» tbedrs.dll
Overview
Analysis
File Details
Programs (10)
Downloads (1)

tbedrs.dll

Conduit Toolbar Automatic Update

Conduit Ltd.

The file is part of the Conduit Toolbar platform, a web browser monetization engine that is typiclaly distributed with third party programs through a bundled installation, this particular version is part of the Conduit Toolbar Automatic Update bundle. The module tbedrs.dll by Conduit has been detected as a potentially unwanted program by 10 anti-malware scanners. Additionally, the file is typically installed by a number of programs including gamesgames- Toolbar by Conduit Ltd. and myBabylon_English Toolbar by Babylon Ltd, both potentially unwanted software.

File name:

tbedrs.dll

Publisher:

Conduit Ltd. (signed and verified)

Product:

Conduit Toolbar Automatic Update

Version:

6.13.3.505

MD5:

b66441c814ecff72667457477ee9c35b

SHA-1:

74edcd9720a9743df258703efab1400762faefa3

SHA-256:

0d5265d7d671d1af8c5881575821624dcd6658ba3a8a096cf5714d70ca039213

Scanner detections:

10 / 68

Status:

Potentially unwanted

Explanation:

This component is distributed and installed with the Conduit Toolbar platform.

Analysis date:

11/23/2024 8:06:43 AM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

HW32.Laneul

1.3.0.4246

Boost by Reason

Optional.Conduit.G

188838

Clam AntiVirus

Win.Trojan.Agent-723879

0.98/21411

Dr.Web

Adware.Conduit.6

9.0.1.0321

ESET NOD32

Win32/Toolbar.Conduit.Y potentially unwanted application

8.7.0.302.0

NANO AntiVirus

Trojan.Win32.Conduit.crfrgr

0.28.0.57029

Panda Antivirus

PUP/Conduit.A

14.08.07.10

Reason Heuristics

SearchPlugin.ConduitSearchBar.ToolbarAutomaticUpdate.G

14.8.7.22

Trend Micro House Call

TROJ_GEN.F47V0909

7.2.321

VIPRE Antivirus

Conduit

23442

File size:

2.3 MB (2,389,792 bytes)

Product version:

6.13.3.505

Original file name:

Conduit Toolbar Automatic Update

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\tbedrs.dll

Digital Signature

Signed by:

Conduit Ltd.

Authority:

VeriSign, Inc.

Valid from:

1/2/2013 7:00:00 PM

Valid to:

4/3/2016 7:59:59 PM

Subject:

CN=Conduit Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Conduit Ltd., L=Ness Ziona, S=Israel, C=IL

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

3A82654719D8F75B59134F7B66465210

File PE Metadata

Compilation timestamp:

6/18/2013 7:55:08 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

49152:44dUaP3qPwZMqnZYDAyrm9KH8zCp+X6AMblfG2REF1IjXqeEpwcByP6N5qCJ:44amqIJnZYDAy6gH8zF6lbsOjFEp5BcY

Entry address:

0xA840

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 35, 68, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, E8, 6E, 02, 10, E8, 41, 5B, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, F8, A8, 02, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, F8, F0, 01, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Entropy:

7.9244

Developed / compiled with:

Microsoft Visual C++

Code size:

113 KB (115,712 bytes)

The file tbedrs.dll has been discovered within the following programs.

AF-HSS Toolbar by Conduit Ltd.

AF-HSS Toolbar is a Conduit toolbar (Community OurToolbar) for Intenet Explorer and Firefox. The toolbar collects and stores information about your web browsing habits and sends this information to Conduit so they can suggest services or provide advertising via the toolbar.

AFHSS.OurToolbar.com

80% remove it

Coupons.com Toolbar by Coupons.com Incorporated

Coupons.com Toolbar is a Conduit powered OurToolbar for Internet Explorer, Chrome and Firefox Web browsers. The toolbar collects and stores information about your web browsing and sends this information to OurToolbar so they can suggest services or provide ads via the toolbar.

Couponscom.OurToolbar.com

70% remove it

Freecorder Toolbar by Freecorder

Freecorder Toolbar installs various third part ad supported applications during installation including SweetPacks which changes the web browser's home page and search provider as well as the DealCabby Toolbar.

Freecorder.Media-Toolbar.com

69% remove it

gamesgames- Toolbar by Conduit Ltd.

gamesgames- Toolbar is a Conduit toolbar (Community OurToolbar) for Intenet Explorer and Firefox. The toolbar collects and stores information about your web browsing habits and sends this information to Conduit so they can suggest services or provide advertising via the toolbar.

gamesgamesToolbar.OurToolbar.com

76% remove it

MyAshampoo Toolbar by Ashampoo GmbH & Co. KG

Installs a Conduit powered OurToolbar in Internet Explorer, Chrome and Firefox web browsers. The software collects and stores information about your web browsing and sends this information to OurToolbar so they can suggest services or provide ads via the toolbar.

MyAshampoo.OurToolbar.com

72% remove it

myBabylon_English Toolbar by Babylon Ltd

Installs a Conduit toolbar in your Web browser that collects and stores information about your web browsing and sends this information to Conduit so they can suggest services or provide ads via the toolbar.

71% remove it

Radio G Toolbar by Conduit Ltd.

This is a Conduit/Perion (ClientConnect) powered toolbar that provides limited web browser functionality but will modify the user's search and home pages as well as bundle various ad-supported components.

RadioGToolbar.OurToolbar.com

77% remove it

Softonic-Eng7 Toolbar by Softonic International S.L.

Softonic Toolbar is a Conduit powered OurToolbar in within Internet Explorer, Chrome or the Firefox Web browsers.

SoftonicEng7.OurToolbar.com

67% remove it

ToggleEN Toolbar by Conduit Ltd.

ToggleEN Toolbar is a 'Community Toolbar' from Conduit, which integrates with major web browsers including Google Chrome, Firefox and Internet Explorer.

ToggleEN.OurToolbar.com

74% remove it

uTorrentBar Toolbar by Conduit Ltd.

This toolbar is typiclaly bundled with the installation of the uTorrent during the initial install. uTorrentBar Toolbar is a Conduit toolbar (OurToolbar Community) for Intenet Explorer and Firefox.

uTorrentBar.OurToolbar.com

88% remove it

Latest 20 of 13 programs

The file tbedrs.dll has been seen being distributed by the following URL.

http://ieupdate.conduit.com/.../tbedrs.dll

Remove tbedrs.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.