» redifftoolbar.dll
Overview
Analysis
File Details
Behaviors (1)

redifftoolbar.dll

Rediff.com India Limited

The module redifftoolbar.dll by Rediff.com India Limited has been detected as a potentially unwanted program by 21 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘XBTP05399’.

File name:

redifftoolbar.dll

Publisher:

IE Toolbar (signed by Rediff.com India Limited)

Product:

IE Toolbar

Version:

1, 0, 0, 4

MD5:

941045b06c62996044bbe3f02c042a5d

SHA-1:

304796b05d61511feb8f0288c46e04e8c0c23978

SHA-256:

a77f72505117c5bcf38ae424c82b139197b8842a7237d7336e7985e5b3a8cd1c

Scanner detections:

21 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 6:46:39 PM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Win-Trojan/Agent.544768.C

5.0.

Avira AntiVirus

ADSPY/Eztrack.C

7.9.0.199

avast!

Win32:Adware-gen

2014.9-160719

AVG

Generic

2017.0.2677

Clam AntiVirus

Adware.Toolbar-83

0.98/171

Comodo Security

Application.Win32.AdWare.Softomate.~D

1482

Dr.Web

Adware.Softomate

9.0.1.0201

ESET NOD32

Win32/Adware.Toolbar.Eztracks (variant)

10.4194

Fortinet FortiGate

Adware/Softomate

7/19/2016

F-Prot

W32/Adware.FGG

v6.4.4.4.56

F-Secure

AdWare.Win32.MyTool.f

11.2016-19-07_3

G Data

Win32:Adware-gen

16.7.19

IKARUS anti.virus

not-a-virus:AdWare.Win32.MyTool

t3scan.1.1.64.0

K7 AntiVirus

Non-Virus:AdWare.Win32.MyTool.f

13.7.10.768

Kaspersky

not-a-virus:AdWare.Win32.MyTool

14.0.0.-118

McAfee

potentially unwanted program Generic PUP

5600.6333

Norman

W32/MyTool.AH

11.20160719

Quick Heal

AdWare.MyTool.f (Not a Virus)

7.16.10.00

Rising Antivirus

AdWare.Win32.Undef.dgw

23.00.65.16717

Vba32 AntiVirus

AdWare.Win32.MyTool.f

3.12.10.7

ViRobot

Adware.MyTool.551112

2009.6.29.1809

File size:

538.2 KB (551,112 bytes)

Product version:

1, 0, 0, 1

Original file name:

toolbar.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\rediff toolbar\redifftoolbar.dll

Digital Signature

Signed by:

Rediff.com India Limited

Authority:

VeriSign, Inc.

Valid from:

9/14/2005 5:00:00 PM

Valid to:

9/16/2006 4:59:59 PM

Subject:

CN=Rediff.com India Limited, OU=India, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Rediff.com India Limited, L=Mumbai, S=Maharashtra, C=IN

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

71FBEFCA7EB70A3E3C51158A1FF38AF4

File PE Metadata

Compilation timestamp:

2/28/2006 2:20:01 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6144:cEFqY0LWSG98IS3eZFXyNv+0JYyAFL0fPLyYkoPCyOJPNA4lQvqEGzPHiohKWwGw:3CISOLyNI0fPLyYPC84lbzPHVCX7a9a

Entry address:

0x510B3

Entry point:

55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, 98, 8A, 07, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, F0, 8A, 07, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, 15, FF, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, 29, 76, FF, FF, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, F1, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, E0, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00... 
[+]

Entropy:

6.3616

Developed / compiled with:

Microsoft Visual C++ 6.0

Code size:

356 KB (364,544 bytes)

Internet Explorer BHO

Display name:

XBTP05399

CLSID:

{4A41E0D2-D514-4ca6-A494-7EB8420A865F}

CLSID name:

XBTP05399 Class

Remove redifftoolbar.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.