What is IncrediMail_MediaBar_2 Toolbar?

IncrediMail_MediaBar_2 Toolbar is software application developed by Client Connect LTD. It is most commonly found on computers running Windows Vista with nearly 50.00% of installations running this operating system.

IncrediMail_MediaBar_2 Toolbar is most popular in the United States with 71.43% of installations residing in this country.

IncrediMail_MediaBar_2 Toolbar adds 2 scheduled tasks to the Windows Task Scheduler launching the program at randomly scheduled times. When using a computer that is connected to the internet, IncrediMail_MediaBar_2 Toolbar is known to create 1 firewall exception to allow inbound and outbound connectivity.

About IncrediMail_MediaBar_2 Toolbar?

The IncrediMail MediaBar, powered by the Trovi platform, is a browser toolbar designed to customize the web browser's home page, search provider, and new tab pages by setting them to trovi.com or a partner website. This toolbar includes the following features: - Modification of the default home page and new tabs, as well as protection of search settings through the installation of Search Protect software - Change of the default search engine in the Internet Browser, including the browser's built-in search box - Permission for cookies to be installed in the browser - Granting Trovi access to information contained on the user's social network account - Addition of alternative error page functionality, such as "Page Not Found" Please note that any changes made by the IncrediMail MediaBar toolbar can be customized by the user to suit their preferences.

Multiple virus scanners have detected malware in IncrediMail_MediaBar_2 Toolbar.

uninstall.exe (MD5: b728fa6a309e5d18141947b95b730e95) has been flagged by 2 scanners:

Scanner Software	Version	Result
Panda Antivirus	10.0.3.5	PUP/Conduit.A
VIPRE Antivirus	26380	Conduit (fs)

tbIncr.dll (MD5: 895c4812245e244b2f81c71bad0c4e55) has been flagged by 19 scanners:

Scanner Software	Version	Result
Bkav FE	1.3.0.4246	HW32.Stranfom
ESET-NOD32	7.9311	a variant of Win32/Toolbar.Conduit.B
Panda Antivirus	14.01.26.01	Adware/Conduit
VIPRE Antivirus	25610	Conduit (fs)
Antiy-AVL	1.0.0.1	GrayWare[WebToolbar:not-a-virus]/Win32.Agent.azm
AVware	1.5.0.21	Conduit (fs)
Baidu-International	3.5.1.41473	Adware.Win32.Conduit.M
Cyren	5.4.16.7	W32/Conduit.TTAU-0102
F-Prot	4.7.1.166	W32/Conduit.A
G Data	25	Win32.Application.Conduit.F
K7 AntiVirus	9.199.15118	Trojan ( 004b219d1 )
K7GW	9.199.15118	Trojan ( 004b219d1 )
Kaspersky	15.0.1.10	not-a-virus:WebToolbar.Win32.Agent.azm
Dr.Web	7.0.12.3050	Adware.Conduit.299
Fortinet FortiGate	5.0.999.0	Riskware/Toolbar_Conduit
Comodo Security	17676	Application.Win32.Conduit.~A
Malwarebytes	1.75.0.1	PUP.Optional.Conduit
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.F47V1113
IKARUS anti.virus	T3.1.6.1.0	PUA.ClientConnect

tbInc2.dll (MD5: 975993043e355206a1fba5a702044f0c) has been flagged by 10 scanners:

Scanner Software	Version	Result
Comodo Security	17676	Application.Win32.Conduit.~A
ESET-NOD32	9338	a variant of Win32/Toolbar.Conduit.B
Malwarebytes	1.75.0.1	PUP.Optional.Conduit
Panda Antivirus	10.0.3.5	Adware/Conduit
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.F47V1113
VIPRE Antivirus	25818	Conduit (fs)
Bkav FE	1.3.0.6379	W32.HfsAdware.C534
Dr.Web	7.0.12.3050	Adware.Conduit.300
G Data	25	Win32.Adware.Conduit.B
IKARUS anti.virus	T3.1.6.1.0	PUA.ClientConnect

prxtbIncr.dll (MD5: d0133250565180c9dc8ee0aecccbfd53) has been flagged by 19 scanners:

Scanner Software	Version	Result
Antiy-AVL	1.0.0.1	GrayWare[WebToolbar:not-a-virus]/Win32.Agent.azm
AVware	1.5.0.21	Conduit (fs)
Baidu-International	3.5.1.41473	Adware.Win32.Conduit.M
Cyren	5.4.16.7	W32/Conduit.TTAU-0102
ESET-NOD32	11248	Win32/Toolbar.Conduit.N potentially unwanted
F-Prot	4.7.1.166	W32/Conduit.A
G Data	25	Win32.Application.Conduit.F
K7 AntiVirus	9.199.15118	Trojan ( 004b219d1 )
K7GW	9.199.15118	Trojan ( 004b219d1 )
Kaspersky	15.0.1.10	not-a-virus:WebToolbar.Win32.Agent.azm
Panda Antivirus	4.6.4.2	PUP/Conduit.A
VIPRE Antivirus	37998	Conduit (fs)
Bkav FE	1.3.0.6379	W32.HfsAdware.C534
Dr.Web	7.0.12.3050	Adware.Conduit.299
Fortinet FortiGate	5.0.999.0	Riskware/Toolbar_Conduit
Comodo Security	17676	Application.Win32.Conduit.~A
Malwarebytes	1.75.0.1	PUP.Optional.Conduit
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.F47V1113
IKARUS anti.virus	T3.1.6.1.0	PUA.ClientConnect

prxtbInc2.dll (MD5: 5b13aa512d57acf528700f1083fc3e4d) has been flagged by 6 scanners:

Scanner Software	Version	Result
Bkav FE	1.3.0.4246	HW32.Laneul.oicu
Dr.Web		Adware.Conduit.16
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.F47V0926
VIPRE Antivirus	25108	Conduit (fs)
ESET-NOD32	9264	a variant of Win32/Toolbar.Conduit.P
Panda Antivirus	10.0.3.5	PUP/Conduit.A

Software Behaviors

Services:

UNWISE.EXE runs as a service named 'Browser System Enahncer' (671c50b0).

Firewall:

UNWISE.EXE is added as a firewall exception for 'C:\Program Files1\Yahoo!\MESSEN~1\UNWISE.EXE'.

Scheduled tasks:

UNWISE.EXE is scheduled as a task with the class '{F71A9918-1861-4EFE-AE94-530BDDE46DD4}' (runs on registration).
IncrediMail_MediaBar_2ToolbarHelper.exe is scheduled as a task with the class '{B8E8E278-F25D-478A-BAB2-24A5EDB01F6C}' (runs on registration).

Software Details

URL:

https://incredimailmediabar2.ourtoolbar.com

Support:

https://incredimailmediabar2.ourtoolbar.com/help

Installation path:

C:\Program Files\IncrediMail_MediaBar_2

Uninstaller:

C:\Program Files2\INCRED~2\UNWISE.EXE /U C:\Program Files2\INCRED~2\INSTALL.LOG

Size:

0.00 B

Language:

English

IncrediMail_MediaBar_2 Toolbar Executable Details

Primary executable:

IncrediMail_MediaBar_2ToolbarHelper.exe

Name:

IncrediMail_MediaBar_2 Toolbar

Path:

C:\Program Files\IncrediMail_MediaBar_2\IncrediMail_MediaBar_2ToolbarHelper.exe

MD5:

a320df2b47cfcaf98d06eb59cd72084c

SHA-1:

–

SHA-256:

–

File Type

Filename

MD5

EXE

uninstall.exe

Malware

b728fa6a309e5d18141947b95b730e95

EXE

UNWISE.EXE

5cf949316c40314d66b45f0bf00aa6f6

DLL

gds32.dll

d6920116f64d3fe8279d02d2fd57f6c8

DLL

tbIncr.dll

Malware

895c4812245e244b2f81c71bad0c4e55

DLL

tbInc2.dll

Malware

975993043e355206a1fba5a702044f0c

DLL

prxtbIncr.dll

Malware

d0133250565180c9dc8ee0aecccbfd53

DLL

prxtbInc2.dll

Malware

5b13aa512d57acf528700f1083fc3e4d

DLL

prxtbInc0.dll

Malware

c89d9c80fd468c6b51c4aadcc8463c2d

DLL

ldrtbInc2.dll

ec2a7051556e2e8473d2dad42620f665

DLL

ldrtbInc0.dll

Malware

76b3946090c94bb38dbbca54ac8ff9f7

File Type	Filename	MD5
EXE	uninstall.exe Malware	b728fa6a309e5d18141947b95b730e95
EXE	UNWISE.EXE	5cf949316c40314d66b45f0bf00aa6f6
DLL	gds32.dll	d6920116f64d3fe8279d02d2fd57f6c8
DLL	tbIncr.dll Malware	895c4812245e244b2f81c71bad0c4e55
DLL	tbInc2.dll Malware	975993043e355206a1fba5a702044f0c
DLL	prxtbIncr.dll Malware	d0133250565180c9dc8ee0aecccbfd53
DLL	prxtbInc2.dll Malware	5b13aa512d57acf528700f1083fc3e4d
DLL	prxtbInc0.dll Malware	c89d9c80fd468c6b51c4aadcc8463c2d
DLL	ldrtbInc2.dll	ec2a7051556e2e8473d2dad42620f665
DLL	ldrtbInc0.dll Malware	76b3946090c94bb38dbbca54ac8ff9f7

IncrediMail_MediaBar_2 Toolbar

What is IncrediMail_MediaBar_2 Toolbar?

About IncrediMail_MediaBar_2 Toolbar?

Multiple virus scanners have detected malware in IncrediMail_MediaBar_2 Toolbar.

Software Behaviors

Software Details

IncrediMail_MediaBar_2 Toolbar Executable Details