» toolbar1.dll
Overview
Analysis
File Details
Programs (1)

toolbar1.dll

Zorba Networks, S.L.

The module toolbar1.dll by Zorba Networks, S.L has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program RechercherWeb Toolbar by Conduit Ltd. which is a potentially unwanted software program.

File name:

toolbar1.dll

Publisher:

Zorba Networks, S.L. (signed and verified)

MD5:

0035acc943466ed0b6dce4f4afe6a330

SHA-1:

b8f51b40a4fa91d748cb80b5425b3a98ef5755f4

SHA-256:

9fc104a56cd1beb346e98f96a77abf7d1cd901e696cc87ea8405ec6ef7c90683

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 6:24:16 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.ZorbaNetworks (M)

16.1.13.20

File size:

47.6 KB (48,728 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\rechercherweb toolbar\toolbar1.dll

Digital Signature

Signed by:

Zorba Networks, S.L.

Authority:

COMODO CA Limited

Valid from:

12/13/2011 1:00:00 AM

Valid to:

12/13/2012 12:59:59 AM

Subject:

CN="Zorba Networks, S.L.", O="Zorba Networks, S.L.", STREET=Jativa 11, L=Madrid, S=Madrid, PostalCode=28007, C=ES

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00ABFA0DB2C5AC69A6D571352C9A1378ED

File PE Metadata

Compilation timestamp:

12/4/2008 8:16:26 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

768:0Q/C64d6dZClwZIh+ah7TRBsX01iWoMRM7+ILZ841A:XKk8lwZGh7T1HRM7BS4C

Entry address:

0x1285

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 17, 17, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 80, AD, 00, 10, 89, 0D, 7C, AD, 00, 10, 89, 15, 78, AD, 00, 10, 89, 1D, 74, AD, 00, 10, 89, 35, 70, AD, 00, 10, 89, 3D, 6C, AD, 00, 10, 66, 8C, 15, 98, AD, 00, 10, 66, 8C, 0D, 8C, AD, 00, 10, 66, 8C, 1D, 68, AD, 00, 10, 66, 8C, 05, 64, AD, 00, 10, 66, 8C, 25, 60, AD, 00, 10, 66, 8C, 2D, 5C, AD, 00, 10, 9C, 8F, 05, 90, AD... 
[+]

Code size:

25 KB (25,600 bytes)

The file toolbar1.dll has been discovered within the following program.

RechercherWeb Toolbar by Conduit Ltd.

This is a Conduit toolbar installed in the user's Web browsers (IE, Chrome and Firefox) that collects and stores information about your web browsing habits and sends this information to Conduit so they can suggest services or provide ads via the toolbar.

64% remove it

Remove toolbar1.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.