home

searchresultsdx64.dll

dtx Dynamic Link Library

IAC Search and Media

This is a component of the Ask.com toolbar, a browser extension that will modify the default web browser's search provider, home page and various other settings. The module searchresultsdx64.dll, “dtx Dynamic Link Library” by IAC Search and Media has been detected as a potentially unwanted program by 11 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Music Toolbar (Dist. by Torch Media, Inc.)’. This version of the file will bundle the Ask.com Toolbar, a potentially unwanted web browser extension.
Publisher:
IAC Search and Media  (signed and verified)

Product:
dtx Dynamic Link Library

Description:
dtx Dynamic Link Library

Version:
1, 0, 0, 24

MD5:
f2d8766af5b3623f4f697d727e8a4f82

SHA-1:
08d3bbb8f2e8627e103b19d137a8c29c8273ee86

SHA-256:
391e3353f197b2585b9de50aed4bb4407a98380b2a32b5df5424e80f2b19837b

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 8:41:11 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Search
2016.0.2891

Baidu Antivirus
Adware.Win32.AskToolbar
4.0.3.151218

Bkav FE
W64.HfsAdware
1.3.0.6979

ESET NOD32
Win32/Bundled.Toolbar.Ask.K potentially unsafe (variant)
9.11868

K7 AntiVirus
Unwanted-Program
13.205.16415

Malwarebytes
PUP.Optional.SearchMedia
v2015.12.18.07

Panda Antivirus
PUP/SearchResultsToolbar
15.12.18.07

Reason Heuristics
PUP.Ask.IACSearchandMedia (M)
15.12.18.19

SUPERAntiSpyware
PUP.SearchMedia/Variant
9439

VIPRE Antivirus
Trojan.Win32.Generic
41594

Zillya! Antivirus
Adware.SearchSuite.Win32.413
2.0.0.2259

File size:
128.5 KB (131,536 bytes)

Product version:
1, 0, 0, 24

Copyright:
Copyright 2013 IAC Search and Media

Original file name:
dtx.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\music toolbar\safetynut\srtool~1\ie\searchresultsdx64.dll

Digital Signature
Signed by:
IAC Search and Media

Authority:
VeriSign, Inc.

Valid from:
1/23/2014 4:00:00 AM

Valid to:
10/21/2015 3:59:59 AM

Subject:
CN=IAC Search and Media, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IAC Search and Media, L=Oakland, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5367F5135FCC8B151C3E3EE4BEFD1DFB

Registration
CLSID:
{f373e8b1-71cc-43b1-bb77-000d21518ef6}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
11/16/2013 1:18:24 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:g6/MCl8rLAVVHr6eF2YYaGRR6uDlKoBitN0mfudSebWfFk5yUy+g:g6/MCl8rLAVVHr6IYtDl7gtN0mfYSR7J

Entry address:
0x8C00

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, F7, 5F, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, AB, FE, FF, FF, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 08, 48, 89, 68, 10, 48, 89, 70, 18, 48, 89, 78, 20, 41, 54, 48, 83, EC, 20, 4D, 8B, 51, 38, 48, 8B, F2, 4D, 8B, E0, 41, 8B, 02, 48, 8B, E9, 49, 8B, D1, 48, 03, C0, 48, 8B, CE, 49, 8B, F9, 49, 8D, 5C, C2, 04, 4C, 8B, C3, E8, 96, FB...
 
[+]

Entropy:
6.2864

Code size:
84.5 KB (86,528 bytes)

Internet Explorer BHO
Display name:
Music Toolbar (Dist. by Torch Media, Inc.)

CLSID:
{f373e8b1-71cc-43b1-bb77-000d21518ef6}


Remove searchresultsdx64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.