» searchresultsdx.dll
Overview
Analysis
File Details
Behaviors (12)
Programs (6)

searchresultsdx.dll

dtx Dynamic Link Library

IAC Search and Media

This installer is part of the Ask.com (APN) network which will install the Ask.com branded toolbar or browser extension which will take control of the web browser's search functions. The module searchresultsdx.dll, “dtx Dynamic Link Library” by IAC Search and Media has been detected as a potentially unwanted program by 3 anti-malware scanners. The program is a setup application that uses the APN Stub installer. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Movies Toolbar (Dist. by Torch Media, Inc.)’. Additionally, the file is typically installed by a number of programs including Search Protect by Conduit Ltd. and Movies Toolbar for Internet Explorer (Dist. by Torch Media, Inc.) by IAC Search and Media, both potentially unwanted software.

File name:

searchresultsdx.dll

Publisher:

IAC Search and Media (signed and verified)

Product:

dtx Dynamic Link Library

Description:

dtx Dynamic Link Library

Version:

1, 0, 0, 24

MD5:

75e0f057c9fc088fdda0a751cc342d4b

SHA-1:

a7399a72b41503acf603e78989691e112db51867

SHA-256:

42e3301cd9303beaceffc2dd0d44db7832cb9cff5670248e54bfd886c6632edb

Scanner detections:

3 / 68

Status:

Potentially unwanted

Explanation:

The setup program may install a variant of the Visicom Toolbar, a web browser extension that may modify the browser's home and search pages.

Analysis date:

4/25/2024 3:29:17 AM UTC (today)

Scan engine

Detection

Engine version

Boost by Reason

Optional.BHO.IACSearchandMedia.P

188838

ESET NOD32

Win32/Toolbar.Visicom (variant)

7.9241

Reason Heuristics

PUP.BHO.IACSearchandMedia.P

14.8.8.0

File size:

113 KB (115,664 bytes)

Product version:

1, 0, 0, 24

Original file name:

dtx.dll

File type:

Dynamic link library (Win32 DLL)

Installer:

APN Stub

Language:

English (United States)

Common path:

C:\Program Files\movies toolbar\datamngr\srtool~1\ie\searchresultsdx.dll

Digital Signature

Signed by:

IAC Search and Media

Authority:

VeriSign, Inc.

Subject:

CN=IAC Search and Media, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IAC Search and Media, L=Oakland, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

3444D7AA32B4D542D3C80027404D5CD6

Registration

CLSID:

{d1dac034-9fd9-4c13-a388-d2e10e57707f}

COM registered:

Yes

File PE Metadata

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1536:G9HBU4VOlc3k1FS2tEWbLeAsaVMdfxcmSP1hSaLAFOD5dA05dr:GtqWVGe6hSa0FOD5dAMdr

Entry address:

0x77EB

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 04, 62, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, C3, B8, 4D, E5, 00, 10, A3, 98, 8A, 01, 10, C7, 05, 9C, 8A, 01, 10, 34, DC, 00, 10, C7, 05, A0, 8A, 01, 10, E8, DB, 00, 10, C7, 05, A4, 8A, 01, 10, 21, DC, 00, 10, C7, 05, A8, 8A, 01, 10, 8A, DB, 00, 10, A3, AC, 8A, 01, 10, C7, 05, B0, 8A, 01, 10, C5, E4, 00, 10, C7, 05, B4, 8A, 01, 10, A6, DB, 00, 10, C7, 05, B8, 8A, 01, 10, 08, DB, 00, 10, C7, 05, BC, 8A, 01, 10, 95... 
[+]

Code size:

76 KB (77,824 bytes)

6 Internet Explorer BHOs

Display name:

Movies Toolbar (Dist. by Torch Media, Inc.)

CLSID:

{d4a1f3a7-8481-4e22-ab44-b86f7a60f9f2}

Display name:

Movies Toolbar (Dist. by Somoto Ltd.)

CLSID:

{c75a2d66-6d1d-4735-8f63-9d85dcc026a6}

Display name:

Movies Toolbar (Dist. by Bandoo Media, Inc.)

CLSID:

{d1dac034-9fd9-4c13-a388-d2e10e57707f}

Display name:

Music Toolbar (Dist. by iMesh, Inc.)

CLSID:

{282b0e54-8981-49eb-9193-5910a1f6fd33}

Display name:

Music Toolbar (Dist. by Bandoo Media, Inc.)

CLSID:

{6fcaba44-a441-481f-895e-bddfd81a6cc2}

Display name:

Music Toolbar (Dist. by Musiclab, Inc.)

CLSID:

{cfc3366e-c743-48b5-a136-642e86be865e}

6 Internet Explorer Toolbars

Display name:

Movies Toolbar (Dist. by Somoto Ltd.)

CLSID:

{c75a2d66-6d1d-4735-8f63-9d85dcc026a6}

Display name:

Movies Toolbar (Dist. by Bandoo Media, Inc.)

CLSID:

{d1dac034-9fd9-4c13-a388-d2e10e57707f}

Display name:

Music Toolbar (Dist. by iMesh, Inc.)

CLSID:

{282b0e54-8981-49eb-9193-5910a1f6fd33}

Display name:

Music Toolbar (Dist. by Bandoo Media, Inc.)

CLSID:

{6fcaba44-a441-481f-895e-bddfd81a6cc2}

Display name:

Movies Toolbar (Dist. by Torch Media, Inc.)

CLSID:

{d4a1f3a7-8481-4e22-ab44-b86f7a60f9f2}

Display name:

Music Toolbar (Dist. by Musiclab, Inc.)

CLSID:

{cfc3366e-c743-48b5-a136-642e86be865e}

The file searchresultsdx.dll has been discovered within the following programs.

Extended Update by Hoolapp

Extended Update is a potentially unwanted application that is triggered to run daily by bypassing Windows User Account Control (UAC).

79% remove it

Movies Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.) by IAC Search and Media

Movies Toolbar (by Bandoo Media, Inc.) is an Ask.com Partner Network Toolbar which is an is an ad-supported (users may see additional banner and in-text link advertisements) web browser plugin distributed through various monetization platforms during installation.

84% remove it

Movies Toolbar for Internet Explorer (Dist. by Torch Media, Inc.) by IAC Search and Media

Movies Toolbar for Internet Explorer is an Ask.com Partner Network Toolbar which is an is an ad-supported (users may see additional banner and in-text link advertisements) web browser plugin distributed through various monetization platforms during installation.

69% remove it

Music Box Toolbar for Internet Explorer (Dist. by iMesh, Inc.) by APN LLC

This is a potentially unwanted web browser extension that is designed to deliver search modification as well as contextual advertising. The program does this by modifying the user's home and search page in order to monetize a user's search activities.

apn.ask.com

87% remove it

Music Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.) by IAC Search and Media

From the EULA: "The Toolbar interacts with your computer by: Displaying advertisements, including without limitation by inserting into web pages or displaying over parts of such web pages advertisements, banners or coupons that would not otherwise appear; Converting words on pages you view into hyperlinks that are linked to advertisements; Communicating with our servers to check for new offers, the placement of offers, the date and time you install and uninstall the Toolbar, and whether an updated version of the Toolbar is available; Monitoring and recording the domain name of each page you view, the advertisements that appear on these pages, and the advertisements that you click.

80% remove it

Search Protect by Conduit Ltd.

From the Terms of Service: "Search Protect is a separate piece of software installed on your hard-drive in connection with your installation of a Toolbar. It is designed to protect your Search settings from takeover by third parties.

84% remove it

Remove searchresultsdx.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.