home

toolbarupdater.exe

ToolbarU Application

AVG Technologies

It runs as a separate (within the context of its own process) windows Service named “vToolbarUpdater17.1.3”.
Publisher:
AVG Secure Search  (signed by AVG Technologies)

Product:
ToolbarU Application

Version:
17, 1, 3, 3

MD5:
e5be0174f0b4dbbb6ba41dc70ba5a084

SHA-1:
dabfb38f93ec253af3f506704a7577878f84d55d

SHA-256:
42dff01be2f5ce55e557e0920ffa599ec7b868fc82d7a1995a313c8a04f64ffc

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 3:41:19 AM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.Service.AVGTechnologies.O
188163

Emsisoft Anti-Malware
Win32.Expiro.BK
8.14.02.14.02

File size:
1.6 MB (1,643,696 bytes)

Product version:
17, 1, 3, 3

Copyright:
Copyright (C) 2012

Original file name:
ToolbarU.exe

File type:
Executable application (Win32 EXE)

Language:
Hebrew (Israel)

Common path:
C:\Program Files\common files\avg secure search\vtoolbarupdater\17.1.3\toolbarupdater.exe

Digital Signature
Signed by:
AVG Technologies

Authority:
VeriSign, Inc.

Valid from:
3/22/2013 7:00:00 PM

Valid to:
4/22/2015 6:59:59 PM

Subject:
CN=AVG Technologies, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=AVG Technologies, L=Brno, S=Jihomoravsky kraj, C=CZ

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
01DA9DE8D302ACC5CDD5AB42EB5638DB

File PE Metadata
Compilation timestamp:
9/17/2013 7:45:28 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
49152:v3QygPaT4ELmj7S+6q2Skag9a+wHvCoFvvXpTJeyXJZ1fQCU:vAyEaTNLmj7S+6UkaYa+wHKoFvvXS

Entry address:
0xF08DD

Entry point:
E8, 91, 04, 01, 00, E9, A4, FE, FF, FF, 8B, FF, 55, 8B, EC, 6A, 0A, 6A, 00, FF, 75, 08, E8, 0B, 07, 01, 00, 83, C4, 0C, 5D, C3, 8B, FF, 55, 8B, EC, 5D, E9, DF, FF, FF, FF, 6A, 0C, 68, 48, 31, 55, 00, E8, 8C, 8A, 00, 00, 33, F6, 89, 75, E4, 33, C0, 8B, 5D, 08, 3B, DE, 0F, 95, C0, 3B, C6, 75, 1C, E8, 13, 56, 00, 00, C7, 00, 16, 00, 00, 00, 56, 56, 56, 56, 56, E8, DB, EA, FF, FF, 83, C4, 14, 33, C0, EB, 7B, 33, C0, 8B, 7D, 0C, 3B, FE, 0F, 95, C0, 3B, C6, 74, D6, 33, C0, 66, 39, 37, 0F, 95, C0, 3B, C6, 74, CA...
 
[+]

Entropy:
6.4286

Code size:
1.1 MB (1,204,224 bytes)

Service
Display name:
vToolbarUpdater17.1.3

Type:
Win32OwnProcess


Scan toolbarupdater.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.