home

zootoolbar.dll

InfoSpace LLC

InfoSpace LLC

The module zootoolbar.dll by InfoSpace has been detected as adware by 8 anti-malware scanners.
Publisher:
InfoSpace LLC.  (signed by InfoSpace LLC)

Product:
InfoSpace LLC

Description:
wtb Module

Version:
6.5.0.0

MD5:
dca2e86d2b47fe03c76d78217403d166

SHA-1:
d8b25908b6baf42c3cd47bdcfea6deaeab507fe0

SHA-256:
917b1fda6de3215cfb1060c154a52d3dcb18ecbeae548599281f5b58f698f805

Scanner detections:
8 / 68

Status:
Adware

Analysis date:
5/1/2024 8:19:36 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Infospace
2017.0.2832

Dr.Web
Adware.Plugin.364
9.0.1.046

IKARUS anti.virus
PUA.SimplyTech
t3scan.1.6.1.0

Malwarebytes
PUP.Optional.SimplyTech.A
v2016.02.15.02

McAfee
Artemis!134F4F23E8B2
5600.6488

Reason Heuristics
PUP.InfoSpace (M)
16.2.15.14

Trend Micro House Call
Suspicious_GEN.F47V0731
7.2.46

VIPRE Antivirus
Trojan.Win32.Generic
31196

File size:
1.1 MB (1,102,704 bytes)

Product version:
6.5.0.0

Copyright:
� 2013 InfoSpace LLC.

Trademarks:
InfoSpace LLC(TM) is either a trademark or registered trademark of InfoSpace LLC Company.

Original file name:
wtb.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\zootoolbar\ie\zootoolbar.dll

Digital Signature
Signed by:
InfoSpace LLC

Authority:
VeriSign, Inc.

Valid from:
12/16/2013 2:00:00 AM

Valid to:
12/18/2014 1:59:59 AM

Subject:
CN=InfoSpace LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Systems, O=InfoSpace LLC, L=Bellevue, S=Washington, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6DBE6A05B32013C03F061EDF1CA7CC46

File PE Metadata
Compilation timestamp:
10/5/2014 3:38:53 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:msgo8Nt8eMTDnJa3uExTQpCxTs/VGmKu:/gTHBxTWCxTmVVn

Entry address:
0xA05B3

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 7C, C8, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 83, EC, 10, FF, 75, 0C, 8D, 4D, F0, E8, 6F, E9, FF, FF, 0F, B6, 45, 08, 8B, 4D, F0, 8B, 89, C8, 00, 00, 00, 0F, B7, 04, 41, 25, 00, 80, 00, 00, 80, 7D, FC, 00, 74, 07, 8B, 4D, F8, 83, 61, 70, FD, C9, C3, 8B, FF, 55, 8B, EC, 6A, 00, FF, 75, 08, E8, B9, FF, FF, FF, 59, 59, 5D, C3, 8B, FF, 55, 8B, EC, 68, 17, 01, 00, 00, FF, 75, 08, E8, 4B, 9F, 00, 00...
 
[+]

Entropy:
6.6107

Code size:
782.5 KB (801,280 bytes)

Remove zootoolbar.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.