home

ietoolbar64.dll

Findwide Toolbar

FindWide

This is a component of the Tightrope WebInstall, a setup program that bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The module ietoolbar64.dll by FindWide has been detected as adware by 18 anti-malware scanners. This file is typically installed with the program Findwide Toolbar by FindWide which is a potentially unwanted software program.
Publisher:
FindWide  (signed and verified)

Product:
Findwide Toolbar

Version:
2.0.0.1995

MD5:
0b17526c7b5c0bbe4688a42669fde4f0

SHA-1:
52ff04ad2929af5b34e3637fe1b01312e501fb07

SHA-256:
559a7871d9b7973ab5d11c4556f029494b12fdf666cd162a35b91ef61cbd2c8e

Scanner detections:
18 / 68

Status:
Adware

Analysis date:
4/19/2024 6:59:57 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

AVG
FindWide
2016.0.3037

Baidu Antivirus
PUA.Win32.TNT2
4.0.3.15726

Bkav FE
W64.HfsAdware
1.3.0.6379

Dr.Web
Adware.Toolbar.602
9.0.1.0234

Emsisoft Anti-Malware
Win32.Almanahe
8.15.07.26.09

ESET NOD32
Win32/Toolbar.TNT2.C potentially unwanted (variant)
9.11591

Fortinet FortiGate
Riskware/Agent
7/26/2015

IKARUS anti.virus
PUA.Toolbar.TNT2
t3scan.1.8.9.0

Kaspersky
not-a-virus:WebToolbar.Win32.Agent
14.0.0.1678

McAfee
Artemis!C28114620A2F
5600.6693

Panda Antivirus
PUP/TNT2Toolbar
15.07.26.09

Qihoo 360 Security
Win32/Virus.WebToolbar.d46
1.0.0.1015

Reason Heuristics
PUP.Tightrope.FindWide.Toolbar (M)
15.7.26.9

SUPERAntiSpyware
Adware.Webber/Variant
9730

Trend Micro House Call
Suspicious_GEN.F47V0325
7.2.207

VIPRE Antivirus
Trojan.Win32.Generic
40034

Zillya! Antivirus
Adware.Agent.Win32.54524
2.0.0.2141

File size:
212.3 KB (217,344 bytes)

Product version:
2.0.0.1995

Copyright:
© Findwide All Rights Reserved

Original file name:
IEToolbar.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\tnt2\2.0.0.1995\ietoolbar64.dll

Digital Signature
Signed by:
FindWide

Authority:
VeriSign, Inc.

Valid from:
3/20/2013 1:00:00 AM

Valid to:
4/4/2016 1:59:59 AM

Subject:
CN=FindWide, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=FindWide, L=SAN FRANCISCO, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
77A7F86399C7BD73854873DA281178E9

File PE Metadata
Compilation timestamp:
7/21/2015 1:26:27 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
3072:rcjrPcbAFR8vrpUEcMwFlnTyTIslKRWn25fZXVEXHU5ZDP51juoRwM29AR7g:r6A8apUTFlmTd2k2tZXnrTrjDRQ

Entry address:
0xD6C4

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 13, 6C, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 10, E4, 01, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF...
 
[+]

Entropy:
5.9420

Code size:
107 KB (109,568 bytes)

The file ietoolbar64.dll has been discovered within the following program.

Findwide Toolbar  by FindWide
This is a potentially unwanted web browser toolbar that delivers ads to the user's web browser including coupons, deals, or special offers from select merchants and stores.
search.findwide.com
86% remove it
 
Powered by Should I Remove It?

Remove ietoolbar64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.