home

Toolbar.exe

Toolbar Core

APN LLC

This is a component of the Ask.com toolbar, a browser extension that will modify the default web browser's search provider, home page and various other settings. The application Toolbar.exe by APN has been detected as a potentially unwanted program by 16 anti-malware scanners. This version of the file will bundle the Ask.com Toolbar, a potentially unwanted web browser extension.
Publisher:
APN LLC.  (signed by APN LLC)

Product:
Toolbar Core

Version:
2.0.0.0

MD5:
c958b3818e1666cb8194f14861272ecf

SHA-1:
dea628763720965225928df2e2437932ae6b2a4c

SHA-256:
98410d59b01e99fe8fe0ad134ce2993abddf173dd89bcc2f88231a7cae06d111

Scanner detections:
16 / 68

Status:
Potentially unwanted

Analysis date:
4/17/2024 11:44:57 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.ToolbarCore
2013.12.04

avast!
Win32:Kukacka
2014.9-160211

Baidu Antivirus
Adware.Win32.AskToolbar
4.0.3.16211

ESET NOD32
Win32/Bundled.Toolbar.Ask (variant)
10.9439

F-Prot
W32/Virut.AI!Generic
v6.4.6.5.141

K7 AntiVirus
Virus
13.181.12819

Microsoft Security Essentials
Threat.Undefined
1.179.842.0

Qihoo 360 Security
Malware.QVM19.Gen
1.0.0.1015

Reason Heuristics
PUP.Ask.APN.Toolbar (M)
16.2.11.17

Rising Antivirus
PE:Win32.KUKU.kt!1591113
23.00.65.16209

Trend Micro House Call
PE_SALITY.RL
7.2.42

Trend Micro
PE_SALITY.RL
10.465.11

VIPRE Antivirus
Threat.4721115
31208

File size:
257.7 KB (263,880 bytes)

Product version:
2.0.0.25001

Copyright:
(c) APN LLC. All rights reserved.

Original file name:
Toolbar.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\hp\hp laserjet p1000_p1500 series\Program Files\askpartnernetwork\toolbar\toolbar.exe

Digital Signature
Signed by:
APN LLC

Authority:
VeriSign, Inc.

Valid from:
4/16/2012 7:00:00 AM

Valid to:
4/9/2015 6:59:59 AM

Subject:
CN=APN LLC, OU=Distribution, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=APN LLC, L=Oakland, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
27EAB3DE0B03D88D5C4A2AE477B84DFA

File PE Metadata
Compilation timestamp:
7/30/2012 4:43:49 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:IfH388tBNAnhpWnjtvC6+HGnhTBlQ1mABbL:uBNAnhAnjtvT+HGnhTD8R

Entry address:
0x1B669

Entry point:
E8, 89, 7E, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 08, A9, 43, 00, 89, 0D, 04, A9, 43, 00, 89, 15, 00, A9, 43, 00, 89, 1D, FC, A8, 43, 00, 89, 35, F8, A8, 43, 00, 89, 3D, F4, A8, 43, 00, 66, 8C, 15, 20, A9, 43, 00, 66, 8C, 0D, 14, A9, 43, 00, 66, 8C, 1D, F0, A8, 43, 00, 66, 8C, 05, EC, A8, 43, 00, 66, 8C, 25, E8, A8, 43, 00, 66, 8C, 2D, E4, A8, 43, 00, 9C, 8F, 05, 18, A9, 43, 00, 8B, 45, 00, A3, 0C, A9, 43, 00, 8B, 45, 04, A3, 10, A9, 43, 00, 8D, 45, 08, A3, 1C, A9, 43...
 
[+]

Entropy:
6.5002

Code size:
168.5 KB (172,544 bytes)

Remove Toolbar.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.