home

searchresultstb.dll

DTX Toolbar

IAC Search and Media

This is a component of the Ask.com toolbar, a browser extension that will modify the default web browser's search provider, home page and various other settings. The module searchresultstb.dll, “DTX kernel Module” by IAC Search and Media has been detected as a potentially unwanted program by 8 anti-malware scanners.
Publisher:
IAC Search and Media, Inc.  (signed by IAC Search and Media)

Product:
DTX Toolbar

Description:
DTX kernel Module

Version:
5, 0, 8, 275

MD5:
b79f01253e081e35ff6728645fed6d50

SHA-1:
7dc38eb0e23e7cdaf23d642fe8bbeeaa9f0bf737

SHA-256:
12ca6c17249ea12500133678fa2fee24f9ea6ae6f2689c3ee767060218a0911f

Scanner detections:
8 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 8:40:00 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Toolbar.Visicom
7.1.1

AVG
Search
2016.0.2920

Baidu Antivirus
PUA.Win32.Visicom
4.0.3.151119

Dr.Web
Adware.Toolbar.246
9.0.1.0323

ESET NOD32
Win32/Toolbar.Visicom.A potentially unwanted (variant)
9.11177

Fortinet FortiGate
Riskware/Visicom
11/19/2015

Reason Heuristics
PUP.Ask.IACSearchandMedia.Toolbar (M)
15.11.19.22

VIPRE Antivirus
Trojan.Win32.Generic
37564

File size:
536.4 KB (549,280 bytes)

Product version:
5, 0, 8, 275

Copyright:
(c) 2012-2014 IAC Search and Media, Inc. All Righta Reserved

Original file name:
dtBand.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\perionwhitesmokedtxmediatoolbar222\ie\searchresultstb.dll

Digital Signature
Signed by:
IAC Search and Media

Authority:
VeriSign, Inc.

Valid from:
1/22/2014 7:00:00 PM

Valid to:
10/20/2015 7:59:59 PM

Subject:
CN=IAC Search and Media, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IAC Search and Media, L=Oakland, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5367F5135FCC8B151C3E3EE4BEFD1DFB

File PE Metadata
Compilation timestamp:
4/10/2014 5:40:55 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:gu3oTCcH54Df7CteescwMrAxyuEAg4fRkSdaZzbdl:n4ODDyRGyuEzgRXybn

Entry address:
0x44FF9

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, E0, C8, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 6A, 0C, 68, 98, 58, 07, 10, E8, C4, BA, FF, FF, 6A, 0E, E8, 60, 23, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, 68, D4, 07, 10, BA, 64, D4, 07, 10, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, 08, B7, FF, FF, 59, FF, 76, 04, E8, FF, B6, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00...
 
[+]

Entropy:
6.5788

Code size:
381 KB (390,144 bytes)

Remove searchresultstb.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.