» toolbar38396232.exe
Overview
Analysis
File Details

toolbar38396232.exe

The application toolbar38396232.exe has been detected as a potentially unwanted program by 22 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup.

File name:

toolbar38396232.exe

MD5:

bcb70785396d5b69948de92794ae9c0a

SHA-1:

910d1f294239fa1b3d3c2f1c7a20e4c813485c6a

SHA-256:

d4e63c40bc5e7edbf9d26c77096d40b08490f7d338d6519cbce18b6136d44158

Scanner detections:

22 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 8:16:34 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.94862

967

Avira AntiVirus

Adware/AgentCV.A.6134

7.11.155.82

avast!

Win32:Adware-gen [Adw]

2014.9-140922

AVG

Trojan horse Downloader.Small.KPI

2014.0.3955

Baidu Antivirus

Adware.Win32.Lollipop

4.0.3.14613

Bitdefender

Gen:Variant.Zusy.94862

1.0.20.820

Comodo Security

Application.Win32.Lollipop.Q

18535

Emsisoft Anti-Malware

Gen:Variant.Zusy.94862

8.14.06.13.09

ESET NOD32

Win32/AdWare.Lollipop.U application

7.0.302.0

Fortinet FortiGate

Riskware/Lollipop

9/22/2014

F-Secure

Gen:Variant.Zusy.94862

11.2014-13-06_6

G Data

Gen:Variant.Zusy.94862

14.6.24

IKARUS anti.virus

AdWare.Lollipop

t3scan.1.6.1.0

K7 AntiVirus

Adware

13.1712436

Kaspersky

not-a-virus:HEUR:AdWare.Win32.Lollipop

15.0.0.463

McAfee

Artemis!FB0E62F4C6EB

5600.6999

MicroWorld eScan

Gen:Variant.Zusy.94862

15.0.0.492

NANO AntiVirus

Riskware.Win32.Lollipop.czgmgu

0.28.0.60253

Qihoo 360 Security

Win32/Virus.Adware.4f7

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.9.22.13

Sophos

Generic PUA AO

4.98

Trend Micro House Call

Suspicious_GEN.F47V0615

7.2.265

File size:

414.5 KB (424,448 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\toolbar38396232.exe

File PE Metadata

Compilation timestamp:

6/6/2014 6:45:44 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:tAK2Q0jftxBdmb7fPWEclrwL3RmBAC/7/avo+S24U:tAU6ftx/mXP4Omt/7coJ2r

Entry address:

0x4734

Entry point:

E8, 0F, B5, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 20, A9, 44, 00, 89, 0D, 1C, A9, 44, 00, 89, 15, 18, A9, 44, 00, 89, 1D, 14, A9, 44, 00, 89, 35, 10, A9, 44, 00, 89, 3D, 0C, A9, 44, 00, 66, 8C, 15, 38, A9, 44, 00, 66, 8C, 0D, 2C, A9, 44, 00, 66, 8C, 1D, 08, A9, 44, 00, 66, 8C, 05, 04, A9, 44, 00, 66, 8C, 25, 00, A9, 44, 00, 66, 8C, 2D, FC, A8, 44, 00, 9C, 8F, 05, 30, A9, 44, 00, 8B, 45, 00, A3, 24, A9, 44, 00, 8B, 45, 04, A3, 28, A9, 44, 00, 8D, 45, 08, A3, 34, A9, 44... 
[+]

Code size:

261 KB (267,264 bytes)

Remove toolbar38396232.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.