home

tbfree.dll

Conduit Toolbar

Conduit Ltd.

The file is part of the Conduit Toolbar platform, a web browser monetization engine that is typiclaly distributed with third party programs through a bundled installation, this particular version is part of the Conduit Toolbar bundle. The module tbfree.dll by Conduit has been detected as a potentially unwanted program by 4 anti-malware scanners. Additionally, the file is typically installed by a number of programs including Ashampoo DE Toolbar by Ashampoo GmbH & Co. KG and Ashampoo PO Toolbar by Ashampoo GmbH & Co. KG, both potentially unwanted software.
Publisher:
Conduit Ltd.  (signed and verified)

Product:
Conduit Toolbar

Version:
6.9.1.527

MD5:
a543c8c4a804e196ec213edfec2b0db3

SHA-1:
381b8dfb54d75b8d7ba969f925cb1c566b6760fb

SHA-256:
f6508eb239869ac3798857c63dbe823052c835c79680d5de9dce9ac1d4231683

Scanner detections:
4 / 68

Status:
Potentially unwanted

Explanation:
This component is distributed and installed with the Conduit Toolbar platform.

Analysis date:
4/27/2024 1:49:58 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Toolbar.Conduit.B potentially unwanted application
7.0.302.0

Panda Antivirus
PUP/Conduit.A
14.12.19.06

Reason Heuristics
SearchPlugin.ConduitSearchBar.Toolbar.G
14.12.19.17

VIPRE Antivirus
Threat.4786236
35418

File size:
4.3 MB (4,461,464 bytes)

Product version:
6.9.1.527

Copyright:
Copyright © Conduit Ltd. 2010.

Trademarks:
Copyright © Conduit Ltd. 2010.

Original file name:
Conduit Toolbar

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\tbfree.dll

Digital Signature
Signed by:
Conduit Ltd.

Authority:
VeriSign, Inc.

Valid from:
2/17/2010 1:00:00 AM

Valid to:
3/30/2013 12:59:59 AM

Subject:
CN=Conduit Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Conduit Ltd., S=Israel, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3736DA15AF647632CCE61CD41B6577DD

File PE Metadata
Compilation timestamp:
1/2/2013 4:32:56 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:z5DaSJfs6OxVD3QJ7q+di92WooAxSiHIt:z5DnJWgJlnwt

Entry address:
0x281318

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 22, B2, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 53, 56, 8B, 75, 08, 57, 33, FF, 39, 7D, 14, 75, 10, 3B, F7, 75, 10, 39, 7D, 0C, 75, 12, 33, C0, 5F, 5E, 5B, 5D, C3, 3B, F7, 74, 07, 8B, 5D, 0C, 3B, DF, 77, 1B, E8, 1E, 64, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, B6, E8, FF, FF, 83, C4, 14, 8B, C6, EB, D5, 39, 7D, 14, 75, 07, 33, C0, 66, 89, 06, EB, C7, 8B, 55, 10, 3B, D7, 75, 07, 33, C0...
 
[+]

Code size:
2.8 MB (2,940,416 bytes)

The file tbfree.dll has been discovered within the following programs.

Ashampoo DE Toolbar  by Ashampoo GmbH & Co. KG
Ashampoo DE Toolbar is a Conduit powered OurToolbar for Internet Explorer, Chrome and Firefox web browsers. The software collects and stores information about your web browsing and sends this information to OurToolbar so they can suggest services or provide ads via the toolbar.
AshampooDE.OurToolbar.com
87% remove it
Ashampoo PO Toolbar  by Ashampoo GmbH & Co. KG
Ashampoo PO Toolbar is a Conduit toolbar for Intenet Explorer and Firefox. The toolbar collects and stores information about your web browsing habits and sends this information to Conduit so they can suggest services or provide advertising via the toolbar.
AshampooPO.OurToolbar.com
75% remove it
Ashampoo US Toolbar  by Ashampoo GmbH & Co. KG
Installs a Conduit toolbar in your Web browser that collects and stores information about your web browsing habits and sends this information to Conduit so they can suggest services or provide ads via the toolbar.
AshampooUS.OurToolbar.com
75% remove it
DVDVideoSoftTB Toolbar  by DVDVideoSoft Ltd.
The DVDVideoSoftTB Toolbar for Intenet Explorer and Firefox is a Conduit OurToolbar Community smartbar.
DVDVideoSoftTB.OurToolbar.com
71% remove it
MyAshampoo Toolbar  by Ashampoo GmbH & Co. KG
Installs a Conduit powered OurToolbar in Internet Explorer, Chrome and Firefox web browsers. The software collects and stores information about your web browsing and sends this information to OurToolbar so they can suggest services or provide ads via the toolbar.
MyAshampoo.OurToolbar.com
72% remove it
NCH EN Toolbar  by NCH Software
NCH Toolbar is a generic web browser toolbar that installs a search feature and various buttons for social integration and links to web sites such as facebook and various search providers.
NCHEN.OurToolbar.com
67% remove it
 
Powered by Should I Remove It?

Remove tbfree.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.