» searchresultstb.dll
Overview
Analysis
File Details

searchresultstb.dll

DTX Toolbar

IAC Search and Media

This installer is part of the Ask.com (APN) network which will install the Ask.com branded toolbar or browser extension which will take control of the web browser's search functions. The module searchresultstb.dll, “DTX kernel Module” by IAC Search and Media has been detected as a potentially unwanted program by 12 anti-malware scanners. The program is a setup application that uses the APN Stub installer.

File name:

searchresultstb.dll

Publisher:

IAC Search and Media, Inc. (signed by IAC Search and Media)

Product:

DTX Toolbar

Description:

DTX kernel Module

Version:

5, 0, 8, 275

MD5:

c25533b09f10a181535a7a1c2e961eb5

SHA-1:

df26372b46a06d2acbd0202a5f3c030b93765eba

SHA-256:

ca09db07396d6be32b475c45fef832b53b15a5b43c0a2e767d47207a84875012

Scanner detections:

12 / 68

Status:

Potentially unwanted

Explanation:

The setup program may install a variant of the Visicom Toolbar, a web browser extension that may modify the browser's home and search pages.

Analysis date:

4/25/2024 1:15:45 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Toolbar.Visicom

7.1.1

AVG

2016.0.2996

Baidu Antivirus

Adware.Win32.Visicom

4.0.3.151031

Bkav FE

W32.HfsAdware

1.3.0.6979

Dr.Web

DLOADER.Trojan

9.0.1.0248

ESET NOD32

Win32/Toolbar.Visicom (variant)

9.10048

Fortinet FortiGate

Riskware/Toolbar_Visicom

10/31/2015

McAfee

Artemis!4E6A4C964300

5600.6595

Reason Heuristics

PUP.Ask.IACSearchandMedia.Installer (M)

15.9.5.2

Rising Antivirus

PE:AdWare.Win32.IACSearch.d!1615102[F1]

23.00.65.15903

Trend Micro House Call

Suspicious_GEN.F47V0628

7.2.304

VIPRE Antivirus

Trojan.Win32.Generic

30968

File size:

536.4 KB (549,280 bytes)

Product version:

5, 0, 8, 275

Original file name:

dtBand.dll

File type:

Dynamic link library (Win32 DLL)

Installer:

APN Stub

Language:

English (United States)

Common path:

C:\Program Files\ilividmoviestoolbar280\ie\searchresultstb.dll

Digital Signature

Signed by:

IAC Search and Media

Authority:

VeriSign, Inc.

Valid from:

1/23/2014 1:00:00 AM

Valid to:

10/21/2015 12:59:59 AM

Subject:

CN=IAC Search and Media, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IAC Search and Media, L=Oakland, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

5367F5135FCC8B151C3E3EE4BEFD1DFB

File PE Metadata

Compilation timestamp:

4/10/2014 10:40:55 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:Wu3oTCcH54Df7CteescwMrAxyuEAg4fRkSdaZzbdH:t4ODDyRGyuEzgRXybZ

Entry address:

0x44FF9

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, E0, C8, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 6A, 0C, 68, 98, 58, 07, 10, E8, C4, BA, FF, FF, 6A, 0E, E8, 60, 23, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, 68, D4, 07, 10, BA, 64, D4, 07, 10, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, 08, B7, FF, FF, 59, FF, 76, 04, E8, FF, B6, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00... 
[+]

Code size:

381 KB (390,144 bytes)

Remove searchresultstb.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.