» iminent.wincore.yahoo.dll
Overview
Analysis
File Details
Programs (1)

iminent.wincore.yahoo.dll

IMinent

Iminent

This is the SIEN AppScion Installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The module iminent.wincore.yahoo.dll by Iminent has been detected as a potentially unwanted program by 8 anti-malware scanners. The program is a setup application that uses the SIEN SuperInstall installer. This file is typically installed with the program Iminent by IMinent which is a potentially unwanted software program.

File name:

Publisher:

Iminent (signed and verified)

Product:

IMinent

Version:

5.47.22

MD5:

036e661b5ed7a761e3b02f5b0c2caebe

SHA-1:

bd7adb76b6b6da52016027698f2199dfe9012420

SHA-256:

7f8a771914bece6ae12625de682618f8cae6702ef9c64e63ed0f722258a8ab6c

Scanner detections:

8 / 68

Status:

Potentially unwanted

Description:

This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:

4/24/2024 11:51:25 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Dr.Web

Adware.Iminent.34

9.0.1.043

ESET NOD32

Win32/Toolbar.Iminent.E potentially unwanted (variant)

10.11447

Fortinet FortiGate

Riskware/Iminnent

2/12/2016

K7 AntiVirus

Adware

13.202.15535

Kaspersky

not-a-virus:WebToolbar.Win32.Iminnent

14.0.0.674

Reason Heuristics

PUP.Sien.Iminent.Bundler (M)

16.2.12.3

Sophos

Generic PUA BC

4.98

VIPRE Antivirus

Iminent

39188

File size:

148.1 KB (151,672 bytes)

Product version:

5.47.22

Iminent 2009-2011

Original file name:

Iminent.WinCore.Yahoo

File type:

Dynamic link library (Win32 DLL)

Bundler/Installer:

SIEN SuperInstall

Language:

French (France)

Common path:

C:\Program Files\iminent\iminent.wincore.yahoo.dll

Digital Signature

Signed by:

Iminent

Authority:

GlobalSign nv-sa

Valid from:

1/31/2012 10:55:45 AM

Valid to:

3/2/2014 10:55:45 AM

Subject:

CN=Iminent, O=Iminent, L=Paris, S=France, C=FR

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11214EA925C07E01E1C06B597DD4B36FAA8B

File PE Metadata

Compilation timestamp:

11/13/2012 12:59:30 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:tDdl35E2dW1AN2xUN6xLfycFrTG3+ylZLaRbDN1n2VAAcV0:/l35E2dW1m1N6dfy8rSO2aTaTcO

Entry address:

0xFD4B

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 2C, 27, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, FF, 35, 00, 31, 02, 10, FF, 15, FC, 60, 01, 10, 85, C0, 74, 02, FF, D0, 6A, 19, E8, 15, 28, 00, 00, 6A, 01, 6A, 00, E8, C5, 27, 00, 00, 83, C4, 0C, E9, 8A, 27, 00, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 50, 27, 02, 10, 89, 0D, 4C, 27, 02, 10, 89, 15, 48, 27, 02, 10, 89, 1D, 44, 27, 02, 10, 89, 35, 40, 27, 02, 10, 89, 3D, 3C, 27, 02, 10, 66, 8C, 15, 68, 27... 
[+]

Code size:

82.5 KB (84,480 bytes)

The file iminent.wincore.yahoo.dll has been discovered within the following program.

Iminent by IMinent

Iminent toolbar is a browser extension for Internet Explorer and Firefox which is used to emoticons while using Facebook and web-based email products. During installation the Iminent toolbar changes your browser's homepage to seach.iminent.

www.iminent.com

68% remove it

Remove iminent.wincore.yahoo.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.