home

zootoolbar.dll

InfoSpace LLC

InfoSpace LLC

The module zootoolbar.dll by InfoSpace has been detected as adware by 8 anti-malware scanners.
Publisher:
InfoSpace LLC.  (signed by InfoSpace LLC)

Product:
InfoSpace LLC

Description:
wtb Module

Version:
6.0.0.0

MD5:
0f33849b2e27ccd078ee49903d1e73a4

SHA-1:
7b5d0e4417335bd4a79f29bc49841a4d3a9b34cc

SHA-256:
783a9289df3946b7e2dd9fa0cb1d3c05c64763ccce556dfe9c24670d2349ed11

Scanner detections:
8 / 68

Status:
Adware

Analysis date:
4/23/2024 1:02:49 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Infospace
2017.0.2834

Dr.Web
Adware.Plugin.364
9.0.1.045

IKARUS anti.virus
PUA.SimplyTech
t3scan.1.6.1.0

Malwarebytes
PUP.Optional.SimplyTech.A
v2016.02.14.09

McAfee
Artemis!134F4F23E8B2
5600.6490

Reason Heuristics
PUP.InfoSpace (M)
16.2.14.9

Trend Micro House Call
Suspicious_GEN.F47V0731
7.2.45

VIPRE Antivirus
Trojan.Win32.Generic
31196

File size:
1.1 MB (1,102,704 bytes)

Product version:
6.0.0.0

Copyright:
� 2013 InfoSpace LLC.

Trademarks:
InfoSpace LLC(TM) is either a trademark or registered trademark of InfoSpace LLC Company.

Original file name:
wtb.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\hometab\ie\zootoolbar.dll

Digital Signature
Signed by:
InfoSpace LLC

Authority:
VeriSign, Inc.

Valid from:
12/15/2013 7:00:00 PM

Valid to:
12/17/2014 6:59:59 PM

Subject:
CN=InfoSpace LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Systems, O=InfoSpace LLC, L=Bellevue, S=Washington, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6DBE6A05B32013C03F061EDF1CA7CC46

File PE Metadata
Compilation timestamp:
4/10/2014 8:41:15 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:MlhzD0oR/wSwy9nGj3uLPwIqhhTsbxnXOSImr:wDnWKPwXhhTyxXOSh

Entry address:
0xA05B3

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 7F, C8, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 83, EC, 10, FF, 75, 0C, 8D, 4D, F0, E8, 6F, E9, FF, FF, 0F, B6, 45, 08, 8B, 4D, F0, 8B, 89, C8, 00, 00, 00, 0F, B7, 04, 41, 25, 00, 80, 00, 00, 80, 7D, FC, 00, 74, 07, 8B, 4D, F8, 83, 61, 70, FD, C9, C3, 8B, FF, 55, 8B, EC, 6A, 00, FF, 75, 08, E8, B9, FF, FF, FF, 59, 59, 5D, C3, 8B, FF, 55, 8B, EC, 68, 17, 01, 00, 00, FF, 75, 08, E8, 9E, 9F, 00, 00...
 
[+]

Entropy:
6.6102

Code size:
782.5 KB (801,280 bytes)

Remove zootoolbar.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.