IM ToolPack
What is IM ToolPack?
This will bundle the Crawler Toolbar, a potentially unwanted web browser extension that will modify the user's web home and search pages.
About (from Crawler)
IM ToolPack lets you grab screenshots or upload photos and images quickly, and add comments and highlights to communicate your thoughts more effectively. Access stored images you created with IM ToolPack. Manage and share them with others. IM ToolPack lets you capture snapshots of full or partial screens with a single ... Read more
Overview
IM ToolPack is a program developed by Crawler. The most used version is 1.0.0.56, with over 98% of all installations currently using this version. Upon installation and setup, it defines an auto-start registry entry which makes this program run on each Windows boot for all user logins. The program adds a toolbar to Microsoft Internet Explorer. A scheduled task is added to Windows Task Scheduler in order to launch the program at various scheduled times (the schedule varies depending on the version). The main program executable is imtoolp.exe. A vast majority of those who have this installed end up removing it just after a couple weeks. The software installer includes 43 files and is usually about 3.09 MB (3,242,675 bytes). CUpdate.exe is the automatic update component of the software designed to download and apply new updates should new versions be released. In comparison to the total number of users, most PCs are running the OS Windows 7 (SP1) as well as Windows 10. While about 59% of users of IM ToolPack come from the United States, it is also popular in Spain and Germany.
- Possible malware installed by this program
- Automatically starts with Windows
- Loads into the web browser
- Known to include offers within the setup
Warning, multiple anti-virus scanners have detected possible malware in IM ToolPack.
imtoolp.exe (0fb40f4deda414b7577a97f8e9575c6d) has been flagged by the following 2 scanners: |
Anti-Virus software | Version | Detection |
Trend Micro |
10.465.15 |
TROJ_GEN.FC5CBGK |
TrendMicro-HouseCall |
7.2.166 |
TROJ_GEN.FC5CBGK |
IM ToolPack has been seen bundling various 3rd party software during the installation process. Make sure to check for and remove unused programs.
Program details
URL: www.imtoolpack.com
Help link: www.crawler.com/faqs.aspx
Installation folder: C:\Program Files\Crawler\
Uninstaller: "C:\Program Files\Crawler\IMToolPack\unins000.exe"
Estimated size: 3.09 MB
Files installed by IM ToolPack
Program executable: | imtoolp.exe (Malware detected) |
Name: | IM ToolPack |
Path: | C:\Program Files\crawler\imtoolpack\imtoolp.exe |
MD5: | 0fb40f4deda414b7577a97f8e9575c6d |
Additional files:
-
CShared.dll - Crawler Shared Library (Crawler Toolbar)
-
unins000.exe - Setup/Uninstall
-
ctbcomm.dll - Crawler Toolbar (Crawler Toolbar Common Extension)
-
CTipsDef.dll - Crawler Tips for CT5
-
CToolbar.exe
-
ctbr.dll - Crawler Toolbar Browser Object
-
CUpdate.exe - Crawler Toolbar Update Utility
-
xcomm.dll - Crawler Firefox Common Library
-
xshared.dll - Crawler Firefox Shared Library
Behaviors exhibited
2 Internet Explorer BHOs
- CShared.dll is installed in Internet Explorer as a Browser Helper Object with the class of {DB35C569-5624-4CFC-8043-E5139F55A073}.
- ctbr.dll is installed in Internet Explorer as a BHO (Browser Helper Object) under the name '&Crawler Toolbar Helper' with the class of {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}.
Internet Explorer Toolbar
- ctbr.dll is loaded as Internet Explorer Toolbar with the name '&Crawler Toolbar' with the class of {4B3803EA-5230-4DC3-A7FC-33638F3D3542}.
Internet Explorer URL Search Hook
- ctbr.dll loads into IE as a URL Search Hook named '&Crawler Toolbar Helper' with a class of {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} in order to redirect unknown URL searches.
Internet Explorer Web Browser
- ctbr.dll installs an IE Web Browser in Internet Explorer named '&Crawler Toolbar' with a class of {4B3803EA-5230-4DC3-A7FC-33638F3D3542}.
Scheduled Task
- IMToolP.exe is scheduled as a task with the class '{FCEEE867-59E7-4C97-8845-8B9A3A1E28F9}' (runs on registration).
Startup File (User Run)
- IMToolP.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'IMToolPack' and executes as "C:\Program Files\Crawler\IMToolPack\IMToolP.exe".
Startup File (All Users Run)
- IMToolP.exe is loaded in the all users (HKLM) registry as a startup file name 'IMToolPack' which loads as "C:\Program Files\Crawler\IMToolPack\IMToolP.exe".
How do I remove IM ToolPack?
You can uninstall IM ToolPack from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program IM ToolPack, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove IM ToolPack.
- If for some reason uninstallation fails, please install Microsoft's uninstall fixer utility which will help fix problems with programs that can't be uninstalled at support.microsoft.com.
How do I reset my web browser?
If your web browser homepage and search settings have been modfied by IM ToolPack you can restore them to their previous default settings.
Microsoft Internet Explorer
- Open Internet Explorer and click the Tools button, and then click Internet options.
- Click the Advanced tab, and then click Reset. Select the Delete personal settings check box if you would also like to remove search providers, Accelerators and home pages. When Internet Explorer finishes applying default settings, click Close, and then click OK.
- The changes will take effect the next time you open IE.
Mozilla Firefox
- At the top of the Firefox window, click the Firefox button, go over to the Help sub-menu and select Troubleshooting Information.
- To continue, click Reset Firefox in the confirmation window that opens. It will close and be reset.
- When it's done, a window will list the information that was imported. Click Finish and Firefox will open.
Google Chrome
- Open Chrome and click the Chrome menu on the browser toolbar.
- Select Settings. In the "Search" section, click Manage search engine. Check if (Default) is displayed next to your preferred search engine. If not, mouse over it and click Make default. Mouse over any other suspicious search engine entries that are not familiar and click X to remove them.
- When the "Show Home button" checkbox is selected, a web address appears below it. If you want the Homepage button to open up a different webpage, click Change to enter a link.
- Restart Google Chrome.
OS VERSIONS
Win 7 (SP1) 42%
Win 7 3%
|
|
HOW IT STARTS
Automatically starts? Yes
(Found in the run registry)
|
|
USER ACTIONS
|
Uninstall it 63%
Keep it 37%
|
|
Windows
Which Windows OS versions does it run on?
Windows 7 |
45.45% |
|
Windows 10 |
33.33% |
|
Windows Vista |
15.15% |
|
Windows XP |
6.06% |
|
Which OS releases does it run on? |
Windows 7 Home Premium |
33.33% |
|
Windows 8 |
12.12% |
|
Windows 8.1 Pro |
9.09% |
|
Windows Vista Home Premiu... |
6.06% |
|
Windows 7 Professional |
6.06% |
|
Microsoft Windows XP |
6.06% |
|
Geography
59.46% of installs come from the United States
Which countries install it?
United States |
59.46% |
Spain |
5.41% |
Germany |
5.41% |
United Kingdom |
5.41% |
South Africa |
2.70% |
NG |
2.70% |
Norway |
2.70% |
Australia |
2.70% |
Russia |
2.70% |
Israel |
2.70% |
DK |
2.70% |
Czech Republic |
2.70% |
RE |
2.70% |
PC manufacturers
What PC manufacturers (OEMs) have it installed?
Hewlett-Packard |
38.46% |
|
Dell |
19.23% |
|
Acer |
15.38% |
|
Sony |
7.69% |
|
Toshiba |
7.69% |
|
ASUS |
3.85% |
|
Lenovo |
3.85% |
|
American Megatrends |
3.85% |
|
Common models |
Hewlett-Packard p2-1343w |
7.14% |
|
FUJITSU LIFEBOOK AH530 |
3.57% |
|
Dell Vostro 220 Series |
3.57% |
|
TOSHIBA Satellite P755 |
3.57% |
|
Sony VGN-FW41M_H |
3.57% |
|
HP Pavilion 061 DN116A-AB... |
3.57% |
|
About Crawler
Run by Xacti Group Companies Crawler provides toolbar type programs for various Web browsers.
Publisher URL: www.crawler.com