
BaiduBarX.DLL

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\baidu\toolbar\baidubarx.dll

Digital Signature
Signed by:
Baidu Online Network Technology (Beijing) Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
7/31/2009 8:00:00 AM

Valid to:
7/31/2012 7:59:59 AM

Subject:
CN="Baidu Online Network Technology (Beijing) Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Baidu Online Network Technology (Beijing) Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
65165E50249FF6AD039D7706EC59BF8D

Registration
CLSIDs:
{77FEF28E-EB96-44FF-B511-3185DEA48697}, {A7F05EE4-0426-454F-8013-C41E3596E9E9}, {B580CF65-E151-49C3-B73F-70B13FCA8E86}, {E5D5D4A1-17F0-41D7-B1C6-0979F91E6F46}

ProgIDs:
BaiduBarX.BandIE.1, BaiduBar.Tool.1, BaiduBarX.ToolBand.1, BaiduBarEx.BDHomePage.3

COM registered:
Yes

File PE Metadata
Compilation timestamp:
1/4/2010 4:00:22 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:Lc/1xSkc71C8YNik/pMiN+XOTtIc0FkWATDAS/ncHA:L8xSkc71CPgkB0kr

Entry address:
0xFDD28

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 52, 5B, 01, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, 6A, 08, 68, 28, 7F, 18, 10, E8, 83, A9, FF, FF, 33, C0, 8B, 4D, 0C, 33, FF, 3B, CF, 0F, 95, C0, 3B, C7, 75, 1F, E8, C7, 02, 00, 00, C7, 00, 16, 00, 00, 00, 57, 57, 57, 57, 57, E8, FB, A0, FF, FF, 83, C4, 14, 33, C0, E9, 3A, 01, 00, 00, 8B, 45, 08, 83, F8, FE, 75, 0D, E8, A0, 02, 00, 00, C7, 00, 09, 00, 00, 00, EB, E4, 3B, C7, 7C, 08, 3B, 05, 54, 1F, 19, 10, 72, 0D, E8, 87, 02...
 
[+]

Entropy:
6.6181

Code size:
1.3 MB (1,334,272 bytes)

Internet Explorer BHO
CLSID:
{77FEF28E-EB96-44FF-B511-3185DEA48697}

CLSID name:
Baidu Toolbar BHO


Scan BaiduBarX.DLL - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.