toolbarupdate.exe

FreeCause Toolbar

FreeCause, Inc.

The application toolbarupdate.exe, “FreeCause Toolbar updater application” by FreeCause has been detected as a potentially unwanted program by 2 anti-malware scanners. Additionally, the file is typically installed by a number of programs including Dogpile Bundle Toolbar by InfoSpace, Inc. and MyPlayCity Toolbar by MyPlayCity, Inc., both potentially unwanted software.
Publisher:
FreeCause Inc.  (signed by FreeCause, Inc.)

Product:
FreeCause Toolbar

Description:
FreeCause Toolbar updater application

Version:
1, 0, 0, 1

MD5:
6a93f3473e6ae62177004a689e1bd58a

SHA-1:
2c8a565facb5c2f81483734fdb8836277708096d

SHA-256:
ae48594c4c1b6161d47dfa568c5f3a73eb09974d9c0f0376ad3c5de77fc6dc96

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 11:41:03 AM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.FreeCause.N
188163

Reason Heuristics
PUP.Optional.Toolbar.FreeCause.N
14.2.17.0

File size:
140.1 KB (143,496 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright FreeCause Inc. (C) 2007

Original file name:
ToolbarUpdater.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\pazera toolbar\toolbarupdate.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
4/4/2008 3:00:00 AM

Valid to:
4/26/2009 2:59:59 AM

Subject:
CN="FreeCause, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="FreeCause, Inc.", L=Boston, S=Massachusetts, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5D4F0E20542B7ADF3FCF49CC6ECAC6DF

File PE Metadata
Compilation timestamp:
10/17/2008 8:15:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:ZimCPTZ0KVx41/SRpm53T/RRZbp28DEYUIjmh8KKx9Q6t1cA/ff1mQMD4Ss:LCbZ0KVi/2pkdj9w8Hbt1cA/fADS

Entry address:
0x8420

Entry point:
E8, D2, 5A, 00, 00, E9, 16, FE, FF, FF, CC, CC, 68, 90, 84, 40, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 24, 61, 41, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 83, EC, 14, 53, 8B, 5C, 24, 20, 55, 56, 8B, 73, 08, 33, 35, 24...
 
[+]

Entropy:
5.9699

Code size:
68 KB (69,632 bytes)

Windows Firewall Allowed Program
Name:
C:\Program Files\Pazera Toolbar\ToolbarUpdate.exe


The file toolbarupdate.exe has been discovered within the following programs.

Dogpile Bundle Toolbar  by InfoSpace, Inc.
Dogpile Bundle Toolbar is an advertising-supported web browser toolbar that may modify the browser's home page, search provider and new tab pages.
www.dogpile.com
74% remove it
Gamers Unite! Snag Bar  by NextSmallThings
Publisher's description - “The Snag Bar is one of many services offered by Gamers Unite! It bonuses from your own feed so you don't have to stare at your feed every minute. It clicks on many of your friends' help requests so your friends can finish their task faster too.”
gamersunite.coolchaser.com/toolbar/get
51% remove it
InboxDollars  by InboxDollars
Publisher's description - “Advertisers pay InboxDollars® to reach consumers like you. Through programs ranging from paid online surveys to PaidEmail®, InboxDollars® shares the revenue we receive from advertisers with our Members.”
41% remove it
MyPlayCity Toolbar  by MyPlayCity, Inc.
MyPlayCity Toolbar is a generic web browser toolbar that installs a search feature and various buttons for social integration and links to web sites such as MyPlayCity.com and various search providers.
www.myplaycity.com
63% remove it
Nectar Search Toolbar  by Aimia Coalition Loyalty UK Ltd.
Nectar Search Toolbar is a web browser extension that will integrate itself into Chrome, Firefox and Internet Explorer.
61% remove it
 
Powered by Should I Remove It?

Remove toolbarupdate.exe - Powered by Reason Core Security