» IEToolbar.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

IEToolbar.dll

Freshy.com Toolbar

Freshy

This is a component of the Tightrope WebInstall, a setup program that bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The module IEToolbar.dll by Freshy has been detected as adware by 18 anti-malware scanners. It is installed as a toolbar in Internet Explore as ‘FindWide Toolbar’. This file is typically installed with the program Findwide Toolbar by FindWide which is a potentially unwanted software program.

File name:

IEToolbar.dll

Publisher:

Freshy.com (signed by Freshy)

Product:

Freshy.com Toolbar

Version:

2.0.0.1991

MD5:

e644f0634409d5ab05078c7b398ca61a

SHA-1:

4642d9f958db2c94076c8ad3b837a262a938d6db

SHA-256:

15bf7765dd115ef06c2fc91762816d8af75287b12cd1654533b42e1a31f9001e

Scanner detections:

18 / 68

Status:

Adware

Analysis date:

5/6/2024 8:52:01 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Toolbar.Agent

7.1.1

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

AVG

Generic

2016.0.3081

Baidu Antivirus

PUA.Win32.TNT2

4.0.3.15611

Bkav FE

W32.HfsAdware

1.3.0.6379

Dr.Web

Adware.Toolbar.602

9.0.1.05190

ESET NOD32

Win32/Toolbar.TNT2.B potentially unwanted application

7.0.302.0

Fortinet FortiGate

Riskware/Agent

6/11/2015

K7 AntiVirus

Trojan

13.1915113

Kaspersky

not-a-virus:WebToolbar.Win32.Agent

15.0.0.543

McAfee

Artemis!F7BD93C6E64C

5600.6737

Panda Antivirus

Generic Suspicious

15.06.11.05

Qihoo 360 Security

Win32/Virus.WebToolbar.d46

1.0.0.1015

Reason Heuristics

PUP.Tightrope.Toolbar

15.6.11.13

Sophos

Generic PUA MJ

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

9820

Trend Micro House Call

Suspicious_GEN.F47V0106

7.2.162

VIPRE Antivirus

Threat.4729122

38552

File size:

141.3 KB (144,640 bytes)

Product version:

2.0.0.1991

Original file name:

IEToolbar.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\tnt2\2.0.0.1991\ietoolbar.dll

Digital Signature

Signed by:

Freshy

Authority:

VeriSign, Inc.

Valid from:

3/19/2013 8:00:00 PM

Valid to:

6/28/2016 7:59:59 PM

Subject:

CN=Freshy, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Freshy, L=SAN FRANCISCO, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

3FE613DB866C04EE49FDF0645F3F9391

File PE Metadata

Compilation timestamp:

6/2/2015 7:47:04 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:D4DQMkpPdJwkFxVyx2fL/c0QEph1G6F9V9AR2XtMeE:DAIpPXpfLYan1E

Entry address:

0xBB62

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 6B, 63, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 80, CF, 01, 10, E8, 4F, 2F, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 98, 0C, 02, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, B4, 71, 01, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Entropy:

6.3857

Developed / compiled with:

Microsoft Visual C++

Code size:

82.5 KB (84,480 bytes)

Internet Explorer Toolbar

Display name:

CLSID:

{093BAAD1-6F0F-4FE5-A54F-27134BE49513}

CLSID name:

FindWide Toolbar

The file IEToolbar.dll has been discovered within the following program.

Findwide Toolbar by FindWide

This is a potentially unwanted web browser toolbar that delivers ads to the user's web browser including coupons, deals, or special offers from select merchants and stores.

search.findwide.com

86% remove it

Remove IEToolbar.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.