» toolbar.dll
Overview
Analysis
File Details
Programs (2)

toolbar.dll

Blabbers toolbar for Internet Explorer

Blabbers Communications Ltd

Part of Blabbers, a potentially unwanted browser application that may hijack or interfere with the browser's standard web searching behaviors in order to display ads. The module toolbar.dll by Blabbers Communications has been detected as adware by 21 anti-malware scanners. Additionally, the file is typically installed by a number of programs including BrowserCompanion by Blabbers Communications LTD and GinyasBrowserCompanion by Blabbers Communications LTD, both potentially unwanted software.

File name:

toolbar.dll

Publisher:

Blabbers Communications Ltd (signed and verified)

Product:

Blabbers toolbar for Internet Explorer

Description:

Coupish toolbar

Version:

1.0.2.1

MD5:

2105cd2cdf684c541f91f3af2daa5904

SHA-1:

d4e707f12473b860efc26ab446bfc3e6a1ac75b6

SHA-256:

08bfe6dfb54b4c0ae058f80dcf9d3df7054d9e49792e361a9792d0c71c689682

Scanner detections:

21 / 68

Status:

Adware

Analysis date:

4/20/2024 12:20:31 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Generic.676778

762

Agnitum Outpost

Riskware.Agent

7.1.1

Baidu Antivirus

Trojan.Win32.BrowserCompanion

4.0.3.1514

Bitdefender

Adware.Generic.676778

1.0.20.20

Bkav FE

W32.Clod8c6.Trojan

1.3.0.4959

Boost by Reason

Trojan.Adw.Toolbar.BlabbersCommunications.H

2013.8.28.21

Dr.Web

Adware.Shopper.303

9.0.1.0240

Emsisoft Anti-Malware

Adware.Generic.676778

8.15.01.04.12

ESET NOD32

Win32/BrowserCompanion

7.9190

F-Secure

Adware.Generic.676778

11.2015-04-01_1

G Data

Adware.Generic.676778

15.1.24

IKARUS anti.virus

AdWare.Shopper

t3scan.2.2.29

K7 AntiVirus

Trojan

13.174.10623

McAfee

Artemis!A4EFAF7A21BA

5600.6896

MicroWorld eScan

Adware.Generic.676778

16.0.0.12

NANO AntiVirus

Trojan.Win32.Shopper.cthmrj

0.28.0.58720

Reason Heuristics

PUP.Toolbar.BlabbersCommunications.H

14.8.7.17

Sophos

Generic PUA OO

4.98

Trend Micro House Call

ADW_BLABBERS

7.2.219

Trend Micro

ADW_BLABBERS

10.465.07

VIPRE Antivirus

Trojan.Win32.Generic

27828

File size:

124.8 KB (127,792 bytes)

Product version:

1.0.2.1

Original file name:

toolbar.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\windows\temp\~\toolbar.dll

Digital Signature

Signed by:

Blabbers Communications Ltd

Authority:

The USERTRUST Network

Valid from:

2/9/2011 4:00:00 PM

Valid to:

2/10/2012 3:59:59 PM

Subject:

CN=Blabbers Communications Ltd, O=Blabbers Communications Ltd, STREET=Arad 3, L=Tel Aviv, S=Israel, PostalCode=43034, C=IL

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

00D561643A7697D633BCB565E2E1EF7365

File PE Metadata

Compilation timestamp:

12/7/2009 10:02:52 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

3072:V+LMPfusDnhCDxI3dBIJ311GYmdZPQ3rvC:V+cDhCDatBIJvGTdZUzC

Entry address:

0x99E4

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 4B, 44, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, 68, 90, 8C, 00, 10, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, A0, A9, 01, 10, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, 8B, FF, 56... 
[+]

Entropy:

6.3466

Code size:

74 KB (75,776 bytes)

The file toolbar.dll has been discovered within the following programs.

BrowserCompanion by Blabbers Communications LTD

BrowserCompanion is a third party web browser potentially unwanted add-in that used to be bundled with various freeware products including PC Performer. The maker of this program is a known adware distributor, so caution should be taken.

www.ginyas.com

85% remove it

GinyasBrowserCompanion by Blabbers Communications LTD

Ginyas Browser Companion is a browser extension (Browser Helper Object in IE) that promises to save time and money for users while shopping online. It is often install on a computer bundled with various third party programs.

ginyas.com

61% remove it

Remove toolbar.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.